Featured: Privacy News Online – Week of JUNE 26th, 2020
Internet freedom under attack by Limiting Section 230 Immunity to Good Samaritan’s ActA new bill called The Limiting Section 230 Immunity to Good Samaritans Act has been introduced to the US Senate by Senator Josh Hawley. Like its name suggests, the bill would place limitations on the immunity provided by Section 230 of the Communications Decency Act. Section 230 currently protects internet freedom on the internet by making it so – simply put – websites aren’t responsible for the content that its users put online. However, the proposed bill will limit that immunity to those that the government deems “good samaritans.”
Billions of internet activity records tracked by Oracle’s BlueKai leaked onlineBlueKai leaked billions of internet activity records with an unsecured database running on AWS. BlueKai is a company that was acquired by Oracle and they use tracking pixels, cookies, and other web tracking techniques to build advertising profiles on internet users. Information collected includes age, location, preferences, etc. The discovery was revealed by security researchers and reported first by TechCrunch. The company hasn’t indicated whether they have informed affected people or even let the government know about the leak.
More Privacy News This Week:
Netgear Zero-Day Allows Full Takeover of Dozens of Router Models
Two separate groups of security researchers have discovered and reported a zero-day vulnerability in the firmware of 79 models of Netgear routers. The vulnerability allows complete takeover of the router and there is not a Netgear patch for it yet. The two separate groups are the Zero Day Initiative and Grimm. Netgear has known about the vulnerability since January but still hasn’t released its patch, which means many devices are currently at risk. https://threatpost.com/netgear-zero-day-takeover-routers/156744/
Delivery Hero Confirms Foodora Data BreachDelivery Hero has recently confirmed a data breach at its subsidiary Foodora that affects 700,000 accounts. The accounts are spread out over 14 different countries, and some of those countries don’t offer the Foodora app anymore but the data was still being stored. The breached data has been online since May but was only recently confirmed by the company. Breached information includes email addresses, hashed passwords, delivery addresses, and even delivery notes with information such as gate codes. Breached accounts were mostly in Europe but also elsewhere in the world including the United Arab Emirates, Hong Kong, Singapore, and Canada.
Massive spying on users of Google’s Chrome shows new security weaknessGoogle has removed another ring of malicious Google Chrome extensions from its Google Web Store. Before being removed, the malicious apps had been downloaded over 32 million times and is being billed as the largest attack of this kind ever discovered. The malicious extensions were able to steal web browsing activity and represents a big invasion of privacy. Awake Security was the firm that discovered and reported the malicious extensions.
Zoom: End-to-End Encryption UpdateZoom has reversed its previous decision and will allow free users to have access to end-to-end encryption. Zoom’s CEO has previously stated that the company wouldn’t offer end-to-end encryption to free users because the company would rather work closer with law enforcement. In order to meet their governmental requirements, Zoom will be requiring users to provide identifying information (such as a phone number) to utilize end-to-end encryption.
Russia lifts ineffective ban on Telegram messaging appThe Russian government has announced an end to their ban on the encrypted messaging app Telegram. Telegram was first banned in 2018 and the ban has reportedly never been effective, despite the Russian government taking many steps and causing collateral damage while trying to enact their ban. The messaging company has over 30 million users in Russia and those users will now be able to utilize the app without looking over their shoulder.