Connect with us

Technology

iOS Twitter Users Had Their Location “Inadvertently” Sent To Twitter’s “Trusted Partner”

Twitter said that they inadvertently sent iOS location data to a trusted advertising partner due to a bug that enabled them to send those data inadvertently. Click To Tweet

Published

on

Twitter has sent iOS location data to a trusted partner due to a bug.
Twitter said that they inadvertently sent iOS location data to a trusted advertising partner. Photo: Stock Catalog | Flickr | CC BY 2.0

Because of a bug in Twitter’s system, the popular social media and microblogging site announced this week that they had been inadvertently collecting and sharing location data from iOS versions of their application and sending it to a trusted partner without the consent of the affected users.

In a blog post, Twitter said that they discovered a data breach caused by a bug and they were “inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances.”

The said data breach specifically affected those who have been using more than one account in an iOS Twitter app while their precise location setting has been enabled.

“we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature,” Twitter wrote.

Nonetheless, Twitter clarified that none of the transmitted data were actually “precise” location data because it was already “fuzzed” to only include a ZIP code or city (5 km squared), adding that the disclosed data could not be used to map the location of the affected users.

Twitter also assured the affected users that the partner did not receive any identifiable information such as Twitter handles or other unique account IDs that could have compromised the affected user’s identity.

Furthermore, Twitter said that the inadvertent sending of users’ location data happened during a process called “real-time bidding” (RTB) with one of its “trusted advertising partner.”

“We have fixed this problem and are working hard to make sure it does not happen again. We have also communicated with the people whose accounts were impacted to let them know the bug has been fixed. We invite you to check your privacy settings to make sure you’re only sharing the data you want to with us,” they assured their users.

As for those who are concerned whether or not their data was used by whoever received it, Twitter clarified that they had communication with their partner and found out that the advertising company did not retain the information that was unintentionally sent to them.

“We have confirmed with our partner that the location data has not been retained and that it only existed in their systems for a short time, and was then deleted as part of their normal process.”

It is still unclear when this unintentional sending of user location data nor did Twitter name who the trusted partner is in its post regarding the bug.

Reporters have reached out to Twitter to gain further insight regarding what happened, but Twitter refused to comment further than they have already posted in their announcement. On the other hand, they said that they have already notified the users who were affected by the bug problem and noted that other victims could contact Twitter by filling up this form.

“We’re very sorry this happened. We recognize and appreciate the trust you place in us and are committed to earning that trust every day.”

Twitter is not the only social media company who had an internal data vulnerability this year. It can be remembered that Facebook has been recording the passwords of some of their users in plain text, a human-readable format, that allows whoever has access to the database can read, understand, and use the user passwords included in it.

Facebook’s Pedro Canahuati, vice president of engineering for security and privacy, initially referred to “some” user passwords that were accessible to Facebook employees. A paragraph later, he revealed that “hundreds of millions of Facebook Lite users, millions of Facebook users, and tens of thousands of Instagram users” would be notified.

Facebook clarified that the issue was purely internal and that only their employees have access to the user passwords. Nonetheless, tech experts have slammed Facebook for the recklessness of what they have done.

“To be clear, these passwords were never visible to anyone outside of Facebook, and we have found no evidence to date that anyone internally abused or improperly accessed them,” Canahuati wrote.

The California-based company said that they already notified users who were affected by the problem and advised them to change their password following the rectification done by Facebook.

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Our Voice

With Android Out, There Are Still Other Alternatives For Huawei

There are other alternatives for Huawei: they can use their own OS, use Linux-based Sailfish OS fork, or they can find a way to work with Android again. Click To Tweet

Published

on

There are other alternatives for Huawei after the Google ban: they can use their own OS, use Linux-based Sailfish OS fork, or they can find a way to work with android again.
Android is working to resume partnership with Huawei. Photo: Racchio | Flickr | CC BY-ND 2.0

When Huawei was subjected to a witch hunt by the US government for allegedly aiding the Chinese government in its efforts to spy on the country, and as a pivotal player to potentially economically sabotage the country, an executive order was launched against the China-based tech giant that effectively forced U.S. tech companies to sever ties with Huawei.

