just

now browsing by tag

 
 

Not just a dating app anymore | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

Good morning! Tinder is much more than just a dating app, according to Taru Kapoor, General Manager, India, Tinder and Match Group. More than half of Tinder’s users are in […]

The post Not just a dating app anymore | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Why Demi Lovato and Noah Cyrus Aren’t “Exclusively Dating” Just Yet | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

_________________________ It seems it was only a matter of time before Demi Lovato and Noah Cyrus‘ friendship had the potential to evolve into something more. A source exclusively […]

The post Why Demi Lovato and Noah Cyrus Aren’t “Exclusively Dating” Just Yet | #bumble | #tinder | #pof | #onlinedating | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Gay dating in a pandemic: ???It feels as though I??™ve finished Grindr??™. Covid has placed a conclusion to casual sex ??“ just what exactly options are appearing? | #facebookdating | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

Gay dating in a pandemic: ???It feels as though I??™ve finished Grindr??™. Covid has placed a conclusion to casual sex ??“ just what exactly options are appearing? X-rated Skype phone […]

The post Gay dating in a pandemic: ???It feels as though I??™ve finished Grindr??™. Covid has placed a conclusion to casual sex ??“ just what exactly options are appearing? | #facebookdating | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

It’s not just pipelines; everyday gig workers are getting phished too | #relationshipscams | #dating | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

_________________________ Not long ago, “getting Phished” meant waking up in a festival field wearing nothing but cargo shorts — 23 hours into a 3-day jam session, smelling […]

The post It’s not just pipelines; everyday gig workers are getting phished too | #relationshipscams | #dating | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

iOS 14.5 update – four hidden features that Apple just added to your iPhone | #speeddating | #tinder | #pof | #blackpeoplemeet | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

APPLE’S latest iPhone update has added a host of handy new features to your mobile. From a new way to unlock your handset to better protections against snooping apps, here […]

The post iOS 14.5 update – four hidden features that Apple just added to your iPhone | #speeddating | #tinder | #pof | #blackpeoplemeet | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Dating apps now not just a metro thing | #facebookdating | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

South China Morning Post Japan feels diplomatic squeeze as US-China tensions rise China and Japan have decades of experience in managing their regular diplomatic crises, but escalating tensions over Taiwan […]

The post Dating apps now not just a metro thing | #facebookdating | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Greg Inglis charged with drink driving, speeding just hours after being named Kangaroos captain | #childabductors | #parenting | #parenting | #kids

NRL star Greg Inglis has been charged with speeding and drink driving, just hours after being named captain of the Australian rugby league team. The ABC understands Inglis was returning […] View full post on National Cyber Security

#deepweb | Google Just Gave Millions Of Users A Reason To Quit Chrome

Source: National Cyber Security – Produced By Gregory Evans

Google Chrome’s seamless updates have long been a big part of its appeal. But perhaps not anymore. With the latest version of Chrome already installed on hundreds of millions of computers and smartphones around the world, a significant warning has been issued that you might not like what it has running inside. 

Picked up by The Register, Chrome 80 (check your version by going to Settings > About Chrome) contains a new browser capability called ScrollToTextFragment. This is deep linking technology tied to website text, but multiple sources have revealed it is a potentially invasive privacy nightmare. 

To understand why requires a brief guide to how ScrollToTextFragment works. The simple version is it allows Google to index websites and share links down to a single word of text and its position on the page. It does this by creating its own anchors to text (using the format: #:~:text=[prefix-,]textStart[,textEnd][,-suffix]) and it doesn’t require the permission of the web page author to do so. Google gives the harmless example: 

“[https://en.wikipedia.org/wiki/Cat#:~:text=On islands, birds can contribute as much as 60% of a cat’s diet] This loads the page for Cat, highlights the specified text, and scrolls directly to it.”

The deep linking freedom of ScrollToTextFragment can be very useful for sharing very specific links to parts of webpages. The problem is it can also be exploited. Warning about the development of ScrollToTextFragment in December, Peter Snyder, a privacy researcher at Brave Browser explained: 

“Consider a situation where I can view DNS traffic (e.g. company network), and I send a link to the company health portal, with [the anchor] #:~:text=cancer. On certain page layouts, I might be able [to] tell if the employee has cancer by looking for lower-on-the-page resources being requested.” 

And it was Snyder who spotted that ScrollToTextFragment is now active inside Chrome 80 stating that “Imposing privacy and security leaks to existing sites (many of which will never be updated) REALLY should be a ‘don’t break the web’, never-cross, redline. This spec does that.”

David Baron, a principal engineer at Mozilla, maker of Firefox, also warned against the development of ScrollToTextFragment, saying: “My high-level opinion here is that this a really valuable feature, but it might also be one where all of the possible solutions have major issues/problems.” 

Defending the decision, Google’s engineers have issued a document outlining the pros/cons of the deep linking technology in ScrollToTextFragment and Chromium engineer David Bokan wrote this week that “We discussed this and other issues with our security team and, to summarize, we understand the issue but disagree on the severity so we’re proceeding with allowing this without requiring opt-in.” 

Bokan says the company will work on an opt-out option, but how many will even know ScrollToTextFragment exists? And here lies the nub of it: Google has such power it can be judge and jury to decide what is or isn’t acceptable. So ScrollToTextFragment, with its unresolved privacy concerns and lack of support from other browser makers, is now out there, running in the background of hundreds of millions of Chrome installations. 

Whether you want to be part of that is up to you. 

___

Follow Gordon on Facebook

More On Forbes

Google Pixel 4, Pixel 4 XL Review: Smart Phones, Dumb Decisions

Google Pixel 3a Review: The Best Smartphone Under $500

Apple iPhone 12: Everything We Know So Far

Apple AirPods Pro Vs AirPods: What’s The Difference?

Source link
——————————————————————————————————

The post #deepweb | <p> Google Just Gave Millions Of Users A Reason To Quit Chrome <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Mobile phone scam warning – reminder to just hang up

Source: National Cyber Security – Produced By Gregory Evans If you receive a phone call from anyone claiming to be an employee of an online shopping site or ‘buy first – pay later’ business advising you there are issues associated with your account – just hang up and contact the company using an independently verified […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Clop Ransomware Not Just a CryptoMix Variant

Source: National Cyber Security – Produced By Gregory Evans When Clop was discovered by Jakub Kroustek in February 2019, all indicators showed that it was a new CryptoMix with the .CLOP, or in some circumstances .CIOP, extension tagged onto encrypted files. Since this discovery, the ransomware operators behind Clop have steadily been developing it to […] View full post on AmIHackerProof.com