Search Results for “CNET”


March 23, 2020
Stephen Shankland / CNET

Stephen Shankland / CNET  
Google and Microsoft Are Delaying Browser Development But Not Browser Security Updates Due to Coronavirus Pandemic

Google and Microsoft last week said they would delay updates to their browsers – in Google’s case, Chrome and in Microsoft’s case, the Chrome-based Edge browser – because of the novel coronavirus pandemic and the adjusted work schedules of their employees.  Google will continue to offer security updates to the current Chrome version 80, the company added. Microsoft will also release security updates to the existing version, along with regular updates to Edge beta and other test versions.

Related: BleepingComputer.com, Appuals.com, gHacks, MSPowerUserTechdows, PCMag.com, GBHackers On Security, Exploit-DB.com, Google


April 22, 2020
Robert McMillan / Wall Street Journal

Robert McMillan / Wall Street Journal  
iPhone Zero-Day Flaw That Requires Only Specially Crafted Messages to Gain Phone Access Has Been Exploited for Two Years by Sophisticated Attackers, Researchers

In attacks that go back two years, iPhones have been exploited by sophisticated hackers who leveraged a zero-day flaw in the smartphone’s email software, according to digital security firm ZecOps. The hackers gained access to the phones by merely sending a specially crafted message, which triggers the attack when the phone’s email reader downloads the message. ZecOps wasn’t able to obtain the malware itself but based it determinations on the digital clues left after the attacks. The attacks were virtually undetectable due to the sophistication of the attackers and Apple’s efforts to make investigating the device difficult. The researchers were able to identify six targets of these attacks including employees of a telecommunications company in Japan, a large North American firm, technology companies in Saudi Arabia, and Israel, a European journalist and an individual in Germany. Apple has patched the mail bug in a test version of its iPhone operating system, but the fix hasn’t yet been widely released through an official IOS update.

Related: Motherboard, iMore, Security Affairs, The Hacker News, ZDNet Security, AppleInsider, iPhone Hacks, Cult of Mac, Reuters: Top News, Tech Insider, Cybersecurity Insiders, Inc.com, Engadget, The Register – Security, MobileSyrup.com, Tenable Blog, Cyber Kendra, MacRumors, CNET, PhoneArena, Security News | Tech Times, HotHardware.com, TechCrunch, Apple InsideriMore, iPhone Hacks, Threatpost, iDownloadblog, PYMNTS.com, Fortune, 9to5Mac, Malwarebytes Unpacked, Malwarebytes Unpacked, SiliconANGLE, MacDailyNews, ZDNet Security, Law & Disorder – Ars Technica, The Hill: Cybersecurity, The Inquisitr News, Mashable, Reuters, iTnews – Security, Patently Apple, Japan Today, Wall Street Journal, ARN, The Verge, VentureBeat, Japan Times, Fortune, Motley Fool, The Hacker News, MobileSyrup.com, Security Affairs, Jerusalem Post

Tweets:@ZecOps @kennwhite @AntivirusLV

Motherboard: Researchers Say They Caught an iPhone Zero-Day Hack in the Wild
iMore: An iOS vulnerability may have been exploited to spy on Uyghur population
Security Affairs: A new Insomnia iOS exploit used to spy on China’s Uyghur minority
The Hacker News: New iPhone Hack is Being Exploited to Spy Uyghurs Muslims in China
ZDNet Security: Apple investigating report of a new iOS exploit being used in the wild
AppleInsider: Two Apple Mail vulnerabilities being used to target iPhone, iPad users
iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta
Cult of Mac: iPhone vulnerability let hackers attack devices through Mail app
Reuters: Top News: Flaw in iPhone, iPads may have allowed hackers to steal data for years
Tech Insider: Hackers may be attacking iPhones by sending emails that can infect phones without you even opening the email (AAPL)
Cybersecurity Insiders: Apple iPhones are vulnerable to Email hacks
Inc.com: Apple Mail Bug Lets Hackers Control Your iPhone
Engadget: Apple Mail for iPhone may be vulnerable to malware attacks
The Register – Security: Zero-click, zero-day flaws in iOS Mail ‘exploited to hijack’ VIP smartphones. Apple rushes out beta patch
MobileSyrup.com: Security researchers uncovered vulnerabilities in Apple’s default Mail app on iOS
Tenable Blog: Multiple Zero-Day Vulnerabilities in iOS Mail App Exploited in the Wild
Cyber Kendra: Hack iPhone With Just a Single Mail—Zero-day Bug
MacRumors: Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta
CNET: Mail app on iPhone may be vulnerable to email hack, report says
PhoneArena: “Scary” vulnerability found in the iPhone/iPad Mail app; Apple says patch is coming soon
Security News | Tech Times: Disable iPhone Mail App Now! Security Alerts Users on New Apple Scam That Steals Data
HotHardware.com: Apple iPhone Mail App Zero-Day Security Exploit Potentially Exposed Private Data Of Millions
TechCrunch: A new iPhone email security bug may let hackers steal private data
Apple Insider : Two Apple Mail vulnerabilities being used to target iPhone, iPad users
iMore: A new security vulnerability has been discovered in the default Mail app
iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta
Threatpost : Apple Patches Two iOS Zero-Days Abused for Years
iDownloadblog : Researchers discover a pair of security vulnerabilities in the iOS Mail app, Apple is working on a patch
PYMNTS.com: Apple iOS May Be Vulnerable To Zero-Click Email Hack
Fortune: Apple iPhones, iPads are vulnerable to hackers through flaws in email app
9to5Mac : Report: iPhone Mail app zero-day exploits found in the wild, Apple has fix coming in next public iOS release
Malwarebytes Unpacked: iOS Mail bug allows remote zero-click attacks
SiliconANGLE: Hackers spotted using new iPhone vulnerability in email-borne cyberattacks
MacDailyNews: Apple investigating report of a new iOS email exploit being used in the wild
ZDNet Security: Apple investigating report of a new iOS exploit being used in the wild
Law & Disorder – Ars Technica: A critical iPhone and iPad bug that lurked for 8 years may be under active attack
The Hill: Cybersecurity: Vulnerabilities on iPhones, iPads allowed hackers to access data for years: report
The Inquisitr News: Flaws In iPhone Design Have Allowed Hackers To Steal Information For Years
Mashable: Newly disclosed iPhone vulnerability means emails are an even bigger risk
Reuters: Flaw in iPhone, iPads may have allowed hackers to steal data for years
iTnews – Security: Flaw in iPhone, iPads may have allowed hackers to steal data for years
Patently Apple: Apple is planning to fix a Security Flaw that was first discovered by a former Israeli Defense Force security researcher
Japan Today: Flaw in iPhone, iPads may have allowed hackers to steal data for years
Wall Street Journal: Apple iPhone May Be Vulnerable to Email Hack
ARN: Apple moves to fix flaw affecting up to 500M iPhones
The Verge: Apple’s default Mail app for the iPhone has a severe security flaw, researchers claim
VentureBeat: Researchers find actively exploited iOS flaws that were open for years
Japan Times: Apple iPhones and iPads vulnerable to hackers by flaws in mail app
Fortune: Apple iPhones, iPads are vulnerable to hackers through flaws in email app
Motley Fool: iPhone Flaw Allowed Hackers to Steal Data for Years
The Hacker News: Zero-Day Warning: It’s Possible to Hack iPhones Just by Sending Emails
MobileSyrup.com: Security researchers uncovered vulnerabilities in Apple’s default Mail app on iOS
Security Affairs: Hacking Apple iPhones and iPads by sending emails to the victims
Jerusalem Post: Israeli security company finds vulnerable flaw in iPhones, iPads

