Category: Security

The case for biometric authentication — and why we should ditch passwords


According to Forbes, business leaders from a variety of industries have joined forces to face one unexpected enemy. That enemy? Log-ins and passwords. The group includes such giants as PayPal, Amazon, Visa, MasterCard, and Aetna. The unnamed members of the group are the millions of people who throw their “password” book across the room because none of the listed log-ins and passwords ever seem to work. We are all united in our hatred of log-ins and passwords, but what is the alternative? There has to be some way to combat fraud. There has to be a way to protect our accounts.…

This story continues at The Next Web

Pardon the Intrusion #19: Paying for Privacy


Subscribe to this bi-weekly newsletter here! Welcome to the latest edition of Pardon The Intrusion, TNW’s bi-weekly newsletter in which we explore the wild world of security. COVID-19 accelerated the use of Zoom for video calling. But so did the security problems and revelations that it didn’t actually support end-to-end encryption (E2EE), misleading users about the security of the platform. In the aftermath, it promised to invest in E2EE on its platform, and acquired encrypted chat service Keybase in an attempt to secure its communications. All seemed well until yesterday: Zoom confirmed that it plans to offer stronger encryption features…

This story continues at The Next Web

California blocks bill that could’ve led to a facial recognition police-state


As images of police brutality flashed across our screens this week, Californian lawmakers were considering a bill that would have expanded facial recognition surveillance across the state. Yesterday, following a prolonged campaign by a civil rights coalition, the legislators blocked the bill. The Microsoft-backed bill had been introduced by Assemblyman Ed Chau, who argued it would regulate the use of the tech by commercial and public entities. But the ACLU warned that it was an “endorsement of invasive surveillance” that would allow law enforcement agencies and tech firms to self-regulate their use of the tech. [Read: Masks won’t protect you from facial recognition] Chau claimed that the bill would help…

This story continues at The Next Web

Signal can now automatically blur faces in photos — and you can use the images in any app


Thousands of people are protesting against police brutality and to support the Black Lives Matters cause. If you are a part of the protests, you might post photos of the demonstration around you on social media or send them to your friends — and that’s not entirely safe, because it could help identify people there and put them in danger. While its important to share these moments, it’s also important to use tools that might stop authorities from snooping on people in those photos. So, privacy-focused messenger Signal has launched a new tool in its app that automatically blurs the faces of…

This story continues at The Next Web

Zoom won’t encrypt free calls because it wants to comply with law enforcement


If you’re a free Zoom user, and waiting for the company to roll out end-to-end encryption for better protection of your calls, you’re out of luck. Free calls won’t be encrypted, and law enforcement will be able to access your information in case of ‘misuse’ of the platform. Zoom CEO Eric Yuan today said that the video conferencing app’s upcoming end-to-end encryption feature will be available to only paid users. After announcing the company’s financial results for Q1 2020, Yuan said the firm wants to keep this feature away from free users to work with law enforcement in case of the…

This story continues at The Next Web

7 ways to keep your personal information safe during protests


Protesting in the United States, and in many countries around the world, is a legally protected right — theoretically. But digital surveillance is increasingly being exploited by law enforcement to identify protestors, and threaten privacy, free speech, and due process in the name of crime prevention.  As Andy Greenberg and Lily Hay Newman wrote for Wired, “You should assume that any digital evidence that you were at or near a protest could be used against you.” Such surveilling methods now include the use of facial recognition, license plate scanners, and predator drones. Officers have also been using smartphones to monitor and…

This story continues at The Next Web

India’s popular BHIM payments platform reportedly leaks 7M users’ data


A data leak from India’s BHIM payment app exposed personal data of 7 million Indians including addresses, scans of Aadhar IDs, and caste certificates. A report from cybersecurity company VPN Mentor suggests that this 409GB database was stored in a misconfigured AWS S3 bucket, making all data publicly accessible. The report noted that the database belonged to BHIM’s website, which is mainly used for onboarding users. For the uninitiated, BHIM is an app based on the Unified Payments Interface (UPI) platform by the National Payments Corporation of India. Paytm, Google Pay, PhonePe, and WhatsApp payments are some other notable services that…

This story continues at The Next Web

Qatar’s COVID-19 tracker could’ve exposed the data of over 1M users


Who woulda thunk it? It turns out Qatar’s coronavirus contact tracing app, which the country made compulsory to install for residents last week, has glaring security holes. Amnesty‘s Security Labs found a critical vulnerability in the software — dubbed Ehteraz — which would have allowed attackers to obtain tons of highly sensitive personal information, including the name, national ID, health status, and location data of more than 1 million users. Fortunately, the issue has since been patched after Amnesty informed the Qatari government of the potential threat on May 21. The authorities responded promptly, releasing a fix on May 22. “While…

This story continues at The Next Web

Samsung’s new mobile security chip protects booting process and crypto transactions


Samsung introduced its second-gen security chip (S3FV9RR) for smartphones today. The chip, akin to Apple‘s T2 and Google’s Titan M chips, is designed to secure the booting process, parts of storage, and mobile-based payments. The Korean tech-giant launched its first Secure Enclave chip in February; it was used in the Galaxy S20 series later. The new chip is certified with Common Criteria (CC) EAL 6+ security standard, which makes it one of the most secure mobile solutions around. This level of security is used to protect data such as e-passports and hardware cryptocurrency wallets. The company says the security chip can protect…

This story continues at The Next Web

Or just read more coverage about: Security,Samsung

Pardon the Intrusion #18: Marcus Hutchins, the ransomware hero


Subscribe to this bi-weekly newsletter here! Welcome to the latest edition of Pardon The Intrusion, TNW’s bi-weekly newsletter in which we explore the wild world of security. Two contrasting developments unfolded in the US and Germany last week. While the US Senate voted to reauthorize the USA Freedom Act, allowing law enforcement to collect Americans’ browsing and internet search records without a warrant, Germany’s constitutional court ruled that the country’s intelligence agency, the Bundesnachrichtendienst (BND), can no longer spy on the world’s internet traffic without any restrictions. The bill takes aim at Section 215, a sweeping surveillance law in the…

This story continues at The Next Web