Samsung Galaxy Z Flip Fold 2, Samsung foldable phone

Samsung Galaxy Fold 2 Samsung foldable phone 

      The Samsung Galaxy Fold was a highly anticipated device.
It first suffered from defects, but it finally arrived on the market a few months ago, becoming the most premium Samsung device currently on the market.

     A fugitive video on the web shows the model being manipulated. This folding model should be presented at the same time as the Galaxy S20.

     The Galaxy Z Flip is no longer a secret to anyone. Samsung's second folding smartphone was revealed in a video on Twitter. 

     You can see a hand manipulating it, opening and closing it. As expected, the device looks pretty thick, but once unfolded, its 6.7-inch OLED screen is beautiful. When folded up, the device takes the shape of a simple square.

     The Galaxy Z Flip is directly inspired by Motorola's new Razr which will be available in a few days. The Samsung model is scheduled to be introduced on February 11th at the manufacturer's press conference, also dedicated to the much-anticipated Galaxy S20.

     It works like a normal device (albeit with a strange shape factor) when closed, and unfolds into a larger tablet when open. This has made a really convincing high-end device, and we also know that a successor is on the way. 

     Currently slated to launch as Galaxy Fold 2, this version has a flip phone form factor, just like Motorola did with its Razr smartphone.

     What we don't know yet, however, is how close we are to a release. The device has already had its dose of leakage with images, which tells us that we're not too far from product launch.

     And according to new reports, Samsung plans to release the device before the Galaxy S11 is released.

     That would make sense given the way the images already appear and how the device appears to be a direct competitor to Motorola's Razr phone, which in addition to being a shell phone, contains mid-range specifications.

     This device is supposed to carry a price tag of over $1,000 and may also have mid-range specifications, as evidenced by the dual rear camera configuration seen in the images.

     Of course, nothing is official, not even the name of the phone, as this "Galaxy Fold 2" doesn't look like a complete successor to the Galaxy Fold until it comes from Samsung itself.

     So we have to wait until we see it announced. If Samsung's next flagship products are launched during Unpacked 2020 before the MWC, it's likely that we'll see Samsung's new fold at CES 2020 or some other event in between.

Conception

     As mentioned earlier, the Galaxy Fold 2 will have a flap design reminiscent of the popular form factor of the 2000s. In other words, the phone will unfold vertically instead of opening like a book.

     Judging from the recently unveiled photos featuring the so-called Galaxy Fold 2, the phone will have a flexible main screen with an Infinity-O cutout, surrounded by fairly thick glasses that make it look a bit cheap.

     Unlike the Galaxy Fold, the clamshell suite has a very small cover screen to display key information such as time and notifications. A dual-camera configuration is located right next to the small screen.

     Samsung appears to use the same hinge design used by the original model, but it is unclear whether any aspects have been changed to promote durability. The hinge appears to share its color with the rest of the case, and the phone could be launched in black, white and purple.

     Overall, the Galaxy Fold 2 is intended to be a compact phone that can unfold to become twice as big. It doesn't quite follow the same philosophy as the original model, which was more focused on combining the phone and tablet form factors into one device.

Display

     The Galaxy Fold 2's internal flexible display should be between 6.7 and 6.9 inches. The exact number of pixels is unknown, but the aspect ratio seems to be higher than usual.

     Samsung is working to eliminate the durability issues that plagued the original Galaxy Fold by improving the more durable flexible screen protector, which is based on ultra-thin tempered glass rather than polyimide.

     However, it is unclear whether these new technologies will make their debut with the Galaxy Fold 2 clamshell, or the actual direct sequel to the original Fold, which is scheduled for release in the second half of 2020.

     As far as the cover display is concerned, there is simply not a lot of information to pass along, but it is clear that this will not be the main selling point, as you can see in the image above.

It is related to practical uses and maybe even basic notification animations, but there is nothing exciting about it.

Cameras and other specifications

     There is little information currently available on the full specifications of this device. However, it should now be obvious that the Galaxy Fold 2 valve has very little in common with the original model.

     Camera configuration is just another area that could not be more different from one device to another.

     While the Galaxy Fold, comes with no less than 6 cameras, the Galaxy Fold 2 clamshell, seems to be equipped with only three shooters, one of which is a selfie camera integrated in the Infinity-O display cutout.