@ZecOps: Hackers may be attacking iPhones by exploiting a previously unknown flaw in the smartphone’s email software, according to digital-security company @ZecOps https://wsj.com/articles/apple-iphone-may-be-vulnerable-to-email-hack-11587556802 via @WSJ
@kennwhite: MacRumors Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta San Francisco-based cybersecurity company ZecOps today announced that it has uncovered two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices, as noted by Motherbo + Related: CERT-EU , CERT-EU , The Register - Security, The Register - Security, Techmeme Chatter (@TechmemeChatter) | Twitter, Techmeme Chatter (@TechmemeChatter) | Twitter, MobileSyrup.com, Tenable Blog, Cyber Kendra, Techmeme Chatter (@TechmemeChatter) | Twitter, GeekWire, GeekWire, CERT-EU , MacRumors, CERT-EU , CNET, CERT-EU , CERT-EU , CERT-EU , CERT-EU , CERT-EU , PhoneArena, PhoneArena, Security News | Tech Times, Security News | Tech Times, HotHardware.com, HotHardware.com, CERT-EU , TechCrunch, TechCrunch, CERT-EU , iMore, CERT-EU , iMore, CERT-EU , CERT-EU , iPhone Hacks, iPhone Hacks, iPhone Hacks, iPhone Hacks, CERT-EU , CERT-EU , CERT-EU , CERT-EU , CERT-EU , CERT-EU , PYMNTS.com, Fortune, GeekWire, CERT-EU , CERT-EU , CERT-EU , CERT-EU , PYMNTS.com, Malwarebytes Unpacked, Malwarebytes Unpacked, Malwarebytes Unpacked, Malwarebytes Unpacked Related: CERT-EU : Zero-click, zero-day flaw in iOS Mail ‘exploited to hijack’ VIP smartphones. Apple rushes out beta patch CERT-EU : Zero-click, zero-day flaw in iOS Mail 'exploited to hijack' VIP smartphones. Apple rushes out beta patch The Register - Security: Zero-click, zero-day flaws in iOS Mail 'exploited to hijack' VIP smartphones. Apple rushes out beta patch The Register - Security: Zero-click, zero-day flaws in iOS Mail 'exploited to hijack' VIP smartphones. Apple rushes out beta patch Techmeme Chatter (@TechmemeChatter) | Twitter: @kennwhite: - beta patch released by Apple- attack is fairly advanced, but actual exploit appears to be POC-grade - multiple delivery methods including large mail but also multi-part & rich text format hacks- full report, with IOCs and FAQ from @ZecOps:ht Techmeme Chatter (@TechmemeChatter) | Twitter: @kennwhite: - beta patch released by Apple- attack is fairly advanced, but actual exploit appears to be POC-grade - multiple delivery methods including large mail but also multi-part & rich text format hacks- full report, with IOCs and FAQ from @ZecOps:ht MobileSyrup.com: Security researchers uncovered vulnerabilities in Apple’s default Mail app on iOS Tenable Blog: Multiple Zero-Day Vulnerabilities in iOS Mail App Exploited in the Wild Cyber Kendra: Hack iPhone With Just a Single Mail—Zero-day Bug Techmeme Chatter (@TechmemeChatter) | Twitter: @TheRegister: Zero-click, zero-day flaw in iOS Mail exploited to hijack VIP smartphones. Apple rushes out beta patch https://t.co/r7OWryABPq GeekWire: Zero-click, zero-day flaws in iOS Mail ‘exploited to hijack’ VIP smartphones. Apple rushes out beta patch GeekWire: Zero-click, zero-day flaw in iOS Mail ‘exploited to hijack’ VIP smartphones. Apple rushes out beta patch CERT-EU : Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta MacRumors: Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta CERT-EU : Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta CNET: Mail app on iPhone may be vulnerable to email hack, report says CERT-EU : Apple iPhones are vulnerable to Email hacks CERT-EU : Apple iPhones are vulnerable to Email hacks CERT-EU : Apple iPhones are vulnerable to Email hacks CERT-EU : Apple iPhones are vulnerable to Email hacks CERT-EU : Two Apple Mail vulnerabilities being used to target iPhone, iPad users PhoneArena: "Scary" vulnerability found in the iPhone/iPad Mail app; Apple says patch is coming soon PhoneArena: "Scary" vulnerability found in the iPhone/iPad Mail app; Apple says patch is coming soon Security News | Tech Times: Disable iPhone Mail App Now! Security Alerts Users on New Apple Scam That Steals Data Security News | Tech Times: Disable iPhone Mail App Now! Security Alerts Users on New Apple Scam That Steals Data HotHardware.com: Apple iPhone Mail App Zero-Day Security Exploit Potentially Exposed Private Data Of Millions HotHardware.com: Apple iPhone Mail App Zero-Day Security Exploit Potentially Exposed Private Data Of Millions CERT-EU : iPhone's Mail app has two severe "zero-click" vulnerabilities that have existed for 8 years TechCrunch: A new iPhone email security bug may let hackers steal private data TechCrunch: A new iPhone email security bug may let hackers steal private data CERT-EU : Two Apple Mail vulnerabilities being used to target iPhone, iPad users iMore: A new security vulnerability has been discovered in the default Mail app CERT-EU : A new security vulnerability has been discovered in the default Mail app iMore: A new security vulnerability has been discovered in the default Mail app CERT-EU : Session hijacking & malware injection vulnerabilities found in Apple Mail app and AirShare affecting iPhone, iPad & Mac CERT-EU : Session hijacking & malware injection vulnerabilities found in Apple Mail app and AirShare affecting iPhone, iPad & Mac iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta iPhone Hacks: Apple Patches Mail App Related Security Vulnerabilities in Latest iOS 13.4.5 Beta CERT-EU : Apple Patches Two iOS Zero-Days Abused for Years CERT-EU : Researchers discover a pair of security vulnerabilities in the iOS Mail app, Apple is working on a patch CERT-EU : Researchers discover a pair of security vulnerabilities in the iOS Mail app, Apple is working on a patch CERT-EU : Two Apple Mail vulnerabilities being used to target iPhone, iPad users CERT-EU : Apple Mail Vulnerabilities Found Could Lead To Attacks On iPhone Users CERT-EU : Apple Mail Vulnerabilities Found Could Lead To Attacks On iPhone Users PYMNTS.com: Apple iOS May Be Vulnerable To Zero-Click Email Hack Fortune: Apple iPhones, iPads are vulnerable to hackers through flaws in email app GeekWire: iOS Mail bug allows remote zero-click attacks CERT-EU : Report: iPhone Mail app zero-day exploits found in the wild, Apple has fix coming in next public iOS release CERT-EU : Report: iPhone Mail app zero-day exploits found in the wild, Apple has fix coming in next public iOS release CERT-EU : Hack iPhone With Just a Single Mail—Zero-day Bug CERT-EU : Hack iPhone With Just a Single Mail—Zero-day Bug PYMNTS.com: Apple iOS May Be Vulnerable To Zero-Click Email Hack Malwarebytes Unpacked: iOS Mail bug allows remote zero-click attacks Malwarebytes Unpacked: iOS Mail bug allows remote zero-click attacks Malwarebytes Unpacked: iOS Mail bug allows remote zero-click attacks Malwarebytes Unpacked: iOS Mail bug allows remote zero-click attacks
@AntivirusLV: Researchers are reporting two Apple #iOS 0-day security #vulnerabilities affecting its Mail app on iPhones and iPads. Impacted are iOS 6 and iOS 13.4.1. Apple patched both vulnerabilities in iOS 13.4.5 beta. A final release of iOS 13.4.5 is expected soon.


