Command Nest’s security system with Google Assistant
You’d think Nest’s Secure alarm system would have worked with Google Assistant out of the box, but no — you’ve had to arm it the old-fashioned way. Now, however, it’s decidedly more convenient. Nest has quietly introduced Google Assistant support that allows voice control over Secure from a supporting device. You can arm the system whether you’re home or away, check its status, or cancel it within seconds of making a mistake.
Not surprisingly, there are limits. You can’t disarm the system with voice commands, and you can’t arm it if it’s set to require a passcode. You can’t change security levels, either. These could be hassles, but it’s clear that Nest would rather not risk an intruder getting in by shouting through an open window. This is mainly for arming Secure on your way out instead of a full replacement for your phone or the hub itself.
Via: 9to5Google
Source: Nest
Facebook: Cambridge Analytica may have had up to 87 million users’ data
Facebook is continuing to strengthen its data policies amid the Cambridge Analyica scandal, and today the company provided an update to its plans. In a blog post, CTO Mike Schroepfer revealed that Facebook information for up to 87 million people — mostly in the US — has been improperly shared with Cambridge Analytica. This is much higher than the 50 million count reported previously.
In order to restore user trust, Facebook is working on restricting data access in a few different ways. One of them is that call and text history is now part of an opt-in feature for people using Messenger or Facebook Lite on Android. This is likely a reaction to when the company came under fire for retaining call metadata on Android phones a few weeks ago.
“We’ve reviewed this feature to confirm that Facebook does not collect the content of messages — and will delete all logs older than one year,” wrote Schroepfer. He also wrote that the app will only upload the required information for the feature, not broader data such as call duration.
Facebook will also now disable the ability search for a user using their email address or phone number. That’s because, according to Schroepfer, malicious actors have abused the feature to “scrape public profile information” through “search and account recovery.” Facebook is also changing the way account recovery works to reduce the risk of scraping.
There are several important changes to Facebook’s third-party APIs as well. Apps using the Events API will no longer access the guest list or wall posts and the Groups API will no longer provide access to member lists as well as personal information. In general, all apps using these APIs will now need approval from Facebook before any access is granted.
It’s also following through on changes to Facebook Login that it announced a couple of weeks ago. The company will now strictly vet any app that is requesting information such as check-ins, likes, photos, posts, videos, events and groups. It will also no longer allow access to personal information like political views, relationship status and more. Also, if the app has not been used in the last three months, the permission will be revoked.
This is on top of several other steps Facebook have undertaken recently to help improve its reputation. It’s trying to make its data policies easier to understand, will limit the data advertisers use to target ads, allow the deletion of apps in bulk, delete unpublished videos, crack down on unwanted ad targeting and removed hundreds of Russian troll accounts. It will also warn users if they were one of the 87 million people impacted by the Cambridge Analytica scandal.
Source: Facebook
Netflix orders an adult animated show about terrible cops
In retrospect, Bojack Horseman was a watershed show for Netflix. Its success has led the streaming provider to expand its animated comedy lineup with adult-oriented titles like Big Mouth and Brickleberry, but more are on the way. The team behind the latter are making a new cartoon series for Netlix, Paradise P.D., about a less-than-competent police force.
If you ever wanted to watch an edgy comedy about a wildly incompetent police force and their talking dog attempting to take down a drug ring in small town America, then we have good news for you. Coming later this year: Paradise PD, from the creators of Brickleberry pic.twitter.com/7y7IPFsDJA
— Netflix US (@netflix) April 4, 2018
Here’s the pitch, according to Entertainment Weekly: “They’re bad cops. Not bad like no-nonsense. Not bad like cool. Bad like sh—y. Paradise PD: They’re the worst responders.”
The cast includes standouts from other cartoons like Tom Kenny (Spongebob Squarepants, Adventure Time’s Ice King), Sarah Chalke (Elliot on Scrubs, Beth on Rick and Morty) and Dave Herman (various on Futurama and Bob’s Burgers), among others. Netflix hasn’t announced when Paradise P.D. will be added to its catalogue.
Via: Entertainment Weekly
Source: Netflix (Twitter)
A looping GIF could soon be your next Tinder profile pic
Tinder’s latest addition is one cribbed from relationship-minded competitor Hinge. The dating app is testing out a feature called “Loops” in Canada and Sweden, which are essentially two-second repeating GIFs that you can add to your profile.
What’s more, to make room for your new profile clips, the app is also experimenting with boosting the amount of photos and Loops you can have in your profile; nine total, up from the current limit of six. You can’t record videos from within the app, instead, you can upload Live Photos or video from your camera roll. For now, the feature is exclusive to iOS.
While additional features for profiles are welcome, the company still hasn’t enabled profile verification like Bumble has, photo messaging, nor has it done much to curb the amount of bots on the platform. But hey, steal like an artist right?
Via: TechCrunch
Source: Tinder
Most White House email domains could be vulnerable to phishing
We can likely all agree that governmental cyber security is an important issue. While the Attorney General has created a task force to deal with election hacking, there have been plenty of digital security fails in the past year. And the FCC doesn’t seem to care too much about data privacy, either. Now, according to a report from security firm Global Cyber Alliance (GCA), more than 95 percent of the email domains managed by the Executive Office of the President (EOP) — including WhiteHouse.gov — could be used in a phishing attack due to lax security protocol.
