Only 4% of iOS users accept ad tracking, and other privacy and security news
Privacy
The big privacy news last week was about the requirement that iPhone users have to approve ad tracking in iOS 14.5. Facebook seemed to imply that this could end free content, with an interesting reaction: Facebook threatens to make iOS users pay. Please do it, Mr. Zuckerberg More broadly, users were urged Don’t Buy Into Facebook’s Ad-Tracking Pressure on iOS 14.5 Users are responding: Too Bad, Zuck: Just 4% of U.S. iPhone Users Let Apps Track Them After iOS Update
Trying to track people’s Internet usage, Facebook is not happy about transparency: Facebook bans Signal's attempt to run transparent Instagram ad campaign
Again, large and widely varied data leaks were disclosed
Data leak implicates over 200,000 people in Amazon fake product review scam
Justice Department seizes fake COVID-19 vaccine website stealing info from visitors
Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse
The Fortnite Trial Is Exposing Details About the Biggest iPhone Hack on Record
60% of School Apps Are Sharing Your Kids' Data With Third Parties
Innovation can have dark sides as well:
Artists Are Telling Spotify To Never Use 'Emotion Recognition'
Your Car Is Spying on You, and a CBP Contract Shows the Risks
Apple’s AirTag trackers made it frighteningly easy to ‘stalk’ me in a test
Musicians Demand Spotify Not Develop Emotional Speech Recognition Patent
At long last, privacy is starting to become a feature for business competition: Following Apple’s launch of privacy labels, Google to add a ‘safety’ section in Google Play Not all initiatives, though, appear to be completely successful: Privacy activist Max Schrems on Microsoft's EU data move: It won't keep the NSA away As we know, there is no escaping governments: Privacy is just for crooks, says enlightened government agency
Security
Last week’s focus on the national risks of ransomware appears to have been a premonition: Cyberattack Forces a Shutdown of a Top U.S. Pipeline Operator The approaches are getting more sophisticated: There's been a big rise in double extortion attacks as gangs try out new tricks A great lesson on how an attack evolved can be learned by reading how Ryuk ransomware finds foothold in bio research institute through student who wouldn’t pay for software
The vulnerabilities disclosed last week show the breadth of the security risks, and illustrate again that no software is safe:
Security researchers found 21 flaws in this widely used email server, so update immediately
Panda Stealer dropped in Excel files, spreads through Discord to steal user cryptocurrency
Three new malware families found in global finance phishing campaign
This malware has been rewritten in the Rust programming language to make it harder to spot
Apple reports 2 iOS 0-days that let hackers compromise fully patched devices
Cybersecurity warning: Russian hackers are targeting these vulnerabilities, so patch now
Smart cities are a tempting target for cyberattacks, so it's time to secure them now
Improving security, Google is turning on two-factor authentication by default.
The great expectations about the benefits of AI show a dark side as well: Hacking is a task AI will excel at (and we are not far from that point!)
Regulation
In what could drive a revolution in the software industry, German state ministers demand consumer protection from software errors. Making software providers liable for their wares could have a range of effects: it could improve software quality, it could slow down (mostly sloppy) innovation, and it could drive waves of legal actions. This will be interesting to watch!