The USA has passed Anti-Encryption Bill
The USA senators have released the official version of anti-encryption bill against usage of encrypted devices used by terrorists. The court suggested companies like Apple and Google to comply with the court orders Act of 2016. These companies have to decrypt the device and data if they will be ordered to do so. However, the bill was leaked last week and had highly criticism from technology and legislative communities. The new bill will cover device manufacturers, electronic communication servers, software manufacturers, remote communication services and its providers and the list goes on.
Microsoft has sued the USA Government over Data Request
Microsoft has sued the United State Government against the order that prevents companies to notify their customers regarding hand over their cloud data to authorities. The Electronic Communications Privacy Act states that the company against which the legal case is filed cannot share case details or anything in the public. Therefore, the government is forcing companies to hand over their customers’ emails and private records without their awareness. Microsoft filed a lawsuit and argued that it is against constitutional protection of free speech.
Researchers found flaw in URL Shorteners
Two security researchers have found flaw in URL shorteners pattern, which were working in an anticipated way. Researchers have analyzed Goo.gl, and Bit.ly URL shorteners and found that attackers can easily compute short URLs to reveal confidential information available on the internet. URLs are generated with the combination of domain names and sequence of 6-7 characters. Thus, attacker with such knowledge can run brute force attack and scan the entire set of URLs. The random scan of Google-shortened URLs revealed 23,965,718 links and 10% out of them were contained directories of sensitive locations.
Blizzard Entertainment suffered from DDoS Attack
Blizzard Entertainment- a game developer has witnessed a DDoS attack on one of its popular game World of Warcraft that forced to shut down major area of its games and servers. The group called Lizard Squad has taken responsibility of this attack. The group has gained Blizzard’s employee database included phone numbers, emails, and other sensitive data. However, the team of Blizzard group has posted on twitter about the recovery of DDoS attack.
Facebook offers new way to log in via Account Kit
Facebook has announced Account kit for developers at F8 developer conference. With this kit, developers and site owners allow users to log in their app without passwords. Moreover, it does not need any Facebook account for login purpose. Users can use phone number, email address for log in purpose therefore there is no need for username and password. Currently, the Account Kit will support SMS login in more than 230 countries and can use the kit to send 100K confirmation SMS per month at free of charge.