Latest news from Naked Security (2018/03/22)

How Siri leaks your private iPhone messages, and how to stop her

A Brazilian Mac magazine found how to bypass your iPhone lockscreen via Siri – so here’s how to stop her reading messages she shouldn’t.

Mozilla stops Facebook advertising, demands privacy changes

It’s probably not top of Mark Zuckerberg’s worry list this week but Mozilla, developer of browser Firefox, is officially unhappy with Facebook.

The password to your IoT device is just a Google search away

Researchers at Ben-Gurion University were often able to find default passwords in under 30 minutes with a simple Google search.

880,000 payment cards affected in travel company data breach

Orbitz believes crooks may have gotten at customers’ names, addresses, dates of birth, and more.

Latest news from Naked Security (2018/03/21)

Bitcoin’s blockchain tainted with links to child abuse imagery

Are there legal landmines engraved into the Bitcoin blockchain?

Police ask Google for location data to narrow suspect lists

Police intend to use location data from Google to work out which devices were being used near the scene of crimes.

Bomb hoax sent to 400 schools blamed on warring Minecraft gamers

The kids were just collateral damage: the real target was to discredit gaming server VeltPvP in an ongoing gamer spat.

Facebook fallout: How to protect your data

Is it time to end your Facebook life? At the very least, it’s time to check Facebook privacy settings/audit apps/turn off API sharing.

Latest news from Naked Security (2018/03/20)

Nine years on, Firefox’s master password is still insecure

A researcher has uncovered a big security weakness in the way Firefox secures browser passwords behind a master password.

Apple burns the HSTS super cookie

HSTS tracking has been reduced to crumbs.

US spy lab wants to geolocate any video or photo taken outdoors

US intelligence is working on geotagging every possible outdoor location in the world.

Fake Amazon ad ranks top on Google search results

A tech support scam disguised as an Amazon ad was showing up above even the legitimate Amazon.com search result.