Search Results for “CNBC”

May 7, 2020
Ari Levy / CNBC

Ari Levy / CNBC  
Zoom Buys Keybase to Add End-to-End Encryption to Service as Part of 90-Day Security Plan

Meteoric conferencing app Zoom has acquired encryption security start-up Keybase, the first purchase in the company’s nine-year history, to add an end-to-end encryption option as the company seeks to tamp down concerns over the security of its service. Terms of the deal were not disclosed. The acquisition is the latest move in a 90-day plan that Zoom announced on April 1 to fix its security flaws. It will take a while to integrate Keybase’s technology into Zoom’s Software because it must be simplified from its current version which is used largely by security and cryptography experts.

Related: SecurityWeek, ZDNet Security, The Verge, TechCrunch, Verdict, Keybase, Zoom, ZDNet Security, San Jose Business News, CNET News, Techradar, Daily Dot, Reddit – cybersecurity, 9to5Mac, SecurityWeek, The Register, Slashdot, Silicon Republic, WRAL Tech Wire, Security Brief, Reuters, ARN, Tom’s Guide News, BusinessLine – Home, TechNadu, Asia One Digital, grugq’s domain, grugq’s domain, Tech Insider, BGR, NDTV, Help Net Security

Tweets:@alexstamos @alexstamos @TechCrunch @mountain_ghosts @evacide @thegrugq

SecurityWeek: Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
ZDNet Security: Zoom acquires encryption startup Keybase
The Verge: Zoom buys the identity service Keybase as part of 90-day security push
TechCrunch: Zoom acquires Keybase to get end-to-end encryption expertise
Verdict: Zoom acquires Keybase to add end-to-end encryption to videoconferencing
Keybase: Keybase joins Zoom
Zoom: Zoom Acquires Keybase and Announces Goal of Developing the Most Broadly Used Enterprise End-to-End Encryption Offering
ZDNet Security: Zoom acquires encryption startup Keybase
San Jose Business News: Zoom’s first M&A deal aims at shoring up security
CNET News: Zoom eyes security boost, acquiring secure messaging platform Keybase – CNET
Techradar: Zoom makes first ever acquisition in quest to boost security
Daily Dot: Zoom acquires encryption service in wake of security woes
Reddit – cybersecurity: Zoom acquires Keybase
9to5Mac: Zoom bought Keybase to bring end-to-end encryption to its videoconferences
SecurityWeek: Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
The Register: Zoom bomb: Vid conf biz to snap up Keybase as not-a-PR-move move gets out of hand
Slashdot: Zoom Acquires Keybase To Get End-to-End Encryption Expertise
Silicon Republic: Zoom acquires Keybase to improve video conferencing security
WRAL Tech Wire: Zoom says deal to buy security firm will ‘significantly’ enhance security
Security Brief: Zoom buys encryption startup in its first-ever acquisition
Reuters: Zoom pushes ahead on security, buying Keybase and reaching pact with New York
ARN: Zoom acquires secure messaging startup Keybase in security push
Tom’s Guide News: Zoom is getting its biggest missing feature
BusinessLine – Home: Zoom to build end-to-end encryption for the app with Keybase
TechNadu: Zoom Acquires Keybase and Will Soon Introduce End-to-End Encryption
Asia One Digital: Free basic Zoom accounts to get three more security features from May 9
grugq’s domain: Zoom + Keybase
Tech Insider: Zoom security advisor Alex Stamos explains how the acquisition of Keybase will help the red-hot videoconferencing app address its ‘unique’ challenges in adding end-to-end encryption (ZM)
BGR: You’ll have to pay for Zoom’s new end-to-end encryption feature
NDTV Zoom Pushes Ahead on Security, Buying Keybase, and Reaching Pact With New York
Help Net Security: Zoom acquires Keybase, a secure messaging and file-sharing service

