And, of course, there’s more. Every Saturday, we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.Bloomberg reported Tuesday that the third-party transcribers working on the project didn't know where the audio came from or what it was being used for. Facebook said it has paused human review of the audio, which was being used to check AI analysis of the audio messages.For months now, revelations have emerged that every major smart assistant developer (Amazon, Apple, Google, Microsoft) uses or has used contractors to transcribe snippets of user audio for quality control and to improve the accuracy of their products. But the news about Facebook has an additional element, since the audio doesn't come from users giving commands to a smart assistant, but from actual human to human communications. On Wednesday, Facebook's main European Union regulator—the Irish Data Protection Commission—opened a probe to evaluate the legality of the practice.Paige A. Thompson, may have also pilfered data from more than 30 victim companies, as was previously rumored based on Thompson's publicly available online activity. "The servers seized from Thompson’s bedroom during the search of Thompson’s residence, include not only data stolen from Capital One, but also multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions, and other entities," prosecutors wrote in court documents. "That data varies significantly in both type and amount." Most of the other stolen data doesn't seem to specifically contain people's personally identifying information. Prosecutors said that they intend to add charges based on this evidence, and that Thompson has a history of threats to harm herself and others.Pen Test Partners published findings this week that an attacker would just need a person's username to track them. The researchers created a service that feeds made-up latitude and longitude data to the apps' public application programming interfaces, which can then be induced to return distance data about how far a user is from that random point. By triangulating these distance returns, the system can determine where the user is. Some of the services made changes in response to the Pen Test Partners findings, but some, like Grindr, did not respond to the firm. The researchers also found other data exposures in some of the apps, like photo and personal data leaks.Bluetooth Low Energy standards have been criticized for introducing potential security issues as a result of their complexity.
- A “NULL” license plate landed one hacker in ticket hell
- The desperate race to neutralize a lethal superbug yeast
- Tour the factory where Bentley handcrafts its luxury rides
- How to reduce gun violence : Ask some scientists
- It Came From Something Awful blames 4chan for Trump
- 👁 Facial recognition is suddenly everywhere . Should you worry? Plus, read the latest news on artificial intelligence
- ✨ Optimize your home life with our Gear team’s best picks, from robot vacuums to affordable mattresses to smart speakers .
- #security roundup