iBaby Monitors Can be Exploited by Hackers

Parents using an iBaby Monitor M6S should be aware it has multiple security problems that open it up to hackers.

That means any ne’er-do-well can purchase an iBaby monitor and use it to access files from every iBaby monitor. Unbelievable? Believe it. For legal reasons, the Bitdefender researchers did not access data belonging to other real-world users. Instead, they set up a second test device and verified access.

Reddit CEO Brands TikTok 'Fundamentally Parasitic'

It turns out the Reddit CEO is not a big fan of TikTok. Steve Huffman called the video-sharing app “fundamentally parasitic” and “spyware” at a recent event, TechCrunch reported.

The comments from Reddit CEO and co-founder Steve Huffman were some of the more controversial offered up during a panel discussion with former public policy exec Elliot Schrage and former Facebook VP of Product Sam Lessin. During a brief conversation about the feature innovations of TikTok, Huffman pushed back hard on the notion that Silicon Valley startups had something to learn from the app. “Maybe I’m going to regret this, but I can’t even get to that level of thinking with them,” Huffman said. “Because I look at that app as so fundamentally parasitic, that it’s always listening, the fingerprinting technology they use is truly terrifying, and I could not bring myself to install an app like that on my phone.” “I actively tell people, ‘Don’t install that spyware on your phone,’” he later added.

Amazon Transcribe Will Now Redact Personally Identifiable Information

Amazon Transcribe has made a good step forward in protecting users’ privacy. It now allows personally identifiable information (PII) – social security numbers, credit card details and the like – to be automatically redacted, VentureBeat reported.

Amazon Transcribe is part of Amazon’s AWS cloud unit and was launched in general availability in 2018. An automatic speech recognition (ASR) service, Transcribe enables enterprise customers to convert speech into text, which can help make audio content searchable from a database, for example. Contact centers can also use the tool to mine call data for insights and sentiment analysis. However, privacy issues have cast a spotlight on how technology companies store and manage consumers’ data. Text-to-speech services can be used to search for keywords and sentiment at a later date, but phone calls often feature significant private data that may be transcribed by Amazon and stored in a searchable database — even if that information is not necessary for analysis. Meanwhile, regulations are springing up around the world to protect consumer data — including the recently implemented California Consumer Privacy Act (CCPA) and Europe’s General Data Protection Regulation (GDPR).

NSA Spy Program Cost Taxpayers $100 Million and Was Overall Useless

Form 2015 to 2019 the National Security Agency (NSA) collected Americans’ domestic phone calls and texts. The program cost US$100 million but only one investigation was able to make use of that data.

Moreover, only twice during that four-year period did the program generate unique information that the F.B.I. did not already possess, said the study, which was produced by the Privacy and Civil Liberties Oversight Board and briefed to Congress on Tuesday.

“Based on one report, F.B.I. vetted an individual, but, after vetting, determined that no further action was warranted,” the report said. “The second report provided unique information about a telephone number, previously known to U.S. authorities, which led to the opening of a foreign intelligence investigation.”

Amazon's Eero Mesh Routers Now Support Apple HomeKit

Amazon’s eero mesh routers now support Apple’s HomeKit, AppleInsider reported. They are the first mesh routers to Apple’s smart home platform.

After appearing recently appearing imminent, Eero has finally made the update available to users of its eero, eero Pro, and eero Beacon models which add additional security for smart home devices. With HomeKit support, users are able to restrict communication for smart home devices to only communicate in the home, to the default connections recommended by the manufacturer, or no restriction whatsoever. With smart home devices controlling everything from our lights to our locks, knowing that they are prevented from sending data outside your abode can offer a great deal of peace of mind. The update is installed by heading to the “Discover” tab within the eero app.

Someone Stole Clearview AI’s List of Clients

Clearview AI gained notoriety for partnering with law enforcement on facial recognition, using its database of billions of scraped images from the web. But someone just stole its list of clients.

…Clearview AI disclosed to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts those customers had set up, and to the number of searches its customers have conducted. The notification said the company’s servers were not breached and that there was “no compromise of Clearview’s systems or network.”

Meanwhile, law enforcement on end-to-end encryption: “Who needs that kind of encryption, other than maybe the military? We don’t even — in law enforcement — use encryption like that.”

