Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

PRC's DJI Drone Android App Stealing Sensitive Information: Storing Data On Mainland China Servers →

July 27, 2020 by Marc Handelman in PRC, CCP, Data Stolen By China, PRC Espionage, Information Security, Data Security, PII, IoT

via the eponymous Dan Goodin, Security Editor at Ars Technica, comes this disturbing revelation of US persons that are owners of DJI drones and most importantly users of the company's DJI Go 4 for Android personal data undergoing trasnmittal to servers resident in the People's Republic of China. And, to add insult to injury, the application can apparently execute arbitrary bits without the behest of the hapless users. Read Dan's original superb reportage and try not to weep for your stolen identity (and data, thereof) ensconced so comfortably on PRC CCP controlled servers.

"People who have DJI Go 4 for Android installed may want to remove it at least until Google announces the results of its investigation (the reported automatic restart behavior means it's not sufficient to simply curtail use of the app for the time being). Ultimately, users of the app find themselves in a similar position as that of TikTok, which has also )aroused suspicions, both because of some behavior considered sketchy by some and because of its ownership by China-based ByteDance." - via the inimitable Dan Goodin, Security Editor at Ars Technica

July 27, 2020 /Marc Handelman
PRC, CCP, Data Stolen By China, PRC Espionage, Information Security, Data Security, PII, IoT

Image via Maxar

VICE: Iran Launched A Mobile App That Claimed To Diagnose Coronavirus

March 16, 2020 by Marc Handelman in Despotic Tyrants, Evil Appears Before Us, Espionage, Information Security, PII

via David Gilbert, writing at Vice comes this outstanding piece on the despots running Iran into the ground. Literally.

'"Dear compatriots, before going to the hospital or health center, install and use this software to determine if you or your loved ones have been infected with the coronavirus,” said the message, which claimed to come from the Ministry of Health...' 'Of course, the app couldn't tell citizens if they had coronavirus. But what it could do is hoover up huge amounts of data on citizens, including names, addresses, dates of birth, and even track people's location in real time."' - via David Gilbert, writing at Vice

March 16, 2020 /Marc Handelman
Despotic Tyrants, Evil Appears Before Us, Espionage, Information Security, PII

EFF Report: Amazon's RING App Distributing PII To 3rd Parties

February 07, 2020 by Marc Handelman in Information Security, PII, Corporate Evil

PII? We don't need no PII... Read all about it in the EFF's startling on-target reportage.

February 07, 2020 /Marc Handelman
Information Security, PII, Corporate Evil

Starbucks Moves From Coffee Purveyor to Surveillance Company →

April 19, 2018 by Marc Handelman in Blatant Stupidity, Information Security, PII

via Bob Sullivan, reporting for Geekwire, comes news of Starbucks Corporation (Nasdaq: SBUX) efforts to collect personal data from WiFi users. In reality, you can be certain the company has been collecting personally identifiable data (PII) for years... Soon, your caffiene mantra will be - 'I'll have a Caramel Macchiato, Venti, Skim, Extra Shot, Extra-Hot, Extra-Whip, Sugar-Free, extra PII to go'...

April 19, 2018 /Marc Handelman
Blatant Stupidity, Information Security, PII