@alexstamos: I am very happy that @zoom_us has bought @KeybaseIO and announced a plan to offer an end-to-end encrypted mode that works with Zoom's video quality and scale. Details from @ericsyuan
@alexstamos: @maxtaco, @malgorithms and the rest of the Keybase team built something special and now have a chance to change the baseline of security and privacy in enterprise communications forever. Coverage by CNBC:
@TechCrunch: Zoom acquires Keybase to get end-to-end encryption expertise | by @ron_miller
@mountain_ghosts: keybase, the service we've been trusting to verify public keys, has been bought by zoom, a company that spent the last 2 months tanking its security reputation. is this good
@evacide: Zoom buys Keybase in order to integrate end-to-end encryption which, until recently, they were claiming they had all along.
@thegrugq: Zoom buying Keybase is a really interesting move. They could actually deny every nation control over the video conferencing terrain. It could also open up interesting features with zoom, like in band file sharing.

April 8, 2020
Ryan Browne / CNBC

Ryan Browne / CNBC  
Zoom Hit With Class-Action Lawsuit by Shareholder Who Claims Company Failed to Disclose Security Problems, Despite News of the Suit Zoom’s Stock Rises More Than 4%

Zoom has been hit with a class-action lawsuit by one of its shareholders, Michael Drieu, in the U.S. District Court for the Northern District of California. Drieu alleges the company failed to disclose issues with its video conferencing platform’s privacy and security, a failure that has caused the company’s stock price to tumble.  Despite news of the lawsuit, Zoom stock was up more than 4% on Wednesday morning.

Related: Fast Company, Android Authority, ARN, The Next Web, TechNadu, CNBC Technology, Neowin, Business Insider, PhoneArena, BloombergTech Insider, Fin24, ZDNet, WCCFtech, TechNadu, NDTV, Reuters: Top News

April 4, 2020
Kif Leswing / CNBC

Kif Leswing / CNBC  
Democratic Senators Question Apple’s CEO on How Company Handles Personal Data Obtained Through Its COVID-19 Screening App

Four Democratic Senators, Robert Menendez, Richard Blumenthal, Kamala Harris, and Cory Booker, sent a letter to Apple CEO Tim Cook asking how the company handles personal data for its COVID-19 screening app and website and whether it complies with healthcare data regulation HIPAA. Apple released the app in March in partnership with the Centers for Disease Control, the White House-led coronavirus task force, and the Federal Emergency Management Agency. Many of the same senators plus Ohio Democrat Sherrod Brown sent similar questions to Verily CEO Andrew Conrad about the Alphabet company’s COVID-19 screening program.

May 4, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
Apple and Google Release Details on Their Coronavirus Contact Tracing App, Only Governments Will Have Access to API, Location Tracking Banned

Apple and Google have released new details on their Bluetooth-based system that will let health care authorities track potential encounters with Covid-19, making clear that only government agencies, preferably at the national level, will be given access to the application programming interface. However, the two tech giants are willing to work with regional and state-level authorities. If government-run apps want access to Apple and Google’s Bluetooth-based system, they won’t be allowed to collect location data. They must ask for consent before collecting information on a user’s proximity to others. They will also need permission to upload any information from the phones of Covid-19 positive people as well. The two companies also published sample user interfaces for the first time. However, they say the images for how the contact tracing system will work are merely for reference because health agencies will build the final apps.

Related: Data Protection Report, ET news, CPO Magazine, The Register – Security,, TechTarget, MSSP Alert, Computer Business Review, Voice of America, Panda Security Mediacenter, MacDailyNews, MacDailyNews, The Sun, TechTarget, Vox, Reuters, Ars Technica, RT USAAndroid Authority, xda-developers, CNBC, Slashdot, MacDailyNews, Engadget, The Verge