And to comply with this, Google revoked Huawei’s license to use its open-source operating system, Android.

The ban from Google has brought Huawei’s future into limbo; making it uncertain for users, especially concerning security updates for their Huawei and Honor phones —or the general idea whether their devices will still be able to run altogether. Following the announcement, Huawei assured its users that all phones that were sold ahead of the banning and those that are already in stock will continue receiving updates from Android.

But now that more and more companies and U.S. tech giants are starting to enforce the ban against Huawei, what is left for Huawei to do to continue competing in the competitive global market of smartphones? What alternatives does it have in place of Android?

Does it still stand a chance?

Hongmeng, Huawei’s own operating system is on the move

One of the most obvious choice for Huawei to continue their business in the smartphone arena is to develop its operating system. And reports revealed that it has been doing so — as the Beijing company has already foreseen circumstances like a Google/Android ban.

Following the announcement of Google that it will be revoking Huawei’s Android license, rumors about a Huawei-exclusive operating system has been developed by the company since 2012. They called it Hongmeng.

The company has been testing the new OS on selected devices under closer door and closed environment. The source also said that the testing was accelerated for the new operating system to be ready for situations just like this.

One massive problem with this option, however, is that since it is a new operating system, it may be a challenge for Huawei to create an applications environment as robust as that of Android. But Huawei also has a solution to this problem: to release its own App Gallery.

A report from Bloomberg has said that the Chinese phone maker has been sweet-talking developers and networks to get on board. The story says that Huawei is offering considerable amounts to developers and systems to install their app store in new phones. While it is still unclear if the new app marketplace will be for all new phones or if it will be exclusive to its models only, this seems like a sound solution for Huawei’s predicament.

Even if Huawei can convince developers to develop apps for its OS and app gallery, another challenge is to make sure that porting apps on its OS becomes sustainable for developers to update. To survive this, Huawei should be able to sell enough phones and create enough demands for the developers to earn from it and prevent them from abandoning the platform altogether.

Or they can use Sailfish OS Fork

Another viable OS alternative for Huawei instead of the Android operating system fiasco is tapping into the Linux-based open-source operating system Sailfish OS Fork. Some reliable reports suggest that Huawei might use an existing smartphone OS named as Sailfish OS on its smartphones and tablets. Sailfish OS can be used as a base to develop the new Aurora OS for international Huawei smartphones.

And Huawei is seriously considering this OS as an Android alternative. Huawei CEO Guo Ping discussed the possibility of using Sailfish OS on Huawei devices with Konstantin Noskov, the minister of digital development, communications, and mass media of Russia.

One primary advantage of using Sailfish OS Fork over Huawei developing its OS is that this Linux-based operating system is also compatible with most Android apps. This means that Huawei does not need to create an entirely new app ecosystem for users to use their apps. At present, Sailfish OS is installed on only four devices, namely Sony Xperia X, XA2, XA2 Plus, and XA2 Ultra.

And since privacy is one of the most talked about issue in the tech world today, another advantage of the Sailfish OS Fork is precisely that. The OS does not store nor use user data against their consent and also, Sailfish OS only stores data to run its services and not sold to third-party services.

Android can find a way to work with Huawei again

The thing about Android OS that makes it a complicated venture when it comes to Huawei is that, although the operating system is open-source — meaning anyone can use it freely for their project — the source code is still licensed by Google, an American company that is required to comply with the Huawei ban EO. But reports suggest that Google is against this decision and is working on finding ways to continue working with Huawei amidst the controversial legislation. For one, Google has urged the US government to lift the ban against the Chinese smartphone manufacturer — citing security threats can be more viable with the policy.

In the short term, the company has secured a temporary license to continue to supply software updates to existing phones. The permit allows Huawei to take action “necessary to provide service and support, including software updates or patches, to existing Huawei handsets that were available to the public on or before May 16, 2019.” The license will also allow Huawei to maintain its existing network equipment, and to receive security vulnerability disclosures. Reports suggest that Android is working to extend this license.

With these moves from Google and Android, it is possible that companies can find a workaround that would allow them to work with Huawei in the future indefinitely; but this remains uncertain.

