Recently Browsing 0 members
No registered users viewing this page.
By Usama Jawad96
FBI, NSA, and CIA use ad blockers due to fear of targeted ads
by Usama Jawad
While some companies are striving to make ads more transparent so that users can make more informed decisions about whether they should click on an ad or not, there is still considerable threat from malicious advertisements that are used to harvest information or leverage your device as a reconnaissance tool to perform other undesirable activities. It turns out that federal U.S. intelligence agencies such as the National Security Agency (NSA) and the Central Intelligence Agency (CIA) fear online advertising as much as the next guy, and use ad blockers to mitigate this potential threat.
According to a letter addressed to the Office of Management and Budget (OMB), penned by U.S. Senator Ron Wyden, and obtained by Motherboard, the Intelligence Community (IC) deploys ad blockers on a wide scale. For those unaware, the IC consists of multiple entities including FBI, NSA, CIA, Department of Homeland Security (DHS), Office of Naval Intelligence (ONI), and more. The letter also contains a quote from the IC's Chief Information Officer as follows:
While the information isn't entirely surprising given that we're talking about federal intelligence agencies, it's still interesting to get further confirmation of the threat of malicious advertising. Wyden has outlined how ad providers utilize online activity to serve targeted ads. The senator has explained that a recent Senate investigation also revealed that this data is exported to "high-risk" markets such as China and Russia, who can then use it for malicious purposes.
Both the NSA and the Cybersecurity and Infrastructure Security Agency (CISA) have previously provided guidance encouraging the use of ad blockers. That said, federal agencies are not currently mandated to follow this guidance. Wyden is proposing that the OMB enforces the use of ad blockers across all federal intelligence agencies.
As an online publication, Neowin too relies on ads for operating costs and, if you use an ad blocker, we'd appreciate being whitelisted. In addition, we have an ad-free subscription for $28 a year, which is another way to show support!
Starlink could come out of beta next month despite pre-order backlog
by David Allen
Starlink could be coming out of its beta testing phase and be made publicly available next month, Elon Musk says. With just over a year in beta, Starlink believes it has enough positive feedback to abandon the “beta” moniker. Most users in the year-long beta have reported positive feedback from the high-speed internet service alternative.
The package consists of a Wi-Fi terminal and satellite dish in an automated self-install package costing $499. Service as of now is $99.00. Starlink has made every effort to make the service as price-friendly as possible, though challenges remain. Starlink is said to be working on a more rugged version of the device to better handle the weather elements.
Those looking for a quick answer to a high-speed internet connection may have to keep waiting even after the service goes public. Recently, customers with pre-orders have seen fulfillment dates fall into 2022-2023 timeframes. It's estimated that Starlink already has approximately 400,000 preorders waiting to be filled.
A service targeted for rural America and places where traditional broadband options don't exist, Starlink may offer a solid solution, but it sounds like users might be waiting a while to receive it. It'll be interesting to see how the service performs as more orders are filled.
Devices running Android 6.0 or higher will get permission auto-reset feature
by Paul Hill
Google is planning to bring Android 11’s permission auto-reset feature to devices running Android 6.0 or higher. This will give users more control over the data that apps can request. The feature will be delivered via an update to the Google Play services and should become available from December 2021.
The permission auto-reset feature works by resetting sensitive runtime permissions that a user has previously granted if the app hasn’t been used for a few months. In this way, users can be sure about what data the app has access to if they don’t use it regularly; with regards to the permissions, it’ll be as though they just installed the app.
In some cases, it would not be ideal to revoke permissions access so there are some exceptions to the changes. Google says Device Administrator apps used by enterprises will not have their permissions reset nor will those permissions reset that are enacted by enterprise policy. Additionally, developers will be able to ask users to switch off auto-reset for their app but users should be wary of the potential impact of doing this.
While users can expect to see this feature begin rolling out in December 2021, it could take until the end of March 2022 until all supported devices get the update. Despite the wait, it’s a nice privacy and security update and it’s good that Google could bring it to devices running Android 6.0, which was released in 2015.
By Usama Jawad96
Microsoft's PrintNightmare patch breaks printing for some... again
by Usama Jawad
PrintNightmare is turning into an actual nightmare not only for Microsoft, but for IT admins as well. Although the Redmond tech giant keeps pushing out patches and claims that all PrintNightmare security holes are now plugged, after every few weeks or so, we learn that this is not really the case. What's worse is that these updates sometimes also break printing for organizations with certain configurations. It appears that this has happened once again, as confirmed by Microsoft in a new advisory.
A recent Microsoft advisory spotted by WinFuture (via MSPoweruser) notes that August's Patch Tuesday update containing KB5005033 is where the issue originates from. Systems with this update or later installed may have issues with printing, which include:
Given that administrative credentials are required each time during printing, this effectively breaks the corporate printing process as you can't expect an employee to get direct access to these credentials. The problem affects the following environments:
The resolution suggested by Microsoft is to ensure that the latest drivers are installed and that this version is the same both on client- and server-side. That said, the company has stated that if this workaround still does not patch the problem, an organization has no option but to contact the OEM of the printer. You can view more details about the issue in the FAQs here, but one thing is certain: The (Print)nightmare continues.
By Usama Jawad96
Teams is getting Customer Lockbox so Microsoft cannot access your data without your approval
by Usama Jawad
Microsoft Teams is the online communication and collaboration tool of choice for millions of entities around the globe, including organizations and consumers. In fact, its popularity has soared so much during the pandemic that Microsoft is also integrating it at an OS-level with Windows 11. The company keeps updating Teams with a steady stream of features each month, and now, it has revealed that it is working on Customer Lockbox for the software.
For those unaware, Customer Lockbox is a capability that Microsoft offers across various services in Exchange Online, SharePoint Online, OneDrive for Business, and Azure. It ensures that while performing service operations and troubleshooting, Microsoft cannot get access to your information without your explicit approval.
While Microsoft engineers generally leverage from telemetry and debugging techniques to troubleshoot problems, in some edge-cases, they do require direct access to customer data. Customer Lockbox essentially adds the customer into the approval workflow at the final step so that they can decide whether they want to give Microsoft access to their information to do root cause analysis (RCA). Customer Lockbox can be toggled and all requests and outcomes are audited. Typically, when engineers request access to data via Customer Lockbox, they also give a timeboxed window under which they will perform their RCA and troubleshooting activities.
Microsoft has recently started tracking Feature ID 86190 on its Microsoft 365 Roadmap, which states that the company is bringing Customer Lockbox capabilities to Teams as well. The feature is currently in development with an expected release date of March 2022. The capability will roll out to Teams GCC, Worldwide (Standard Multi-Tenant), General Availability, and Web. Microsoft has not yet clarified what data on Teams will be protected by Customer Lockbox.