Tweets:@a_greenberg @Wired @josephmenn @ncweaver @lukOlejni

Data Protection Report: StopCovid: the French contact-tracing app
ET news: France’s StopCovid app to begin testing before wider rollout
CPO Magazine: MIT Researchers Develop a COVID-19 Contact Tracing App That Preserves Privacy Using Random IDs
The Register – Security: India makes contact-tracing app compulsory in viral hot zones despite most local phones not being smart Digital Contact-Tracing Apps: Hype or Helpful?
TechTarget: Research institutes warn of necessity for UK contact-tracing app to…
MSSP Alert: COVID-19, Contact Tracing and U.S. Government Surveillance Concerns: Research
Computer Business Review: ICO Releases Data Protection Guide for Contact Tracing Apps
Voice of America: European Virus Tracing Apps Highlight Battle for Privacy
Panda Security Mediacenter: What to expect from the upcoming Apple and Google contact tracing apps
MacDailyNews: France continues to insist on centralized COVID-19 contact tracing while Apple refuses to budge
The Sun: What is the contact tracing app and how do I download it?
TechTarget: NHSX contact-tracing app needs legislative oversight
Vox: Contact tracing, explained
Reuters: Apple, Google ban use of location tracking in contact tracing apps
Ars Technica: Here’s how Apple, Google will warn you if you’ve been exposed to COVID-19
RT USA: Google & Apple set some lucky programmers up for lucrative monopoly with new rules for contact-tracing app
Android Authority: Google, Apple lay out strict rules for Exposure Notification API, no GPS data
xda-developers: [Update 5: Screenshots, No Location Tracking] Google and Apple announce the Contact Tracing API and Bluetooth spec to warn users of COVID-19
CNBC : Apple and Google reveal what their coronavirus contact tracing system might look like (CNBC: Top News)
Slashdot: Apple, Google Ban Use of Location Tracking in Contact Tracing Apps
MacDailyNews: Apple, Google ban use of location tracking in contact tracing apps
Engadget: Apple and Google tell health departments their privacy requirements for coronavirus tracking
The Verge: Apple and Google show what their exposure notification system could look like

@a_greenberg: Google and Apple have clarified a few more privacy restrictions for the apps that will use their Bluetooth-based Covid-19 exposure alert system. They've also shown some examples of what it could look like:… This will not be a fun push notification to get.
@Wired: Apple and Google have released new details on their contact tracing plans. Only government agencies will be able to access the application programming interface, and the apps will not be allowed to collect location data. Here's how the apps might look:
@josephmenn: Apple, Google ban use of location tracking in contact tracing apps
@ncweaver: OK, I'm starting to agree with @stewartbaker that Apple & Google are taking the privacy thing too far: Keeping location data on the phone for contact tracing for 14 days, along with the bluetooth contact data, is privacy sensitive and reasonable.
@lukOlejni: Google and Apple will ban the use of geolocation to contact tracing #COVID?19, including for government apps. Technological policing? ;)

May 19, 2020
Jasper Jolly / The Guardian

Jasper Jolly / The Guardian  
EasyJet Says Personal Data on Nine Million Customers Were Accessed in ‘Highly Sophisticated’ Cyberattack, Over Two Thousand Customers’ Credit Card Details Stolen

European budget airlines EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyberattack on the airline. The company said that email addresses and travel details were accessed, and it would contact the customers affected. Of the 9 million people affected, 2,208 had credit card details stolen, but no passport details were uncovered. Those customers whose credit card details were taken have been contacted, while everyone else affected will be contacted by 26 May. EasyJet offered no details of the hack but said it had “closed off this unauthorized access” and reported the incident to the National Cyber Security Centre and the Information Commissioner’s Office (ICO), the data regulator.

Related: BBC News, TechCrunch, Associated Press Technology, Financial Times Technology, Bloomberg, CNBC Technology, Information Age, Evening Standard, Graham Cluley, Channel News Asia, France 24, IT Pro, PerthNow, Thomas Brewster – Forbes, RT News, MediaNama: Digital Media in India, POLITICO EU, Computer Business Review, The Sun, BetaNews, Voice of America, The State of Security, The Loadstar, RTE, Sky News, Independent

