Should Be Against The Terms Of Wrong

Facebook is again in the spotlight, this time for a “research” program that paid teens to install VPN software that gave the company root access to decrypted network traffic.

Guest

• Allison Sheridan
  • The NosillaCast

Quick Hits

• Data management giant Rubrik leaked a massive database of client data

Security researcher Oliver Hough tipped off TechCrunch that a server of customer data belonging to the data management startup Rubrik was online without password protection. The server was hosted on Amazon Elasticsearch, and contained 10s of gigabytes of customer names, contact information and case work dating back to October 2018, and included customers like Deloitte, Shell, Amalgamated Bank, the U.K. National Health Service and Homeland Security. When alerted by TechCrunch, Rubrik took the server offline and stated that no customer-owned data was exposed.

• An update on our work to prevent abuse ahead of the EU elections

Alphabet's Jigsaw tech incubator announced that its DDoS protection service Project Shield will be available to European news organizations that "are vital to free and fair elections" ahead of European Parliamentary elections this May. Project Shield allows sites to route traffic through a Google IP address, which uses a reverse proxy that identifies and filters malicious traffic. Google also announced it has done in-person security training for over 1,000 campaign and election officials, journalists and people from election-related NGOs. Google will also require anyone running European election ads to verify being either an EU-based entity or citizen as well as provide disclosures for who is paying for the ad. Google will also make an EU Election Ads Transparency Report available in the coming weeks, as well as a searchable ad library.

Top Stories

• Apple shares jump after barely beating on earnings, and iPhone sales drop 15% from last year

Apple reported Q4 earnings per share of $4.18 on revenue of $84.3 billion. Analysts had expected revenue of $83.97 billion on earnings of $4.17 per share. iPhone revenue, which as a reminder does not break out unit sales anymore, came in at $51.98 billion, vs. analyst expectations of $52.67 billion. Services pulled in $10.9 billion in revenue, increased 29% on the year. Wearable, Home, and Accessory revenue was $7.31 billion on the quarter, growing 33% on the year but slightly below analyst expectations. Overall, Apple saw quarterly revenue decline 5% on the year, the first time its seen a decline on the holiday quarter since 2001. Apple pegged this decline exclusively on slowdowns in China, which saw an almost $5 billion decrease in revenue since last year.

• Apple CEO on iPhone sales drop: 'Yes, I do think that price is a factor'

Preceding Apple’s financial earnings call yesterday that revealed iPhone sales fell 15% compared to the same time last year, CEO Tim Cook blamed a strong US dollar, reduced subsidies from carriers for the iPhone, and the battery replacement program. However, Apple CFO Luca Maestri blamed most of the decline on China and other emerging markets. In a subsequent exchange between Cook and analyst Milunovich, the CEO mentioned pricing was a factor plus added the most popular iPhone model was the XR, the cheapest phone in the lineup.

• Apple’s streaming video service is reportedly launching this spring

The Information reports that Apple has told content studios and networks involved with their forthcoming streaming service "to be ready for launch by mid-April,” according to three sources, and is expected to be publicly available within weeks of that date. And for the record, no pricing or information on what the service will actually look like was part of the report.

• Exclusive: UAE used cyber super-weapon to spy on iPhones of foes

An exclusive Reuters report has revealed that a hacking unit composed of contracted ex-American intelligence operatives and United Arab Emirates’s intelligence services monitored the iPhones of activists, diplomats, and foreign leaders using a software tool known as Karma. Introduced in 2016, Karma grants remote access to a target’s iPhone by uploading phone numbers or email accounts into an automated targeting system. It was used to obtain photos, emails, text messages, location information and saved passwords. The tool became less useful at the end of 2017 as Apple rolled out new security updates.

• Google Chrome to get warnings for 'lookalike URLs'

Chrome is set to add a feature to warn users when they access sites with domain names that look like authentic websites. The feature is reportedly called "Navigation suggestions for lookalike URLs." The process is said to be a dropdown panel under the Chrome address bar, asking the user if they really meant to visit the URL. No word on when this feature will officially ship.

Discussion

• Facebook pays teens to install VPN that spies on them
• Apple Shut Down All of Facebook's Internal Apps When Revoking Enterprise Certificate

YouTube

Links

• This episode on dailytechnewsshow.com
• Support DTNS on Patreon
• DTNS subreddit
• DTNS Facebook Group

Preceded by: "A Bug in the Apple"

Should Be Against The Terms Of Wrong

Followed by: "Dark Web K-Mart"