When does “delete” really mean delete? Not always, or even at all, if you’re Twitter .
Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini.
Saini found years-old messages in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also reported a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient — though, the bug wasn’t able to retrieve messages from suspended accounts.
Saini told TechCrunch that he had “concerns” that the data was retained by Twitter for so long.
Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to access their Certificates, Identifiers, and Profiles.
The emails being sent have a subject line “Two-Factor Authentication Required Soon” and state that they are requiring two-factor authentication in order to provide an extra layer of protection for a developer’s Apple ID and to make only they have access to their account.
Before smartphones were popular, people didn’t take mobile security much seriously. After all, we used to have a few contacts, some classic games, and some blurred wallpapers, what was actually stored on our old mobile phones?
However, now that everything has changed, a lot of people are using Smartphone’s to perform a lot of tasks from logging into their bank account to company dashboard for their job purpose, mobile security has become more and more important than ever.
However, the statistics show that only 22% of mobile users take regular security measures, while most just do when it’s convenient. But, as Smartphone users we need to make Smartphone security as our primary priority to keep our mobile safe as possible to avoid any nasty situation later.
Once your mobile gets hacked, you are in major financial trouble and as well as your private information. We store everything on our phones which is very handy at the same time it is a concern.
18,000 Android apps with tens or hundreds of millions of installs on the Google Play Store have been found to violate Google’s Play Store Advertising ID policy guidance by collecting persistent device identifiers such as serial numbers, IMEI, WiFi MAC addresses, SIM card serial numbers, and sending them to mobile advertising related domains alongside ad IDs.
The issue here is that, while some of the companies behind these apps will most probably say that they’re not actually using persistent device identifiers for ad targeting, they are still violating the Google Play Store Advertising ID policy guidance.
Sending non-resettable identifiers besides the ad ID is especially worrisome considering that it effectively removes “the privacy-preserving properties of the ad ID” as explained in a report published by AppCensus.
Facebook maintains a list of individuals that its security guards must “be on lookout” for that is comprised of users who’ve made threatening statements against the company on its social network as well as numerous former employees.
The company’s information security team is capable of tracking these individuals’ whereabouts using the location data they provide through Facebook’s apps and websites.
More than a dozen former Facebook security employees described the company’s tactics to CNBC, with several questioning the ethics of the company’s practices.
In early 2018, a Facebook user made a public threat on the social network against one of the company’s offices in Europe.
Facebook picked up the threat, pulled the user’s data and determined he was in the same country as the office he was targeting. The company informed the authorities about the threat and directed its security officers to be on the lookout for the user.
“He made a veiled threat that ‘Tomorrow everyone is going to pay’ or something to that effect,” a former Facebook security employee told CNBC.
The incident is representative of the steps Facebook takes to keep its offices, executives and employees protected, according to more than a dozen former Facebook employees who spoke with CNBC. The company mines its social network for threatening comments, and in some cases uses its products to track the location of people it believes present a credible threat.
A company operating a facial recognition system in China has exposed millions of residents’ personal information online.
Shenzen-based SenseNets is an artificial intelligence company that uses a network of tracking cameras to spot people and log their movements in its database. Unfortunately, the company exposed that information publicly online allowing anyone to access the information in plain text, it emerged this week.
Dutch cybersecurity researcher Victor Givors found the vulnerable database online and tweeted about it.