Tweets:@lukOlejnik @dcuthbert @joetidy @racheltobac @zsk @jc_stubbs

BBC News : EasyJet admits nine million customers hacked
TechCrunch: Europe to Facebook: Pay taxes and respect our values — or we’ll regulate
Associated Press Technology: EasyJet reveals ‘sophisticated’ hack of customer details
Financial Times Technology: EasyJet says hackers accessed travel details of 9m customers
Bloomberg: EasyJet Says Hackers Accessed Data of 9 Million Customers
CNBC Technology: EasyJet hack leaves 9 million customers’ details exposed
Information Age: EasyJet data breached, over 9 million customers affected
Evening Standard: Millions of easyJet customers at risk after hackers access personal details
Graham Cluley: EasyJet hack impacts nine million passengers
Channel News Asia: EasyJet hit by cyber attack, hackers access 9 million customers’ details
France 24: Hackers access details of millions of easyJet passengers in cyber attack
IT Pro: Easyjet hack exposes details of nine million customers | IT PRO
PerthNow: Cyber attackers target easyJet
Thomas Brewster – Forbes: EasyJet Hacked: 9 Million Customers And 2,000 Credit Cards Hit
RT News: Hackers steal personal data of 9 million EasyJet costumers in ‘highly sophisticated’ cyber attack
MediaNama: Digital Media in India: Hackers accessed details of 9 million EasyJet customers, credit card details of 2K+ people
POLITICO EU: Easyjet cyberattack hits 9 million customers
Computer Business Review: EasyJet Hacked: 9 Million Customers Affected
The Sun: EasyJet hit by cyber attack with 9million customers details stolen
BetaNews: easyJet hit by ‘highly sophisticated’ cyberattack: 9 million customers’ details exposed
Voice of America: EasyJet Hit by Cyber Attack, Hackers Access 9 mln Customers’ Details 
The State of Security: Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident
The Loadstar: SN: EasyJet: Nine million customers’ details ‘accessed’ by hackers
RTE: EasyJet hit by ‘highly sophisticated’ cyber attack
Sky News: EasyJet: Nine million customers’ details ‘accessed’ by hackers
Independent: EasyJet hacked: 9M customers’ details stolen

@lukOlejnik: Hacked EasyJet. Stolen data of 9M customers, for >2000 of them this includes credit card numbers. Users to be contacted gradually. Certainly not a good time to be an airline :)
@dcuthbert: My personal details are 99% included in this. So, let's play a game shall we? #easyjet
@joetidy: EasyJet’s stock exchange notice about the cyber attack here. Looks like they’ve taken all the correct steps (notifying ICO/ NCSC) etc but if the hack happened in Jan - why are we only learning of it now?
@racheltobac: Prepare to receive phishing emails, texts or calls pretexting as your bank looking to investigate fraud on your account, airlines attempting to cancel, rebook, or alert you to changes on your account, and much more. Contact back using 2nd form of comms ImpRobot face
@zsk: And now my inbox overfloweth with "comments" from PR people's cybersecurity clients, all of whom are scrambling trying to connect the EasyJet data breach with the Covid19 pandemic.
@jc_stubbs: Scoop >> The cyberattack disclosed by #easyJet earlier today is thought to be the work of a suspected Chinese hacking group that has targeted multiple airlines in recent months, two sources tell @Reuters

April 20, 2020
Ian Barker / BetaNews

Ian Barker / BetaNews  
COVID-19 Cyberattacks Soar to 14,000 Per Day, Hundreds of Malicious or Suspicious New Domains Registered Related to Stimulus Checks

COVID-19 related cyberattacks rise to an average of 14,000 a day this month, which is six times the average number of daily attacks compared to March, researchers at Check Point Security report. Between April 7 and 14, the average number of daily attacks increased sharply to 20,000, 94 percent of which were phishing. The researchers further found that in March, a total of 2,081 new domains were registered related to stimulus relief packages, with 38 being malicious and 583 suspicious. In the first week of April, 473 were registered, 18 malicious, 73 suspicious.