     The other two rear-facing sensors seem rather disappointing, especially since most Samsung smartphones now have at least two main cameras. The Galaxy Fold 2, however, is simply content with a few sensors, which means it should be missing a telephoto or ultra-wide lens.

     The exact specifications of these sensors are unknown, but one could have a resolution of 108 MP, while the other could be a telephoto lens providing a 5x optical zoom, leaving the ultra-wide sensor out of the equation.

     We are also fairly confident that the Galaxy Fold 2 will have a 900 mAh secondary battery, residing in one half. It will probably be used to power the small screen in the lid, while a larger secondary battery should power the more demanding flexible panel and other internal components.

 Software Features

     The Galaxy Fold 2, launches App Continuity through the window. Samsung's custom software designed to seamlessly transition applications from the cover screen to the larger flexible panel and vice versa is no longer required by the flap design, as the cover screen is not capable of running applications.

     Judging from what we know so far, there is little custom software that the Galaxy Fold 2 clamshell will offer. There is simply no need for anything too sophisticated, and a 2.0 user interface coupled with Android 10 should be enough to provide a complete experience.

Find all the CES 2020 news on News Tech

     The clamshell form factor will present a different software challenge for Samsung, in that applications would resize when the device is folded in half and if additional features could be enabled in that position.

Share:

Read More

Totok App, An Espionage Tool

Totok looks like a popular chat app. It's secretly an espionage tool.

  

       Not to be confused with the Chinese TikTok, ToTok presents itself as a simple and secure way to chat via video or SMS, the popular ToTok chat application is said to be a secret spy tool of the United Arab Emirates.

     A New York Times report revealed that the ToTok messaging application, popular in the United Arab Emirates, is, in fact, a government spy tool, created for the benefit of intelligence services, and used to track the conversations and movements of citizens.

          Millions of users

     ToTok is only a few months old but it has been downloaded by users in the Middle East, Europe, Asia, Africa, and North America, according to the NYT.

     ToTok was launched earlier this year and has been downloaded by millions in the UAE, a country where Western messaging applications such as WhatsApp and Skype are partially blocked. 

     It promised "fast, free and secure" messaging and calling and has attracted users across the Middle East and beyond, becoming one of the most downloaded social apps in the U.S. last week.

     Citing U.S. officials as sources, the NYT reported that ToTok gives UAE spies access to conversations, movements and other personal information such as photos.

     Persian Gulf countries such as Saudi Arabia, the Emirates, and Qatar have previously turned to private companies - including Israeli and U.S. contractors - to hack into their rivals and, increasingly, their own citizens. 

     The development of ToTok, according to experts, has shown that governments can eliminate the middleman to directly spy on their targets who unknowingly, voluntarily hand over their information.

     Google deleted the application last Thursday and Apple withdrew it the next day. However, ToTok users, who already have the application on their phones, can continue to use it.

     Google Play Store showed that it alone had five million Android downloads before it was removed, while App-tracker, App Annie said ToTok was one of the most downloaded social apps in the United States last week.

          The role of DarkMatter

     The NYT reports that the publisher of the application, Breej Holding Ltd, is affiliated with DarkMatter, an Abu Dhabi-based intelligence and hacking company that is reportedly under investigation by the FBI for possible cybercrimes.

     According to the NYT, DarkMatter employs Emirati intelligence officials, former employees of the National Security Agency and former Israeli military intelligence agents.

ToTok, DarkMatter and the UAE Embassy in London did not immediately respond to a request for comment.

     The Times reports that ToTok's managing company, Breej Holding, is most likely a front for the Abu Dhabi-based cybersecurity company DarkMatter. The application is also connected to the UAE data-mining firm Pax AI, which shares offices with the UAE intelligence agency.

           Technical problem or permanent deletion

     ToTok has announced to users that it will soon be back in the app stores.

In a blog, he wrote that he was "temporarily unavailable" on the Apple App Store and the Google Play Store due to a "technical problem".

     "While current ToTok users continue to enjoy our service without interruption, we would like to inform our new users that we are well engaged with Google and Apple to resolve the issue," ToTok said in a blog.

     He pointed out that new users of Samsung, Huawei, Xiaomi and Oppo phones could still download ToTok from the phone manufacturer's own application stores.

