My Weekly RoundUp #109
Hurray! Finally i can saying that WhatsApp has a government backdoor without being looked as a conspiracy theorist!
Chrome cripples movie studio Mac Pros
It’s not often that a single software bug can bring an entire industry to a virtual standstill, but it happened this week – and experts finally found an unlikely culprit.https://nakedsecurity.sophos.com/2019/09/27/chrome-cripples-movie-studio-mac-pros
The problem began on Monday 22 September when reports emerged of a problem with Macs running Avid software.
Avid is an editing suite that production companies use to put movies and TV programs together. A few days ago, movie editors started reporting that Mac Pros running Avid software were crashing. If users tried to restart their machines, they wouldn’t reboot. It left production studios ringing their hair as they lost valuable editing time.
SpaceX unveils its stunning shiny stainless steel-clad Starship
SpaceX has unveiled its next-generation rocket, the Starship, and it’s a stainless steel stunner. The prototype rocket, called the Starship Mk1, sits at 50 meters (164 feet) tall with a diameter of 9 meters (29.5 feet) and will be powered by a total of 37 engines.https://www.digitaltrends.com/cool-tech/spacex-starship-prototype/
“This is the most inspiring thing that I’ve ever seen,” CEO Elon Musk said, looking admiringly at the prototype ship on display at an event held at SpaceX’s launch facility in Cameron County, Texas. He went on to say that a main goal of the event and of SpaceX’s work is to get the public inspired about space exploration and its potential for future: “Becoming a spacefaring civilization, being out there among the stars, this is one of the things that makes me glad to be alive.”
Facebook, WhatsApp Will Have to Share Messages With U.K. Police
Social media platforms based in the U.S. including Facebook and WhatsApp will be forced to share users’ encrypted messages with British police under a new treaty between the two countries, according to a person familiar with the matter.https://www.bloomberg.com/news/articles/2019-09-28/facebook-whatsapp-will-have-to-share-messages-with-u-k-police
The accord, which is set to be signed by next month, will compel social media firms to share information to support investigations into individuals suspected of serious criminal offenses including terrorism and pedophilia, the person said.
Priti Patel, the U.K.’s home secretary, has previously warned that Facebook’s plan to enable users to send end-to-end encrypted messages would benefit criminals, and called on social media firms to develop “back doors” to give intelligence agencies access to their messaging platforms.
The U.K. and the U.S. have agreed not to investigate each other’s citizens as part of the deal, while the U.S. won’t be able to use information obtained from British firms in any cases carrying the death penalty.
Amazon Is Watching
When you think of Amazon, you might think of comparison shopping from your couch, buying exactly what you want, for less than you’d pay at the store. You might think of a delivery person dropping a package at your door, right on time, and how if there’s anything amiss you can send it back for a full refund. You might think of asking Alexa to play a song or a TV show or turn on the lights, and the marvel of how it all just works (usually). You might think of a Prime members’ discount on avocados at Whole Foods, which Amazon acquired in 2017.https://onezero.medium.com/amazon-is-watching-d51b20f1668a
Amazon’s reputation for serving its customers with low prices and ruthless efficiency might help to explain why, in survey after survey, the Seattle-based company ranks as America’s most valuable — nay, most loved — brand. One recent study found that Amazon is the second most-trusted institution of any kind in the United States, ahead of Google, the police, and the higher-education system, and trailing only the U.S. military. At a time when an endless string of privacy and election scandals has left Facebook’s reputation in smoldering ruins, and Google’s has been dented by YouTube’s radicalization and content moderation woes, Amazon’s is stronger than ever.
Vimeo collected detailed facial scans without consent, lawsuit alleges
Vimeo is collecting and storing thousands of people’s facial biometrics without their permission or knowledge, a recently filed lawsuit alleges.https://arstechnica.com/tech-policy/2019/09/vimeo-sued-for-allegedly-collecting-facial-biometrics-without-consent/
The “highly detailed geometric” facial maps, according to a complaint, are being collected and stored in violation of the Illinois Biometric Information Privacy ACT, or BIPA, according to a complaint filed last week in Illinois state court. The law bars companies from obtaining or possessing an individuals’ biometric identifiers or information unless the company (1) informs the person in writing of its plans to do so, (2) states in writing the purpose and length of term for the collection and storage, (3) receives written permission from the user, and (4) publishes retention schedules and guidelines for destroying the biometric identifiers and information.