May 15, 2020
David Shepardson, Karen Freifeld, Alexandra Alper / Reuters

David Shepardson, Karen Freifeld, Alexandra Alper / Reuters  
Trump Administration Blocks Chip Supplies to Huawei Raising Fears That China Will Retaliate, Commerce Department Separately Extended Ability of Rural Telcos to Use Huawei Gear

The Trump administration moved to block global chip supplies to blacklisted telecoms equipment giant Huawei Technologies spurring fears of Chinese retaliation and hammering shares of U.S. producers of chipmaking equipment. Under a new rule developed by the Commerce Department, U.S. authority to require licenses for sales to Huawei of semiconductors made abroad with U.S. technology has been dramatically expanded to halt exports to China’s leading smartphone maker. Reports indicate that China is getting ready to put U.S. companies on an “unreliable entity list,” as part of the retaliation against the U.S. move against Huawei. Among the measures contemplated are launching investigations and imposing restrictions on U.S. companies such as Apple, Cisco, and Qualcomm as well as suspending purchase of Boeing airplanes.  The move also hits Taiwan Semiconductor Manufacturing, the biggest contract chipmaker, and key Huawei supplier, which just announced plans to build a U.S.-based plant. Separately, the Commerce Department extended a temporary license that was set to expire on Friday to allow U.S. companies, mostly rural telcos, to continue doing business with Huawei through August 13.

Related: Global Times, Global Times, iMore, Law360, Computer Weekly, SiliconANGLE, Wired, New York Times – Business, South China Morning Post, Cyberscoop, WCCFtech, MacDailyNews, Android CentralZero Hedge, xda-developers, Digit, Multichannel, Law360, – Software Industry News, CNBC Technology, Reuters: Business News, The Hill: Cybersecurity


Global Times : Shares of key US firms dive as Chinese govt source leaks retaliation plan on Huawei ban
Global Times : Insider reveals details on China’s plan to target US tech giants to retaliate against Huawei ban
iMore : China threatens companies like Apple with investigations and restrictions
Law360: US Aims To Muscle Huawei Out Of Global Chip Supply Chain – Law360
Computer Weekly: US maintains ban on Chinese tech firms as Huawei, ZTE make 5G leaps
SiliconANGLE: U.S. implements new rules to restrict Huawei’s access to chip technology
Wired: The US Will Help a Taiwan Firm Build a Chip Plant in Arizona
New York Times – Business: U.S. Delivers Another Blow to Huawei With New Tech Restrictions
South China Morning Post: US plans to further restrict Huawei’s development of semiconductors using American technology
Cyberscoop: US Commerce Department tightens screws on Huawei export controls
WCCFtech: Huawei Crippled by the Latest Round of U.S. Sanctions as the Broader Chipmaker Sphere Plunges Into the Red
MacDailyNews: China ready to target Apple, other U.S. firms in retaliation against U.S.’ Huawei ban
Android Central : Trump administration will soon begin blocking Huawei’s global chip supply
Zero Hedge: Futures Tumble After US Restarts Trade War With China, Locks Out Huawei; China Vows Retaliation Against Apple, Boeing
xda-developers: Win a Huawei P40 Pro+ [Open to all Countries]
Digit: Jios new Rs 999 prepaid plan gives users 3GB daily data with a validity of 84 days
Multichannel: Commerce Targets Huawei with New Restrictions
Law360: US Aims To Muscle Huawei Out Of Global Chip Supply Chain – Law360 – Software Industry News: Capitol Report: Trump administration moves to cut Huawei off from semiconductor suppliers
CNBC Technology: U.S.-China tensions rise as Trump administration moves to cut Huawei off from global chip suppliers
Reuters: Business News: U.S. moves to cut Huawei off from global chip suppliers
The Hill: Cybersecurity: Commerce Department cracks down on Huawei’s access to chips

@SariArhoHavren: On Friday, “the Trump administration moved to block shipments of semiconductors to Huawei from global chipmakers. The US Commerce Department said it was amending an export rule to strategically target Huawei's acquisition of semiconductors.."

