Flaw in Zoom can give anyone access to your webcam
The video conferencing tool Zoom had a massive backlash this week when security researcher Jonathan Leitschuh disclosed several security issues for Zoom users on Apple computers.
The flaw made it possible to activate users webcams by forcibly inviting them to ghost Zoom calls, it allowed any webpage to DoS (Denial of Service) a Mac by repeatedly adding a user to an invalid call, and it could reactivate uninstalled apps, all without permission from the user.
Zoom, who went public this year, is celebrated for being easy to use: you click on a meeting URL, the page launches the desktop app, and you're in a call. But, this comfort comes at a cost when a localhost web server installed to improve user experience leaves your system open to malicious attacks.
Worth noting is also that Jonathan Leitschuh requested a Zoom security contact via Twitter at March 8th without response. And when he finally got in touch with them on March 26th, he was informed that the Zoom Security Engineer was Out of Office.
Thousands of Google Assistant recordings with private information leaked by Dutch contractor
So, devices running the Google Assistant are always recording conversations and sounds inside the homes of their owners and Google then pays people to listen to some of the recordings and transcribe them into text. Also, a contractor just leaked over 1,000 recordings – some of them didn't follow an "activation" phrase like "Hey, Google."
Google confirmed the leak in a blog post and placed all of the blame on a single Dutch language reviewer. They also promise that any audio recordings sent to humans for transcription are "not associated with user accounts as part of the review process." But, VRT NWS, a Belgian broadcaster that got access to the material, was able to identify specific individuals based on the content of the recordings.
Now you might as – exactly – what, are the contractors hearing? VRT NWS describes it as "bedroom conversations, conversations between parents and their children, but also blazing rows and professional phone calls containing lots of private information."
In other words, things you would typically discuss in your home – in private; if private existed.
Facebook faces historical fine by the Federal Trade Commission
On Friday, the Federal Trade Commission beat Facebook with a record-breaking $5 billion fine for privacy violations. The penalty arrives after a more than one-year-long investigation and is the largest in the agency's history.
If the Justice Department's civil division approves the penalty, it will also be the first real punishment for Facebook in the US, after several years of a largely unregulated tech industry. The decision comes at a time when Washington's stance toward Silicon Valley has hardened, and this is its most aggressive action yet to control the repeated violations of privacy.
However, some questions are still unanswered, including whether Facebook CEO Mark Zuckerberg is held personally liable for the company's privacy violations, and the type of external oversight Facebook must embrace going forward.
Tool of the week: Front
Front is a smart inbox for teams that let you collaborate with your colleagues. But it's not only e-mail. Front makes it possible to take shared responsibility for Facebook Page messages, Twitter messages, website chats and forms, Intercom support messages, and so much more. You can even build your own integrations if you want to.
With Front, you'll have all your messages, and all your teammates, in one place. Someone will always be there to reply - when UPS have lost yet another package or your servers are taking a break - without having to jump from one tool to the next. You can assign messages to the right people, collaborate on drafts and loop in reinforcement when you have to. It's also possible to create advanced rules and canned responses for automatically taking care of your most common types of emails.
It might sound like a small win. But I don't even have a team to collaborate with yet, and I still benefit from getting everything in one place. And as soon as you start to add a couple of active Facebook pages with messages turned on, and a shared e-mail address or two the number of places to keep track of new messages increases drastically and so does the number of messages that you miss.
If you can relate, try it.
Anna Loverus Newsletter
Join the newsletter to receive the latest updates in your inbox.