1. IT-Security >
  2. Cyber Security Nachrichten >
  3. North Dakota's COVID-19 App Has Been Sending Data To Foursquare and Google

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

North Dakota's COVID-19 App Has Been Sending Data To Foursquare and Google


IT Security Nachrichten vom | Direktlink: yro.slashdot.org Nachrichten Bewertung

The official COVID-19 contact-tracing app for the state of North Dakota, designed to detect whether people have potentially been exposed to the coronavirus, sends location data and a unique user identifier to Foursquare -- and other data to Google and a bug-tracking company -- according to a new report from smartphone privacy company Jumbo Privacy. From a report: The app, called Care19, and produced by a company called ProudCrowd that also makes a location-based social networking app for North Dakota State sports fans, generates a random ID number for each person who uses it. Then, it can "anonymously cache the individual's locations throughout the day," storing information about where people spent at least 10 minutes at a time, according to the state website. If users test positive for the coronavirus, they can provide that information to the North Dakota Department of Health for contact-tracing purposes so that other people who spent time near virus patients can potentially be notified. According to the app's privacy policy, "location data is private to you and is stored securely on ProudCrowd, LLC servers" and won't be shared with third parties "unless you consent or ProudCrowd is compelled under federal regulations."

Read more of this story at Slashdot.

...

Externe Webseite mit kompletten Inhalt öffnen



https://yro.slashdot.org/story/20/05/22/1835231/north-dakotas-covid-19-app-has-been-sending-data-to-foursquare-and-google?utm_source=rss1.0mainlinkanon&utm_medium=feed

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

    vom 436.4 Punkte ic_school_black_18dp
    Original release date: April 8, 2020SummaryThis is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This al
  • Diving Deep Into a Pwn2Own Winning WebKit Bug

    vom 384.27 Punkte ic_school_black_18dp
    Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of
  • Ten Years On, Foursquare Is Now Checking In to You

    vom 323.04 Punkte ic_school_black_18dp
    Location social networks never took off, and Gowalla's star burned out fast. Gilt sold at a loss. And Tumblr, recently sold by Yahoo for less than 1 percent of what it originally paid, has become a cautionary tale. If you haven't been paying close attention,
  • CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters

    vom 299.9 Punkte ic_school_black_18dp
    In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931
  • North Dakota's COVID-19 App Has Been Sending Data To Foursquare and Google

    vom 297.38 Punkte ic_school_black_18dp
    The official COVID-19 contact-tracing app for the state of North Dakota, designed to detect whether people have potentially been exposed to the coronavirus, sends location data and a unique user identifier to Foursquare -- and other data to Google and
  • ConstraintLayout 2.0.0 beta 2

    vom 286.66 Punkte ic_school_black_18dp
    We are happy to announce the release of ConstraintLayout 2.0 beta 2. It’s available from the google maven repository: dependencies {    implementation 'com.android.support.constraint:constraint-layout:2.0.0-beta2'} or if using the AndroidX packages: dependencies {    implementation 'androidx.con
  • AA20-106A: Guidance on the North Korean Cyber Threat

    vom 285.09 Punkte ic_school_black_18dp
    Original release date: April 14, 2020 | Last revised: April 15, 2020SummaryThe U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Ko
  • ConstraintLayout 2.0.0 beta 5

    vom 274.69 Punkte ic_school_black_18dp
    We are happy to announce the release of ConstraintLayout 2.0 beta 5. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta5'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint
  • CVE-2020-0729: Remote Code Execution Through .LNK Files

    vom 265.62 Punkte ic_school_black_18dp
    In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files. The following is a portion of
  • ConstraintLayout 2.0.0 beta 4

    vom 227.43 Punkte ic_school_black_18dp
    We are happy to announce the release of ConstraintLayout 2.0 beta 4. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta4'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint
  • Open Redirect Payload List

    vom 225.35 Punkte ic_school_black_18dp
    Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker
  • Get smart about preparing your app for OAuth verification

    vom 220.07 Punkte ic_school_black_18dp
    Posted by Nafis Zebarjadi, Product Manager and Adam Dawes, Senior Product Manager Project Strobe was started to help users have control over their data while giving developers more explicit rules of the road to ensure everyone is confident that their data is secure. One result of this effort has been to expand our app verification program to cover

Team Security Diskussion über North Dakota's COVID-19 App Has Been Sending Data To Foursquare and Google