Top infosec trends in the social media spotlight this week
Google has reportedly dropped Dragonfly — a censored search engine for the Chinese market — after weeks of controversy.
Workers at Google last month joined human rights group Amnesty International in calling on the internet giant to cancel project Dragonfly, which was slammed as a “censored search engine for the Chinese market that enables state surveillance”.
Amnesty and others welcomed plans to scrap the bespoke search engine.
The decision was made against the backdrop of wider concerns about how technology can be abused by authoritarian-minded governments in China and beyond.
Another Alexa data privacy snafu cropped up last week after a German customer was sent 1,700 audio files from another user’s device in response to a subject access request.
Amazon blamed human error for what it characterised as an isolated, single case.
Alexa also experienced an outage in Europe on Christmas Day itself.
Backend servers for the digital assistant struggled to cope with demand from new users, prompting Alexa to inform some that: “Sorry, I’m having trouble understanding you right now.”
The problem persisted for around two hours before normal service was restored and users were once again able to get it to play tunes, get recipe tips, and control Christmas lights.
Some folks on social media speculated that Alexa might have been nursing something of a Christmas hangover, prescribing a strong hit of coffee.
Many UK travellers looking to make a seasonal getaway were affected by drone-based disruption at Gatwick Airport. Meanwhile, over on the other side of the Atlantic, data privacy issues arose as a worry for some airline passengers at a prominent air transport hub.
A hack against Atlanta International Airport's website led to the exposure of sensitive databases and the leak of details from 764 passports.
Hacktivist Qurlla of NewWorldHacker claimed responsibility for the attack, which was allegedly pulled off using a SQL injection attack. Qurlla claimed his group held a database of 9,000 more stolen passports in reserve. Atlanta Airport itself is yet to comment on these various claims.
The Trump administration is reportedly considering an executive order barring US companies from using telecommunications equipment made by China’s Huawei and ZTE on national security grounds.
BT recently decided to remove Huawei's equipment as it rolls out a 4G network for the police and other UK emergency services.
The switch could further delay an already-late £2.3bn project, the BBC reports. All this follows the recent arrest of Meng Wanzhou, Huawei CFO and daughter of the telecoms equipment maker’s founder, in Canada.
Social media users wondered whether the action was been taken on the assumption that Huawei was spying without much by the way of evidence, much less proof of wrongdoing.
These various developments further suggest the cyber Cold War with China is heating up.
Elsewhere, Redditors were warned to sceptical of claims from extortionists that they captured footage of would-be marks watching online smut.
The claims are the basis of a new scam doing the rounds. “No matter what you said this sub will still get flooded with clueless individuals who think they've been caught twerkin their merkin,” one Redittor wryly noted in response to the warning.
Lastly, researchers turned up a new strain of malware that takes its instructions from commands hidden in memes posted to Twitter (a form of steganography). “I too pull my instructions from internet memes,” joked programmer and video gamer Lucas Zawacki.
