State-sponsored cyber spies targeting IoT - a warning from Microsoft

State-sponsored cyber spies targeting IoT - a warning from Microsoft

Back in April, Microsoft security researchers observed the infamous Russian-backed hacking group STRONTIUM (also known as Fancy Bear or APT28) compromising popular IoT devices (a VOIP phone, an office printer, and a video decoder) across multiple customer locations.

New DPIA on Microsoft Office and Windows software: still privacy risks remaining (short blog)

New DPIA on Microsoft Office and Windows software: still privacy risks remaining (short blog)

On behalf of the Dutch Ministry of Justice and Security, Privacy Company has investigated the privacy risks related to the use of Microsoft Windows 10 Enterprise, Office 365 ProPlus and Office Online, as well as the mobile Office apps.

Facebook collected device data on 187,000 users using banned snooping app

Facebook collected device data on 187,000 users using banned snooping app

Earlier this year, a TechCrunch investigation found both Facebook and Google were abusing their Apple-issued enterprise developer certificates, designed to only allow employees to run iPhone and iPad apps used only inside the company.

Google Just Gave 2 Billion Chrome Users A Reason To Switch To Firefox

Google Just Gave 2 Billion Chrome Users A Reason To Switch To Firefox

And the software giant is not backing down: It says the only people that can use ad blockers following the change will be Google’s enterprise users. It probably means enterprise customers can develop in-house Chrome extensions, not for ad blocking use, 9to5Google says.

Chrome to limit full ad blocking extensions to enterprise users

Chrome to limit full ad blocking extensions to enterprise users

In a response to the overwhelming negative feedback, Google is standing firm on Chrome’s ad blocking changes, sharing that current ad blocking capabilities will be restricted to enterprise users.

Google Stored G Suite Users' Passwords in Plain-Text for 14 Years

Google Stored G Suite Users' Passwords in Plain-Text for 14 Years

However, Google also says that the plain text passwords were stored not on the open Internet but on its own secure encrypted servers and that the company found no evidence of anyone's password being improperly accessed.

Microsoft: Companies "no longer comfortable" storing data in Australia after controversial encryption law

Microsoft: Companies "no longer comfortable" storing data in Australia after controversial encryption law

Others in the business of technology have been less polite - co-founder of Australian enterprise software company Atlassian, Scott Farquhar, said at the Safe Encryption Australian forum: “The law has created uncertainty for our staff and our customers, it places the tech industry in a chokehold.".

Slack hands over control of encryption keys to regulated customers

Slack hands over control of encryption keys to regulated customers

Slack announced today that it is launching Enterprise Key Management (EKM) for Slack, a new tool that enables customers to control their encryption keys in the enterprise version of the communications app.

Pandora's Box: Another New Way to Leak All Your Sensitive Data

Pandora's Box: Another New Way to Leak All Your Sensitive Data

Much like AWS S3 buckets, these files can be shared to anyone with the link, restricted to those within your company (Box Enterprise), or to specific users. Companies using Box Enterprise get their own sub-domain, and documents saved on Box can be shared to anyone with the unique URL.

Apple unblocks Google's internal apps on iOS devices

Apple unblocks Google's internal apps on iOS devices

The block came because Google sidestepped the App Store and took advantage of Apple's developer enterprise program, which is designed to let companies internally distribute apps, TechCrunch reported Wednesday .

Dropbox buys HelloSign – a lucrative and strategic move

Dropbox buys HelloSign – a lucrative and strategic move

Perhaps DocuSign will survive as a provider to the enterprise market, serving organizations that want to wrap an e-signature service into their own custom workflow automation. Therefore the second element of value for Dropbox coming out of this acquisition is the workflow automation platform that HelloSign brings with it.

Apple blocks Google from running its internal iOS apps

Apple blocks Google from running its internal iOS apps

While Facebook’s internal iOS apps are still not functional, both Apple and Google’s statements make it clear that the companies are working together to fix Google’s issues.

Google also monitored iPhone usage with a private app

Google also monitored iPhone usage with a private app

Screenwise is open to anyone above 18, but allows users 13 and up to join the program if they’re in the same household; that’s different than Facebook’s tracking app, which specifically targeted people between the ages of 13 and 25.

Google's data-gathering app may have also violated Apple's policies

Google's data-gathering app may have also violated Apple's policies

"The Screenwise Meter iOS app should not have operated under Apple's developer enterprise program," a Google spokeswoman said in a statement.

Facebook has been paying teens $20 a month for total access to their phone activity

Facebook has been paying teens $20 a month for total access to their phone activity

TechCrunch reported that the company has been paying people ages 13 to 25 as much as $20 month in exchange for installing an app called Facebook Research on iOS or Android, which monitors their phone and web activity and sends it back to Facebook.

Australian Assistance and Access Bill 2018

Australian Assistance and Access Bill 2018

Blanket Weakening of Encryption IS NOT the way to replace Due Diligence If you don’t know by now, in December 2018 the Australian government with the support of the Australian Labor party passed new legislation that requires technology companies to be able to decrypt and hand over user data, when requested by law enforcement and the public services.

Privacy no more: How machine learning in the cloud will strip us naked

Privacy no more: How machine learning in the cloud will strip us naked

Machine learning and data lakes are powerful tools that, like social media, can improve our quality of life, and help us to gain important business as well as personal insights that will allow us to become more agile and responsive.

Privacy as a Right

Privacy as a Right

Sapiens rule the world, because we are the only animal that can cooperate flexibly in large numbers… We cooperate effectively with strangers because we believe in things like gods, nations, money and human rights.

NSA Finalizes $6.7 Billion in Classified Tech Contracts

NSA Finalizes $6.7 Billion in Classified Tech Contracts

NSA awarded the first $5 billion Groundbreaker contract in 2001 to a joint alliance of contractors called the Eagle Alliance, led by Computer Science Corp., which became CSRA.

Making The Grade: It’s hypocritical for Apple to promote privacy while not offering a G-Suite alternative

Making The Grade: It’s hypocritical for Apple to promote privacy while not offering a G-Suite alternative

I’ll make a statement that might be unpopular: Apple shouldn’t promote their privacy stance to schools when they aren’t offering a compelling service that schools can sign up for that replaces G-Suite. iCloud for Work could include hosted email, calendars, and contacts for businesses and schools.