April 25, 2020
Russell Brandom / The Verge

Russell Brandom / The Verge  
Apple and Google Reveal Enhanced Privacy Practices for Coronavirus Contact Tracing App, Say It Will Be Disbanded Once Virus is Contained

Apple and Google released a set of FAQs regarding their ambitious joint coronavirus contact tracing app and outlined some of their privacy practices and pledged for the first time to disband their effort after the virus becomes contained. Under a new encryption specification, daily tracing keys will now be randomly generated rather than mathematically derived from a user’s private key and will be called temporary tracing keys. More importantly, the daily tracing key is shared with the central database if a user decides to report their positive diagnosis. The companies also developed a new system for encrypting Bluetooth transmissions such that they cannot be decoded in transit. Finally, the companies will no longer call their effort contact-tracing system but instead refer to it as an “exposure notification” system.

Related: CNET News, Engadget, AppleInsider, UPI.com, CERT-EU , CNBC Technology, Bloomberg Technology, SlashGear, TechCrunch, Android Authority, Reuters, Axios, FOX News, VentureBeat, Tech Insider, iMore, HealthITSecurity, HotHardware.com, Trusted Reviews, MobileSyrup.com, ExtremeTech, Bloomberg Technology, BBC News, PhoneArena, Security News | Tech Times, iPhone Hacks, MacRumors, Slashdot, Vox, TechTarget, The New Stack, Cult of Mac,  Apple-Google (PDF)

Tweets:@markgurman @stshank

CNET News: Apple and Google’s coronavirus tracking tool: How privacy fits in – CNET
Engadget: Google and Apple detail privacy measures ahead of coronavirus tracking tests
AppleInsider: Apple and Google evolve Exposure Notification to boost privacy, enhance encryption
UPI.com: Joint Apple-Google coronavirus tracker gets improved technology
CNBC Technology: Apple and Google are tweaking plans for tech to help officials track coronavirus exposure
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
SlashGear: Apple and Google change coronavirus contact tracing after privacy pushback
TechCrunch: Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility
Android Authority: Google and Apple announce new contact tracing name and security measures
Reuters: Apple, Google update coronavirus contact tracing tech ahead of launch
Axios: Apple, Google tweak contact tracing specs as launch nears
FOX News: Apple and Google will shut down coronavirus tracing app when pandemic ends, companies say
VentureBeat: Apple and Google build more privacy and flexibility into Bluetooth contact tracing tech
Tech Insider: Google and Apple are adding some key privacy boosts to their upcoming coronavirus-tracking tool, and say they’ll shut it down once the pandemic is over (APPL, GOOG, GOOGL)
iMore: Apple and Google will disable COVID-19 tracing when pandemic ends
HealthITSecurity: ACLU, Scientists Urge Privacy Focus for COVID-19 Tracing Technology
HotHardware.com: Apple And Google Clarify COVID-19 Contact Tracing Pact Following Privacy Uproar
Trusted Reviews: Can privacy survive coronavirus? Apple and Google detail contract tracing plans
MobileSyrup.com: Apple, Google update exposure notification APIs with new protections and capabilities
ExtremeTech: Apple, Google Announce Privacy Changes to Coronavirus Tracing
Bloomberg Technology: Apple, Google Boost Privacy Protections for Contact-Tracing Tool – Bloomberg
BBC News: Apple and Google accelerate coronavirus contact tracing apps plan
PhoneArena: Apple and Google make changes to their contact tracing solution to address privacy concerns
Security News | Tech Times: Apple, Google to Terminate COVID-19 Tracking Tools When Pandemic Ends, But Here’s The Catch
iPhone Hacks: Apple, Google Introduce Privacy and Accuracy Related Changes to Upcoming COVID-19 Exposure Notification App
MacRumors: Apple and Google Strengthen Privacy of COVID-19 Exposure Notification System, Targeting Next Week for Beta Release
Slashdot: Apple and Google Pledge To Shut Down Coronavirus Tracker When Pandemic Ends
Vox: Could contact tracing bring the US out of lockdown?
TechTarget: NHSX reveals full details of UK Covid-19 contact-tracing strategy
The New Stack: Safe Paths: MIT Coronavirus Contact-Tracing App Protects User Privacy
Cult of Mac: Apple and Google enhance protection for contact-tracing tool; target beta for next week
Vox: Apple and Google’s new contact tracing tool is almost ready. Just don’t call it a contact tracing tool.
Apple-Google: Exposure Notification Frequently Asked Questions (PDF)

