Weekly Tech News for March 17, 2019

Weekly Tech News for March 17, 2019
Raymond Tec News

 
 
00:00 / 17.59
 
1X
 

Intro

Welcome to the March 17th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news.

I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow that with the feature of the week, which is 5G. Then, to balance out the negative chi at the start of the show, I’ll finish out with a series of stories to restore your faith in technology, and, maybe, humanity.

Let’s dive in.

Data Breaches

Gearbest, a Chinese company that ships worldwide and has hundreds of thousands of sales per day, has been exposing unencrypted customer information on the web. VPN Mentor

A security researcher discovered a database containing more than a quarter million legal documents from all over the US. 30-40% of the documents were not intended for publication. The source of the database is unknown because it was taken down shortly after it was discovered. ZDNet

Box, a cloud storage provider like Google Drive and Dropbox, was leaking information of dozens of companies because of misconfiguration by those companies. TechCrunch

63red Safe, an app billed as the Yelp for Conservatives, has been leaking user records and business reviews according to a French security researcher. ZDNet

Singapore’s state-run health system has suffered another breach, this time exposing the data of more than 800,000 blood donors. ZDNet

Two mental healthcare providers announced they were hit with ransomware in two separate attacks. The affected practices are Delaware Guidance Services for Children and Youth and Green Ridge Behavioral Health in Maryland. Data Breach Today

Concord, Massachusetts-based Emerson Hospital has suffered a breach affecting 7,000 patients. Health IT Security

Hackers have broken into a system called Slate, which is used by more than 900 colleges and universities to collect and manage information on applicants. Dark Reading

Following up on last week’s Citrix breach, the company has announced it was Iranian hackers that stole 6TB of data from its internal network. Security Week

Last week’s estimate of over 700 million leaked email addresses from Verifications.io may have been low. The number of leaked emails may be closer to 2 billion. Sophos Naked Security

Equifax’s 2017 breach, which is still impacting the internet users, could have been avoided due to security weaknesses the company knew about for years, according to a new Senate report. Security Week

Moving on to Privacy Headlines.

Privacy Headlines

Facebook has announced it will use AI to identify and put a stop to the practice of posting nude images and videos of people, known as revenge porn. 9 to 5 Mac

Proving that it exercises too much control over what you see on its platform, Facebook has removed paid ads from Senator Elizabeth Warren criticizing the tech giant. TechCrunch

Kaspersky Labs has reported a new phishing scam targeting Instagram users. Scammers are sending emails with very realistic looking copyright violations which then ask for credentials. Kaspersky Labs

A second Tesla employee has filed a whistleblower tip with the SEC, alleging the company has been illegally spying on its employees. The Verge

9 to 5 Google has discovered two privacy flaws in Android. The first is in Android’s on-body detection smart lock. This feature is supposed to lock your phone automatically when it’s no longer in your hand or your pocket. Connecting a device to charge defeats the auto lock. The second flaw suggests that Android’s facial unlock is easily tricked and not as sophisticated as Apple’s facial recognition. 9 to 5 Google | 9 to 5 Google

AV-Comparatives, a European company, has released research that says most Android Antivirus apps are garbage. Wired

Mozilla, the makers of Firefox, have publicly launched their new free, secure, encrypted file sharing service. Besides being secure and encrypted, it also wipes files if uploaders set an expiration date. The service can be accessed from all browsers at send dot Firefox dot com. ZDNet

Natwest, a British bank, is testing a new type of debit card that has a built-in fingerprint reader and tap to pay, or NFC contactless, features. The Verge

Florida, mimicking Illinois’ progressive biometric data legislation, has proposed a bill that will protect people from the collection and use of biometric information like fingerprints and DNA. Health IT Security

The NYPD disclosed that it is using a pattern recognition software called Patternizr to help solve crimes. The Verge

Senators Ed Markey and Josh Hawley are planning to introduce a bipartisan bill that would give parents a set of privacy controls to prevent companies like Google and Facebook from collecting data about and targeting children with ads. The Verge

The European Union is about to vote again on its disastrous copyright bill, known as ACTA2. In response, more than 75 protests are organized across much of the EU next Saturday. I’ve linked to a Google map detailing all the protest locations. Google Maps

Russia has signaled that they intend to continue spying on their population by blocking encrypted email provider ProtonMail. TechCrunch

Victor Gevers, the security researcher who exposed China’s Muslim tracking database, has found and reported a database of 1.8 million Chinese woman the country has identified as being quote, “breed ready,” end quote. The Verge

Let’s move on to security headlines.

