Bitwarden Completes Third-party Security Audit – Bitwarden Blog

In the interest of providing full disclosure, below you will find the technical report that was compiled from the team at Cure53 along with an internal report containing a summary of each issue, impact analysis, and the actions taken/planned by Bitwarden regarding the identified issues and vulnerabilities.

Microsoft Office Was Hackers' Favorite App Target This Year

Microsoft Office Was Hackers' Favorite App Target This Year

Kaspersky blocked 796.8 million attacks around the globe in Q1 2018, and the company found that one popular productivity suite was the victim of more than 47 percent of exploits: Microsoft Office.

Snowden Files Declaration in NSA Spying Case Confirming Authenticity of Draft Inspector General Report Discussing Unprecedented Surveillance of Americans, Which He Helped Expose

Snowden Files Declaration in NSA Spying Case Confirming Authenticity of Draft Inspector General Report Discussing Unprecedented Surveillance of Americans, Which He Helped Expose

Mr. Snowden’s short declaration confirms that a document relied upon in the case, a draft NSA Inspector General Report from 2009 discussing the mass surveillance program known as Stellar Wind, is actually the same document that he came upon during the course of his employment at NSA contractor.

How Indian Government’s Digital Authoritarianism Is Interfering With “Internet Freedom”

How Indian Government’s Digital Authoritarianism Is Interfering With “Internet Freedom”

Throughout the year, India has been on the world’s radar for many Internet and privacy-related incidents; top-most being the numerous mob lynchings which have been reported to initiate from fake Whatsapp messages.

China is exporting the Great Firewall as internet freedom declines around the world

China is exporting the Great Firewall as internet freedom declines around the world

The Freedom House report said that Beijing was taking steps to "propagate its model abroad" with large-scale trainings of foreign officials, providing censorship and surveillance technology, and pressuring international companies to comply with Chinese standards even when operating outside the country.

Report: Microsoft shares banking data of Indian customers with US Intelligence agencies

Report: Microsoft shares banking data of Indian customers with US Intelligence agencies

The report stated that the consumer data with banks who moved to Microsoft Office 365 was shared by the company with the US Intelligence Agencies.

Mobile Security: 5 Smart Tactics to Avoid Fake Apps

Mobile Security: 5 Smart Tactics to Avoid Fake Apps

There are least chances of getting a fake app from official sources such as Google Play or Apple’s App Store. You need to search for the developer to avoid the downloading of a fake app.

Suspicious packages spotlight vast postal surveillance system

Suspicious packages spotlight vast postal surveillance system

But in the ongoing mail bomb case, use of mail covers is probably justified and in line with regulations, says Steven Morrison, an assistant professor at the University of North Dakota, who was the author of a 2015 report from the National Association of Criminal Defense Lawyers calling for greater oversight of the program.

As many feared, Google’s ambitious Sidewalk Toronto “smart city” project turns out to be a “surveillance city”

As many feared, Google’s ambitious Sidewalk Toronto “smart city” project turns out to be a “surveillance city”

The chairman of Alphabet, the parent company of both Google and Sidewalk Labs, Eric Schmidt, said the project was “all the things you could do if someone would just give us a city and put us in charge.” Alphabet insisted it needed “full autonomy from city regulations so it can build without constraint” and use Sidewalk Toronto as a testbed for new technologies that will monitor and measure urban activity on an unprecedented scale.

DTA attacks China-style social credit claims about Govpass digital identity

DTA attacks China-style social credit claims about Govpass digital identity

The ASPI report also takes a swing at both federal government agencies (Govpass) and Australia Post (Digital iD) for developing broadly similar digital identity credentials, saying neither scheme “is governed by dedicated legislation, beyond existing laws such as the inadequate Privacy Act 1988, leaving Australians vulnerable to having their data misused.”

Smart home makers hoard your data, but won’t say if the police come for it

Smart home makers hoard your data, but won’t say if the police come for it

We asked some of the most well-known smart home makers on the market if they plan to release a transparency report, or disclose the number of demands they receive for data from their smart home devices.

Secret Government Report Shows Gaping Holes in Privacy Protections From U.S. Surveillance

Secret Government Report Shows Gaping Holes in Privacy Protections From U.S. Surveillance

The report raises questions about whether the FBI is fully complying with PPD-28 as well as whether it’s seeking to carve out certain surveillance activities from the directive’s modest requirements:

Smart Home Surveillance: Governments Tell Google's Nest To Hand Over Data 300 Times

Smart Home Surveillance: Governments Tell Google's Nest To Hand Over Data 300 Times

On Friday Forbes revealed the first known case in the U.S. where Nest handed over surveillance feeds and customer data from its cameras. "Because Nest data includes sensitive content about happened in a home, Google was right to require that the government obtain a warrant in order to gain access to it,” Nojeim said.

From Inside The NSA, A Call For More Whistleblowers

From Inside The NSA, A Call For More Whistleblowers

"I felt very strongly that this was a key function for an inspector general's office, to have a robust whistleblower program," Storch said in an interview at his office on one of the top floors at NSA headquarters.

