Tag: Researcher | Page 5

Facebook wants to turbo-charge smart glasses. Researcher wonders if it can do it right

October 27, 2021/in Computer Security

A computer security and privacy researcher who also is an investor in augmented reality took a look at Facebook’s latest smart-glasses project and found biometric-identifier concerns for the recordable world as well as for the recorder.

In an opinion article published by The Conversation, Indiana University computer science professor Apu Kapadia compares Facebook’s Ego4D project with what he and his IU team have learned in studying sociological facets of people walking the Earth with AI-supported recording and reporting devices on their faces.

The Ego4D dataset can be used for algorithmic training, from biometric recognition to robotics performance in unstructured environments. Facebook is keen to facilitate development that would make smart glasses almost a new external lobe of the human brain.

Kapadia writes that biometric privacy concerns and AI ethics demand that Facebook executives frame in their own minds how dangerous and socially disruptive smart glasses will be if treated as another revenue-producing app.

(The researcher is an investor in Snap Inc., owner of augmented-reality social media service Snapchat. He also has been funded by the National Science Foundation, the Department of Defense and Microsoft Research; and had twice received Google’s faculty research award.)

It is good advice and timely as Facebook defends itself against insider accusations that leaders allegedly have chosen profits over the safety and health of their own subscribers, some of whom are children.

And, earlier this fall, the company had to disable an AI algorithm said to be the source of photos of Black men labeled “primates.”

Ego4D, is an egocentric, or first-person, video dataset available to the public, with benchmarks. The video and audio data, totaling 3,025 narrated hours of mostly “unscripted” content, was collected by 855 participants in nine countries as they went about their lives wearing smart glasses for up to 10 hours a day.

Privacy concerns by and angry reaction of people seeing that they are being recorded by smart glasses are well-reported, spawning the term glasshole for wearers of Google’s Glass. And that was before an increase in…

Source…

Cyber security researcher reacts following the largest social media outage ever | Mobile County Alabama News

October 9, 2021/in Mobile Security

MOBILE, Ala. (WALA) — If you use Facebook or any of its apps, you may have been in the dark for a second time this week.

Another outage hit Facebook users early Friday afternoon, but it didn’t last as long as the one Monday that kept users offline for about five hours.

Facebook went on Twitter this afternoon to apologize about today’s problems.

We’re so sorry if you weren’t able to access our products during the last couple of hours. We know how much you depend on us to communicate with one another. We fixed the issue — thanks again for your patience this week.

— Facebook (@Facebook) October 8, 2021

And while it does not appear the outages were due to a hack, the possibility of a hack should be a reminder to us all that the information we share online is vulnerable.

And for some, Monday and Friday’s Facebook outages were more than an inconvenience.

“Some people can use it, and when it goes down can walk away from it,” said Dr. Michael Black. “There are other people that can literally panic about it. Why is it down? Why can’t I see my friends? I can’t communicate. They depend on it to communicate. They depend on it for other daily activities to do things.”

Black, who teaches at the University of South Alabama, also researches cyber security and digital forensics. He says the fallout from the outages could have people rethinking their reliance on social media.

“I think for a lot of people, it might be trust,” Black said. “As far as trusting if the service is going to be available or not. How can I know that it’s going to be there? What’s going to be the availability of it? When I need it, can I get to it?”

That sentiment is shared by Brandon Nero, who uses Facebook heavily as a supply chain manager. But he also worries about the security.

“How safe is the information that I have?” Nero asked. “Which kind of makes me wonder if I should pull back from this being my primary means of communication.”

So, what can you do if you don’t feel confident that your information is staying private?

Experts recommend changing your social media passwords, and on accounts linked to your Facebook page

Also be on the lookout for fake accounts.

Be aware of…

Source…

Researcher highlights three security flaws in Apple’s iOS15; See what data can be leaked

September 26, 2021/in Mobile Security

Apple has just released their iOS 15 and they are extremely confident that their OS is completely free of any security vulnerabilities. To back it up, Apple has recently released a Security Bounty Program to the public. With this program, Apple will be willing to offer payouts with $1 million to any researcher who shares details about security threats in their iOS, iPadOS, macOS, tvOS, or watchOS. Several programmers have been sending in some information to this program and have helped the American tech giant to solve these issues.

iOS 15 security flaws

Recently, a security researcher who goes by the title”illusionofchaos” claimed that he had reported a total of zero-day vulnerabilities to Apple between March and May. The researcher claims that only one of these vulnerabilities have been fixed till now and the rest 3 can still be accessed by hackers. According to his blog post, several other researchers are not happy with the working of the Apple Security Bounty program. Here is a list of Tweets from researchers who have shared their thoughts about the Apple Security Bounty program.

#infosec #bugbounty #bughunter

Apple bug bounty porgram is like a joke.After 3 months of the fix and their thoughly “invesgate”,my 0-click heap buffer overflow gets non paid without a reliable exploit.Well done,apple.

Maybe next time I will public their vuln before it get fixed. pic.twitter.com/ngo940dimb

— 5n1p3r0010 (@5n1p3r0010) May 20, 2021

With today’s fixes, I have 17(!!) cases with Apple, where the reward wasn’t even decided in the Apple Security Bounty program. Some of these pending since the release of Big Sur 11.0.1. #apple #asb

— Csaba Fitzl (@theevilbit) July 21, 2021

Researchers who are naive enough to submit bugs to Apple bug bounty should start demanding interest on the payments. They are losing investment opportunities and good returns on that money 😂😂😂😂😂

Say no to Apple bug bounty 🖕

— fG! (@osxreverser) July 21, 2021

All Data that can be accessed using such iOS 15 security flaws

Apart from this, here is also a list of information about all the data that can be accessed using the three iOS15 vulnerabilities. All of this…

Source…

Researcher Details Three Zero-Day Exploits Still Present In iOS 15

September 24, 2021/in Internet Security

Usually software updates come with things like bug fixes and security patches. Unfortunately for iOS 15, it seems that Apple has left in three zero-day exploits despite being warned in advance. This is according to a post by an anonymous security researcher and shared and verified by Kosta Eleftheriou.

According to the post, “I’ve reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version (15.0) and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page.”

They add, “When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update. There were three releases since then and they broke their promise each time.”

The researcher then gave Apple the courtesy by giving them an opportunity to respond and provide an explanation, if not they would make the information public, which obviously they haven’t which is why those vulnerabilities have since been disclosed.

These vulnerabilities are a bit technical but they are explained on the researcher’s blog, so if you’re curious to learn more you can check it out. Apple has yet to respond to the post, but given that these exploits have been made public and are potentially exploitable by hackers who now know about them, hopefully they’ll be patching them ASAP.

Filed in Apple >Cellphones. Read more about iOS, Ios 15 and Security. Source: macrumors

Tag Archive for: Researcher

iOS 15 security flaws

All Data that can be accessed using such iOS 15 security flaws