     The company promised to return "in the near future" with new features such as payment, news, commerce, and entertainment.

     Other messaging services such as WhatsApp and Skype, which offer end-to-end encryption, are limited to the UAE. Although they can be used for messaging, they cannot be used for video calling.

Share:

Read More

A photo of Taylor Swift hiding a malicious crypto-mining code

The MyKings encryption botnet hides the code in Taylor Swift's photo

     A crypto mining botnet operator uses a Taylor Swift image to infect computers, embedding the malicious code in the image itself.

     The botnet, mainly known as MyKings, although also known by some security companies such as DarkCloud and Smominru, targets Windows servers.

     Attacks by MyKings botnet operators follow a predictable pattern: the botnet attempts various attacks against a server. Unpatched or inadequately patched Windows servers can be vulnerable to a wide range of attacks, the aim of which is to deliver a malware executable, most often a Trojan named Forshare.

     These servers host a variety of services, including MySQL, MS-SQL, Telnet, ssh, IPC, WMI, and Remote Desktop. Once passed, the botnet deploys various applications to extract crypto-money from the infected system before attempting to spread to others.

     This has allowed the botnet to grow very quickly. In its first few months of existence, MyKingz reportedly infected more than 525,000 Windows systems, earning its creators more than $2.3 million in Monero (XMR).

     As the MyKingz gang is also a big fan of the EternalBlue exploit, the botnet is buried deep in corporate networks, and its estimated size of half a million bots is probably much larger.

          The image of TAYLOR SWIFT

     The latest development in the way these botnet works was spotted this month by British security company Sophos. The change isn't a big problem in the grand scheme of things, but it's both interesting and fun.

     Since MyKingz's Internet scanning module identifies vulnerable hosts and gains a foothold on infected computers, they need a way to deploy various malware payloads on hacked systems.

          Sophos Labs discovers a Botnet in a JPEG image from Taylor Swift

     Analysis from Sophos Labs, a digital security company, shows that hackers are now trying to infect computers by hiding a malicious EXE file inside what looks like an innocent JPEG image.

     Usually, a popular and much sought-after celebrity does the trick, and this time they've chosen American pop singer Taylor Swift.

     According to Sophos, the MyKings team is now experimenting with steganography, a technique that allows them to hide malicious files inside legitimate files.

     The purpose of using this technique is to trick security software running on corporate networks.

     These security products will only see a host system download a banal JPEG file, rather than a very dangerous EXE file.

     MyKings is not, by any chance, the first malware gang to use steganography or celebrity images. 

     Last year, another malware gang used an image of the actress Scarlett Johansson to deploy malware on hacked PostgreSQL databases.

     The MyKings botnet is also one of the most relentless, constantly reappearing and targeting vulnerable Windows machines. 

     It is considered one of the most persistent and large-scale security threats against the operating system, exploiting almost every potential vulnerability opening.

     Hidden exploration is more difficult to catch, compared to the once widespread browser exploration. Botnets have been found to affect servers and computers even at institutions such as CERN. 

     Malicious malware is becoming increasingly difficult to detect as it more effectively hides its business processes. For consumer electronics, it is not so easily hidden and can be extremely damaging.

Share:

Read More

Alert To Smartphones Tracking Us

          Alert to smartphones tracking Us

       New York Times reporters were able to recreate the movements of 12 million U.S. citizens over several months, thanks to the database given to them by an anonymous informant.

          Invisible policing of geolocation databases

     The Times Privacy Project obtained a file, by far the largest and most sensitive file ever examined by journalists. It contains more than 50 billion location pings from the phones of more than 12 million Americans as they traveled through several major cities, including Washington, New York, San Francisco, and Los Angeles.

     Each piece of information in this file represents the precise location of a single smartphone over a period of several months in 2016 and 2017. The data was provided to Times Opinion by sources who asked to remain anonymous because they were not allowed to share it and could face severe penalties for doing so. 

     The sources said they had become alarmed at how the data could be misused and urgently wished to inform the public and legislators.

     The newspaper analyzed the data for months with the support of scientists, researchers, lawyers, etc. The newspaper has been working on the analysis of the data for several months. Apart from the superb animations that give the feeling of being in a video game where each point would represent a "Sims", what is clearly frightening is the level of detail of this information.

