Tag: security

Categories
Mobile Syrup

Arlo announces new Go 2 security camera, capable of using LTE and Wi-Fi connection

Arlo has announced a new, more affordable entry in its security camera line. The Arlo Go 2 can connect via LTE and Wi-Fi to monitor your spaces remotely. The camera has made modest improvements in video quality while giving users more freedom in their connection.

The weather-resistant Arlo Go 2 is priced at $250 USD (roughly $311 CAD) and is positioned to be best used to monitor spaces like your cottage, boat dock, or any other remote property. The original Arlo Go model was priced higher at $400 USD (about $498 CAD) and had a limited connection due to not supporting LTE or Wi-Fi. It was also capped at recording video at 720p. The Arlo Go 2, on the other hand, is able to capture full 1080p video and will have a battery life of up to three months on LTE (eight when connected to Wi-Fi).

In addition to improving the recorded video quality and battery life, Arlo has also added GPS capabilities to the new camera. Now, in the event that the camera is misplaced, stolen, or otherwise, you can track the device down. The Arlo Go 2 is a motion-activated camera. Therefore, when capturing events during the night, the added spotlight feature can help see what unfolds in colour. This will be a nice upgrade from the former, which recorded nighttime activity in black and white.

Finally, audio functionality has been improved. Arlo has taken a page from the book of the Arlo Pro 4 camera. You can now hear and interact with someone in real-time in front of the camera as opposed to the original Arlo Go’s limited push-to-talk function

The Arlo Go 2 features a number of improved base functions. However, to fully grasp all that the camera offers, the Arlo Secure Subscription is required. Arlo offers a $9.99 USD (about $12.45 CAD) monthly subscription for unlimited cameras or a $2.99 USD (roughly $3.73 CAD) monthly option for a single camera. Alternatively, a premium $15 USD (approximately $18.70 CAD)/month plan is available and includes emergency response functionality. Video recording resolution will also be increased up to 4K with a subscription.

An active Arlo Secure Subscription enables features like Animated Preview, Interactive Notification, and detection of people, packages, vehicles, and animals. Users can also benefit from having their video history stored for up to 30 days. Priority support, smoke/co detection, and more are also locked behind Arlo Secure Subscription.

It’s worth noting that using the Arlo Go 2 on an LTE connection will also require a data plan from a carrier.

Image credit: Arlo

Via: The Verge

Categories
Mobile Syrup

Twitch blames data breach on error in a ‘server configuration change’

Twitch issued a couple of minor updates following the massive security breach on Wednesday that saw the source code, creator payouts and more leaked online.

In the first of two updates posted on the Twitch blog, the Amazon-owned streaming platform said an “error in a Twitch server configuration change” caused the breach:

“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party. Our teams are working with urgency to investigate the incident.”

It’s worth noting that Facebook blamed its recent outage on a similar configuration problem.

I feel I’d also be remiss not to point out that Twitch saying “some data was exposed” downplays the breach, which allegedly leaked the entirety of Twitch. To be fair, Twitch goes on to explain that it’s still trying to “understand the impact in detail.”

Further, the streaming platform says that it has “no indication that login credentials have been exposed.”

However, reporting on login credentials is mixed. Some publications, including MobileSyrup, reported that login credential don’t appear to be included in the over 125GB of data leaked online. 9to5Mac cites a developer going by ‘Sinoc‘ on Twitter who says that the data included encrypted passwords. While the encryption hopefully will keep the passwords safe, it may be best to change your Twitch password and enable two-factor authentication (2FA) just in case.

Twitch also wrote in its first blog update that the breach didn’t expose full credit card numbers because it doesn’t store full credit card numbers.

In the second update, Twitch says it reset all stream keys “out of an abundance of caution.” That means some people may need to go here to get a new stream key and add the new key to their broadcasting software to start streaming again. The change shouldn’t impact most users, but it depends on how your stream is set up.

You can read Twitch’s updates here.

Source: Twitch Via: 9to5Mac

Categories
Mobile Syrup

Twitch confirms data breach, leaker calls community a ‘toxic cesspool’

Popular streaming platform Twitch confirmed on Twitter that it suffered a data breach.

The Amazon-owned service says its “teams are working with urgency to understand the extent of this.”

Hackers accessed Twitch’s source code and published over 125GB of data online from Twitch and related services.

The data includes the source code for Twitch and an unreleased Steam competitor from Twitch’s parent company, Amazon. The leaked information also included three years’ worth of payouts to Twitch creators. Further, the massive leak was labelled ‘part one,’ suggesting more data could come in the future.

The person who posted the leak claims it’s meant to “foster more disruption and competition in the online video streaming space” and called the Twitch community “a disgusting toxic cesspool.”