The complaint alleges Vimeo is violating the law by collecting, storing, and using the facial biometrics of thousands of unwitting individuals throughout the United States whose faces appear in photos or videos uploaded to the Magisto video-editor application. Vimeo acquired Magisto in April and claimed the editor had more than 100 million users.
“Vimeo has created, collected, and stored, in conjunction with its cloud-based Magisto service, thousands of ‘face templates’ (or ‘face prints’)—highly detailed geometric maps of the face—from thousands of Magisto users,” the complaint alleged.
Vodafone’s Mobile App Briefly Exposed Customer Information
For a brief period on Wednesday morning, Vodafone customers in New Zealand using the mobile carrier’s app could see details for other customers.https://www.bleepingcomputer.com/news/security/vodafones-mobile-app-briefly-exposed-customer-information/
The app is designed for managing the Vodafone account and offers quick access to bills, or active services. It also provides information about call rates in other countries, reward points, promotions, and data plans.
Moreover, MyVodafone app can be used to suspend your phone number if you lose the phone or it gets stolen. The information it makes available is important enough to cause concern if leaked to a wrong party.
Praveen Kumar Purushothaman: My Experience on Spotify Agile Methodology
This is the awesome culture that’s happening in Spotify, a music, podcast, and video streaming service. They have an agile development model for their software engineering team and they have defined their own set of rules, based on their experience and to be precise, they don’t have a set of defined rules. Their point is to have rules at the start and later break them (or adapt according to the team’s needs).https://blog.praveen.science/my-experience-on-spotify-agile-methodology/
Another interesting thing is that, they didn’t like the default roles in scrum. They have renamed the Scrum Master to Agile Coach, as they wanted “servant leaders” more than “process masters”. And yeah, no more Scrum teams, instead, they call it Squads.
iOS 13 Bug Gives Third-Party Keyboards “Full Access” Permissions
Apple has released a security advisory to warn users of an unpatched security bug in iOS 13 that affects third-party keyboard apps. The bug can result in granting keyboard extensions full access, even when users deny it.https://securityaffairs.co/wordpress/91752/breaking-news/ios-13-bug.html
Granting keyboard extensions full access could allow developers to capture everything the users type on their devices.
Third-party keyboard extensions in Apple iOS can run without access to external services, or they can request “full access” to provide additional features through network access. Apple announced an upcoming software update to address the issue, the tech giant highlighted that it doesn’t affect Apple’s built-in keyboards.
“Apple has discovered a bug in iOS 13 and iPadOS
that can result in keyboard extensions being granted full access even if you haven’t approved this access.” reads the security advisory published by Apple. “This issue does not impact Apple’s built-in keyboards. It also doesn’t impact third-party keyboards that don’t make use of full access. The issue will be fixed soon in an upcoming software update.”
Billy Porter’s powerful Emmys acceptance speech was a rallying cry for equality
We already know Billy Porter can make an entrance, but did you know he can give a pretty spectacular speech, too?
At the 2019 Emmys on Sunday, the Pose star picked up the award for lead actor in a drama series — becoming the first openly gay black man to do so.
“The category is love, y’all, love,” said Porter, collecting the award. “I am so overwhelmed and I am so overjoyed to have lived long enough to see this day.”
The award-winning actor then reflected on the words of great American novelist, essayist, orator, and civil rights activist James Baldwin in one of the most powerful moments of the ceremony.
“James Baldwin said, ‘Took many years of vomiting up all the filth that I had been taught about myself and halfway believed, before I could walk around this earth like I had the right to be here.’
“I have the right. You have the right. We all have the right.”