     After spending months going through the data, tracking the movement of people across the country and talking to dozens of data companies, technologists, lawyers and academics who study this field, we feel the same sense of alarm.

     In the cities covered by the data file, it follows people from almost every neighborhood and block, whether they live in mobile homes in Alexandria, Virginia, or in luxury towers in Manhattan, it even tracks the movements of hundreds of people walking the labyrinthine corridors of the Pentagon, the U.S. Department of Defense.

     The Times and other news organizations have reported tracking the smartphone in the past. But never with such a large data set. 

     Even then, this file represents only a small slice of what is collected and sold every day by the location-tracking industry - surveillance so ubiquitous in our digital lives that it now seems impossible for anyone to avoid it.

          A bug to geolocate Android users

     Disabling the location of your smartphone or tablet is no longer enough to escape Google... Since January 2017, the American giant has reportedly been collecting the geolocations of its Android clients, its operating system used every month by more than 2 billion active terminals around the world. 

     Google is said to have relied on relay antennas used by Android devices during an Internet connection, according to a survey by the American site Quartz.

     Specifically, the part of Android that manages the sending of messages and notifications collected this information without the users' knowledge, before sending it to Google. 

     According to the Mountain View firm, this aggregation of data would make it possible to improve "the speed and performance of message routing". 

     The information would never be used or even stored, according to Google. The U.S. company has pledged to stop collecting this data.

     This invisible data allowed journalists to put names to all the participants in the Women's March, which had gathered half a million people in Washington on 21 January 2017. 

     In this crowd, the NYT was able to follow the comings and goings of a senior Defense Department official. And see how he walked through the demonstration, which high school he went to, then identify the ceremony he attended, and so on. Imagine what a totalitarian society could do with that data...

     In the current state, the data "gleaned" is used in an opaque manner by companies specializing in the resale of profiles for marketing purposes. 

     Companies with little media coverage - with the exception of Foursquare, none of the names generally appear in consumer articles. But one thing is certain: the US legal framework around personal data is far too permissive. 

     Much more so than that of the European Union, where privacy is a little better respected, even serving as a reference in the world.

     Companies say that data is only shared with approved partners, we simply choose to take their word for it, showing a benevolent faith in the benevolence of business that we do not extend to the much less intrusive but more heavily regulated industries. 

     Even if these companies act with the strongest moral code imaginable, there is ultimately no foolproof way to secure data from falling into the hands of a foreign security service.

Share:

Read More

Uber pays $4.4 million for sexual harassment...

Uber Provides $4.4 Million to End Federal Sexual Harassment Investigation

     Victims of sexual harassment and retaliation on Uber's service will be dealt with. The California giant will also have to take steps to enforce its policy.

     The US Equal Employment Opportunity Commission (EEOC) announced on Wednesday 18 December that Uber had agreed to pay $4.4 million (€3.95 million) in compensation to its alleged victims of gender discrimination.

     According to a press release, Uber agreed to compensate "any person the EEOC finds to be a victim of sexual harassment and/or related retaliation".

     The agency did not specify in detail to which incidents the compensation relates, but recalled that proceedings had been initiated "after wide publicity in 2017 regarding the treatment of Uber employees".

     After an investigation by the Equal Employment Opportunity Commission (EEOC) resulted in a report on the culture of sexual harassment and retaliation against victims in the workplace, Uber agreed to pay a fine of $4.4 million.

     The investigation found that there are reasonable grounds to believe that such conduct existed at Uber, including under the leadership of its former CEO Travis Kalanick. 

     Tony West, Uber's General Counsel, went on to say that he was satisfied with the results of the investigation and that Uber is working to ensure that there is real fairness between people within the company.

     The agreement ends an investigation launched in 2017 in which the commission found reasonable grounds to believe that the transport technology company "allowed a culture of sexual harassment and retaliation against those who complained of such harassment".

     Uber also agreed to put in place new measures to identify individuals who are the subject of repeated complaints of sexual harassment as well as managers who fail to respond promptly to complaints.

     "The technology industry, among others, has often ignored allegations of sexual harassment when an alleged harasser is considered more valuable to the company than the person accusing him," said William Tamayo, Director of the EEOC.

