540 Million Facebook User Records Leaked

Plus Android Q Beta 2 hits Pixel devices, Verizon flips the switch on its 5G Network in a couple of new cities, and Apple announces the Beats Powerbeats Pro to compete with its own AirPods. Wait, what?

The biggest story to hit the scene over the last day was undoubtedly another Facebook leak. This time, sensitive data like passwords was part of the leak, but also Facebook IDs, comments, reactions, account names, and more.

This leak came by way of third-party app developers being careless with user data and storing it on an unsecured Amazon S3 server. Specifically, two services were found to be responsible for this data leak: a Mexican-based media company called Cultura Colectiva and an application with Facebook integration called At the Pool.

The former was responsible for the majority of the damage here, with 146GB of data in nearly 540 million records. At the Pool, by contrast, was only responsible for about 22,000 passwords, though they were specific to the app. As the research company responsible for these findings, UpGuard, notes, At the Pool is only an issue for users who re-use passwords across various sites.

The good news here is that the data buckets have since been removed from Amazon servers; the issue, however, is that it’s unclear how much exposure they garnered before being pulled. In a statement to Gizmodo, Facebook notes that it’s against its policy to store information on public databases, and it worked with Amazon to pull this data once it was made aware of the issue. Here’s the full statement for those interested:

Facebook’s policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases. We are committed to working with the developers on our platform to protect people’s data.

The biggest issue here for Facebook users, however, is that the data was leaked in the first place. Once that happens, it doesn’t go away—if your data was part of this particular breach, then it’s out there now. Facebook can’t control it. As UpGuard so accurately pointed out “the data genie cannot be put back in the bottle.”

The upside is that if you’ve never used either of the services in question, then you’re safe. If you have, however, then it’s probably cause for concern.

[UpGuard via Gizmodo]

Apple News: Beats Powerbeats Pro Announced to Compete with AirPods

Also, Apple comes under scrutiny for Apple Watch and iPad Pro issues, the price of the HomePod comes down, and more.

  •  The Beats truly wireless headphones that were recently found in iOS 12.2’s source code are now official. They feature Apple’s H1 chip and “Hey Siri” integration, making them true AirPod competitors. [9to5Mac]
  • Apple has recently had issues with its MacBook keyboards, which is sort of addressed last week. But now it’s under more fire because of issues with Apple Watch batteries swelling and iPad Pros missing keystrokes. Not a good look for Apple. [Gizmodo]
  • If you’ve been thinking of picking up a HomePod, now may the time—Apple just dropped the price by $50, putting it at $299. What a bargain. [MacRumors]
  • MacWorld recently went hands-on with the new iPad Air with a full review, calling it “the sweet spot.” [MacWorld]
  • Engadget also reviewed the new Air. And guess what? They liked it too. [Engadget]
  • If you have a Vizio TV, beta invites are rolling out for users to test AirPlay integration. You can learn more about signing up for the beta here. [9to5Mac]

As you’re most likely aware of, Apple owns Beats. And while it wouldn’t make sense for Beats to totally ignore the truly wireless headphone market, it’s fascinating to see the company release the Powerbeats Pro with such similar features to Apple’s own AirPods.

One could argue that the market for Apple’s headphones is dramatically different than anything offered by Beats, but it’s still interesting to see it compete with itself, so to speak.

I guess in the end it doesn’t really matter which one you buy, though—Apple is getting paid either way. Good game, Apple.

Google News: Android Q Beta 2 is Out

Plus Google’s Call Screening is coming to more devices, the Galaxy S10 5G is coming, and bad news for small music artists using the Play Artist Hub.

