Latest news from Naked Security (2020/03/03)

Why ‘free’ Wi-Fi isn’t really free

How much data is too much to give away to get online while you’re waiting at the train station? In the airport? A shopping mall?

Digital piggy bank sevice broken into by cybercrooks

A financial proivider that gives loans but locks them down to turn them into savings… didn’t lock down its own network.

Huge flaw found in how facial features are measured from images

It has to do with optics: faces appear to flatten out as we get further away. Our brains compensate, but AI-run facial recognition doesn’t.

GoodRx stops sharing personal medical data with Google, Facebook

The mobile app saves people money but was letting 20 companies know who’s taking antipsychotics, erectile dysfunction and HIV meds, and more.

Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla

In all, the update covers five Windows and Linux desktop CVE vulnerabilities, including one rated as critical.

XSS plugin vulnerabilities plague WordPress users

Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.