May 7, 2020
Lindsey O'Donnell / Threatpost

Lindsey O'Donnell / Threatpost  
China’s Naikon APT Group is Waging an Espionage Campaign Against Several Governments in the Asia-Pacific Region

Although seemingly silent since Kaspersky Lab discovered them in 20015, China’s state-backed hacking group, the Naikon APT group, is behind a five-year campaign against several governments in the Asia-Pacific region, researchers at Check Point said. The campaign, which accelerated in 20019 and during the first quarter of 2020, is targeting countries in the APAC region, including Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei, in a quest to gather geopolitical intelligence. The attackers are using phishing emails with attachments that contain an invisible cyberattack tool called Aria-body, which had never been detected before and had alarming new capabilities. Naikon will continue to pose as a significant threat, Check Point said, as it uses new server infrastructure, ever-changing loader variants, in-memory fileless loading, and a new backdoor.

Related: CyberSecurity Help s.r.o., TechRepublic, Check Point Research, Engadget, The Hacker News, Reddit – cybersecurity,, CNBC, New York Times, The Times of Israel, Mother Jones, BetaNews, 9News ,, PerthNow, Braidwood Times, The New Daily,, The West


CyberSecurity Help s.r.o.: Naikon APT silently spied on government entities in the APAC region for at least five years
TechRepublic: Report: Chinese-linked hacking group has been infiltrating APAC governments for years
Check Point Research: Naikon APT: Cyber Espionage Reloaded
Engadget: A Chinese hacking group is reportedly targeting governments across Asia
The Hacker News: This Asia-Pacific Cyber Espionage Campaign Went Undetected for 5 Years
Reddit – cybersecurity: Naikon APT Hid Five-Year Espionage Attack Under Radar New ‘Aria-body’ backdoor gets advanced hackers ?back in the spy game
CNBC: New cybersecurity report says China-based group is hacking Asia-Pacific governments
New York Times: Naikon, Group Tied to China’s Military, Deploys Debilitating New Cyberattack Tool
The Times of Israel: Israeli firm says Chinese cyber-espionage tool used to spy on governments
Mother Jones: Amid Coronavirus Cyber Attacks, a New Report Sheds Light on a Major Chinese Hacking Group
BetaNews: Hacker group has targeted Asia Pacific governments in five-year campaign
9News : Top WA department in ‘China cyber attack’ – 9News Premier hit by hackers with China link
PerthNow: WA Government ‘targeted’ by Chinese hackers with advanced cyberattack tool: report
Braidwood Times : McGowan office in ‘China cyber attack’ – Braidwood Times
The New Daily: WA Premier Mark McGowan’s office targeted in ‘China cyber attack’ Premier hit by hackers with China link
The West : Chinese hackers targeted Premier Mark McGowans office with advanced cyberattack tool, report claims

@ronenbergman: NEW- cyber group affiliated with Chinese intelligence,is using a new never-seen-before powerful hacking weapon, in a series of attacks on embassies,government offices and state owned technology and science companies in Asia and Australia W\ @stevenleemyers

April 28, 2020
Joel Schectman, Christopher Bing, Jack Stubbs / Reuters

Joel Schectman, Christopher Bing, Jack Stubbs / Reuters  
Many Surveillance and Cyberintelligence Firms Are Marketing Repurposed Law Enforcement Hacking Tools to Track Coronavirus Infections and Enforce Quarantines

At least eight surveillance and cyberintelligence companies are attempting to sell repurposed surveillance and law enforcement hacking tools to track the coronavirus and enforce quarantines, based on documents and interviews Reuters obtained.  Among those companies identified by Reuters as marketing their hacking and surveillance software to countries around the globe are Intellexa, Verint, NSO Group, Rayzone Group, Cobwebs Technologies, Patternz, and Cellebrite. Israeli mobile phone hacking software company Cellebrite is offering its mobile phone hacking and surveillance capability to help authorities learn who a coronavirus sufferer may have infected.  According to a Cellebrite email pitch to the Delhi police force this month, authorities can siphon up coronavirus-positive patients’ location data and contacts, making it easy to “quarantine the right people.” Although the company sees this tracking as done with users’ consent, they also concede that police can use their tools to hack into confiscated devices. Cellebrite is also offering a version of its product line for use by healthcare workers to trace the spread of the virus that causes COVID-19, but says the tools can only be used with patient consent and can’t hack phones. Israel is the only country known to be testing a mass surveillance system pitched by the companies, asking NSO Group, one of the industry’s most prominent players, to help build its platform.