Google: Apple, your sneaky iPhone patching is endangering users

Google: Apple, your sneaky iPhone patching is endangering users

A Google Project Zero researcher has published a macOS exploit to demonstrate that Apple is exposing its users to security risks by patching serious flaws in iOS but not revealing the fact until it fixes the same bugs in macOS a week later.

Facebook to release first-party cookie option for ads, pull web analytics from Safari

Facebook to release first-party cookie option for ads, pull web analytics from Safari

The company is releasing a new first-party cookie option for advertisers, publishers, and developers to measure and optimize Facebook ads and capture analytics data from browsers that block third-party cookies — namely Apple’s Safari and soon Mozilla’s Firefox.

Police to Seattle’s techies, streamers: Sign up for our anti-swatting service [Updated]

Police to Seattle’s techies, streamers: Sign up for our anti-swatting service [Updated]

The threat includes a claim of five hostages taken and a ransom demand of "five grand or I'mma kill 'em all." This portion is followed by video footage of SPD officers, timestamped in the early hours of August 24 of this year, saying things like "an online phone app" and "sounds more and more like swatting to me" before approaching an apartment unit's entrance with guns drawn.

Google to Pay Apple $12B to Remain Safari's Default Search: Report

Google to Pay Apple $12B to Remain Safari's Default Search: Report

Google will reportedly pay Apple $9 billion in 2018 and $12 billion in 2019 to remain as Safari’s default search engine, according to Business Insider. Bernstein analyst Toni Sacconaghi additionally revealed in 2017 that Google previously paid Apple an estimated $3 billion.

Facebook Confirms Giving Advertisers Access to User Phone Numbers

Facebook Confirms Giving Advertisers Access to User Phone Numbers

“We are clear about how we use the information we collect, including the contact information that people upload or add to their own accounts.” In a Gizmodo report published Wednesday, two studies found that the social network was giving advertisers access to data sources that users did not explicitly permit could be used.

Which? says that high-profile apps hide their data-collection practises - despite GDPR

Which? says that high-profile apps hide their data-collection practises - despite GDPR

Some phone apps use sneaky tactics to get users to share more information than they intend, according to a new report by Which? highlights the lengthy word counts apps use in their terms and conditions.

Facebook’s problems in Europe are piling up

Facebook’s problems in Europe are piling up

“For a short time, I had a Facebook account,“ Jourová said at a news conference Thursday. Jourová says European authorities could sanction Facebook next year if it doesn’t like what it hears from the company soon.

The Indian Government Has Been Spying On Your Social Media In Secret

The Indian Government Has Been Spying On Your Social Media In Secret

At the same time, on Thursday, Union Home Minister Rajnath Singh said that security agencies are trying to get new software tools with face recognition capabilities to dig into social media to track criminals.

Amazon investigates claims its employees are SELLING customer's data

Amazon investigates claims its employees are SELLING customer's data

According to a Wall Street Journal report, which did not give figures, employees of the e-retailer sell internal data and other confidential information – usually through intermediaries – to merchants who sell their goods on the US giant's website.

How to Stop ‘Smart Cities’ From Becoming ‘Surveillance Cities’

How to Stop ‘Smart Cities’ From Becoming ‘Surveillance Cities’

Ongoing oversight and accountability are provided by a public annual report with non-sensitive data about how the technology has been used, information about violations of the use policy, and an analysis of any negative impacts on people’s rights.

Apple’s new tool will make it easier for law enforcement to request data

Apple’s new tool will make it easier for law enforcement to request data

The company also provides information to law enforcements related to a customer’s Apple account, sometimes including content such as email and photos stored in the cloud, according to its privacy policy.

Robinhood is Making Millions Selling Users’ Data to Financial Companies

Robinhood is Making Millions Selling Users’ Data to Financial Companies

The low-cost Robinhood investing app popular with millennials makes up for the lost profits of commission-free trades by selling users’ data to other financial companies. A Second Quarter SEC filing shows that Robinhood Financial (Robinhood) is actually making millions of dollars from selling users’ data to high-frequency trading (HFT) firms.

Endangering Student Privacy in the Name of School Safety - Center for Democracy & Technology

Endangering Student Privacy in the Name of School Safety - Center for Democracy & Technology

Amassing and integrating large amounts of data without first proving it will be effective, establishing boundaries on its use, enacting strong data governance practices that limit access, or articulating clear data retention and deletion timelines and protocols will almost certainly lead to misuse of this information that may harm the very students it is aimed to protect.

Apple is building an online portal for police to make data requests

Apple is building an online portal for police to make data requests

Along with tech companies like Google and Microsoft, Apple regularly publishes transparency reports detailing how often it gets requests for data from governments as well as private parties.

Activists raise alarm over insidious creep of surveillance in the UK

Activists raise alarm over insidious creep of surveillance in the UK

Pointing to the controversial use of patient data or school children’s records for immigration enforcement, Gracie Bradley of Liberty condemned bulk information sharing that risked damaging public trust.

Apple is building a portal to field police requests for data

Apple is building a portal to field police requests for data

Among various steps it's taking, Apple said it plans to launch an online portal from which authorized law enforcement officers can make and track requests for data from the company.

More