Security Headlines

Adobe has patched flaws in Sandbox, Photoshop CC, and its Digital Editions eBook reader. Security Week

This month’s patch Tuesday from Microsoft saw patches for 64 vulnerabilities, 2 of which are currently being exploited in the wild. The Hacker News

Microsoft has designed a new feature that will detect startup failures and uninstall buggy updates automatically. Now there’s even less reason to avoid updating your machines. The Hacker News

Don’t forget, support updates for Windows 7 will end with the end of 2019. If you’re still running a PC with Windows 7, it’s time to look at upgrading the operating system. ZDNet

A few weeks ago, I mentioned a 19-year-old bug in a Windows program called WinRAR. The bug is still being exploited, because the software doesn’t auto update. Please make sure you update to the latest version. The Hacker News

Google will be updating its Chrome browser to stop automatic downloads that can be hidden in ads on websites, reducing the chances of accidental infection. ZDNet

A first of its kind test is ending next week. Switzerland’s new e-voting system has been undergoing intense attacks by hackers and security researchers and they’ve discovered flaws which could have led to votes being changed. ZDNet

Parents be advised, rather than getting caught passing notes, students have turned Google Docs into the hot chat app by writing their messages in a Google Doc and sharing it. Reddit

Cisco has released a patch to a network monitoring tool used by many businesses that allowed attackers to access and view networks remotely because of a default password on a user account. Threatpost

But you don’t have to worry about hackers getting access to your stuff with insecure passwords, because you’re using a password manager, right? If you’re not, I recommend LastPass. LastPass allows you to sync passwords securely across your computer, phone, and tablets. More than just keeping a list of your logins, it generates secure random passwords for you and on many websites allows you to change your password with just a couple of clicks.

Don’t get caught recycling passwords, use LastPass. You can learn more about LastPass by visiting my affiliate link at Raytec dot co slash LastPass, that’s r-a-y-t-e-c dot c-o slash l-a-s-t-p-a-s-s.

Let’s move on to other headlines.

Other Headlines

This week Spotify sued Apple over what it’s calling unfair business practices. Apple charges developers a 30% fee for subscriptions processed through apps on its devices. Apple fired back pointing out that after the first year, that 30% drops to 15% and that Spotify wouldn’t be the platform that it is without Apple. The Verge

Google has publicly confirmed it paid two executives accused of sexual harassment 135 million dollars. The Verge

April will signal the official end of several Google apps including Inbox, Allo, goo.gl, and Google+. 9 to 5 Google

Tesla made two announcements this week. First, its Model Y compact SUV will be available in 2020, starting at 39,000 dollars. No word on if that price point will be available from the start. It’s second announcement was that only half of its showrooms will be closed, instead it will hike prices by 3%.  The Verge | TechCrunch

Telegram, a London-based instant messaging and voice app, saw a spike in user enrollment on Wednesday when a server configuration error at Facebook left much of the world unable to access Facebook, Facebook Messenger, WhatsApp, and Instagram. Sophos Naked Security

Amazon has quietly ended a controversial pricing agreement with third-party sellers where it required some of them to sell at a lower price on Amazon than anywhere else. The Verge

Netflix has agreed to remove footage from its horror movie, Birdbox, that contained actual video from a 2013 Canadian train wreck. The Verge

NBC is jumping on the free news-streaming bandwagon starting in May when it will roll out the all-digital NBC News Now. TechCrunch

PayPal has announced that it will soon be allowing instant transfer to bank accounts. TechCrunch

Hulu basic is now included in the cost of Spotify’s premium paid service. 9 to 5 Mac

Sydney, Australia has run into a new issue surrounding its smart city status. All its fancy, wirelessly connected gadgets are causing interference with Bluetooth audio devices. ZDNet

The videos and posts surrounding the white supremacist terror attack in Christchurch, New Zealand are actively being scrubbed from the internet by social media to stop the spread of hatred and conspiracy theories related. This has been made more difficult by the attackers’ knowledge of search and social media recommendation algorithms to spread the story quickly. I’ve linked to a couple of articles that detailed how this was done, that don’t spread the message of these terrorists. The Verge | Independent

That’s it for other news. Now for this week’s feature story.

Good News

Push to open buttons on commercial doors are a great accessibility feature for wheelchair users but can be troublesome for those with upper body limitations. Portal Entryways, a new startup, has solved that problem with a smartphone app that will connect with modified push to open buttons. TechCrunch

I know I often talk about how Facebook masquerades as a social media company when they’re just an advertising platform, but today I have a positive story of a community coming together on the world’s largest social media service. The Institute of Many, or T-I-M, is a grass-roots movement for HIV-positive people. It’s a closed Facebook group that gives its users a forum to talk about their condition, come to terms with the realities of it, and learn how to live with a positive diagnosis. According to the UN, there are close to 37 million people living with HIV and being diagnosed can be terrifying and isolating; T-I-M has been changing that. CNET

The Trash Challenge, the latest viral social media challenge has had astounding results. A man from Arizona named Byron Roman, took a picture of himself sitting amongst a litter strewn landscape, then took a picture of himself standing behind 9 full trash bags with the photo tagged “all you bored teens out there.” His post has now been shared more than 300,000 times. Thank you to Mister Roman for suggesting teens do something more productive than dancing next to cars and eating soap. CBC Radio

Back on December 23rd, I reported on Greta Thunberg, a Swedish teenager who began protesting the pollution causing policies of Sweden, the EU, and many other world governments. Her small but powerful voice at the United Nations Climate Change conference in Katowice, Poland have earned her a nomination for the Nobel Peace Prize and sparked a movement across the world. Students in 112 countries and over seventeen-hundred locales walked out of school for a peaceful strike on Friday, March 15th. Now, joined by hundreds of thousands of her peers, perhaps the world’s leaders may listen. The Verge

That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast.

As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include: a how to guide on getting your iPhone to stop tracking your every move, Beto O’Rourke’s announcement that he was in an infamous hacking group in his youth, a robotic claw inspired by a ferocious shrimp that shoots plasma, and much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media.

Thanks for listening and have a great week!