Apple bans developers from selling user contacts

Apple has strengthened its App Store guidelines for developers, explicitly stating they are not allowed to share user contacts. If an Apple developer creates a database of any user’s contacts and shares or sells that information without their consent, they will be banned from the developer programme and their content will be removed from the App Store. Applications will still be able to collect this data, but they must prompt the user for consent and tell them exactly what they will do with the data. Developers are responsible for ensuring…

Read More

US state passes law to regulate companies which sell personal data

The state of Vermont in the US has passed a law to crack down on data brokers, TechCrunch reported. Under the new legislation, companies in Vermont which collect and sell personal data must register with the state, have to put certain minimum security measures in place, and notify the authorities about security breaches. Using data obtained from a data broker for criminal purposes is now regarded as its own offence, which the state can prosecute. While private data such as medical records and credit scores are regulated in the United…

Read More

How to check if you are in South Africa’s latest massive data leak

A database containing sensitive personal data of South African citizens recently leaked online, as reported by iAfrikan. The data originated from a traffic fine platform and contains the names, ID numbers, cellphone numbers, email addresses, and plain-text passwords of 934,000 South Africans. Security researcher Troy Hunt – who runs Have I Been Pwned – worked with iAfrikan Digital founder Tefo Mohapi on the leak. Mohapi said the data was discovered on a public web server for a local company which processes electronic traffic fine payments. The company is ViewFines. The database contained…

Read More

Data leak exposes names, ID numbers, and plain-text passwords of 934,000 South Africans

A South African database containing sensitive personal data, which appears to have originated from a traffic department, has been leaked online. The information contained in this leak includes names, ID numbers, e-mail addresses, and passwords stored in plain text from South African citizens. Security researcher Troy Hunt – who runs Have I Been Pwned? – worked with iAfrikan Digital founder Tefo Mohapi on the leak. Mohapi explained that the database had close to 1 million personal records and was “discovered on a public web server that belongs to a company…

Read More

FBI inflated statistics on encrypted phones

The FBI told the US Congress for months that its investigators were locked out of nearly 7,800 devices in 2017, despite having a court order to the data contained on the phones. The Washington Post, however, has reported the statistic is inflated and is probably between 1,000 and 2,000 devices. According to the report, the FBI learned of the miscount in April and still does not have an accurate figure for the number of encrypted phones it received. An internal estimate from last week put the correct number of locked phones…

Read More

Amazon helps law enforcement with facial recognition technology

Amazon is teaming up with law enforcement agencies to deploy its new facial recognition technology. Amazon’s Rekognition technology provides accurate facial analysis and facial recognition. It can detect, analyse, and compare faces for a wide variety of user verification, cataloging, people counting, and public safety uses. Amazon Rekognition is based on the scalable deep learning technology developed by Amazon’s computer vision scientists to analyse billions of images and videos daily. Rekognition is a simple API that can analyse any image or video file stored in Amazon S3. The American Civil…

Read More

TeenSafe monitoring app leaks thousands of Apple IDs and passwords

TeenSafe, a service which promises parents secure monitoring of their children’s smartphone activity, has leaked thousands of Apple IDs and the plain text passwords of accounts, ZDNet reported. Among the activity TeenSafe allows parents to monitor is text messages, location, calls, web browsing, and app usage. The leak was discovered by UK security researcher Robert Wiggins who looks for data that has been inadvertently exposed publicly. Wiggins discovered two servers leaking data on Amazon’s cloud. After ZDNet informed TeenSafe about the breach, the company took the servers offline. The database on…

Read More

Why even worry about protecting your private data online?

Facebook landed in hot water recently following reports that data from the service was harvested by third parties. Political consulting firm Cambridge Analytica was accused of using the data while working on Donald Trump’s campaign to become US President. It disputed the allegations, saying it used data from other sources. South Africa has also seen its own large-scale leaks of personal data, with over 75 million unique records exposed when Jigsaw Holdings left a database unprotected on a web server. Having your personal information leaked online as part of the…

Read More

Cellphone surveillance in South Africa – We should all be afraid

Professor Jane Duncan has released a new book titled Stopping the Spies: Constructing and resisting the surveillance state in South Africa. In the book, Duncan argues that the Rica process and institutions have been run down, and the public safety and security risks are huge. The Regulation of Interception and Provision of Communication-related Information Act (Rica) came into effect in 2009 and serves as the basis for the lawful interception of citizens’ communications. The impact is mostly felt by South Africans when they have to produce identification and proof of…

Read More

Serbian police arrest The Dark Overlord hacker

Serbian police announced this week that they had arrested a suspected member of The Dark Overlord, a group known for hacking into a production studio linked to Netflix and obtaining unreleased episodes of shows. In 2017, The Dark Overlord threatened to leak episodes from the fifth season of Orange is the New Black unless Netflix paid a ransom. When Netflix did not pay, the group uploaded the episodes to The Pirate Bay. Since the arrest, a member in control of The Dark Overlord’s email account contacted Motherboard to state the group…

Read More