BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

UK And Germany Double Down On Joint AI, Clean Energy R&D Efforts
Decarbonizing Heavy Transportation: Quantron's Michael Perschke On Pioneering Hydrogen Solutions
Bridging The Digital Divide In The AI Era - The UNDP Way
Big Tech Ramps Up Content Moderation Amid EU Pressure
Spain's Successful Miura 1 Launch Reignites Europe's Hopes For Space Exploration
UNESCO And The Netherlands Launch Initiative To Ensure Ethical Oversight Of AI
Edit Story
ForbesTech

Security News You Might Have Missed: Microsoft Sues the Government Over Secret Cloud Data Searches

Yael Grauer
Former Contributor
Opinions expressed by Forbes Contributors are their own.
I write about technology, security, and online privacy.
This article is more than 8 years old.

This week we learned that the U.S. government is worse on cybersecurity than every major industry, according to a new report released by security risk benchmarking firm SecurityScorecard. Former Reuters journalist Matthew Keys was sentenced to two years in prison after a hacking-related conviction. Canadian police obtained BlackBerry's global decryption key, Vice News reports, while Motherboard takes a look at how this happened.

Meanwhile, the Oakland police quietly acquired the social media surveillance tool Geofeedia (which has been used by journalists to monitor photos and video displayed on social media by location in real time), the CIA is investing in firms that mine social media data, and the OPM is looking for companies to track public social media posts of people applying for security clearances. (How this will impact the percentage of rejections remains to be seen.)

Here's a recap of additional security news you might have missed this week, along with some tips on tools or features you may wish to uninstall, disable, update, or download.

Microsoft Sues The Justice Department Over Electronic Gag Order Statute

Microsoft ’s lawsuit focuses on the gag order statute in the Electronic Communications Privacy Act of 1986, which prevents the company from telling its customers when the government has obtained a warrant to read their emails. “The statute, according to Microsoft, violates the Fourth Amendment right of its customers to know if the government searches or seizes their property, and it breaches the company’s First Amendment right to speak to its customers,” New York Times technology reporter Steve Lohr wrote.

Inaccurate IP Address Mapping Turned A Kansas Farm Into A Living Hell

Over at Fusion, Kashmir Hill broke the story of a Kansas farm that was repeatedly raided due to digital mapping company MaxMind’s database spitting out its coordinates as a default location when it cannot identify an IP address, since it is located near the exact geographical center of the US. Other phantom IP houses also existed, but MaxMind has picked new default locations in the middle of bodies of water, rather than people’s homes, due to Hill’s reporting.

Location Data From Just Two Apps Is Enough To Identify You

A new report shows that users filling out profiles with fake names or other inaccurate information or using privacy settings to lock down access aren’t doing enough—just two fields (often integral to the apps) such as a phone number or location link the account with other accounts belonging to the same user.

“For example, on LinkedIn you are likely to use your real name … but maybe you are also using Tinder or some or other application which you would not want linked back to your real name,” study author Augustin Chaintreau told BuzzFeed News. “Using the data in what you have posted, those accounts could be linked, even if in one of them — say Tinder— you believed you were operating in ghost mode.”

See also: Awkward! How One Woman's Tinder Dates Popped Up As Professional Suggestions On LinkedIn

Pro tip: Consider disabling location settings from apps you want to use discreetly, or remove your phone number from profiles. For example, you can remove LinkedIn's app from your mobile phone and go to Accounts –> Settings –> Contact Info on LinkedIn to revoke LinkedIn's access to your phone number.

Apple Bug Exposed Chat History With A Single Click

Over at the Intercept, I wrote about a security vulnerability in the Mac version of Apple ’s Messages app, discovered by independent cybersecurity firm Bishop Fox , which allowed users to be compromised by malicious links. Apple fixed the vulnerability with a software update March 21.

See also: For Social Engineering Scams, The Best Security Patch Is Education

Pro tip: Install the newest version of OS X El Capitan, if you haven’t already. And think twice before clicking on sketchy links!

Australian Police Sought Access To A Reporter’s Metadata

Without so much as a warrant, Australian police sought Guardian Australia journalist Paul Farrell’s telephone and email metadata while trying to identify his sources. “This is an outrageous invasion of my privacy and a gross interference with press freedom in Australia,” Farrell tweeted.

Pro tip: read up on six ways to protect your communications from prying eyes over at ProPublica. Consider using Richochet, an instant messaging tool that eliminates metadata.

Apple Will No Longer Patch QuickTime For Windows

Infosec firm Trend Micro found two vulnerabilities ( ZDI-16-241 and ZDI-16-242 ) that could infect PCs with malware with a single malicious file or download, but Apple is no longer supporting the software.

Pro tip: time to uninstall.

Yael Grauer
Yael Grauer