Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Why voting online is not the way to hold an election in a pandemic: It is still too vulnerable to cyber-attacks and security breaches.
Travel involving nearly nine million cars in Britain was accessible merely by typing the system's IP address into a browser: https://www.theregister.co.uk/2020/04/28/anpr_sheffield_council/
Exclusive In a blunder described as “astonishing and worrying,” Sheffield City Council's automatic number-plate recognition (ANPR) system exposed to the Internet 8.6 million records of road journeys made by thousands of people, The Register can reveal.
The ANPR camera system's internal management dashboard could be accessed by simply entering its IP address into a web browser. No login details or authentication of any sort was needed to view and search the live system “ which logs where and when vehicles, identified by their number plates, travel through Sheffield's road network.
Britain's Surveillance Camera Commissioner Tony Porter described the security lapse as “both astonishing and worrying,” and demanded a full probe into the snafu.
https://www.theregister.co.uk/2020/04/28/anpr_sheffield_council/
IoT follies.
Nearly 3 in 5 Americans say they are either unable or unwilling to use the infection-alert apps under development by Google and Apple, suggesting a steep climb to win enough adoption of the technology to make it effective against the coronavirus pandemic, a Washington Post–University of Maryland poll finds. […]
A major source of skepticism about the infection-tracing app is distrust of Google, Apple and tech companies generally, with a majority expressing doubts about whether they would protect the privacy of health data. A 57 percent majority of smartphone users report having a ‘great deal’ or a ‘good amount’ of trust in public health agencies and 56 percent trust universities. That compares with 47 percent who trust health insurance companies and 43 percent who trust tech companies like Google and Apple.
Malicious Android apps from the so-called PhantomLance campaign targeted hundreds of users, and at least two slipped past Google's defenses.
https://www.wired.com/story/phantomlance-google-play-malware-apt32/
https://www.theregister.co.uk/2020/04/28/anpr_sheffield_council/
Connected kitchen gadgets are supposed to streamline cooking, but this one just gave me a headache.
https://www.wired.com/review/amazon-smart-oven/
This is laugh out loud funny.
Disney claimed that it owned “Maythe4th” and all your posts that use it. https://twitter.com/disneyplus/status/1254772307941191686
The reaction was predictable. https://www.bbc.com/news/technology-52457596
Professor Ross Anderson (University of Cambridge)) has put his lectures for his first-year Software and Security Engineering course online. Freely available.
https://www.cl.cam.ac.uk/teaching/1920/SWSecEng/materials.html
Avail yourselves.
There have been a number of reports and suggestions that people who have had COVID-19 may not have immunity. They are usually accompanied by statements that we need a vaccine. Of course, a vaccine just tricks the immune system into developing antibodies by exposing it to parts of/attenuated/dead the virus in question. However, if being infected with the virus does not create immunity, this makes developing an effective vaccine very difficult if not impossible.
Please report problems with the web pages to the maintainer