     Uber Workers' Compensation is ending the EEOC's investigation concluding that there are "plausible grounds" to believe that the company "has fostered a culture of sexual harassment and retaliation against those who complain of such harassment".

         "We have worked hard to ensure that all employees can thrive at Uber by putting fairness and accountability at the heart of who we are and what we do," said Tony West, Director in a statement. Uber Legal. "I am extremely pleased that we have been able to work with the EEOC to continue to strengthen these efforts."

     A claims administrator will send notices to women who worked at Uber between January 1, 2014, and June 30, 2019. The commission will determine which claimants may be eligible for money from the $4.4 million funds.

     In detail, the fine will be paid to those who have been victims of sexual harassment or retaliation since January 1, 2014. The distribution of financial compensation will be the responsibility of the EOOC. In addition, Uber has decided to identify its employees who have been the subject of complaints from victims.

     This effort also concerns managers who have not taken initiatives against sexual harassment cases. As a result of the agreement between Uber and the EOOC, the company will also have to submit to the supervision of the agency's former commissioner, Fred Alvarez, for a period of three years. 

     EEOC Commissioner Victoria Lipnic said the agreement with Uber is designed to hold the company accountable for sexual harassment and retaliation against victims. Another objective is to put in place effective measures against this phenomenon. 

     The agreement between the parties also provides for the appointment of a claims administrator to collect grievances from former Uber employees who may have been victims of sexual harassment.

Share:

Read More

The end of Microsoft's support for Windows 7

          The end of Microsoft's support for Windows 7

      Windows 7 was one of Microsoft's most popular computer operating systems and most of us still use it.

     Microsoft's decision is not surprising. The ten-year-old operating system, which was launched on July 22, 2009, may have been incredibly popular - and it still is, according to NetMarketShare data from September 2018, 40.88% are still using Windows 7 - compared to 37.44% who switched to the latest operating system, Windows 10.

     However, in the shadow of Windows 10's success, it makes sense for Microsoft to devote all its time and effort to improve the new operating system.

     But like all operating systems before it, Windows 7 will eventually reach the end of its lifecycle, making upgrading an absolutely essential task for the security of your PC.

     Microsoft will continue to provide updates for the Microsoft Security Essentials (MSE) application, which is the built-in antivirus program included in Windows 7.

     This is despite the fact that Microsoft itself publishes an updated FAQ on Extended Security Updates for Win 7, which states that "your computer is not protected by MSE after the deadline. MSE is unique to Windows 7 and follows the same lifecycle dates for support.

     This has made it clear that MSE will not protect Win 7 users once it reaches the end of its life cycle when Microsoft will no longer support or update the aging operating system, but Microsoft seems to have changed its mind.

When does support for Windows 7 end?

     Microsoft ended standard support for Windows 7 on January 13, 2015, but extended support will not end until January 14, 2020. Learn the difference between standard support and extended support.

              Is Windows 7 still safe to use?

     Once an operating system enters extended support, it is still very safe to use, which means that Microsoft will continue to correct all security threats but will not add any new features (as it would during the "primary support" phase).

     January 14 2020, with the end of life of Win 7 fast approaching, Microsoft wants to ensure that users are aware that operating system support is ending and wants to encourage users to leave the operating system.

     As such, the company is releasing a Win 7 update - KB4493132 - that will display notifications reminding Windows 7 users to upgrade to Windows 10 before the end-of-life date. This update is optional, but anyone with automatic updates enabled will receive it.

     Microsoft also promises that the notification won't be too intrusive, and you can prevent it from reappearing, but this shows how serious Microsoft is about getting people to stop using it.

     When Windows 7 reaches its end-of-life phase on January 14, 2020, Microsoft will stop releasing updates and patches for the operating system. It is also likely that it will not offer help and support if you encounter problems.

     However, this does not mean that it will stop working on January 14, 2020 - you will still be able to use it for as long as you want. So, the good news is that you won't wake up on January 15th to find that your Win 7 PC won't boot anymore.

     The biggest problem with continuing to use Windows 7 is that it won't be fixed for new viruses or security issues once it reaches the end of its life, making you extremely vulnerable to emerging threats.

     In addition, if large numbers of people continue to use Windows 7 after the end-of-life date, this could actually be a great incentive for malicious users to target them with viruses.

