More information emerges on the Microsoft vulnerability that led to the compromise of high level U.S. government email accounts.  The Chinese government bans the use of iPhones at work.  And the biggest threat to your personal privacy could very well be – your car.



 

These and more top tech stories on Hashtag Trending

I’m your host Jim Love, CIO of IT World Canada and Tech News Day in the US.

More data emerged regarding a recent Chinese hack targeting senior officials at the U.S. State and Commerce departments. According to a Microsoft blog post the attack was traced back to the compromise of a Microsoft engineer’s corporate account. 

The engineer’s account was reportedly breached by a hacking group called Storm-0558. The group is alleged to have stolen emails from very high ranking American officials including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

The hackers were able to extract a cryptographic key from the engineer’s account and then use that stolen key to access email accounts. 

The idea that a hack of a single engineer’s account could grant that kind of access is certainly creating some concern and controversy.  Microsoft says that it has fixed the flaws that created this vulnerability.

Sources include: Reuters

China has issued directives to officials at central government agencies, instructing them not to use Apple’s iPhones or other foreign-branded devices for work purposes or even bring them into their offices. This revelation was reported by the Wall Street Journal, citing sources familiar with the matter. The instructions were disseminated to staff through workplace chat groups or meetings in recent weeks. 

This move precedes an anticipated Apple event, where the company is expected to unveil a new line of iPhones. The ban could raise concerns for foreign companies operating in China, especially amidst escalating Sino-U.S. tensions. 

And this is particularly bad news for Apple. China is a huge market for the company and generates nearly a fifth of its revenue. Apple stock was down 1.5 per cent on the announcement although some claim that the iPhone is so popular in China that the impact of the ban could be minimal in its effect on Apple’s earnings.

For years, China has been working towards reducing its dependence on foreign technologies but recent trade tensions and restrictions on Chinese smartphone maker Huawei Technologies and the video platform TikTok, owned by China’s ByteDance may be accelerating this move to self sufficiency.

Sources include: CTV News

And in a related story Representative Mike Gallagher, an influential Republican lawmaker is calling for the Biden administration to take an even tougher stance on sending any U.S. technology to China.  

Gallagher’s remarks come after the Chinese phone giant Huawei started selling a phone called the Mate 60 Pro containing a chip manufactured by Semiconductor International Manufacturing Corp or SMIC.

Gallagher said in a statement that “This chip likely could not be produced without U.S. technology and thus SMIC may have violated the Department of Commerce’s Foreign Direct Product Rule,” “The time has come to end all U.S. technology exports to both Huawei and SMIC to make clear any firm that flouts U.S. law and undermines our national security will be cut off from our technology.”

Huawei has already been on a trade blacklist since May 2019 but U.S. suppliers and others have been able to obtain special licenses to ship goods to it. SMIC was added to the list in December 2020,

Sources include: Reuters 

The UK government has refuted claims that it is backing down on its plans to compel messaging apps to grant access to users’ private messages upon request by the UK regulator. This comes amidst a prolonged standoff between the UK government and tech firms over a clause in the Online Safety Bill concerning encrypted messages. 

The Bill proposed forcing tech companies to access even encrypted messages if there are concerns about child abuse content.

However, platforms like WhatsApp, Signal, and iMessage argue that accessing or viewing messages would compromise existing privacy protections for all users. Some companies, notably Apple, talked of stopping services to UK residents if the legislation passed.

The government maintains that it’s feasible to ensure both privacy and child protection.

The Online Safety Bill, set to become law in the autumn, has already passed its final stage in the House of Lords. 

But the government has now said that if the technology to access messages without breaching their security doesn’t exist, Ofcom would only have the authority to request companies to develop the capability to identify and remove illegal child sexual abuse content.

Some security experts and tech firms believe that such technology may never be feasible. The Internet Watch Foundation claims that it’s already technically possible to scan encrypted messaging systems while preserving privacy.

The ongoing debate has emphasized concerns about the balance between privacy and child protection, with children’s charities emphasizing the importance of monitoring encrypted messaging, while privacy advocates stress the universal right to privacy.

It’s a contentious debate, but one where both sides seem to have valid concerns. Where do you stand on this issue? Let me know in the comments on the text version of the podcast at itworldcanada.com/podcasts

Sources include: BBC

A recent report by the Mozilla Foundation has labeled cars as the “official worst category of products for privacy.” 

The study found that 92 per cent of automakers reviewed provide drivers with minimal control over their personal data, with 84 per cent sharing this data with third parties. All 25 car brands researched, including giants like Ford, Toyota, Volkswagen, BMW, and Tesla, failed to meet Mozilla’s minimum privacy standards. These brands were found to collect more personal data than necessary, ranging from medical data to driving habits and even music preferences. Notably, both Nissan and Kia were identified for collecting data related to users’ sexual activities.

The report also highlighted that 84 per cent of the reviewed car brands share personal user data with various entities, including data brokers and other businesses. Moreover, 76 per cent claim the right to sell this personal data, and 56 per cent are open to sharing user information with the government or law enforcement upon request.

Tesla, in particular, was the lowest-ranked brand in the study, being flagged in every privacy category. This is only the second time such an occurrence has been noted in Mozilla’s reviews.

In light of these findings, Mozilla has initiated a petition urging car companies to halt data collection programs that they benefit from disproportionately. The organization hopes that increased awareness will prompt others to hold car companies accountable for their questionable privacy practices.

Nissan and Kia owners may want to be the first to get their names on those petitions. 

Sources include: The Verge

That’s the top tech news stories for today.  Hashtag Trending goes to air 5 days a week with a special weekend interview show we call “the Weekend Edition.”

You can get us anywhere you get audio podcasts and there is a copy of the show notes at itworldcanada.com/podcasts 

I’m your host, Jim Love. Have a Thrilling Thursday!

The post Hashtag Trending Sep.7-Chinese hack targeting U.S. officials traced back to compromise of Microsoft’s engineer corporate account; Chinese government bans iPhone at work; Is your car the biggest threat to your privacy? first appeared on IT World Canada.

Leave a Reply