@markgurman: Apple and Google are upping the privacy protections of its Covid-19 Contact Tracing tool (now called Exposure Notification) — adding more randomly generated keys, Bluetooth metadata encryption, exposure recording limit of 30 minutes. It’s also launching in beta next week.
@stshank: Apple and Google have updated their coronavirus contact tracing technology to try to address privacy concerns (and to make it easier for health authorities to write apps): https://cnet.com/news/google-apple-adjust-coronavirus-tracking-app-to-get-ahead-of-privacy-concerns/ from @iansherr


May 29, 2020
Davey Alba / New York Times

Davey Alba / New York Times  
ACLU Sues Facial Recognition Company Clearview AI for Violating Illinois Law Forbidding Use of Face Scans Without Consent

The American Civil Liberties Union (ACLU) sued the facial recognition start-up Clearview AI, which claims to have helped hundreds of law enforcement agencies use online photos to solve crimes, accusing the company of “unlawful, privacy-destroying surveillance activities.” The suit claims that Clearview is violating a stringent Illinois law that forbids companies from using a resident’s fingerprints or face scans without consent. Each violation of the law could cost the company $5,000. The suit follows a report in the New York Times that the company had amassed a database of more than three billion photos across the internet, including from Facebook, YouTube, Twitter, and Venmo.

Related: BiometricUpdate, SC Magazine, Law360, Chicago Sun-Times – All, Gizmodo, The Verge, Daily Dot, Slashdot, Gizmodo AustraliaCNET, VentureBeat, PogoWasRight.org, Engadget, BuzzFeed News

Tweets:@alfredwkng

BiometricUpdate: China considers biometric data protection law to curb facial recognition abuses and secure PII
SC Magazine: Facial recognition fails accuracy test raises privacy concerns; ACLU sues Clearview AI | SC Media
Law360: Advocacy Orgs Say Clearview AI Broke Biometric Privacy Law – Law360
Chicago Sun-Times – All: ACLU sues Clearview AI, developer of controversial facial recognition technology used by CPD
Gizmodo: The ACLU Is Suing Shady Facial Recognition Startup Clearview AI for Being a Shady Facial Recognition Startup
The Verge: ACLU sues facial recognition firm Clearview AI, calling it a ‘nightmare scenario’ for privacy
Daily Dot: ACLU sues facial recognition company Clearview AI
Slashdot: ACLU Accuses Clearview AI of Privacy ‘Nightmare Scenario’
Gizmodo Australia: The ACLU Is Suing Shady Facial Recognition Startup Clearview AI for Being a Shady Facial Recognition Startup
CNET: Clearview AI faces lawsuit over gathering people’s images without consent
VentureBeat: ACLU sues facial recognition startup Clearview AI for privacy and safety violations
PogoWasRight.org: ACLU: We’re Taking Clearview AI to Court to End its Privacy-Destroying Face Surveillance Activities
Engadget: ACLU sues Clearview AI over alleged privacy violations
BuzzFeed News: The ACLU Is Suing Clearview AI To Stop “Privacy-Destroying Face Surveillance”

@alfredwkng: Clearview AI is getting sued for allegedly violating Illinois's biometric privacy law. If you are an Illinois resident and don't want your photo in Clearview's database, you have to agree to give them your photo. https://cnet.com/news/clearview


March 12, 2020
Nandita Bose / Reuters

Nandita Bose / Reuters  
Lindsay Graham Threatens Tech Industry Opponents of EARN IT Bill With More Punitive Measures

Republican Senator Lindsay Graham of South Carolina, who chairs the Senate Judiciary Committee, said before a hearing on the EARN IT Act, a bill he sponsored to restrict child exploitation material online ostensibly but in reality will likely hamper end-to-end encryption public interest groups say, threatened those who opposed the legislation and said he would consider a more punitive step if he is unable to get the law passed. The bill will end tech companies’ legal immunity under Section 230 of the Communications Decency Act if they fail to follow specific recommendations to restrict child exploitation material.

May 21, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Eight Million User Records for Meal Kit Company Home Chef Are For Sale by Shiny Hunters on the Dark Web

The user records for U.S.-based meal kit company Home Chef is one of the databases being sold by the Shiny Hunters hacker gang, the company has disclosed. They are available on a dark web marketplace for $2,500 and allegedly contain 8 million user records. The information includes a user’s email, encrypted password, last four digits of their credit card, gender, age, subscription information, and more.

