Tech Nuggets with the Technology

Monday, June 1, 2020

Apple fixes bug that could have given hackers full access to user accounts

Photograph of multiple Apple devices lined up together.

Sign in with Apple—a privacy-enhancing tool that lets users log into third-party apps without revealing their email addresses—just fixed a bug that made it possible for attackers to gain unauthorized access to those same accounts.

“In the month of April, I found a zero-day in Sign in with Apple that affected third-party applications which were using it and didn’t implement their own additional security measures,” app developer Bhavuk Jain wrote on Sunday. “This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”

Jain privately reported the flaw to Apple under the company’s bug bounty program and received a hefty $100,000 payout. The developer shared details after Apple updated the sign-in service to patch the vulnerability.

Read 5 remaining paragraphs | Comments

https://arstechnica.com

OpenAI researchers debut GPT-3 language model trained with 175B parameters, far more than GPT-2's biggest version with 1.5B parameters (Khari Johnson/VentureBeat)

Khari Johnson / VentureBeat:
OpenAI researchers debut GPT-3 language model trained with 175B parameters, far more than GPT-2's biggest version with 1.5B parameters — A team of more than 30 OpenAI researchers have released a paper about GPT-3, a language model capable of achieving state-of-the-art results on a range …

Millions are on contact-tracing apps with poor privacy safeguards

States, city municipalities, as well as police departments across the country, have launched 40 apps for Covid-19 contact-tracing, with sketchy policies https://ift.tt/3gCSBDg https://ift.tt/eA8V8J

We've to guard against Covid-19 apps increasing state power: Nandan Nilekani

Infosys Chairman Nandan Nilekani has cautioned that contact tracing apps run the risk of increasing state power and must be rolled back once normalcy returns. https://ift.tt/2BgOtIS https://ift.tt/eA8V8J

Here's why OnePlus changed its strategy to bring affordable smartphones

Analysts said the changed strategy could be seen in the light of evolving market condition, especially mid-premium segment driving handset volumes. https://ift.tt/2AzbFSc https://ift.tt/eA8V8J

Samsung Galaxy M11, Galaxy M01 Launching in India at 12 Noon

Samsung Galaxy M11 and Galaxy M01 will be launched in India today at 12pm (noon). The Galaxy M11 is the follow-up to last year's Galaxy M10. Notably, the Galaxy M11 launched at the end of March in... https://ift.tt/2AydGyo

Redmi Note 9 Pro to Go on Sale Today at 12 Noon via Amazon, Mi.com

Redmi Note 9 Pro sale will begin at 12pm (noon) IST on Amazon India and Mi.com. The Redmi Note 9 Pro is priced in India at Rs. 13,999 for the 4GB RAM + 64GB storage option, while the 6GB RAM + 128GB... https://ift.tt/3dp8YkX

Lawsuit over online book lending could bankrupt Internet Archive

Four of the nation's leading book publishers have sued the Internet Archive, the online library best known for maintaining the Internet Wayback Machine. The Internet Archive makes scanned copies of books—both public domain and under copyright—available to the public on a site called the Open Library.

"Despite the Open Library moniker, IA's actions grossly exceed legitimate library services, do violence to the Copyright Act, and constitute willful digital piracy on an industrial scale," write publishers Hachette, HarperCollins, Wiley, and Penguin Random House in their complaint. The lawsuit was filed in New York federal court on Monday.

For almost a decade, the Open Library has offered users the ability to "borrow" scans of in-copyright books via the Internet. Until recently, the service was based on a concept called "controlled digital lending" that mimicked the constraints of a conventional library. The library would only "lend" as many digital copies of a book as it had physical copies in its warehouse. If all copies of a book were "checked out" by other patrons, you'd have to join a waiting list.

Read 23 remaining paragraphs | Comments