Wednesday Newsbytes: 35 Million Xfinity Customers’ Data Breached; Google to Turn Off Cookies for 30 Million Users on January 4th; AI Can Find Your Location; Google Will No Longer Save Location Data… and more!
Wishing you and your family a Merry Christmas and a very happy Holiday Season!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Comcast Xfinity data breach affects over 35 million people
A Citrix vulnerability was exploited, leaking names, contact information, partial social security numbers, and birth dates.
Comcast is notifying Xfinity customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, partial social security numbers, and more. In a notice on Monday, Xfinity said “there was unauthorized access” to its systems from October 16th to October 19th, 2023.
BleepingComputer linked this breach notice published in the state of Maine, which shows the total number of people affected by the breach is 35,879,455, including over 50,000 people in Maine.
Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers about a flaw in software Xfinity and other companies use on October 10th. While Xfinity now says it patched the security hole, it later uncovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability.”
The report from BleepingComputer also notes Citrix released a notification of the vulnerability (now known as “Citrix Bleed”) nearly two weeks earlier, on October 10th, telling customers to patch as soon as possible, although it had not noted active exploitation of the flaw. However, by October 18th, the security researchers at Mandiant reported it was under “active” exploitation, and on October 23rd, a Citrix blog post said it was aware of targeted attacks.
The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity’s notice…
Google Will Turn Off Cookies for 30 Million People on January 4
Google’s cookie-killing “Privacy Sandbox” project is finally set to begin.
Google announced Thursday that it will start its long-anticipated slaughter of the internet’s cookies starting on January 4th, when it will block them for 1% of Chrome users, or about 30 million people. It’s the first major step in its Privacy Sandbox project, which aims to replace cookies with a different kind of tracking that Google says is better for your privacy.
For the past 30 years, websites and tech companies have used so-called “third-party cookies” as the primary way to track consumers online. Has that pair of shoes you added to your cart three weeks ago been following you around in ads on the web? There are probably third-party cookies involved. These cookies let websites partner with other companies including Google and tons of others to keep tabs on everything you do online. That’s great for companies, and terrible for your privacy because it means there are a lot of businesses who get to keep a history of all of your web browsing.
In place of cookies, Google has introduced a new set of tools that makes the Chrome browser itself keep tabs on what you’re doing online. Essentially, that data stays on your device…
This AI can find your location just by looking at a few photos
Developed by Stanford graduate students, an AI model can determine — with impressive accuracy — a specific location simply by looking at Google Street View.
Safe social media practices include not posting photos that showcase personal information such as license plate numbers, street names, or house numbers. But what if I told you that generative AI could still find a way to locate you — just from your photo’s background?
As generative AI developments continue, new use cases are being identified. Now, graduate students at Stanford University have developed an application that can detect your location from a street view or even just an image.
The project, called Predicting Image Geolocations (PIGEON), can — in most cases — accurately determine a specific location simply by looking at the Google Street View of the location.
PIGEON can predict the country pictured with 92% accuracy, and it can pinpoint a location within 25 kilometers of the target location in over 40% of its guesses, according to the preprint paper…
Google is making some changes in Google Maps that will increase user privacy.
Data from the Timeline feature in Google Maps, which is controlled by the Location History setting and keeps a record of routes and trips users have taken, will soon be stored directly on users’ devices instead of by Google.
That means Google itself will no longer have access to user location history data. And by extension, neither will law enforcement, which has often requested user location data from Google — for example, through “geofence” orders, which request data about every user who was near a specific place at a specific time.
Google has come under increasing pressure to stop collecting user location data, especially since Roe v. Wade was overturned. Location data, along with internet search history and even messaging history can be used as criminal evidence against individuals who get an abortion in states where abortion is illegal…
Read more at Business Insider.
Microsoft releases downloadable tool to fix phantom HP printer installations
Windows 10 and 11 users noticed this bug earlier this month.
Earlier this month, Microsoft disclosed an odd printer bug that was affecting some users of Windows 10, Windows 11, and various Windows Server products. Affected PCs were seeing an HP printer installed, usually an HP LaserJet M101-M106, even when they weren’t actually using any kind of HP printer. This bug could overwrite the settings for whatever printer the user actually did have installed and also prompted the installation of an HP Smart printer app from the Microsoft Store.
Microsoft still hasn’t shared the root cause of the problem, though it did make it clear that the problem wasn’t HP’s fault. Now, the company has released a fix for anyone whose PC was affected by the bug, though as of this writing, it requires users to download and run a dedicated troubleshooting tool available from Microsoft’s support site.
The December 2023 Microsoft Printer Metadata Troubleshooter Tool is available for all affected Windows versions, and it will remove all references to the phantom HP LaserJet…
Thanks for reading this week’s Wednesday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Merry Christmas! Darcy & TC
