A recent data breach has exposed a database of around 26 million text messages containing private customer information, reports TechCrunch. In addition to the privacy concerns, the breach also highlights the dangers of relying on SMS messages for receiving two-factor authentication codes or account reset links, which sees sensitive information sent over an unencrypted communications platform. The breach was brought to light by a Berlin-based security researcher named Sébastien Kaul, who discovered that the Vovox-managed database was discoverable, unprotected, and easily searchable for both names and telephone numbers. Since the server was still active after the breach was discovered, anyone could have monitored a near-real-time data stream to find the relevant two-factor authentication code sent after trying to log into someone else’s account. Only after being contacted by TechCrunch did Vovox take down the database, which contained text messages sent to customers from … [Read more...] about Major SMS security lapse is a reminder to use authenticator apps instead
Amazon google authenticator
If you're investing in a smart home, make sure your Wi-Fi network is secure. Jerry Gamblin, a popular hacker and self-professed security advocate, posted a blog onto his site detailing security vulnerabilities in the new Google Home Hub. The Home Hub is Google's recently released smart display that combines the voice controlled functionality of a smart speaker with a touchscreen for watching videos or scrolling through recipes. Gamblin tweeted out his findings:Another of his tweets called the Home Hub's security "dismal." In short, Gamblin found that you could use pieces of the Home Hub's code to remotely control the device and potentially put a user's information at risk. Gamblin didn't access specific user information in his hack, but he was able to remotely reboot the device, erase certain settings, and turn off notifications. Everything the Google Home Hub can do 14 Photos Google has responded to Gamblin's work. A spokesperson pointed out to CNET that by his own … [Read more...] about Google calls Home Hub security claims ‘inaccurate’
see also Everything Alexa but the kitchen sink Echo Show is $230 and boasts new design that isn't ugly Ways Alexa can help you get work done Does Amazon need an Alexa smartphone? Getting started with smart home tech for under $100 Amazon on Thursday unveiled a whole slew of new devices that will further incorporate its voice-activated assistant Alexa into people's homes, including a subwoofer, a smart plug and even a microwave. The tech giant is also updating its family of Echo smart speakers, the devices that have helped Amazon establish an early lead among voice-based interfaces. At an event at Amazon headquarters in Seattle, David Limp, Amazon's SVP of devices & services, asked reporters to "imagine a future that has thousands of devices in your home." In addition to rolling out several new and updated products, Amazon plans to accomplish that by facilitating more integrations with other product makers and providing new home services. Amazon's device strategy … [Read more...] about Echo everywhere: Amazon announces everything Alexa but the kitchen sink
The US government has called six tech companies to testify in front of the Senate about the privacy protections they deploy to safeguard consumer data and their privacy.The six companies asked to attend are Apple, Amazon, AT&T, Charter, Google, and Twitter. Social media giant Facebook was not on the list, but the company has recently faced at least two Senate hearings --one for the massive Cambridge Analytica privacy scandal, and a second, together with Twitter, on foreign political influence campaigns in the US carried out via social media.The meeting will take place on September 26, two weeks from now, and the companies, if they decide to attend, will answer questions from the Senate Committee on Commerce, Science, and Transportation.Also: State Department shamed for poor adoption of multi-factor authenticationUS Sen. John Thune (R-S.D.), the Committee's chairman, said the companies would have to "explain their approaches to privacy," but also how they plan to address the GDPR … [Read more...] about Apple, Amazon, Google, others called to testify on consumer privacy protections
Google has come under fire for its ties to China recently. The situation has the potential to get a lot worse now that Google is offering a Chinese security product to those who need protection the most. More security news Troll-killing internet software Trollteq arrives Telegram starts to play nice with security agencies over user data, but not in Russia Defense Distributed now sells 3D gun blueprints online, 'pay what you want' Meet the malware which hijacks your browser and redirects you to fake pages Earlier this month, the tech giant was criticised after reports emerged of its secret project to develop a Google search engine version catering to China's censorship regime. As reported by The Intercept, a team of Google engineers is working on a version of the search engine in an app which restricts content banned by Beijing by pulling blacklists on web content directly from China's Great Firewall censorship network. Dubbed Dragonfly, the custom search … [Read more...] about Why is Google selling potentially compromised Chinese security keys?