Cyber Security Today – Stop virtual assistants from sharing your voice, data breach at Moviepass, trouble at Poker Tracker

Stop virtual assistants from sharing your voice, data breach at Moviepass, trouble at Poker Tracker

Welcome to Cyber Security Today. It’s Friday August 23rd. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

To hear the podcast click on the arrow below:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

When you talk to Alexa, Siri, Google Assistant or any other device with voice command it’s expected the conversation is private. However, you may not realize manufacturers or their contractors may be listening as well. Not in real-time, but listening to recordings of what you say and what the assistant hears in the background to help train the assistant’s machine learning system. News outlets The Guardian and Bloomberg News have recently written exposes about it. This week Motherboard revealed that contractors working for Microsoft have been hired to listen to voice commands of Xbox users. Notices about this are often buried in product privacy statements. Since the exposes, Apple, Google and Facebook have suspended their use of contractors for this work. Microsoft has now updated its privacy statement to say the processing of personal data for improving products includes both automated and human methods. It also offers users a way to delete the stored audio conversations with assistants so no one can hear them.

If you’re bothered by this, the New York Times had a piece yesterday noting Amazon and Google offer the ability to disable human vetting for their virtual assistants. Apple says it plans to release a software update that will let people opt into its voice training program.

There are other things you can do, such as deleting recordings and turning off sensors, to minimize the information shared with the companies.

The Times article has details on how to tailor Alexa, Siri and Google Home. There’s a link to the article here.

Another clumsy employee has been detected. This time it’s at the movie ticket subscription service Moviepass. TechCrunch reports a security researcher found someone there left a database with information on some subscribers open to the Internet. It had at least 58,000 records containing people’s credit card data, some of which could be completely read. The company said it will notify affected subscribers.

Do you subscribe to the website Poker Tracker? It sells tools for online poker enthusiasts to improve their chances of getting winning hands. Well, according to security vendor Malwarebytes, the site was recently hacked so criminals could skim credit and debit card numbers as they were entered. The problem: Poker Tracker was using an older version of a content management platform called Drupal. The criminals exploited a vulnerability in the unpatched platform. The company quickly fixed the problem. It’s another example of why organizations have to do a better job of patching software and watching their web pages for compromised code.

Finally, users of the free version of Bitdefender Anti-Virus 2020 should make sure they’re running the latest version. The software should be configured to automatically update. The latest version fixes a bug.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast