A Review of the Best News of the Week on Identity Management & Web Fraud
Google: Chrome Will Remove Third-Party Cookies and Tracking (Dark Reading, Jan 14 2020)
It’s “not about blocking” but removing them altogether, the company said.
Apple’s new privacy features have further rattled the location-based ad market (Digiday, Jan 15 2020)
People aren’t sharing data with apps thanks to Apple, and that’s left ad tech vendors with less location data to sell. Now, they’re trying to plug the gap with data from IP addresses or a mobile carrier.
Google voice Assistant gets new privacy ‘undo’ commands (Naked Security – Sophos, Jan 09 2020)
Google’s controversial voice Assistant is getting a series of new commands designed to work like privacy-centric ‘undo’ buttons.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~12,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Amazon’s Ring fired at least four employees for snooping on user videos (Ars Technica, Jan 09 2020)
Police, hackers, rogue employees… who can’t access Ring?
St Louis Man Jailed for $12m Tax Refund Scam (Infosecurity Magazine, Jan 13 2020)
Over 2000 fraudulent returns filed on behalf of victims
Google tests biometric authentication for Android autofill (Naked Security – Sophos, Jan 14 2020)
Google is testing out a feature to make Android’s built-in password manager safer.
Fake-review purge: Facebook boots 188 groups, eBay bans 140 shills (Naked Security – Sophos, Jan 10 2020)
After a poke from the UK’s watchdog, the companies promised to beef up filters to strain out those who write, buy and sell fluffy nonsense.
Indian National Pleads Guilty to Multimillion-Dollar Call Center Scam (Dark Reading, Jan 10 2020)
The India-based call centers scammed US victims out of millions of dollars between 2013 and 2016.
Lawmakers look to spread COPPA out to cover kids up to 16 (Naked Security – Sophos, Jan 13 2020)
If that bill passes, you can say bye-bye to YouTube, says one content creator.
Verizon offers no-tracking search engine, promises to protect your privacy (Ars Technica, Jan 14 2020)
With “OneSearch,” Verizon promises no cookie tracking or personal profiling.
Advocates ask colleges to avoid facial recognition as surveillance grows (Ars Technica, Jan 14 2020)
Facial recognition: one of the few ways college kids aren’t always tracked. Yet.
Fraud prevents a third of businesses from expanding digital capabilities (Help Net Security, Jan 14 2020)
40% of businesses say fraud impedes their expansion into new digital channels and services.
LastPass releases its 3rd Annual Global Password Security report (Graham Cluley, Jan 14 2020)
Many businesses are making significant strides in some areas of password and access security – but there is still a lot of work to be done. Use of important security measures like multifactor authentication is up, but the continued reality of poor password hygiene still hampers many business’ ability to achieve high standards of security.
Apple Privacy Executive Defends Encryption After FBI Request (IT Pro, Jan 08 2020)
Tech companies and governments have clashed for years over balancing law enforcement access and user privacy, most famously when the U.S. sought access to an iPhone from a terrorist who carried out a deadly shooting spree in San Bernardino, California.
Azure is now certified for the ISO/IEC 27701 privacy standard (Microsoft Azure Blog, Jan 13 2020)
Azure is the first major US cloud provider to achieve certification as a data processor for the new international standard ISO/IEC 27701 Privacy Information Management System (PIMS).