24 Mar 2020
In Jojutla, a municipality in the southern state of Morelos, the government is using drones, normally used for security tasks such as reducing homicides, to surveille gatherings in public parks and plazas and tell people to go home, at the same time distributing hand sanitiser gel and face masks on
25 Mar 2020
A web form to screen COVID-19 cases developed by the Mexico City government collects a wide range of personal information such as name, age, telephone number, home address, social network username, and cellphone number. The privacy notice establishes that such data may be transferred to a vast array
23 Mar 2020
Owing to concerns about the possibility of spreading the coronavirus via banknotes and payment cards, Russia has begun testing its Unified Biometric System (EBS) for payments at a selection of grocery stores including Lenta supermarkets. The Russian bank VTB plans a mass roll-out for mid-2020. For
24 Mar 2020
Managed from a purpose-built coronavirus control centre, Moscow's network of 100,000 cameras equipped with facial recognition technology is being used to ensure that anyone placed under quarantine stays off the streets. Officials claim the centre can also be used to track international arrivals and
24 Mar 2020
The success of South Korea's efforts to combat the coronavirus without a national lockdown and without suspending civil rights depended in part on preparation put in place after the 2015 MERS epidemic and in part on the country's network of private testing labs, which enabled the country to quickly
25 Mar 2020
A newly-enacted Slovakian law, inspired by similar laws in Singapore, South Korea, and Taiwan, allows the country's Public Health Office to use location data from mobile phones to track people ordered to quarantine to ensure they are not breaking the rules. The angry public response on privacy
24 Mar 2020
Estonia's Government Crisis Commission has instructed the state statistical office, Statistics Estonia, to use mobile geolocation data from companies such as Telia, Elisa, and Tele 2 in order to study people's movements to prevent the spread of COVID-19. Statistics Estonia hoped to launch the
24 Mar 2020
A day after John Tory, the mayor of the City of Toronto, told thousands of attendees at an online event hosted by TechTO that the city was gathering cellphone location data from telecoms in order to identify areas where residents were still congregating despite the city's social distancing rules, he
23 Mar 2020
The Rio de Janeiro City Hall has signed an agreement with telecomunications company TIM to use geolocation data to develop "heat maps" by cross-referencing epidemological hubs with high population density locations. Under the agreement, TIM will pinpoint the movement of its users across Rio de
23 Jul 2018
Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Bluetooth utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices. The ECDH key pair consists of a private and a public key, and the public keys are exchanged to produce a shared pairing key. The devices must
13 Sep 2017
Questions are being raised again about the security of Bluetooth after researchers uncovered another flaw that could potentially compromise billions of devices.
Armis published details of the Bluetooth vulnerability it is calling ‘Blueborne’. The attack disguises itself as a Bluetooth device and exploits a weaknesses in the protocol to deploy malicious code.
“The BlueBorne attack vector requires no user interaction, is compatible to all software versions, and does not require any preconditions or configurations aside of the Bluetooth being active,” warned the researchers. “Unlike the common misconception, Bluetooth enabled devices are constantly
18 Nov 2019
An engineering and computer science professor and his team from The Ohio State University discovered a design flaw in low-powered Bluetooth devices that leaves them susceptible to hacking.
An engineering and computer science professor and his team from The Ohio State University discovered a design flaw in low-powered Bluetooth devices that leaves them susceptible to hacking. Zhiqiang Lin, associate professor of computer science and engineering at the university, found the commonly
06 Feb 2020
On November 3rd, 2019, [...] a critical vulnerability affecting the Android Bluetooth subsystem [was reported]. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020 .
On November 3rd, 2019, [...] a critical vulnerability affecting the Android Bluetooth subsystem [was reported]. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020. The security impact is as follows: On Android 8.0 to 9.0, a remote
Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up encryption on a BR/EDR connection between two devices in such a way as to reduce the length of the encryption key used.
Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up
27 Mar 2020
Together with Norwegian company Simula the Norwegian Institute of Public Health is developping a voluntary app to track users geolocation and slow the spread of Covid-19. Running in the background, the app will collect GPS and Bluetooth location data and store them on a server for 30 days. If a user
