The FBI seems to have been caught fibbing again on the topic of encrypted phones. FBI director Christopher Wray estimated in December that it had almost 7,800 phones that investigators were unable to access from 2017 alone. The real number is likely less than a quarter of that.
Comcast has just been caught in a major security snafu: revealing the passwords of its customers’ Xfinity-provided wireless routers in plaintext on the web. Anyone with a subscriber’s account number and street number will be served up the wi-fi name and password via the company’s Xfinity internet activation service.
In a move seemingly designed specifically to frustrate law enforcement, Apple is adding a security feature to iOS that totally disables data being sent over USB if the device isn’t unlocked for a period of 7 days. This spoils many methods for exploiting that connection to coax information out of the device without the user’s consent.
The Office of the Inspector General has issued its report on the circumstances surrounding the FBI’s 2016 lawsuit attempting to force Apple to unlock an iPhone as part of a criminal investigation. While it stops short of saying the FBI was untruthful in its justification of going to court, the report is unsparing of the bureaucracy and clashing political motives that ultimately undermined that justification.
VTech, the maker of smart toys whose poor security practices exposed data from millions of parents and children, has been slapped on the wrist by the FTC to the tune of $650,000 and probation. It’s not much of a penalty for such a multiface…
A German regulator has banned domestic sales of children’s smartwatches that have a listening function — warning that parents have been using the devices to secretly eavesdrop on teachers at their kids’ school. Read More
Ahead of 2017’s present buying season, UK consumer rights group Which? has warned parents about the risks of giving connected toys to their children, and called for devices with known security and/or privacy risks to be banned from sale on kids safety grounds. Read More
The COPPA rule prevents kids from having their personal information hoovered up and distributed online the way adults often consent to. Verifiable parental consent is required if that information is to be collected — but the FTC has just relaxed the rule just enough that common tasks like searches can be done for kids without risk to the operator. Read More
The idea of inviting an always-on recording device into our bedrooms would have once seemed beyond creepy, but now most consumers hardly give it a second thought. As Android Police reports, a small number of Google Home Mini review units given to tech reviewers malfunctioned, persistently recording audio in the background without being activated by a hotword. Read More