Continue Reading

Technology

FCC Wants Carriers To Block Robocalls By Default

The FCC is planning to allow phone carriers to block robocalls and spoofed caller ID by default; allowing the development of more tech against robocalls. Click To Tweet

Published

on

The FCC is planning to allow phone carriers to block robocalls and spoofed caller ID by default.
FCC Chair Ajit Pai proposes a bold move to end robocalls. Photo: Gage Skidmore | Flickr | CC BY 2.0

The scorching impact of robocalls in the United States is undeniably become one of the discussed topics not only among citizens but also in the board rooms of lawmakers and regulators. The increasing pressure from consumers to end the robocall epidemic has since forced regulating bodies to craft necessary resolutions to the problem.

Only recently, Federal Communication Commission chair, Ajit Pai, has proposed a bold action to help stop the growing number of robocalls that have plagued not unsuspecting victims by their annoying nuisance but some are swindling money from US citizens. Pai, who was previously criticized for his commission’s unsuccessful efforts to end the robocall problems, has circulated a declaratory ruling that, if adopted, would allow phone companies and telecommunication carriers to block unwanted phone calls by default. Also, companies could enable consumers to block calls, not on their contact list.

Furthermore, the Further Notice of Proposed Rulemaking would propose a safe harbor for providers that implement network-wide blocking of calls that fail caller authentication under the SHAKEN/STIR framework once it is implemented.

“Allowing call blocking by default could be a big benefit for consumers who are sick and tired of robocalls. By making it clear that such call blocking is allowed, the FCC will give voice service providers the legal certainty they need to block unwanted calls from the outset so that consumers never have to get them,” said Chairman Pai.“And, if this decision is adopted, I strongly encourage carriers to begin providing these services by default—for free—to their current and future customers. I hope my colleagues will join me in supporting this latest attack on unwanted robocalls and spoofing.”

Unwanted calls, including illegal robocalls, are the top consumer complaint at the FCC, with more than 200,000 received annually. Some private analyses estimate that U.S. consumers received approximately 2.4 billion robocalls per month in 2016. Advancements in technology make it cheap and easy to make robocalls and to “spoof” Caller ID information to hide the caller’s true identity.

According to the press release issued by the FCC regarding the plan of Pai to implement this policy, one of the reasons why telecom providers are hesitant to employ some technology and features that would ban unwanted calls by default is the uncertainty that they might violate some rules set by the FCC. But the commission is set to change that by allowing carriers to employ necessary technology to ease the burden of consumers with regards to robocalls.

Aside from this, the FCC wrote, by allowing companies to block robocalls by default, carriers will be encouraged more to develop technology to make this happen and for others to already adopt existing ones.

“This blocking could be based on analytics and consumer “white lists.” Third-party developers currently use similar analytics to call blocking apps. Consumer white lists could be based on the customer’s contact list, updated automatically as consumers add and remove contacts from their smartphones,” the FCC said.

Moreover, the chairman of the FCC is also proposing to hold consultations with the public regarding how caller ID authentication standards, known as SHAKEN/STIR, can inform call blocking. In a statement, Ajit Pai demanded that carriers combat malicious call spoofing. “This system of signing calls as legitimate as they pass through the phone networks may well be useful for call blocking tools,” said FCC.

New rule follows 2017 regulation framework

According to the commission, this move is the first of many steps from the regulatory body to combat and fight illegitimate call spoofing. They said that the new rule follows the rules set by the FCC in 2017 that allows carriers to block calls coming from questionable sources.

Back in 2017, the FCC deregulates the ability of carriers to implement techniques to block unwanted and spoofed calls. The 2017 ruling allowed phone companies to proactively block calls that are likely to be fraudulent because they come from certain types of phone numbers.

“Among other things, our action here will allow carriers to block telephone calls that purport to originate from unassigned or invalid phone numbers. These calls are very likely to be illegal or fraudulent; there’s no legitimate reason for anyone to spoof caller ID to make it seem as if he or she is calling from an unassigned or invalid phone number. We also allow those who hold phone numbers that are not used to make outbound calls to request that carriers block any phone calls that purport to come from those numbers. Once again, any such calls are very likely to be illegal or fraudulent. And to address the rare instance when an error might be made, we encourage carriers to establish a transparent process for legitimate callers to challenge a blocked number and to resolve the challenge quickly,” said Ajit Pai in a statement back in 2017.