It’s worth noting that Twitch has recently struggled to deal with ‘hate raids.’ Creators took a day off last month to protest and bring attention to the increased harassment and hate raids plaguing the platform. Considering the comment about Twitch’s community, it’s possible the attack could be related to the ongoing harassment issue.

Although the leak doesn’t appear to include passwords or address information for users, that doesn’t mean hackers didn’t obtain that information in the breach. If you use Twitch, you should probably update your password and add two-factor authentication (2FA).

The leak includes the following information:

  • Three years of Twitch creator payouts
  • The entirety of twitch.tv, including “commit history going back to its early beginnings”
  • Source code for the mobile, desktop and video game console Twitch clients
  • Code from proprietary SDKs and internal Amazon Web Services (AWS) used by Twitch
  • An unreleased Steam competitor from Amazon Game Studios
  • Data on related Twitch properties like IGDB and CurseForge
  • Twitch’s internal security tools

Ultimately, it appears hackers targeted Twitch and its system rather than users. But again, this is also allegedly the first part of a larger leak. It also remains unclear how hackers gained access to so much Twitch data and whether they exploited a larger flaw in AWS. If so, that could pose significant problems since AWS powers such a larger amount of the internet.

Source: Twitch Via: The Verge, Engadget

Categories
Mobile Syrup

Google to auto-enroll millions of accounts in two-factor authentication

Source: https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/

Google has put out another blog post reminding people that it will soon enable two-factor authentication (2FA) for millions of users by the end of the year.

2FA, or two-step verification as Google calls it, is a security protocol that can help protect online accounts by requiring a second method of authentication when the user signs in. In most cases, this refers the codes texted to people’s phones after they log into a website.

According to Google’s blog post, the search giant plans to auto-enroll an additional 150 million Google users in 2FA by the end of the year. It also plans to require 2 million YouTube creators to enable 2FA.

Along with that announcement, Google detailed several other ways it’s working to protect users’ accounts. For example, Google builds security keys into Android phones and offers similar functionality to iPhone users with Google Smart Lock. The search giant also detailed improvements to the password manager built into the Chrome browser, such as auto-fill options for iOS and Android users.

These things are all steps in the right direction for improving security. However, it’s also worth noting that 2FA can be an imperfect solution, especially when used over text.

SIM swap attacks are a common way for hackers to take over a victim’s phone number and intercept incoming 2FA messages to gain access to online accounts. It’s a prevalent issue in Canada, with the CRTC recently revealing it documented over 24,000 cases of potential phone number fraud between August 2019 and May 2020.

That’s part of why Google’s pushing users to use security keys and, in turn, is building them into devices. At a basic level, security keys are little USB sticks that users can plug into a computer to authenticate themselves. By turning smartphones into security keys, Google’s offering a convenient, secure alternative to SMS-based 2FA.

If you haven’t enabled 2FA on your Google account yet, here’s how to do it:

  • Head to myaccount.google.com
  • Click ‘Security’
  • Scroll down to ‘Signing in to Google’ and click ‘2-Step Verification.’
  • Follow the steps to set it up.

Image credit: Google

Source: Google Via: The Verge

Categories
Mobile Syrup

Surface Duo 2 will get three years of OS, security updates

Microsoft will offer three years of Android and security updates for the Surface Duo 2.

A company representative confirmed the update promise to Android Authority following the unveiling of its newest Surface smartphone.

“We are committed to providing three years of OS and security updates,” the representative said.

It should come as good news to anyway planning to pick up a Surface Duo 2, although it’s disappointing Microsoft isn’t planning to offer longer support for such an expensive device. Three years is starting to become the minimum expectation as other smartphone makers like Samsung push to four years of security updates and Apple goes much further (the company’s iOS 15 upgrade supports 2015’s iPhone 6S and 6S Plus).

It’s also worth noting that Microsoft’s update promise matches the one it made about the original Surface Duo. Unfortunately, update speed is something the company will need to work on — it only just announced the Duo would get Android 11 by the end of 2021. Android 12 is expected to launch in October.

Ultimately, my concern is that this indicates software may continue to be an issue for the Duo 2. It was undoubtedly a problem for the Duo. Microsoft seems to have fixed many of the Duo’s hardware problems with the Duo 2 (at least, they have on paper), but if it can’t get software in order, the Duo 2 may be a really tough sell at $1,899.

Source: Android Authority

Categories
Uncategorized

Food Safety in Canada

According to research conducted by the University of Regina, Saskatchewan, the Canadian government ranks high in food safety. The country even surpasses its southern neighbour, the United States.

17 industrialized countries were studied by researchers, and England ranked at the top of the list, followed by Japan, Denmark, Australia, and Canada.

Professor Sylvain Charlebois, an author of the study, explained that Canada came in 5th place due to its shortcoming of labelling for food.

The federal government could improve in areas such as the traceability of food and reducing the use of pesticides by Canada’s farmers.