Privacy News Online | Weekly Review: September 18, 2020

Posted on Sep 18, 2020 by Caleb Chen


Featured: Privacy News Online – Week of September 18th, 2020 lets you comment against Trump’s “Censor the Internet” executive order

Submit your comments against Trump's _Censor the Internet_ executive order at SaveFreeSpeechOnline.orgDigital rights advocacy group Fight for the Future has been driving comments to the FCC with a campaign on their new site: The FCC had a call for public comments regarding President Trump’s censor the internet executive order which seeks to strip away key free speech legal protections for websites and usher in a new era of government backed internet censorship. The comment period ended September 17th, and now we wait to see what the FCC will do.

UN human rights experts condemn China’s new national security law for Hong Kong

UN human rights experts condemn China's new national security law for Hong KongHuman rights experts from the United Nations have published a 14 page letter expressing concern that China’s new national security law violates human rights in Hong Kong. Since China started imposing the new national security law, dozens have been arrested and the UN is concerned that the arrested will have their human rights violated. This isn’t the first letter that the UN has sent China; the letter noted that China had ignored previous inquiries, too.

Welcome to the quantum Internet, with privacy guaranteed by the laws of physics

As quantum computing becomes reality and a quantum internet of inter-connected quantum devices comes to fruition, there’s an interesting implication for privacy. Thanks to the observer effect, those on a quantum internet would know whether an encryption key or quantum packet has been spied on, because such observation notably modifies the qubits – or quantum bits – being sent. Thus it’s no surprise that countries around the world are piling money into quantum networks research!

Keep your online activity a secret with Private Internet Access VPN

More Privacy News This Week:

Private data gone public: Razer leaks 100,000+ gamers’ personal info

Another misconfigured ElasticSearch server has exposed personal identifiable information to the public. This time, gaming hardware company Razer has fixed a publicly accessible server which contained private information on over 100,000 Razer users. Razer is notable in that they try to get you to sign up with an account just to change the colors on your mouse or keyboard – and now tens of thousands of people have been exposed. Exposed information includes name, information on which Razer product was registered, phone number, and more that could be used in phishing attacks.

Absent a comprehensive national strategy, Virginia considers tightening data privacy and security laws

Virginia is joining states like New York, New Jersey, Nevada, Maine, Massachusetts, and others in seeking privacy and security legislation similar to Europe’s GDPR or California’s CCPA. There are a handful of such bills in the Virginia General Assembly which are being considered by the Joint Commission on Technology and Science. Increasingly, individual states are moving forward on privacy laws because there isn’t a federal law, yet or even on the horizon.

Spain’s New “Who Defends Your Data” Report Shows Robust Privacy Policies But Crucial Gaps to Fill

The ETICAS Foundation in Spain has released a Who Defends Your Data report which highlights the privacy policies and actions of key tech companies in Spain. Notably, the report highlights how or if the companies protect user privacy when a government request comes in. The report looked mostly at telecom companies but also included rental and second hand marketplace apps. While the ETICAS Foundation noted that policies have improved since last year, there’s still a lot of progress to be made.

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys

The vulnerability, known as blurtooth can facilitate a variety of attacks including man in the middle data interception. Patches aren’t available yet so to protect yourself, only pair bluetooth devices when you’re sure nobody else or any other bluetooth dvices the only one around.

New BlindSide attack uses speculative execution to bypass ASLR

A new speculative execution attack similar to spectre and meltdown has been discovered. The attack is called Blindside and was put forth by researchers. It enables attackers to bypass address space layout randomization and could be used to steal data from RAM. They have suggested ways in which operating systems can mitigate Blindside attacks.

Brought to you by Private Internet Access

Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.

Special thanks to Intego

Thank you to Josh Long, our cybersecurity correspondent from Intego, makers of award-winning security software.

VPN Service