By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

In a 747-page document provided to the US House of Representatives' Energy and Commerce Committee on Friday, Facebook admitted that it granted special access to users' data to 61 tech companies. According to the document, these 61 companies received a "one-time" extension so they could update their apps in order to comply with a Terms of Service change the company applied in May 2015. The six-month extension was applied from May 2015, onward, when Facebook restricted its API so apps could not access too much data on its users, and especially the data of users' friends. The API change came in a period when apps like the one developed by Cambridge Analytica were using the Facebook API to mass-harvest the data of Facebook users. In May 2015, Facebook realized that apps were abusing this loophole in its permission system to trick one user into granting permission to the personal data of hundreds of his friends, and restricted the Facebook API to prevent indirect data harvesting. But these 61 tech companies, because they ran popular apps, received an exemption to this API change, during which, theoretically, they could have abused the Facebook API to collect data on Facebook users and their friends. Data that could have been collected included name, gender, birthdate, location, photos, and page likes. The 61 companies are listed on OUR FORUM.

Well, that was not completely unexpected.  Despite building rumors of a 2018 release for Microsoft’s long-rumored dual-panel mobile Surface device ZDNet’s Mary Jo Foley reports that the project has been put on hold. Reportedly part of the reason is that AndromedaOS which powers the device is just not ready to ship in time for RedStone 5, due to “scheduling and quality” issues. MaryJo also said there was no guarantee it will show up in the next version of the OS either. Another reason, however, is that some in Microsoft just does not see enough demand for a pocket-sized foldable Surface device which can only run store apps.  The device may eventually make it to market as a larger PC-sized (we assume laptop-sized) device that can run regular apps. MaryJo reports the decision to withdraw Andromeda from RedStone 5 was made within the last few weeks and blames it in part on a recent April Microsoft reorg.  She suggests the steady stream of leaks in recent weeks was by internal fans of the project and intended to drum up external support for the doomed project. It is notable that every recent leak has come with a proviso that the project could still be canceled at any moment. More can be found on OUR FORUM.

Exploit broker Zerodium is offering rewards of up to $500,000 for zero-days in UNIX-based operating systems like OpenBSD, FreeBSD, NetBSD, but also for Linux distros such as Ubuntu, CentOS, Debian, and Tails. The offer, first advertised via Twitter earlier this week, is available as part of the company's latest zero-day acquisition drive. Zerodium is known for buying zero-days and selling them to government agencies and law enforcement. The company runs a regular zero-day acquisition program through its website, but it often holds special drives with more substantial rewards when it needs zero-days of a specific category. BSD zero-day rewards will be on par with Linux payouts. The US-based company held a previous drive with increased rewards for Linux zero-days in February, with rewards going as high as $45,000. In another zero-day acquisition drive announced on Twitter this week, the company said it was looking again for Linux zero-days, but also for exploits targeting BSD systems. This time around, rewards can go up to $500,000, for the right exploit. Follow this thread on OUR FORUM.
 

Microsoft today announced that it is rolling out a new feature for its OneDrive app for Windows users. The new feature Known Folder Move allows users to automatically move their stored data in known folders to OneDrive. Users with data stored in Desktop, Documents, Pictures can now be uploaded to the cloud without affecting the productivity. The data is uploaded in the background to the OneDrive and users can move all the data to OneDrive and vice versa on other devices. However for users to be able to use this feature you would need to sign in with the same Microsoft account on all the devices. This Known Folder feature is expected to be made available to Insiders starting this week and will be rolled out to all users by end of next month. Microsoft is also introducing new options for the IT admins with the new feature which lets the IT admins set up group policies for users in the network who would like to configure Known Folder Move and upload the data to OneDrive. The IT admins will also be able to redirect Windows known folders to OneDrive without the users getting notified of the upload. The admins have also been given the rights to prevent users from redirecting the Windows known folders. For more visit OUR FORUM.

Microsoft yesterday released a new Windows 10 build 17704 for Insiders in the Fast and Skip Ahead Ring. The latest build has been pushed out with many new features along with improvements and bug fixes. With the Redstone 5 build, Microsoft introduced the much-needed auto brightness feature for Videos. Windows 10 users need not adjust their video brightness settings manually anymore when watching a video outside. The new feature automatically adjusts the video brightness depending on the light. It works on similar lines to the auto brightness feature on Windows 10 Mobile. The feature uses the light sensor in the device to control the light surrounding the device and adjust the video brightness accordingly to improve the image quality and let user view images or objects on the screen even in direct sunlight. Microsoft says: “There’s a new viewing mode for you to try out, designed to improve the visibility of your video when you are in a very bright environment. This feature uses the light sensor on your device to detect your ambient light and automatically adjusts your video accordingly,”. More details are posted on OUR FORUM.

Despite the new GDPR regulation entering into effect across Europe, Facebook and Google are manipulating users into sharing personal data by leveraging misleading wording and confusing interfaces, according to a report released today by the Norwegian Consumer Council (NCC). In its 44-page report, the Norwegian agency accuses Google and Facebook of using so-called "dark patterns" user interface elements into "nudging" users towards accepting privacy options. These dark patterns include misleading privacy-intrusive default settings, misleading wording, giving users an illusion of control, hiding away privacy-friendly choices, take-it-or-leave-it choices, and choice architectures where choosing the privacy-friendly option requires more effort for the users. Google and Facebook making users work for their privacy. "Facebook and Google have privacy-intrusive defaults, where users who want the privacy-friendly option have to go through a significantly longer process," the NCC says. "They even obscure some of these settings so that the user cannot know that the more privacy intrusive option was preselected. "Choices are worded to compel users to make certain choices, while key information is omitted or downplayed," the NCC says in its report. Complete details can be found on OUR FORUM.