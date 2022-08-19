News
TikTok’s in-app browser could be a keylogger, privacy scan warns – TechCrunch
“Beware of in-app browsers” is a good rule of thumb for any privacy-conscious mobile app user – given an app’s ability to leverage its grip on the user’s attention. user to spy on what you are watching through the browser software which it also controls. But the behavior of TikTok’s in-app browser is raising eyebrows after independent privacy research by developer Felix Krause found that the social network’s iOS app was injecting code that could allow it to monitor all keyboard inputs and presses. Aka, keylogging.
“TikTok iOS subscribes to every keystroke (text entries) that occurs on third-party websites rendered in the TikTok app. This may include passwords, credit card information, and other sensitive user data “Warns Krause in a blog post detailing the results. “We can’t know what TikTok uses the subscription for, but from a technical point of view, this is the equivalent of installing a keylogger on third-party websites. [emphasis his]
After releasing a report last week — focusing on the potential of Meta’s Facebook and Instagram iOS apps to track users of their in-app browsers — Krause went on to launch a tool, called InAppBrowser.com, that lets app users mobiles to get details about the code. which is injected by in-app browsers by listing the JavaScript commands executed by the app when displaying the page. (NB: It warns that the tool does not necessarily list all executed JavaScript commands and it cannot detect what tracking an application might be doing using native code. So at best it offers some insight potentially sketchy activities.)
Krause used the tool to produce a brief benchmarking of a number of major apps that appear to place TikTok at the top of behaviors of concern to in-app browsers – due to the breadth of entries it was identified by subscribing to; and the fact that it does not offer users the option of using a default mobile browser (i.e. rather than its own in-app browser) to open web links. The latter means that there’s no way to avoid TikTok’s tracking code loading if you’re using its app to view links – the only option to avoid this privacy risk is to shut down its app completely and unplug it. ‘use a mobile browser to load the link directly (and if you can’t copy-paste it, you’ll need to be able to remember the URL to do so).
Krause is careful to point out that just because he discovered that TikTok subscribes to every keystroke a user makes on third-party sites displayed in his in-app browser doesn’t mean he’s doing “something.” of malicious” with the access – as he notes tThere is no way for outsiders to know all the details about the type of data collected or how or if it is transferred or used. But, clearly, the behavior itself raises questions and privacy risks for TikTok users.
We have contacted TikTok about the tracking code it injects into third-party sites and will update this report with any response.
Meta-owned apps Instagram, Facebook and FB Messenger have also been found by Krause to modify third-party sites loaded through their in-app browsers – with “potentially dangerous” commands, as he puts it – and we’ve also approached the tech giant for a response to the findings.
Privacy and data protection are regulated in the European Union, by laws such as the General Data Protection Regulation and the ePrivacy Directive, so any tracking of users in the region that does not have a proper legal basis could result in a regulatory sanction.
The two social media giants have already been the subject of various EU proceedings, investigations and enforcement actions relating to privacy, data and consumer protection in recent years – with a number of ongoing inquiries. and impending major decisions.
Krause warns that public scrutiny of JavaScript tracking code injections into the in-app browser on iOS is likely to encourage bad actors to update their software to make this code undetectable to outside researchers – by running their JavaScript code within the “context of a specified frame and content”. world” (aka WKContentWorld), provided by Apple since iOS 14.3; introduce the layout as an anti-fingerprinting measure and thus website operators cannot interfere with the JavaScript code of browser plugins (but the technology is obviously a double-edged sword in the context of tracking obfuscation) – arguing that it is therefore “more important than finding a solution to end the use of custom built-in browsers to display third-party content”.
Despite some concerning behaviors identified in mobile apps running on iOS, Apple’s platform is generally touted as more privacy-safe than Google’s mobile operating system alternative, Android – and it’s worth noting that apps that follow Apple’s recommendation to use Safari (or SFSafariViewController) for viewing external websites have been found by Krause to be “on the safe side” – including Gmail, Twitter, WhatsApp and many others – like he says it, Cupertino’s recommended method means there’s no way for apps to inject code into websites, including deploying the aforementioned isolated JavaScript system (which could otherwise be used to obfuscate the tracking code).
Russia’s energy export revenues will increase by almost 40% from 2021
Revenues from Russian energy exports are expected to rise nearly 40% year-on-year to $337.5 billion in 2022, Reuters reported on Wednesday citing an official document from the Russian Federation’s Energy Ministry.
The news agency reported the following on August 17 after reviewing the Russian government document:
Rising oil export volumes, coupled with rising gas prices, will push Russia’s revenue from energy exports to $337.5 billion this year, a 38% increase from compared to 2021, according to a document from the Ministry of the Economy seen by Reuters.
The ministry document projects that energy export revenue will decline to $255.8 billion next year, still higher than the 2021 figure of $244.2 billion.