Note from the support.microsof

Windows 7 Support Lifecycle

     Microsoft made a 10-year commitment to support Windows 7 when it was released on October 22, 2009. At the end of this 10-year period, Microsoft will discontinue support for Windows 7 in order to focus its investments on supporting new technologies and experiences. 

     The end date for Windows 7 support will be January 14, 2020. 

     After that date, technical support and Windows Update software updates to protect your PC will no longer be available for the product. 

     Microsoft strongly recommends that you upgrade to Windows 10 before January 2020 to avoid a situation where you will need service or support that is no longer available.

Share:

Read More

The FBI warns that the smart TV is spying on you

Your Smart TV could be spying on you, warn the FBI

     

     According to a new warning from the FBI, your Smart TV could be used by criminals to hack into your home computer network and spy on your every move. This includes watching you and your family, as well as attacking other devices on your home network.

     If you bought yourself a new Smart TV during the Black Friday sales, or are planning to buy one for the holiday season, you may want to take a moment to reconsider what you brought into your living room, or worse, your bedroom.

     While there are a lot of handy features that come with modern smart TVs - like the ability to immerse yourself in on-demand services like Netflix, Hulu and Amazon Prime Video at the touch of a button, stream videos from your smartphone to the big screen, and even make video calls with friends and family while you're relaxing on the couch.

     Smart TVs with an Internet connection allow users to browse the web and watch shows from their favorite streaming platforms. 

     They also come with a range of customizable features instead of remote control, including voice commands to browse channels or turn up the volume. 

     But the devices - equipped with cameras, microphones and, in some cases, facial recognition technology - are often poorly secured by their manufacturers compared to computers or smartphones, the FBI warned last week.

     This allows cybercriminals who can exploit the vulnerability of these Smart TVs to access home routers.

          New FBI warning about Smart TVs

     The local FBI office in Portland published a de blog article detailing all the ways someone could use the features of a smart TV for nefarious purposes.

     "Beyond the risk of your TV manufacturer and application developers listening and watching you, this TV can also be a gateway for hackers to come to your home," the agency wrote. 

     "A bad cyber-actor may not be able to directly access your locked computer, but your insecure TV set may give him an easy way to hide in the back door via your router."

     "At the lower end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos," said the FBI. "In the worst case, they can turn on the camera and microphone on your bedroom TV and silently intercept you." 

          People don't know the extent of the danger...

     As Internet-enabled devices become more and more common in the home, new security issues surround the technology. Earlier this year, a couple in Illinois reported that a hacker had talked to their baby via their Nest security cameras.

     Other organizations said they saw an increase in their electricity bills last year after hackers used their smart refrigerators to exploit Bitcoin.

     An investigation by Consumer Reports 2018 revealed that millions of smart TVs have security holes that are easy to exploit, and hackers have shown how bad actors can take control of the devices.

     In June, electronics maker Samsung even Twitted a reminder to smart TV owners to check their TVs for viruses every few weeks to "prevent malware attacks" - and then removed the Twitter after media coverage triggered a violent reaction.

     Earlier this year, the Washington Post found that some of the most popular smart TV manufacturers - including Samsung and LG - are collecting tons of information about what users are watching to help advertisers better target ads against their viewers and suggest what to watch next.

     The problem of TV tracking has become so problematic that a few years ago, smart TV manufacturer Vizio was fined $2.2 million after being caught secretly collecting viewing data from customers.

     Smart TVs collect a huge amount of viewer data to share with advertisers, including the programs people watch. 

     Unlike older analog devices, newer Internet-enabled TVs can also "crash" and require antivirus scanning, just like a computer.

     Smart TVs are clearly a viable entry point for hackers. But that doesn't mean you can't have your smart TV and enjoy your privacy too, according to the FBI post.

     Users need to understand the features of their smart TVs, the FBI advised, including how to turn them off if necessary. 

     The bureau also recommended changing passwords or even saving to the camera when the TV is not in use.

     The agency suggests that you do your research before buying a smart TV to make sure you understand all the security holes. 

     If you buy a TV, be sure to change the default passwords and find out how you can turn off its cameras or microphones.

     And if all else fails, the FBI suggests going back to basics and placing a piece of black tape on the smart TV's camera. 