It’s ok to Complain About Intrusive iOS Ads

Macworld’s The Macalope is not known for pulling punches. This week the anonymous columnist joined the debate on iOS ads in typically robust fashion.

While The Macalope is not a fan of exaggeration, he’s even less a fan of junking up the iOS user experience. And that’s what ads do, even when they’re ads for Apple stuff. The Macalope has railed against Microsoft doing this on Windows so he can’t very well not rail against Apple doing the same. And there’s a problem with not complaining about it. Often if you don’t complain about bad behaviors, they never get fixed. It took five years of complaining to get Netflix to stop auto-playing previews of shows that we weren’t going to watch, but the complaining system worked eventually.

Could iPhone 12’s Fast 802.11ay Wi-Fi Be For AR Glasses?

The iPhone 12 is rumored to get support for 802.11ay, a high speed and low latency Wi-Fi standard. Jason Cross posits that it could be used for Apple’s AR glasses.

The alternative is to make the headset a relatively dumb set of displays and cameras, with all the processing happening on some sort of base station—like your new iPhone 12. An ultra-high speed, super low-latency connection like that provided by 802.11ay is a necessity to make that work.

A popular thought is that Apple Glasses will be an iPhone accessory like Apple Watch is (or, started out) with most or all of the processing happening on the iPhone.

Ex-Apple Board Member Bob Iger Quits as Disney CEO

Former Apple board member Bob Iger has announced that he is stepping down as CEO of Disney with immediate effect and becoming Executive Chairman, CNN reported. Tuesday’s move followed the successful launch of Disney+.

Iger has assumed the role of executive chairman and will direct the company’s creative endeavors, the company said. Iger will stay on at Disney through the end of this contract on December 31, 2021. “With the successful launch of Disney’s direct-to-consumer businesses and the integration of Twenty-First Century Fox well underway, I believe this is the optimal time to transition to a new CEO,” Iger said in statement.

 

When You Download Facebook Data, it Doesn’t Show Everything

Facebook isn’t being completely truthful about the data available in its “Download Your Information” feature. Some information is left out.

Privacy International recently tested the feature to download all ‘Ads and Business’ related information (You can accessed it by Clicking on Settings > Your Facebook Information > Download Your Information). This is meant to tell users which advertisers have been targeting them with ads and under which circumstances. We found that information provided is less than accurate. To put it simply, this tool is not what Facebook claims. The list of advertisers is incomplete and changes over time.

As Privacy International points out, this is in violation of GDPR because Facebook doesn’t let you see all of the advertisers that have your data.

AT&T’s Mandatory Arbitration Clause Deemed Illegal

A panel of judges in the U.S. Court of Appeals for the Ninth Circuit ruled that AT&T’s mandatory arbitration clause is unenforceable.

AT&T appealed that ruling to the US Court of Appeals for the Ninth Circuit, but a three-judge panel at that court rejected AT&T’s appeal in a ruling issued Tuesday. Judges said they must follow the California Supreme Court decision—known as the McGill rule—”which held that an agreement, like AT&T’s, that waives public injunctive relief in any forum is contrary to California public policy and unenforceable.”

The ruling can be found here [PDF].

FTC Sends Refund Checks to Victims of Tech Support Scams

The Federal Trade Commission will send refunds to tech support scams totaling US$1.7 million. The scam operated under Click4Support, claiming to be from companies like Apple and Microsoft.

The FTC will begin providing 57,960 refunds averaging about $30 each to victims of the scheme. Most recipients will get their refunds via PayPal, but those who receive checks should deposit or cash their checks within 60 days, as indicated on the check.

Apple’s “Secret” Monopoly

Will Oremus wrote an essay on Medium in which he argues that Apple is a monopoly, specifically when it comes to the App Store. I think a few good arguments could be made in support of this accusation. But my opinion lies with this quote:

Apple’s platform is significantly less open than Google’s: Unlike its rival, Apple doesn’t allow any app stores on the iPhone other than its own, and it doesn’t allow users to “sideload” apps downloaded from the web or elsewhere. The company says its goal is to ensure users can trust every app they download; allowing unapproved apps could expose users to privacy violations or malware.

The App Store isn’t perfect, but I believe it contains far fewer malware than Google’s Play Store. Apple’s restrictions also make it better for privacy, and thus better for people. I think price is a better argument than the walled garden. Or, I at least have more sympathy for indie developers rather than billion-dollar competitors to Apple.