The top defense against email phishing and spoofing, says the report, is called the Domain Message Authentication Reporting & Conformance (DMARC). Only one of the domains from the EOP (Max.gov) has fully implemented this system. Seven domains have implemented DMARC at the lowest level (“none”), which does not prevent delivery of email from spoofed addresses. The security firm also says it found that 18 of the 26 domains haven’t even started deploying DMARC. That means that scammers can easily use these official governmental email addresses to “steal money, trade secrets or even jeopardize national security.”
“Email domains managed by the EOP are crown jewels that criminals and foreign adversaries covet,” said GCA CEO Philip Reitinger in a statement. “The lack of full DMARC deployment across nearly every EOP email address poses a national security risk that must be fixed.” The good news, he said, is that four new email domains have at least implemented the lowest level of DMARC, which might mean that the implementation of security might be moving forward. There still seems to be a ways to go, however, until all domains from the EOP are protected at the highest possible level.
Via: TechCrunch
Source: Global Cyber Alliance
Facebook is changing the way it stores call and text history
Facebook published a blog post today detailing the changes it has made to how it manages users’ data. You can read a broader summary of that report here, but among the new changes is a tweak to how Facebook collects and stores call and text history. For those using Messenger or Facebook Lite on Android, an opt-in feature compiles users’ call and text history, which the company says is used to help it surface the contacts you talk to most frequently. In its blog post today, Facebook said that it has reviewed the feature and can confirm that it doesn’t actually collect the content of any messages. Additionally, going forward, it will delete logs older than a year and only the data required for the feature’s functionality will be collected, meaning no extra data, such as call times, will be stored.
The collection of call and text history became an issue last month, when software developer Dylan McKay discovered the logs after downloading a copy of his account data. At the time, Facebook emphasized that it was an opt-in feature that users had to agree to in order for the logs to be compiled. It also said that the call and text history data were never sold. You can see how to turn off this feature here for Messenger and here for Facebook Lite.
Source: Facebook
Mark Zuckerberg: We didn’t do enough to keep users safe
In light of the announcement that Facebook has rewritten its data policy to make it easier for users to understand, and that Cambridge Analytica may have had up to 87 million users’ data, founder and CEO Mark Zuckerberg hosted a call with the media to discuss the company’s efforts to better protect people’s information. Zuckerberg began by sending his condolences to everyone at YouTube after Tuesday’s shooting at its headquarters in San Bruno, California, where multiple people were injured. He then went on to say that Facebook didn’t do enough to prevent abuse of its platform, from the spread of fake news to the lack of protection of user data.
Developing…
Facebook restricts how you can search for other people
Facebook is attempting to make things right with its users after the Cambridge Analytica scandal. In a blog post, the social network’s CTO Mike Schroepfer admitted the fiasco may have exposed 87 million individuals’ data — and he outlined how that won’t happen again. As part of those security adjustments, Facebook is disabling one feature that could have contributed to the mess: Enabling anyone to search users by phone number.
People used this feature to easily look up their friends, which was handy when in a language that took effort to type out a full name or pick between multiple accounts with the same name, Facebook’s blog post noted. But ‘malicious actors’ have abused it to scrape publicly-available information, usually by dropping in phone numbers or emails into the search box and connecting them to the profile that surfaced, the social media company said.
And this might have had huge implications: “Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way,” the post read. The platform shut down this search by phone/email feature and will change how users recover their account to reduce the risk of scraping.
Source: Facebook
Louis Vuitton now sells a pricey tracker for your designer luggage
Earlier this year, an FCC filing suggested Louis Vuitton was working on a luggage tracker that could pair with some of its bags. That device is now available. The Louis Vuitton Echo, as it’s called, pairs with the luxury designer’s Horizon luggage line and when inserted inside a dedicated elastic band, it can detect when the bag is opened. It’s also powered by Sigfox’s Monarch service, which lets devices like the Echo transmit data through a range of radio frequencies in airports around the world, meaning the tracker will work internationally.
The Louis Vuitton Echo is just over four inches long, under an inch wide and just over half an inch deep. You can see a full list of which airports support the Sigfox technology that powers the Echo here, and when luggage is within those airports, users can monitor where their bags are and see if they’ve been opened through the LV Pass app. The device has a six-month battery life and comes with three years of Sigfox service. However, the Louis Vuitton Echo is, naturally, a bit pricey. It costs $370 and is available now.
Source: Sigfox, Louis Vuitton
Apple Releases First Beta of macOS High Sierra 10.13.5 to Public Beta Testers
Apple today released the first beta of an upcoming macOS High Sierra 10.13.5 update to public beta testers, one day after seeding the update to developers and one week after releasing macOS High Sierra 10.13.4.
Beta testers who have signed up for Apple’s beta testing program will be able to download the new macOS High Sierra beta through the Software Update mechanism in the Mac App Store.
Those who want to be a part of Apple’s beta testing program can sign up to participate through the beta testing website, which gives users access to iOS, macOS, and tvOS betas.
macOS High Sierra 10.13.5 once again introduces support for Messages on iCloud, a feature that was present in macOS High Sierra 10.13.4 betas but pulled ahead of the release of the updated software.
Messages on iCloud is designed to let you store iMessages in iCloud, keeping your incoming messages synced across devices and allowing you to save valuable storage space on your devices.
No other major outward-facing changes were discovered in the first developer beta, but the update likely includes bug fixes and improvements to address issues discovered in macOS High Sierra 10.13.4.
Related Roundup: macOS High Sierra
Discuss this article in our forums
AIVAnet 