     This may sound a little ridiculous, but it's better than giving a hacker a window directly into your home.

Share:

Read More

Ring And Nest Camera's Hacked

Ring and Nest cameras hacked to broadcast their jokes and your life on the Web

      In one of the strangest hacking cases of late, Ring and Nest cameras are targeted by non-profit hackers to be shared via a live video stream.

     Ring and Nest cameras are the extremely popular home surveillance devices owned and heavily marketed by Amazon.

     The company has signed partnership agreements with hundreds of police departments across the country, many of which have marketed and sold Ring devices on behalf of the company.

     These Internet-connected cameras have invaded much of the suburbs of the United States, as Gizmodo has shown using data that Ring left exposed. These hacks and this podcast turned devices designed to protect people's homes into surveillance devices that were returned to their owners.

     The NulledCast is a podcast broadcast live on Discord. It is a show in which hackers take control of people's Smart-home Ring Nest cameras and use their speakers to stalk and harass their unsuspecting owners.

     Badly configured, and with a weak password, Ring and Nest cameras are easy targets, some hackers have recently got into the habit of hacking them to make fun of users, and play tricks on them in video podcasts.

     These broadcasts were organized through a forum called "Nulled", broadcast on the Discord communication platform. They were announced in advance in order to capture a maximum audience among hackers, on which hackers also exchanged tools to hack these cameras.

    NulledCast Livestream hackers harass owners of Ring Cameras

     Ring camera owners in several states have been targeted with live streaming, and subsequent harassment of owners shared via NulledCast on the Discord digital distribution platform.

     The Livestream is linked to a forum called Nulled where tools to access Ring cameras are sold and exchanged.

       "Sit back and relax with more than 45 minutes of entertainment", says an advertisement for the podcast. "Join us as we progress on completely random tangents such as Ring & Nest Trolling..., make sure to join our Discord to watch the live shows. »

     For example, in Mississippi, a hacker talked to three young girls and introduced himself as Santa Claus. In Texas, another hacker demanded a ransom in Bitcoin from a couple. In New York state, a hacker woke up a woman by yelling at her, and in another case taunting a family in Florida with racial slurs.

     After the recent media attention on Ring hacks, Nulled members are scrambling to remove evidence of Ring hacks and distance themselves from the practice.

     "Hey NulledCast fans, we need to calm down on the ring trolling, we have 3 investigations and two of us are probably already screwed," wrote one of the NulledCast self-described podcast staff on a NulledCast Discord server. 

     "Let's drop the suggestions about what else we should do. This will always happen on a much smaller scale," they added on the Nulled forum, which has thousands of members, the administrators tried to remove all evidence of Ring hacking by moving the forum database back four days.

     A spokesperson for Ring previously stated in a press release: "Customer confidence is important to us and we take the safety of our equipment seriously. While we are still investigating this issue and taking appropriate measures to protect our aircraft based on our investigation, we are able to confirm that this incident is in no way related to a breach or compromise of Ring's security".

"As a precaution, we strongly and openly encourage all Ring users to enable two-factor authentication on their Ring accounts, add shared users (instead of sharing login information), use strong passwords and change their passwords regularly," he added.

New security warning for in-home smart cameras - ABC News

 
      But that doesn't mean it will go away. Hackers will no doubt find other channels to engage in this tasteless activity.

Share:

Read More

Vocal Assistants Spying On Our Private Lives

          Are the voice assistants spying on us?

       During this year, three publications have sounded the alarm about the fact that our voice-activated personal assistants (Alexa, Siri, Google Home, Google Assistant) are spying on us by employees of subcontracting companies, who listen to some of our interactions, as part of a quality control process.

     Not only are they in your home, your room, your office, your car, but they are also in our smart TVs, connected watches, smartphones, headphones and even in our microwave ovens and refrigerators. Voice Assistants, which allow us to get information simply by using our voice, are a must.

     That doesn't make them bad, but it does mean it's absolutely vital to know all the associated risks. You know not to give out your email password or do any top-secret work on public WiFi, but do you know exactly what kind of data the voice assistants collect around you? Do you know how to delete it?

     In fact, in 2015, Samsung made headlines by warning customers not to discuss personal information in front of their voice-activated smart TV.