The average gas export price will more than double this year to $730 per 1,000 cubic meters, before gradually declining until the end of 2025, according to forecasts.
The document further reveals that Russia has recently begun “gradually increasing its oil production after sanctions-related restrictions and as Asian buyers have increased their purchases, leading Moscow to increase its production and oil production forecasts.” ‘export until the end of 2025’.
“Gazprom also said China’s gas supply was increasing, but did not provide details and that Europe remains by far the biggest market for Russian gas,” Reuters noted on Aug. 17.
CNBC described Gazprom, a Russian state-owned natural gas company, as approaching the “final stages” of building “the first pipeline capable of sending gas from Siberia to Shanghai” on July 26. Gazprom has started construction of the joint venture with state-run China National Petroleum Corp. in September 2014 shortly after the two parties signed a 30-year, $400 billion gas contract to back the project. Sections of the “Power of Siberia” pipeline are already in service and are expected to be completed by 2025.
The China-Russia pipeline comes as Moscow faces the threat of losing natural gas purchases from the European Union, a major customer that aims to cut its imports of Russian gas by two-thirds as a result of the war. in Ukraine,” CNBC observed.
The US-based business newspaper referred to Russia’s latest war with neighboring Ukraine, which began on February 24. The US government announced the start of a series of ongoing financial sanctions against Russian entities on February 24 in response to the dispute. Washington led the financial sanctions effort against Russia and subsequently influenced most of its political allies to follow suit in a massive campaign that continues today. Moscow has responded to this effort, in part, by investing in non-Western trade prospects, particularly those of China and India.
Japan, an East Asian country, resumed oil purchases from Russia in July after temporarily suspending them in recent months, in line with the Western sanctions campaign against Moscow.
Japan resumed purchases of Russian oil in July, according to information released on Wednesday [August 17] by the country’s Ministry of Finance”, India Economic Times announced August 18.
“Although the ministry did not disclose the exact volume, it said oil imports from Russia in July were 65.4% lower than the same period last year. The volume of liquefied natural gas (LNG) imports from Russia also decreased by 26.1% compared to July 2021, while coal imports fell by 40.1%,” the newspaper reported.
“Despite the decline in physical volumes, the value of Russian fuel exports to Japan increased by 45.1% compared to last year due to rising global commodity prices,” according to the report.
GBP/USD ready for a retest of the lows of the year
The pair is down 0.4% on the day at 1.1878 so far and is poised for a third straight day of declines. The rebound to the upside after last week’s US CPI data failed to breach key trendline resistance (white line) and it’s been one-way traffic since the dollar is recovering strongly until this week.
On the pound side of the equation, we saw UK GDP shrink in the second quarter and annual consumer inflation hit a 40-year high above 10% last week. Retail sales data was slightly better today, but that’s not as reassuring as the economic outlook remains bleak to say the least.
The BOE has a nice balancing act to do and there’s a good chance that if the data deteriorates further in the coming months, there’s every chance we’ll see the door slowly close for the central bank further tighten its policy.
Considering that both central banks have already sent a formal message that we are in the second half of the tightening cycle, cable trading is really a case of who goes to bed first? The Fed or the BOE? In this case, it looks a lot like the latter.
As such, the path of least resistance is for the pair to move lower – all things being equal. Now, with the dollar gaining momentum across the board, the next test is 1.1800 and the low for the year at 1.1759.
Trump lawyer’s new claim about Mar-A-Lago is making jaws drop on Twitter
Donald Trump claims that all documents seized by the FBI at Mar-a-Lago have been declassified and in “secure storage” at the complex. But one of the former president’s own lawyers hasn’t exactly instilled much confidence in the “safety” of this storage.
“It was a locked door, and going back down to the basement there’s security, you can’t just walk in there,” Christina Bobb told Laura Ingraham on Thursday. “Only certain staff members can access it, and then there is only one key.”
Bobb added that “a limited number of people” had access to this area:
Certain types of documents ― particularly highly sensitive records that would be sought by the Department of Justice at Mar-a-Lago ― require extremely tight security measures, more than a padlock and limited access to certain staff members. Some may even require what is known as a Sensitive Compartmented Information Facility (SCIF).
The installation of documents from Trump, like described by NewsNation, was “a storage room in an interior hallway by the pool” with “boxes everywhere”.
This pool, noted The Washington Post, was an important part of the resort’s social scene and “a focal point of activity as part of Mar-a-Lago’s daily activities”.
On Twitter, Trump’s critics were quick to point out that Bobb’s comments did not give the impression that the documents were stored securely and may have only harmed his client’s case:
This article originally appeared on HuffPost and has been updated.