May 18, 2020
David Shortell, Evan Perez / CNN

David Shortell, Evan Perez / CNN  
FBI Claims to Have Broken the Encryption on Pensacola Shooter’s iPhones Substantially Weakening the Government’s Push for Encryption Backdoors

Mohammed Alshamrani, a member of the Royal Saudi Air Force in training at Naval Air Station Pensacola who killed three U.S. sailors and wounded others at the base, was in touch with a suspected al Qaeda operative, according to the FBI broke which broke through the encryption protecting the Saudi attacker’s iPhones, sources say. If the Bureau did achieve this encryption breakthrough, the case made by the FBI and Attorney General William Barr for demanding backdoors into encrypted communications services and devices appears to be substantially weakened. Law enforcement said they had initially been unable to retrieve data stored on two iPhones belonging to the shooter, and they cited that hurdle in trying to complete their investigation of the attacker’s ideology and his radicalization.

Related: New York Times, Wall Street Journal, Forbes, Justice Department, MacRumors, Associated Press, Task & Purpose, Capital Gazette, The Sun, Business Insider, AOL, GANNETT Syndication Service, Newsweek, Yahoo! News, Bloomberg, RT USA, The Crime Report, Axios, Cult of Mac, USATODAY, AppleInsider, NBC News, Wired, The Register – Security, Cyberscoop, CNET, News : NPR, iDownloadBlog.com, Fortune, WCCFtech, ZDNet Security, AppleInsider, iMore, Cult of Mac, Patently Apple, Business Insider, The Sun, BuzzFeed News, Newsweek, iDownloadBlog.com, Appleosophy, MacRumors, Homeland Security Today, Zero Hedge, CBSNews.com,TechSpot, iPhone Hacks, The Mac Observer,Cult of Mac, The Guardian, UPI.com, TIME, Ars Technica, USATODAY, New York Post, AppleInsider, The Huffington Post , Capital Gazette, TIME, Heavy.com, Engadget, Slashdot, Daily Dot, Cyberscoop, Multichannel, Vox, WCCFtech, POLITICO, The Sun, USNI News, Business Insider, Fortune, Input, TribLIVE, emptywheel, PhoneArena, Channel News Asia, RT USA, Algemeiner.com, MacDailyNews, Reuters: U.S., France 24, The New Daily, The Verge, Slashdot, Washington Post, New York Times

Tweets:@dnvolz @adamgoldmanNYT @kevincollier @nakashimae @zackwhittaker @zackwhittaker @zackwhittaker @iblametom @karaswisher @macrumors @zackwhittaker @iblametom @dotmudge @DevlinBarrett @ahmed

New York Times: F.B.I. Is Said to Find Links Between Pensacola Gunman and Al Qaeda
Wall Street Journal: FBI Discovers al Qaeda Link in Pensacola Attack
Forbes: Feds Hack iPhones In Pensacola Terrorist Shooting Case, But Still Slam Apple For Not Helping
Justice Department: Attorney General William P. Barr and FBI Director Christopher Wray Announce Significant Developments in the Investigation of the Naval Air Station Pensacola Shooting
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Associated Press: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
AOL: Official: FBI finds link between Pensacola gunman, al-Qaida
GANNETT Syndication Service: Official: FBI finds link between NAS Pensacola gunman, al-Qaida
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
Yahoo! News: FBI finds Al Qaeda link to Pensacola naval base shooting suspect: US official
Bloomberg: FBI Gets Into Pensacola Shooter’s iPhone, Finds an Al-Qaeda Tie
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
The Crime Report: FBI Finds Link Between Pensacola Shooter, Al-Qaeda
Axios: FBI finds links between Pensacola gunman and Al Qaeda
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link
NBCNews: FBI: Pensacola gunman prodded by al Qaeda to attack
Wired: The FBI Backs Down Against Apple—Again
The Register – Security: Attorney General: We didn’t need Apple to crack terrorist’s iPhones – tho we still want iGiant to do it in future
Cyberscoop: U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple
CNET: FBI slams ‘Apple problem’ as it unlocks Pensacola shooter’s iPhones – CNET
News : NPR: FBI: New iPhone Evidence Shows Pensacola Shooter Had Ties To Al-Qaida
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Fortune: FBI: “We received effectively no help from Apple” in accessing Pensacola Shooter’s iPhones
WCCFtech: FBI Hacks Florida Shooter’s iPhones without Apple’s Help & Finds al Qaeda Link
ZDNet Security: FBI criticizes Apple for not helping crack Pensacola shooter’s iPhones
AppleInsider: Apple rejects ‘false claims’ by Justice Department regarding Pensacola investigation
iMore: Apple denies “false claims” by Justice Department over Pensacola attack
Cult of Mac: FBI attacks Apple for ‘no help’ unlocking Florida attacker’s iPhone; Apple rejects ‘false’ claims
Patently Apple: DOJ and FBI described crucial data found on the Pensacola Terrorist’s iPhones today in a news Conference, without Apple’s Assistance
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
BuzzFeed News: The Pensacola Naval Base Shooter Had Longtime “Significant Ties” To Al-Qaeda
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Appleosophy: Apple Fires Back at FBI and Attorney General William Barr Regarding Florida Shooter’s iPhone
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
MacRumors: Apple Calls FBI Comments on Lack of Help Unlocking Florida Shooter’s iPhone an ‘Excuse to Weaken Encryption’
SlashGear » security: Apple blasts Barr over iPhone lock “false claims” in Pensacola shooter case
Homeland Security Today: FBI: Pensacola Shooter Tied to AQAP Before Coming to the U.S., Discussed Attack
Zero Hedge: FBI Cracks Into Pensacola Shooter’s iPhone, Find “Significant Ties” To Al Qaeda
CBSNews.com: Saudi shooter in Florida air base attack had ties to al Qaeda
TechSpot: Officials still want backdoor into cellphones after cracking two iPhones without help
Yahoo! News: U.S. Supreme Court heaps more damages on Sudan in embassy bombing cases
iPhone Hacks: FBI Has Reportedly Unlocked One of the iPhones Used by Mass Shooter in Florida Last Year
The Mac Observer: FBI Bypasses Encryption on Pensacola Attacker’s iPhones
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
The Guardian: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
UPI.com: FBI: Agents unlocked phones to tie Pensacola gunman Mohammed Saeed Alshamrani to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
New York Post: FBI found al Qaeda’s link to Pensacola shooter through iPhones
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link [u]
The Huffington Post : FBI Says It Found Links Between Pensacola Gunman And Al-Qaeda
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
Stars and Stripes: FBI: Shooter at Naval Air Station Pensacola had link to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
Engadget: AG Barr seeks ‘legislative solution’ to make companies unlock phones
Daily Dot: FBI unlocks Pensacola shooter’s iPhone despite Apple’s opposition
Multichannel: AG Barr Hammers Apple in Terrorism Case Announcement
Vox: Why Attorney General Bill Barr is mad at Apple
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
POLITICO: Pensacola gunman was working with al Qaeda, FBI finds
USNI News: FBI Says Unlocked iPhone Messages Link NAS Pensacola Shooter to Al Qaeda; AG Barr Says Incident was ‘Act of Terrorism’
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
TribLIVE: FBI: Shooter at Pensacola military base linked to al-Qaida
emptywheel: Bill Barr and Chris Wray Schedule a Press Conference to Admit Trump Let an Al Qaeda Terrorist onto Our Military Base
PhoneArena: Who is lying, Apple or Attorney General William Barr?
Channel News Asia: FBI phone probe links al Qaeda to Saudi who killed 3 at Florida base
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
Algemeiner.com: FBI Phone Probe Links Al Qaeda to Saudi Shooter Who Killed Three at Florida Navy Base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
Reuters: U.S.: FBI phone probe links al Qaeda to Saudi who killed three at Florida base, Barr says
France 24: FBI says al Qaeda linked to Saudi shooter at Florida naval base
The New Daily: FBI links al-Qaeda to US base shooting
MacDailyNews: FBI cracks iPhone encryption, links al Qaeda to Islamic terrorist who killed three at Florida naval base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
CNN.com: FBI delivers to America a chilling reminder about al Qaeda
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
The Verge: The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple
Washington Post: Attorney general and FBI director blast Apple after tracing Pensacola gunman’s phone to al-Qaeda
New York Times: F.B.I. Finds Links Between Pensacola Gunman and Al Qaeda