Related: Reuters, AppleInsider, iTnews – Security, MacDailyNews, CNBC Technology

Tweets:@jc_stubbs @howelloneill @bing_chris @bing_chris @bing_chris @bing_chris @bing_chris @joel_schectman @razhael @ron_deibert @ericgeller

Reuters: Tracing COVID-19
AppleInsider: Cellebrite pitching iPhone hacking tools as a way to stop COVID-19
iTnews – Security: Special Report: Cyber-intel firms pitch governments on spy tools to trace coronavirus
MacDailyNews: Cellebrite pitches governments iPhone spy tools for coronavirus contact tracing
CNBC Technology: Cyber-intel firms pitch governments on spy tools to trace coronavirus

@jc_stubbs: NEW: Company documents reviewed by Reuters show at least 8 cyber-intelligence firms, better known for selling hacking and surveillance tools, are now pitching coronavirus-tracking products to governments around the world with @joel_schectman @Bing_Chris
@howelloneill: What's really weird about this is the governments refusing to name the tech they're buying here. There's no national security risk, coronavirus is not changing tactics because of surveillance. What's the justification for the lack of transparency?
@bing_chris: Cellebrite, a firm which gained fame for producing a iPhone hacking tool for law enforcement, .... has entered the coronavirus market. Now pitching a solution to hack phones of infected persons, emails reviewed by Reuters show
@bing_chris: Cellebrite is not alone. Through source interviews and reviewing documents, Reuters found 8 companies playing in this domain: turning spy tools into coronavirus tracking platforms. They include: intelligence companies Verint, NSO, Intellexa, and others
@bing_chris: We’re in a new world that some argue calls for novel surveillance methods. Several governments are considering bulk telco collection techniques to track infections and force quarantines:
@bing_chris: But privacy advocates worry about an environment where intelligence firms expand their reach and product adoption. Sources tell us multiple projects are ongoing in Asia, South America and Europe. What could this mean after the virus subsides?
@bing_chris: This is all happening while senior officials in multiple countries are opening the doors to telco-based mass surveillance solutions to combat the spread of the virus. He’s what that sounds like:
@joel_schectman: NOW: Instead of tracking terrorists and criminals, Israeli spyware companies say want to help governments monitor coronavirus patients. @Bing_Chris @jc_stubbs
@razhael: You’ve heard of the NSO Group’s effort to repurpose its surveillance solution for COVID-19 contact tracing. New reporting from @Reuters shows that it’s one of many cyber-intelligence companies retooling to take advantage of the coronavirus crisis. MicrobeMobile phone?
@ron_deibert: Special Report: Cyber-intel firms pitch governments on spy tools to trace coronavirus
@ericgeller: Great story by @joel_schectman, @Bing_Chris, and @jc_stubbs about how the coronavirus pandemic is exacerbating surveillance vendors' mission creep. As @HowellONeill points out, there's no need for secrecy here. Vendors should be held accountable.

April 25, 2020
Russell Brandom / The Verge

Russell Brandom / The Verge  
Apple and Google Reveal Enhanced Privacy Practices for Coronavirus Contact Tracing App, Say It Will Be Disbanded Once Virus is Contained

Apple and Google released a set of FAQs regarding their ambitious joint coronavirus contact tracing app and outlined some of their privacy practices and pledged for the first time to disband their effort after the virus becomes contained. Under a new encryption specification, daily tracing keys will now be randomly generated rather than mathematically derived from a user’s private key and will be called temporary tracing keys. More importantly, the daily tracing key is shared with the central database if a user decides to report their positive diagnosis. The companies also developed a new system for encrypting Bluetooth transmissions such that they cannot be decoded in transit. Finally, the companies will no longer call their effort contact-tracing system but instead refer to it as an “exposure notification” system.