After the CBI raid, the Directorate of Law Enforcement begins an investigation into Manish Sisodia
The CBI on Friday launched raids at 21 locations, including the residence of Delhi’s deputy chief minister, Manish Sisodia, in connection with an alleged scam involving the Delhi government’s new alcohol policy, which has then was abandoned.
Manish Sisodie. File photo. News18
New Delhi: Sources from the Law Enforcement Directorate have revealed that they are all set to launch an ECIR related action against Delhi Deputy Chief Minister Manish Sisodia following the back to back search operations of the CBI underway in more than 20 locations in Delhi-NCR including Sisodia’s residence under the Delhi government’s new excise policy case.
ED sources also revealed that several people, including individuals and government officials, were beneficiaries of the proceeds of crime in this case.
The Law Enforcement Incident Information Report (ECIR) is the equivalent of a police FIR for the ED.
However, it is not shared with any defendants, an ED official said.
Meanwhile, the CBI, after its investigation, has also registered an FIR in relation to alleged irregularities in the formulation and execution of Delhi’s excise policy introduced in November last year.
Delhi Lieutenant Governor VK Saxena had recommended a CBI investigation into Kejriwal Government’s Excise Policy, 2021-22, for alleged rule violations and procedural lapses.
The CBI investigation was recommended on the Delhi Chief Secretary’s report filed in July showing prima facie violations of GNCTD Act 1991, Transaction of Business Rules (ToBR)-1993, Delhi-2009 excise and Delhi-2010 excise rules, they said.
Apart from that, there were also “deliberate and gross breaches of procedure” to provide “undue advantages to liquor licenses” after the tender, a CBI head of operations said.
Sisodia in a series of tweets said the CBI was welcome.
He said these people are troubled because of the excellent work done by the Delhi government in the health and education sector.
This is why ministers from both departments are being targeted to prevent us from doing a good job in health and education, he said. “The allegations against both of us are lies. The truth will come out in court,” he said.
Read all Recent news, New trends, Cricket News, bollywood news,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.
‘Several’ deaths reported after 2 small planes crash in Watsonville
WATSONVILLE, Santa Cruz County – A crash involving two small planes attempting to land at Watsonville Municipal Airport appears to have left at least two people dead, according to the city.
The Federal Aviation Administration (FAA) said a single-engine Cessna 152 and a twin-engine Cessna 340 collided while the pilots were on final approach to the airport. One person was on board the Cessna 152 and two people were on board the Cessna 340.
One of the planes crashed into a hangar next to the runway, while the second plane ended up in a grassy field near the airport.
In a tweet, the city of Watsonville said it received a report of “numerous fatalities” in the crash at 2:56 p.m. and that a number of agencies had responded to the incident. No injuries were reported to anyone on the ground, the FAA said.
Watsonville Mayor Ari Parker said Thursday night the city is in mourning.
“We mourn this unexpected and sudden loss tonight,” Parker said. “I want to express my deepest and most sincere condolences.”
The FAA and the National Transportation Safety Board (NTSB) will investigate the crash. The NTSB will lead the investigation and provide additional updates.
The planes were about 200 feet in the air when they crashed, a witness told the Santa Cruz Sentinel.
Franky Herrera was passing the airport when he saw the twin-engine plane bank sharply to the right and hit the wing of the smaller plane, which ‘just rolled up and crashed’ near the edge from the airfield and not far from the houses, he told the newspaper.
The twin-engine aircraft continued to fly but “it was struggling,” Herrera said, then saw flames on the other side of the airport.
The Watsonville Municipal Airport manager was unavailable for a phone interview in the hours following the crash. The airport accounts for about 40% of all general aviation activity in the Monterey Bay Area, according to the City of Watsonville website.
Seattle had one of its hottest nights on record: NPR
Ted S. Warren/AP
Seattle had one of the hottest nights on record, Wednesday night through Thursday morning with 14 degrees warmer than average, according to the National Weather Service.
The overnight temperature reached 71 degrees, one of only three nights in the city’s climate record when the overnight temperature exceeded 70 degrees.
The average nighttime temperature for this time of year in Seattle is 57 degrees.
The low temperature in Seattle until 5 a.m. this morning was 71 degrees F.
Number of days in Seattle’s climate record with low temperatures equal to or greater than 70 degrees: 2.#wawx
— NWS Seattle (@NWSSeattle) August 18, 2022
The hot night reported in the Pacific Northwest city follows a study showing that rising nighttime temperatures can increase the death rate by up to 60% in three Asian countries at the turn of the century. The study authors say this is the first research to estimate the impact of warmer nights on mortality risks from climate change.
This death rate focuses on deaths from excessively hot nights. More heat at night can disrupt sleep patterns as the body attempts to cool down, leading to adverse effects on the immune system. This could contribute to the likelihood of developing cardiovascular disease, chronic disease, inflammation and mental health problems, the study authors concluded.