  • Android Q Beta 2 is here with fixes and features aplenty. Most of which we’ll now talk about below. [Android Developers Blog]
  • The big features of Q Beta 2: chat bubbles and foldable phone support. Nice. [The Verge]
  • Q Beta 2 features iOS-like task switching, which is amazing. Keep stealing iOS gestures, Google. So good. [Android Police]
  • There’s a new Pixel Themes app to change fonts, icons, accent colors, and more on Pixel devices. [XDA Developers]
  • Media notifications in Q Beta 2 now feature progress bars. [Android Police]
  • Good news for left-swipers: Q Beta 2 lets you choose which way you swipe to dismiss notifications. [9to5Google]
  • A new feature called “Scoped Storage” keeps apps in their own sandbox in the phone’s storage partition. Apps can’t see or write to other apps’ sandboxes, either. This is a killer privacy feature. [Android Police]
  • Wi-Fi and Bluetooth both got toggles in the root Settings menu in Android Q. It looks a lot like Chrome OS. [9to5Google]
  • Screenshots on Q Beta 2 no longer show the notch. Thank you, Google! [Android Police]
  • In non-ANdroid Q news, Verizon is reportedly going to release the 5G Galaxy S10 on May 16th. Yay? [9to5Google]
  • Google’s Call Screening feature, which is one of the best things about Pixel devices, is coming to the Moto G7 and One phones. [The Verge]
  • As Google (slowly) transitions from Play Music to YouTube Music, it’s shutting down the Play Artist Hub that gave smaller artists a way to directly upload music and manage their own presence in the Play Store. That’s a real bummer. [9to5Google]
  • Did you know that you can use picture in picture to watch local videos in Chrome? Apparently, you can. [Techdows]

Watching Android beta versions roll out to Pixel devices is fascinating because you can watch the developers at work. Getting to see new features and optimizations as they roll out is always such a cool thing, and it’s always exciting to comb through the new stuff to get a feel for what’s happening behind the scenes.

In Q Beta 2, the most exciting feature to me is Scoped Storage. Giving apps blanket access to my device’s entire storage partition never felt quite right to me, so giving each app its own storage sandbox makes a lot of sense! Most apps outside of file managers don’t need to see anything else anyway, so this is a brilliant privacy feature. Good on you, Google!

Other News: Someone Found All Those “Lost” MySpace Songs

Plus Verizon flips the switch for its 5G network in a pair of new cities, there’s a third-party Switch controller with a headphone jack, and a scary proof-of-concept malware shows massive vulnerabilities in hospital equipement.

  • A few weeks ago it was announced that nearly 500,000 songs were lost by MySpace in a server migration. Today, an “anonymous academic group” came forward with all that lost music. It apparently downloaded 1.3 terabytes of tunes from the once-popular network for research purposes. Super cool. [The Verge]
  • Verizon’s 5G network is live in Chicago and Minneapolis. Gotta go fast! [CNET]
  • PDP announced the Faceoff Deluxe+ wired controller for Switch, and it features a headphone jack built-in. It just makes sense. [Engadget]
  • You can now get HBO directly through the Roku Channel. No need for a separate app. Nice. [The Verge]
  • This doesn’t really have anything to do with tech, but I thought it was cool and wanted to share: a research group made a tiny guillotine to decapitate mosquitoes to help fight malaria. So metal. [Wired]
  • In less fun news, researches in Isreal showed off a proof-of-concept malware that highlights the vulnerabilities in hospital equipment. This particular piece of malware attacked CT machines, placing fake cancer nodules into the scan. This fooled radiologists into thinking the patient had cancer. That is terrifying. [The Washington Post]

I’m a parent of a chronically ill child. We rely on bloodwork, scans, cultures, and more to monitor his health every month. This is absolutely crucial to his overall wellbeing. The thought of someone being able to hack, compromise, or otherwise taint these scans is horrifying.

But the biggest question here is why? Why would someone want to do this? Malware is a portmanteau of “Malicious Software,” which at its core points to the why: malice. Maybe there’s money to be maid off of this—there certainly is for hospitals or prescription providers, but surely we can’t assume the very people treating us for our ailments could also be responsible for diagnosing things that don’t exist, right? While I would never suggest such a thing as fact, it is something we’ve seen happen in the past.

But the point of this research still stands: there are real vulnerabilities in hospital equipment, and it’s high time we started taking this seriously. People’s lives are at risk here.

Leave a Reply

Your email address will not be published. Required fields are marked *