@dnvolz: Sound familiar? FBI gets into iPhone belonging to dead terrorist that they said months ago they could not unlock.
@adamgoldmanNYT: The F.B.I. found the gunman, a Saudi Air Force cadet training with the American military, had communicated with a Qaeda operative who had encouraged the attacks
@kevincollier: "Breaking encryption" on an iPhone has a specific meaning and enormous consequences. I really hope those making that claim today wouldn't do so without backing it up.
@nakashimae: FBI Director Chris Wray: "We received effectively no help from Apple" in accessing the Pensacola shooter's iPhones.
@zackwhittaker: Apple in January: "The FBI only notified us on January 6 that they needed additional assistance—a month after the attack occurred. Only then did we learn about the existence of a second iPhone associated with the investigation and the FBI's inability to access either iPhone."
@zackwhittaker: Apple also said at the time it responded to six more legal requests for information between Dec. 7 and Dec. 14, and that it provided iCloud backups, account information and transactional data for multiple accounts.
@zackwhittaker: It's not that Apple provided "effectively no help" to the FBI. It's that Apple didn't acquiesce to the wants and wishes of the government and backdoor its own devices. We almost had an entire court case about this — but the FBI bottled it.
@iblametom: New - The FBI hacks into the iPhones of Pensacola shooter, finds links to Al Qaeda. But director Chris Wray still says Apple should've helped and its delays caused real problems.
@karaswisher: Looks like the government can do what it said it could not do
@macrumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help https://macrumors.com/2020/05/18/fbi-reportedly-accessed-alshamrani-iphone/ by @rsgnl
@zackwhittaker: ACLU statement is extremely Nail polish "The boy who cried wolf has nothing on the agency that cried encryption."
@iblametom: Source at FBI told me they chose the wrong battle with Pensacola too... they’ve been able to get into iPhone 5 and 7 for some time.
@dotmudge: Two things: 1 - AQAP (Al Qaeda Arabian Peninsula) linked terrorist attack on US soil, and it barely makes the news cycle 2 - investigations show accessing iPhones on one-off’s continues to negate necessity to drop user crypto protections at large
@DevlinBarrett: Attorney general and FBI director crank up their encryption fight with Apple, blasting the company after agents traced data on a Pensacola gunman’s phone to al-Qaeda
@ahmed: FBI says Saudi shooter at Pensacola base was in touch with al-Qaeda leaders, accuses Apple of wasting “valuable time” by refusing to unlock his phone to investigators


May 7, 2020
Ari Levy / CNBC

Ari Levy / CNBC  
Zoom Buys Keybase to Add End-to-End Encryption to Service as Part of 90-Day Security Plan

Meteoric conferencing app Zoom has acquired encryption security start-up Keybase, the first purchase in the company’s nine-year history, to add an end-to-end encryption option as the company seeks to tamp down concerns over the security of its service. Terms of the deal were not disclosed. The acquisition is the latest move in a 90-day plan that Zoom announced on April 1 to fix its security flaws. It will take a while to integrate Keybase’s technology into Zoom’s Software because it must be simplified from its current version which is used largely by security and cryptography experts.

Related: SecurityWeek, ZDNet Security, The Verge, TechCrunch, Verdict, Keybase, Zoom, ZDNet Security, San Jose Business News, CNET News, Techradar, Daily Dot, Reddit – cybersecurity, 9to5Mac, SecurityWeek, The Register, Slashdot, Silicon Republic, WRAL Tech Wire, Security Brief, Reuters, ARN, Tom’s Guide News, BusinessLine – Home, TechNadu, Asia One Digital, grugq’s domain, grugq’s domain, Tech Insider, BGR, NDTV Gadgets360.com, Help Net Security

