Microsoft Edge’s “Super Duper Safe Way” does what it says


This week, Apple he made an announcement as surprising as it was controversial. Company will begin scanning both iCloud and user devices for child sexual abuse materials. It uses smart cryptography for this and will not actually be able to see the images on the user’s iPhone, iPad or Mac if it does not detect multiple instances of CSAM. But some cryptographers have alerted that the technology could be used in the future, especially by authoritarian governments.

This week also marked the start of the Black Hat security conference, meaning there are a lot of hacks. Google researcher found eavesdropping vulnerabilities in several large messaging applications; all have been patched so far, but that speaks to what seems to be an endemic problem with certain types of video calls. Pneumatic tubes found in many U.S. hospital systems are vulnerable to attack, which could cause chaos and delays, although not necessarily in that order. The fix came out this week, but as with many IoT updates, it will be mixed up who will actually install them and when. We spoke to one hacker who says he figured out how to control the lights, fans and capsule beds in Japan – and used that knowledge to torture a noisy neighbor.

We looked at how regulators in France have succeeded move the needle to Google and privacy. We took a primer on RCS, standard for text messages it will make your life much easier as soon as all the players board. We also tried out the controversial new Citizen app charges $ 20 per month for personal protection service.

And there is more! Every week we collect all the security news that WIRED did not cover in detail. Click on the headlines to read the full stories and be safe outside.

You never had more choices for privacy-oriented browser, especially considering everything anti-tracking features of Apple Safari has recently been packaged. But for a sure browser, it will be difficult to surpass what Microsoft has done with the new Super Duper Secure Mode in Edge. The primary customization is that it disables “Just-in-Time,” known as JIT, in Edge’s V8 JavaScript engine. JIT helps keep things moving fast, but it’s also at the center of an alarming percentage of browser-related vulnerabilities. By shutting down, Microsoft can also implement security features that would not play nicely with JIT. It’s not yet clear if Super Duper Secure Mode will make it an official feature, but you can try it out if you’re on the beta or development version of the Edge.

Hopefully your Facebook account has never been hacked – or you had to talk to a human person on Facebook for any reason. That is basically impossible. But some frustrated victims have resorted to an extreme workaround to regain access to their news: they buy a $ 300 Oculus Quest 2 and go through to the company’s customer support system. Facebook owns Oculus, and the hardware requires a Facebook account to use, so a workaround worked, at least for some people. But the main lesson here, of course, is that it shouldn’t be nearly as hard to get a little help when things go wrong on your account.

The motherboard reports this week that fraudsters have done a great job of banning Instagram accounts, using tricks like filing fake phishing claims or falsely reporting them for violating the platform’s self-harm rules. Banning someone can only cost $ 60. It doesn’t sound like there’s some great plan to stop this kind of chaos, but Instagram said it “researches” the websites that sell it.

The Cyber ​​Security and Infrastructure Agency this week announced a Joint Cyber ​​Defense Collaboration, a team between CISA and technology companies such as Microsoft, Amazon and Google. The goal is to increase the exchange of information between government and the private sector to help curb and better respond to ransomware attacks. Sure, every little bit helps, but ransomware is likely to continue to be a serious problem until Vladimir Putin starts breaking up groups in Russia. What does it look like… unlikely.

More great WIRED stories

Source link


Please enter your comment!
Please enter your name here