Continue Reading

Technology

Facebook Digital Money — Libra — To Debut Next Week With Huge Backers

Facebook is set to debut its own digital money known as Libra; multiple companies like VISA and Mastercard backs up the new currency. Click To Tweet

Published

on

Facebook is set to debut its own digital money known as Libra; multiple companies backs up the new currency.
The new digital money is called Libra. Photo: SEOPlanter | Flickr | CC BY 2.0

Rumors have circulated online regarding Facebook releasing its crypto-based currency, and the talks appear to be accurate as multiple companies – from financial companies to booking websites – have signed up to back up the Facebook money.

Reports suggest that multiple companies, including VISA and Mastercard, have signed up to back the digital currency that Facebook is planning to launch by 2020. Other companies include Paypal, the popular money transfer service, Uber, the ride-hailing application, and Booking.com, a travel booking platform.

The cryptocurrency is reportedly said to be named Libra, and the financial and e-commerce companies, venture capitalists and telecommunications firms will invest around $10 million each in a consortium that will govern the digital coin. The consortium, known as Libra Association, was built for Facebook to establish a group of companies that will back its monetary efforts.

Facebook opens a Swiss company to focus on the digital money venture

A few weeks ago, the social networking giant reportedly opened up a company in Switzerland to focus on payment and blockchain technology, similar to the technology that powers bitcoins and other cryptocurrencies.

Read: Facebook Opens A Swiss Company To Develop Own Virtual Currency, Report Suggests

People familiar with the matter said that Facebook is planning to unveil the new digital currency next week and will start the operation next year. The money is expected to act as a “stable coin” because it is hinged on government-issued currencies in order to limit the volatility of the value of the coin; an issue which Bitcoin has faced for some time. According to a Swiss publication, Handelszeitung, the Facebook cryptocurrency would be tied to the US dollar and therefore will remain stable unlike bitcoin, which started crashing since 2017.

Owned by Facebook Global Holding II in Ireland, the Swiss company will focus on developing the software and hardware for crypto-related functions like payments, blockchain, analytics, big data, and identity management.

Facebook is hesitant to comment regarding their plans for the digital currency and did not confirm nor denied the reports of its existence. Nonetheless, the news is consistent with an earlier report that Facebook created a team of 50 individuals to develop their cryptocurrency and blockchain technology to be used across the network and on its WhatsApp messaging services.

That design would be geared toward avoiding a speculative frenzy like the one that caused the value of the primary cryptocurrency, bitcoin, to soar and then crash. While Facebook also did not confirm anything related to the leaked project at the time, the California-based company confirmed that they are interested in blockchain technology.

“Like many other companies, Facebook is exploring ways to leverage the power of blockchain technology,” the company said in a statement. “This new small team is exploring many different applications.”

It isn’t known, even to some members of the consortium, how the coin will work or what their roles will be, people familiar with the project said. However, it is also noted that regulatory hurdles are still high for Facebook to overcome with this new project. People familiar with the matter said that the concerns were raised regarding the potential of the new currency to be used by terrorist organizations and money launderers in their operations – something other cryptocurrencies have since been associated with.

Interesting partnership with potential competition

But investors are nonetheless interested in the project as other companies back up the new digital money in hopes of gaining traction with millions of Facebook users around the world. It is interesting that to note that the involvement of VISA and Mastercard to a service that will practically, if successful, would pose a threat to their business as one of their biggest competitors.

Other analysts have seen value with this partnership, however. Still, the lure of Facebook’s nearly 2.4 billion monthly active users was too strong for many companies to pass up. Card companies have long fretted that a technology giant could muscle into their business, creating a payment option that cuts out card networks. Participating in Libra allows them to closely monitor Facebook’s payment ambitions while sharing in the upside should the project gain traction with consumers.

Meanwhile, Facebook will not be having control over the new venture – nor will the consortium. Some of the members could serve as “nodes” along with the system that verifies transactions and maintains records of them, creating a brand-new payments network, according to people familiar with the setup.

Continue Reading

Trending