Tweets:@alexstamos @alexstamos @TechCrunch @mountain_ghosts @evacide @thegrugq

SecurityWeek: Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
ZDNet Security: Zoom acquires encryption startup Keybase
The Verge: Zoom buys the identity service Keybase as part of 90-day security push
TechCrunch: Zoom acquires Keybase to get end-to-end encryption expertise
Verdict: Zoom acquires Keybase to add end-to-end encryption to videoconferencing
Keybase: Keybase joins Zoom
Zoom: Zoom Acquires Keybase and Announces Goal of Developing the Most Broadly Used Enterprise End-to-End Encryption Offering
ZDNet Security: Zoom acquires encryption startup Keybase
San Jose Business News: Zoom’s first M&A deal aims at shoring up security
CNET News: Zoom eyes security boost, acquiring secure messaging platform Keybase – CNET
Techradar: Zoom makes first ever acquisition in quest to boost security
Daily Dot: Zoom acquires encryption service in wake of security woes
Reddit – cybersecurity: Zoom acquires Keybase
9to5Mac: Zoom bought Keybase to bring end-to-end encryption to its videoconferences
SecurityWeek: Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
The Register: Zoom bomb: Vid conf biz to snap up Keybase as not-a-PR-move move gets out of hand
Slashdot: Zoom Acquires Keybase To Get End-to-End Encryption Expertise
Silicon Republic: Zoom acquires Keybase to improve video conferencing security
WRAL Tech Wire: Zoom says deal to buy security firm will ‘significantly’ enhance security
Security Brief: Zoom buys encryption startup in its first-ever acquisition
Reuters: Zoom pushes ahead on security, buying Keybase and reaching pact with New York
ARN: Zoom acquires secure messaging startup Keybase in security push
Tom’s Guide News: Zoom is getting its biggest missing feature
BusinessLine – Home: Zoom to build end-to-end encryption for the app with Keybase
TechNadu: Zoom Acquires Keybase and Will Soon Introduce End-to-End Encryption
Asia One Digital: Free basic Zoom accounts to get three more security features from May 9
grugq’s domain: Zoom + Keybase
Tech Insider: Zoom security advisor Alex Stamos explains how the acquisition of Keybase will help the red-hot videoconferencing app address its ‘unique’ challenges in adding end-to-end encryption (ZM)
BGR: You’ll have to pay for Zoom’s new end-to-end encryption feature
NDTV Gadgets360.com: Zoom Pushes Ahead on Security, Buying Keybase, and Reaching Pact With New York
Help Net Security: Zoom acquires Keybase, a secure messaging and file-sharing service

@alexstamos: I am very happy that @zoom_us has bought @KeybaseIO and announced a plan to offer an end-to-end encrypted mode that works with Zoom's video quality and scale. Details from @ericsyuan
@alexstamos: @maxtaco, @malgorithms and the rest of the Keybase team built something special and now have a chance to change the baseline of security and privacy in enterprise communications forever. Coverage by CNBC:
@TechCrunch: Zoom acquires Keybase to get end-to-end encryption expertise https://tcrn.ch/3bgPLjj | by @ron_miller
@mountain_ghosts: keybase, the service we've been trusting to verify public keys, has been bought by zoom, a company that spent the last 2 months tanking its security reputation. is this good https://keybase.io/blog/keybase-j
@evacide: Zoom buys Keybase in order to integrate end-to-end encryption which, until recently, they were claiming they had all along.
@thegrugq: Zoom buying Keybase is a really interesting move. They could actually deny every nation control over the video conferencing terrain. It could also open up interesting features with zoom, like in band file sharing.


March 31, 2020
Lucy Ingham / Verdict

Lucy Ingham / Verdict  
Marriott Suffers Second Data Breach Exposing Personal Data for Up to 5.2 Million Guests, Culprit Used Login Credentials of Franchise Employees

Hotel chain Marriott International said that it had been hit by a second data breach exposing the personal details of “up to approximately 5.2 million guests.” The breach, which was attributed to an unknown third party using the login credentials of two employees at a group hotel operated as a franchise, began in mid-January 2020 and was discovered at the end of February 2020. Among the data exposed in the breach were contact details, including names, addresses, birth dates, gender, email addresses, and telephone numbers, along with employer name, gender, room stay preferences, and loyalty account numbers. Marriott said it does not believe passports, payment details or passwords were exposed in the data breach. In late-2018, Marriott disclosed a massive security breach in the Starwood reservations database that exposed some 383 million guest records, including passports and credit card information. That breach cost the company $126 million in expenses and resulted in a £99m fine under GDPR.

Related: ComputerWeekly: IT security, DataBreaches.net, IT Pro, The Mac Observer, Dashlane Blog, Tom’s Guide News, SiliconANGLE, The Register – Security, Tech Insider, Homeland Security Today, Slashdot, Fortune, Reddit – cybersecurity, CNET, SlashGear » security, TechCrunch, Mashable, Infosecurity Magazine, The Hacker News, Deutsche Welle, Security Brief, UPI.com, Tom’s Guide News, Las Vegas Review-Journal, iTnews – Security, Tech Xplore, Reuters, ZDNet Security, SC Magazine, UPI.com, Security Affairs, IT World Canada, PYMNTS.com, DataBreachToday.com, Reddit – cybersecurity, PYMNTS.com, Wired, Dark Reading, South China Morning Post, The Hill, The Hacker News, Homeland Security Today

