Edition 1 - Clipboard spying, Twitter hack, and more
by Kartik Chaturvedi
From the Blog
New post coming soon! Until then, enjoy this post from the archive:
Are We Really Aloneikartik.co/blog/are-we-really-aloneAre We Really Alone
We can observe black holes millions of light years away, hidden behind thousands of stars in our night sky. Yet, we have seen no evidence of life out there. Why is that? Are We Really Aloneikartik.co/blog/are-we-really-aloneContinue reading
LinkedIn sued over allegation it secretly reads Apple users' clipboard contentU.S.LinkedIn sued over allegation it secretly reads Apple users’ clipboard content – Reuters
LinkedIn is just one of the latest companies caught spying on user data. After the release of iOS 14 beta, many beta testers have reported seeing the new clipboard access notification while using apps that you would never think read your clipboard’s contents. Turns out Apple just closed one of many loopholes app developers used to gather even more data from users. The response from most of these apps has been some form of “we accessed the clipboard to enhance the user experience, but we’ll stop now that it’s in the news”. Kind of disappointing right? Whatever happened to doing things correctly by default? What is even worse is that apps like TikTok, which has earned the title of “data collection platform disguised as a social network,” promised to stop reading clipboard data after being How popular apps can read your phone's clipboard without permissionThe Telegraphcaught in March. Clearly they never stopped.
Who’s Behind Wednesday’s Epic Twitter Hack?krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/Who’s Behind Wednesday’s Epic Twitter Hack? – Krebs on Security
Twitter had a rough week after 130 high-profile and verified accounts were hacked into on Wednesday, including accounts of Elon Musk, Jeff Bezos, Warren Buffet, Joe Biden, and former President Barack Obama. The hackers tweeted links to bitcoin scams, to which gullible followers sent more than $117,000. Hacking into high-profile accounts is not that easy, especially if you have two-factor authentication turned on. Unfortunately, it appears the An update on our security incidentblog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incidentattackers coerced some Twitter employees to hand over access to Twitter’s internal support tools, which were then used to get control of the accounts, bypassing any two-factor protections. How those employees were manipulated is not clear, but this incident opens up a lot of questions for Twitter – could the President’s account be hacked like this too? What if hackers had tweeted about a missile attack instead of mere bitcoin scams? Why aren’t there additional verifications in place to access and edit account information, especially for high-profile or verified accounts? It goes back to the fact that security should be the foundation of every project.
Neowise: an increasingly rare opportunity to spot a comet with the naked eyeThe ConversationNeowise: an increasingly rare opportunity to spot a comet with the naked eye – The Conversation
This is literally a once-in-lifetime opportunity to see a comet last seen by humans in 5000 BC. Neowise’s orbit around the sun takes 6,800 years to complete and extends out 630 AU (astronomical unit, or the distance between Earth and the Sun). For comparison, Voyager 1 has only travelled about 150 AU from Earth. Neowise should be visible to the naked eye all week, making its closest approach on July 22, when it will be almost as close to Earth as Mars. Look for it | EarthSkyEarthSky | Updates on your cosmos and worldto the north, near the horizon.