Welcome to the first edition of Liberty Nation’s TecWeek, a weekly column that will catch you up on what you need to know from the tech world – especially designed for those who do not consider themselves tech savvy. TecWeek will focus on news stories that affect you, like digital security, government and corporate surveillance, privacy, and much more. There is a lot to cover in our first edition, so let’s get started!
In this week’s column:
- Vizio pays big for spying
- Google finds yet another way to spy on users
- Windows security bug can crash your system and possibly compromise it
- The Tor Browser gets a major update
If you own a Smart TV, you may be aware of some of the privacy issues surrounding their voice activation capability; namely, that your TV may always be listening to what you’re saying – and sending that information back to company servers. (Yes this is really true.) Now a Smart TV manufacturer is paying a huge penalty for not only installing software that spies on what its users watch but not bothering to tell their customers about it.
Ars Technica reported this week that Vizio, one of the biggest manufacturers of Smart TVs in the world, has to pay $2.2 million in a court settlement, The Federal Trade Commission filed a complaint saying that Vizio had installed software that collected – on a second-by-second basis – what content the TV was displaying. While a certain amount of information collection is necessary to suggest content, Vizio also included IP addresses with their data, without telling customers. As a result, it was possible to not only say how many people watched something but also who watched it – and the FCC says customers need to be aware of that up front before they buy the TV. Thank you FCC.
Google added a potentially nasty little feature to its Chrome web browser last month. While assuring its users that it would make the internet safer by flagging insecure sites, Slashdot noted that it failed to publicize too loudly that it also put in code that allows websites to request data from Chrome about Bluetooth devices and then harvests that information. It effects you, if you’re running the latest version of Chrome, because your browser is opening a door for websites to ask what Bluetooth devices your computer can see. In today’s Internet of Things, or IoT, that means the list may include your light bulbs, refrigerator, microwave, or a hundred other things in your home. Google says this will be a good thing for app developers, who want their app to connect to individual devices. In reality, however, it offers yet another way for items in your home to be communicating with parties outside your home – and outside your control.
For those still using Windows, Help Net Security is advising users about a security flaw in Windows 10, 8.1, Server 2012 and Server 2016 that can be exploited to crash your system, and maybe even compromise it. We will spare you the overly technical details of how it does this; the part you need to know is that the security researcher who found the flaw showed it to Microsoft, and the tech giant created a patch for the problem, but did not release it. Three months have gone by, and the patch still has not been released; Microsoft says they will push it out next week. What can you do in the meantime? Not much. Ars Technica reports the exploit may not be anything to worry about, but it bears noting that Microsoft did advise customers to use Windows 10 and the Microsoft Edge browser to have the most secure experience.
Tor Browser, the privacy-minded browser that can help to hide your location and protect your identity, was just updated yet again to version 6.5, according to the Tor Project blog. If used correctly, it will not only help keep you safe online from government snooping and malicious attacks, but it will also allow you to access the Onion Network – a large section of the internet that is not available through a regular browser. If you’re scratching your head and wondering what Tor is, that’s okay; now is a very good time to start using it. Download it free at TorProject.org