     

     Research conducted by Microsoft in April 2019 suggests that 75% of US households will contain a smart speaker by 2020. But this emerging technology is not yet fully understood by the general public, who often think that their speech is monitored at all times.

     While voice assistants are "always listening" at the local level, they do not transmit any information until they hear the trigger word ("OK Google", "Hey Siri", etc.).

     Of course, this in itself is enough to create a significant privacy risk. Even people who regularly use voice assistant technology are aware of this.

     How Voice Assistants can invade our privacy

     Bloomberg has previously reported that Amazon had a team of thousands of workers around the world listening to Alexa's audit requests in order to improve the software. 

     Their tasks included listening and transcribing voice recordings. Some of the workers reviewing the customer recordings had access to some personal data, including the users' first names and locations.

     Since this year, users of voice assistants have known that their interactions are sometimes listened to by humans. This is because these systems cannot be improved by software processing alone. Human intervention is required.

     The reports have raised concerns among privacy advocates that the practice could violate users' rights, especially in cases where devices start recording unintentionally or without the user's knowledge.

     The Irish regulator that oversees Apple and Google in Europe said it is in talks with the two companies to get more details about voice assistants.

     "We will make our assessments and conclusions," a spokeswoman said. " We note that both companies stopped this processing, Google from mid-July and Apple in recent days."

     This is precisely the kind of privacy breach that could impact user confidence in Echo speakers and other voice assistant platforms.

     In even more malicious cases, an Application can tell a user that an update is ready, and that Alexa or Google Assistant needs to hear the user's password to install it. These are phishing attempts to obtain users' passwords and 

not legitimate requests from Amazon or Google.

          The impact on user confidence 

     Users need to be more aware of the potential of malicious voice applications that abuse their voice assistants. Using a new voice application should be considered with the same level of caution as installing a new application on your smartphone.

     While some users may not have realized the extent of human involvement on Alexa's backend, Microsoft's study indicates a general mistrust of the potential for privacy breaches and trust abuses that could occur on these PDA platforms.

     For example, 52% of the people surveyed by Microsoft said they were concerned that their personal information or data was not secure, and 24% said they did not know how it was used. Thirty-six percent said they did not even want their personal information or data to be used at all.

     These figures indicate that support platforms should offer all users the ability to easily and permanently opt out of data collection practices - one click away from saying that their voice recording and private information will go nowhere and will never be seen.

     Forty-one per cent of people were also concerned that their voice assistant would listen to them, or actively record them, and 31 per cent thought that the information collected by the assistant was not private.

     Fourteen percent also said they did not trust the companies behind the voice assistant, including Amazon, Google and all the others.

     Fantasies, arguments, conversations, racist comments, sex and sometimes aggression - everything can be captured at random. In the end, entire sections of life are actually delivered to the web giants and recorded by subcontractors.

     After the scandal caused this year by the revelation of human eavesdropping, Google suspended the transcripts of its Google Assistant. In general, Facebook, Apple, Microsoft and Amazon all now offer the option of restricting recordings and have improved their privacy clauses in this regard.

            Confidentiality Act

A respectful approach to privacy
United States

     In the United States, the privacy law is quite uneven at the moment. However, the direction of travel is unquestionably towards stricter regulation and greater consumer rights.

     California, which has long been a forerunner in protecting the privacy of its residents, recently passed one of the toughest data protection laws the United States has ever seen with the California Consumer Privacy Act ( CCPA ).

     Although the CCPA is not directly applicable to most small businesses, it should be taken as a sign of things to come. When stricter privacy regulations come into effect, your business will have a significant competitive advantage if it is already fundamentally compliant.

     It's also important to know that the United States has a fairly strict Children's Online Privacy Protection Act ( COPPA ). It has even been suggested that voice assistant technology itself is a fundamental violation of COPPA.

European Union

     The European Union is home to the most comprehensive and powerful data protection law in the world, the General Data Protection Regulation (GDPR).

     The GDPR covers almost all commercial activities in the EU that involve the processing of people's personal data. Recordings transmitted by voice assistants fall well within its scope.

     Any company operating in the EU (whether based in the EU or not) will have to think very carefully about why and how it uses voice assistant technology. Violations of the GDMP can lead to financially crippling sanctions. And it is a law that is easy to break if you don't take the time to understand how it applies to your business.

Share:

Read More