By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Hesse is one of German's states and the State's Privacy Commissioner has warned that data stored in the cloud by Office 365 could be accessed in the United States. In effect, personal information related to teachers and students would be in the cloud and available to US agencies. Michael Ronellenfitsch, Hesse's data protection commissioner stated that, even if such information was stored in European data centers, it remained "exposed to possible access by US authorities." Ronellenfitsch continued to say that public institutions in Germany "have a special responsibility with regard to the permissibility and traceability of the processing of personal data." Further, the German Federal Office for Information Security (BSI) noted that Windows 10 sends "a wealth of telemetry data to Microsoft." BSI requested Microsoft advise them what data they take, but had received no response. Commentary suggested that data could include anything from standard software diagnostics to user content from inside applications, potential sentences from documents and email subject lines. All of which contravenes the EU's General Data Protection Regulation (GDPR). For the past couple of years, Microsoft has provided a localized version of Office 365, which for quite some time Ronellenfitsch had supported, stating in 2017 that schools could use Office 365, provided that they adhere to Germany's data protection laws. Recently, permission to use that local resource was rescinded, when all services were migrated back to US datacenters. Ronellenfitsch asserts that mere consent to the rules Microsoft provides is not sufficient, because the data remains compromised as the security and traceability remain dubious. Check out OUR FORUM for more.

The Global Times reported that "it is possible for Huawei to build a sustainable smartphone ecosystem on the HongMeng OS and reshape the current market dominated by Android and Apple's iOS" TheDuran via Zerohedge… Huawei Technologies, the world’s largest telecommunications equipment supplier, is set to launch its HongMeng operating system (OS) as a potential alternative to Google’s Android OS, on August 9 at Huawei’s Developer Conference, industry insiders told the Global Times Wednesday.
According to media reports, the user experience (UX) design features a brand new ringtone and notification panel, a cleaner interface for the camera, more animation and faster speed. Users can also add widgets and personalize the locked screen. Citing industry experts (most likely of Chinese origin), the Global Times reported that “it is possible for Huawei to build a sustainable smartphone ecosystem on the HongMeng OS and reshape the current market dominated by Android and Apple’s iOS”, although the new system is primarily designed for industrial automation and applications in the Internet of Things (IoT). “Given the design features of the HongMeng OS, it can be a game changer in IoT-related areas, such as driverless cars and smart homes,” Fu Liang, a Beijing-based independent industry analyst, told the Global Times. According to Huawei’s website, the HongMeng OS is built with a processing latency of less than 5 milliseconds, which is especially required in circumstances involving IoT applications that often need to transfer large amount of data simultaneously. That said, broad consumer adoption is unlikely at first: “It’s not designed for phones as everyone thinks,” Ren Zhengfei, founder of Huawei, said in a recent interview with the French magazine Le Point.

Not only is your Google Home device listening to you, but a new report also suggests there might be a Google contractor who’s listening as well. Even if you didn’t ask your device any questions, it’s still sending what you say to the company, who allow an actual person to collect data from it. A new report from Belgian broadcaster VRT News describes the process by which Google Home recordings end up being listened to by contractors — and the scary part is that it apparently doesn’t take much, if anything, to start a recording. While the recordings are not listened to live, audio clips are sent to subcontractors. VRT, with the help of a whistleblower, was able to listen to some of these clips and subsequently heard enough to discern the addresses of several Dutch and Belgian people using Google Home — in spite of the fact some hadn’t even uttered the words “Hey Google,” which are supposed to be the device’s listening trigger. The person who leaked the recordings was working as a subcontractor to Google, transcribing the audio files for subsequent use in improving its speech recognition. They got in touch with VRT after reading about Amazon Alexa keeping recordings indefinitely. According to the whistleblower, the recordings presented to them are meant to be carefully annotated, with notes included about the speaker's presumed identity and age. From the sound of the report, these transcribers have heard just about everything. Personal information? Bedroom activities? Domestic violence? Yes, yes, and yes. While VRT only listened to recordings from Dutch and Belgian users, the platform the whistleblower showed them had recordings from all over the world – which means there are probably thousands of other contractors listening to Assistant recordings. Concerned about your privacy visit OUR FORUM.