Tweets:@Wired

ComputerWeekly: IT security: Marriott International hotel chain in second data breach
DataBreaches.net: Marriott data breach exposes personal data of 5.2 million guests
IT Pro: Marriott data breach exposes personal data of 5.2 million guests
The Mac Observer: Marriott Hit by Second Data Breach Affecting up to 5.2M People
Dashlane Blog: Marriott Breached Again, 5.2 Million Accounts Compromised 
Tom’s Guide News: Marriott data breach hits 5.2 million people: What to do now
SiliconANGLE: 5.2M customer records stolen in latest hack targeting Marriott hotel group
The Register – Security: Marriot Hotels breached AGAIN: Two compromised logins abused to exfil guests’ personal deets
Tech Insider: Marriott says at least 5.2 million guests’ personal information was likely breached — the company’s second major security incident in 2 years (MAR)
Homeland Security Today: Marriott Says New Data Breach Affects 5.2 Million Guests
Slashdot: Marriott Discloses New Data Breach Impacting 5.2 Million Guests
Fortune: Marriott says new data breach affects 5.2 million guests
Reddit – cybersecurity: Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests
CNET: Marriott discloses new data breach impacting 5.2 million guests
SlashGear » security: Marriott reveals another security breach: 5.2 million guests exposed
TechCrunch: Marriott says 5.2 million guest records were stolen in another data breach
Mashable: Marriott data breach exposes 5 million guests’ information. Again.
Infosecurity Magazine: New Marriott Data Breach Affects 5.2 Million Guests
The Hacker News: Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests
Deutsche Welle: Millions of Marriott guests exposed in new data breach
Security Brief: Marriott International reports breach affecting 5.2 million customers
UPI.com: Marriott says data breach affected 5.2M customers
Las Vegas Review-Journal: Marriott says latest breach affected 5.2M customers
iTnews – Security: Marriott discloses second data breach in two years
Tech Xplore: Marriott says new data breach affects 5.2 million guests
Reuters: Marriott says 5.2 million guests exposed in new data breach
ZDNet Security: Marriott discloses new data breach impacting 5.2 million hotel guests
SC Magazine: New Marriott data breach impacts 5.2 million guests
UPI.com: Marriott says data breach affected 5.2M customers
Security Affairs: Marriott discloses data breach impacting up to 5.2 Million guests
IT World Canada: Marriott Hotel chain hit by hackers – again
PYMNTS.com: Marriott International Experiences Massive Data Breach
DataBreachToday.com: Another Marriott Breach Affects Millions
Reddit – cybersecurity: Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests
PYMNTS.com: Marriott International Experiences Massive Data Breach
Wired: Hack Brief: Marriott Got Hacked. Yes, Again
Dark Reading: Data from 5.2M Marriott Loyalty Program Members Hit by Breach
South China Morning Post: Marriott says 5.2 million guests possibly exposed in new data breach
The Hill: Marriott suffers data breach affecting 5.2 million customers
The Hacker News: Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests
Homeland Security Today: Marriott Says New Data Breach Affects 5.2 Million Guests

@Wired: Up to 5.2 million members of the Marriott Bonvoy loyalty program may have had their personal information stolen. Here's how you can check if you're one of them:


April 13, 2020
Rowena Mason / The Guardian

Rowena Mason / The Guardian   
UK Health Ministry Will Soon Launch Its Own Coronavirus Contact Tracing App as Concerns Swirl Over Privacy and Security of Such Apps

As security and privacy concerns swirl around the introduction of coronavirus contact tracing apps, the UK public will soon be able to find out if they may have been in the vicinity of people unwell with coronavirus via a new contact-tracing app. The NHS app, developed by NHSX, the health service’s digital transformation arm, would allow people to report their symptoms. Then the app would anonymously alert other app users that had been in contact with that person in recent days. About 60% of the population would have to sign up for the app for it to be effective.  Despite fears over the privacy of the app’s data, UK health minister Matt Hancock said the data will be handled according to the highest ethical and security standards, and would only be used for NHS care and research.

Related: IT World, Techradar, The Loop, eTeknix, CNBC, Cyware News, Telecomlive.com, Inverse, Android Authority, CNET, 9to5Mac, DIGITIMES: IT news from Asia, MacRumors, Android Central, TechNadu, Fortune, MacDailyNews, Schneier on Security, Computerworld Security, O’Grady’s PowerPage, MacRumors, Cult of Mac, Forbes, Politico, BBC News

Tweets:@fs0c131y @jatorre @schneierblog @EHRC

IT World : Cyber Security Today – COVID-19 hiring and sob story scams, Apple and Google partner on contact tracing, cops make arrests and more
Techradar: The UK government is working on a Covid-19 tracking app with Apple and Google
The Loop: UK nods to Apple/Google coronavirus API with contact tracing app plans
eTeknix: UK Confirms Plans For Coronavirus Tracing App
CNBC: Apps collecting data to help stop the virus spread must limit sharing of information, cybersecurity expert says
Telecomlive.com: Apple, Google join hands to help fight coronavirus
Inverse: Covid-19: how Apple and Google’s system could help end lockdowns
Android Authority: Google-Apple partnership may be tech-limited, and more tech news today
CNET: Tech isn’t solution to COVID-19, says Singapore director of contact tracing app
9to5Mac: Here’s how Apple and Google’s COVID-19 contact tracing API could be implemented to help reopen society
DIGITIMES: IT news from Asia: Apple and Google partner on coronavirus contact tracing technology
MacRumors: UK to Use Apple-Google API in NHS Contact Tracing App
Android Central : The UK’s NHS will add Apple and Google’s coronavirus tracing API to its app
iMore: The UK’s NHS will add Apple and Google’s coronavirus tracing API to its app
TechNadu: UK Will Be the First to Use the Google and Apple Coronavirus Tracing App
Fortune: The problem with Google and Apple’s plan to trace coronavirus via your phone
MacDailyNews: What’s wrong with the Apple-Google COVID-19 contact tracing scheme
Schneier on Security: Contact Tracing COVID-19 Infections via Smartphone Apps
Computerworld Security: Everything we know about the Google/Apple COVID-19 contact tracing tech
O’Grady’s PowerPage: Apple to partner with Google on Coronavirus contact tracing project
MacRumors: UK to Use Apple-Google API in NHS Contact Tracing App
Cult of Mac: UK’s National Health Service to use Apple-Google API in contact tracing app
Forbes: COVID-19: U.K. Government Unveils NHS Contact-Tracing Phone App As Next Step In Fighting Disease
Politico: The security issues with the Apple/Google virus tracking project
BBC News: Coronavirus: UK confirms plan for its own contact tracing app

@fs0c131y: 14/ The Apple / Google API has an other disadvantage. If a government want to publish a functional contact tracing app he is force to use this API. As a politician, when you spend your time talking about the digital sovereignty, about how bad are the GAFA, it's an issue.
@jatorre: I am getting scared of all these cryptographers now saving the world with contact tracing without privacy issues... This is going to delay solutions a lot by adding noise to decision makers. This blog post summarizes it great https://lightbluetouchpaper.org/2020/04/12/contact-tracing-in-the-real-world/
@schneierblog: Contact Tracing COVID-19 Infections via Smartphone Apps
@EHRC: “We support the use of technology to save lives during the pandemic. At the same time it must have the appropriate safeguards in place to protect people’s privacy and data.” We are ready to advise the NHS on its new Covid-19 contact tracing app. More: http://socsi.in/VrLA2