Related: CNET News, Engadget, AppleInsider,, CERT-EU , CNBC Technology, Bloomberg Technology, SlashGear, TechCrunch, Android Authority, Reuters, Axios, FOX News, VentureBeat, Tech Insider, iMore, HealthITSecurity,, Trusted Reviews,, ExtremeTech, Bloomberg Technology, BBC News, PhoneArena, Security News | Tech Times, iPhone Hacks, MacRumors, Slashdot, Vox, TechTarget, The New Stack, Cult of Mac,  Apple-Google (PDF)

Tweets:@markgurman @stshank

CNET News: Apple and Google’s coronavirus tracking tool: How privacy fits in – CNET
Engadget: Google and Apple detail privacy measures ahead of coronavirus tracking tests
AppleInsider: Apple and Google evolve Exposure Notification to boost privacy, enhance encryption Joint Apple-Google coronavirus tracker gets improved technology
CNBC Technology: Apple and Google are tweaking plans for tech to help officials track coronavirus exposure
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
SlashGear: Apple and Google change coronavirus contact tracing after privacy pushback
TechCrunch: Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility
Android Authority: Google and Apple announce new contact tracing name and security measures
Reuters: Apple, Google update coronavirus contact tracing tech ahead of launch
Axios: Apple, Google tweak contact tracing specs as launch nears
FOX News: Apple and Google will shut down coronavirus tracing app when pandemic ends, companies say
VentureBeat: Apple and Google build more privacy and flexibility into Bluetooth contact tracing tech
Tech Insider: Google and Apple are adding some key privacy boosts to their upcoming coronavirus-tracking tool, and say they’ll shut it down once the pandemic is over (APPL, GOOG, GOOGL)
iMore: Apple and Google will disable COVID-19 tracing when pandemic ends
HealthITSecurity: ACLU, Scientists Urge Privacy Focus for COVID-19 Tracing Technology Apple And Google Clarify COVID-19 Contact Tracing Pact Following Privacy Uproar
Trusted Reviews: Can privacy survive coronavirus? Apple and Google detail contract tracing plans Apple, Google update exposure notification APIs with new protections and capabilities
ExtremeTech: Apple, Google Announce Privacy Changes to Coronavirus Tracing
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
BBC News: Apple and Google accelerate coronavirus contact tracing apps plan
PhoneArena: Apple and Google make changes to their contact tracing solution to address privacy concerns
Security News | Tech Times: Apple, Google to Terminate COVID-19 Tracking Tools When Pandemic Ends, But Here’s The Catch
iPhone Hacks: Apple, Google Introduce Privacy and Accuracy Related Changes to Upcoming COVID-19 Exposure Notification App
MacRumors: Apple and Google Strengthen Privacy of COVID-19 Exposure Notification System, Targeting Next Week for Beta Release
Slashdot: Apple and Google Pledge To Shut Down Coronavirus Tracker When Pandemic Ends
Vox: Could contact tracing bring the US out of lockdown?
TechTarget: NHSX reveals full details of UK Covid-19 contact-tracing strategy
The New Stack: Safe Paths: MIT Coronavirus Contact-Tracing App Protects User Privacy
Cult of Mac: Apple and Google enhance protection for contact-tracing tool; target beta for next week
Vox: Apple and Google’s new contact tracing tool is almost ready. Just don’t call it a contact tracing tool.
Apple-Google: Exposure Notification Frequently Asked Questions (PDF)

@markgurman: Apple and Google are upping the privacy protections of its Covid-19 Contact Tracing tool (now called Exposure Notification) — adding more randomly generated keys, Bluetooth metadata encryption, exposure recording limit of 30 minutes. It’s also launching in beta next week.
@stshank: Apple and Google have updated their coronavirus contact tracing technology to try to address privacy concerns (and to make it easier for health authorities to write apps): from @iansherr