Microsoft released quality improvements to the Windows 10 version 1903 servicing stack, the component designed to allow users to receive and install Windows updates. Microsoft says that this critical servicing stack update "addresses an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition." All Windows 10 users are advised to first update the servicing stack to the latest version before attempting to install the latest cumulative updates. Installing the servicing stack updates (SSU) issued by Redmond ensure that users' devices can receive and install Microsoft security fixes with the help of a reliable and robust servicing stack. In addition, customers are recommended to update the servicing stack to the latest version as soon as possible to avoid potential issues which could appear during the installation process of both feature and quality updates. As explained by Microsoft in the Windows IT Pro Center, the servicing stack update also "contains the 'component-based servicing stack' (CBS), which is a key underlying component for several elements of Windows deployment, such as DISM, SFC, changing Windows features or roles, and repairing components." The servicing stack update can be installed automatically via Windows Update or with the help of standalone update packages available for download from the Microsoft Update Catalog website. Windows Server users can use the Windows Server Update Services (WSUS) to mass deploy the update to all computers on a network. Microsoft still blocks some devices with compatibility issues from receiving and installing the Windows 10 May 2019 Update, to prevent incompatible machines from installing the update. Find installation instructions and lots more posted on OUR FORUM.

TV show and movie fans are being targeted by a malicious campaign that distributes a GoBot2 backdoor variant via files downloaded from several South Korean and Chinese torrent sites. The malware dubbed GoBotKR by the ESET researchers who discovered it is being disseminated as part of a campaign started back in May 2018, with hundreds of samples having already been detected on the compromised computers of users from South Korea, China, and Taiwan. GoBotKR has been developed to specifically target South Korean fans and this is shown by the South Korea-specific evasion techniques added to the original GoBot2 backdoor. The GoLang-based GoBotKR backdoor is built by customizing the GoBot2 malware publicly available since March 2017 and the features added using GoLang libraries get executed on compromised computers with the help of legitimate Windows binaries and "third-party utilities such as BitTorrent and uTorrent clients." After infecting a victim's PC, the backdoor allows its operators to add the compromised machine to "a network of bots that can then be used to perform DDoS attacks of various kinds (e.g. SYN Flood, UDP Flood, or Slowloris)." To do that it starts by gathering and exfiltrating system information (e.g., network and OS version info, CPU and GPU versions, and installed anti-malware solutions) to its command-and-control (C2) servers, making it possible for the attackers to cherry-pick which of the bots can be used in future attacks, among a huge list of other capabilities from executing commands and scripts to running proxy/HTTP servers. For more visit OUR FORUM.

A bug in Windows 10 May 2019 Update (version 1903) might be distorting graphics or representing color improperly on some monitors. If the graphics or images are distorted or messed up in some way on your device, it might be because of the Windows 10 version 1903 update. According to various reports, Windows 10 version 1903 has a compatibility issue with certain GPU where ICC profiles may not work properly for users. The result is poor image quality and abnormal gradient graphics with faint vertical lines at regular intervals. The bug also renders tones when a color profile is loaded, or when the Calibration Loader task is invoked. The color distortion issue has been confirmed by several Windows 10 users in Reddit and other forums, including Nvidia forums. In a support document, display and monitor manufacturer Eizo has confirmed that the bug is also hitting their displays and monitors after the May 2019 Update. The calibration device manufacturer DisplayCal has also confirmed the color distortion after Microsoft’s latest feature update. According to DisplayCal, Calibration loading may stop working in Windows 10 version 1903. The bug affects both the Windows-internal calibration loader and 3rd party calibration loaders. Fortunately, Microsoft appears to have deployed a fix with Windows 10 KB4501375 (Build 18362.207). Installing Windows 10 Build 18362.207 could help users resolve the color distortion problem. “Addresses an issue that may cause Night light, Color Management profiles, or gamma correction to stop working after shutting down a device,” the changelog reads. For tips on a possible workaround stop by OUR FORUM.

 

Translate