My Weekly RoundUp #104
Uff..Facebook announces a new privacy tool and a new Matrix's chapter is coming but…"not all that glitters is gold"!
Wait! Did you say "Breaking Bad"?
Apple, what are you doing?
iOS 12.4 makes it possible to jailbreak your iPhone again
Apple‘s most recent iOS update — 12.4 — has reopened a vulnerability that was previously patched, making it easy to jailbreak iPhones and iPads.
As reported by Motherboard, hacker Pwn20wnd exploited the flaw to release a public version of the jailbreak on Monday, making it the first time an up-to-date firmware has been unlocked in years.
The SockPuppet flaw (CVE-2019-8605), found in March by Googler Ned Williamson, allows a malicious application to execute arbitrary code with system privileges. Although Apple fixed the issue in its May iOS 12.3 update, the iOS 12.4 release in July has reintroduced the bug.
Apple's Borked iOS Update Leads to New Jailbreak and Vulnerable iPhones
If you updated to iOS 12.4, you might want to think twice about the apps you download. Apple has unpatched a vulnerability with the latest update, and hackers have already used the opportunity to release the first jailbreak for up-to-date iPhones in years, according to a Motherboard report.
Apple, unfortunately, reintroduced a bug that was fixed in the iOS 12.3 update. As a result, all iPhones running iOS 12.4 can now be jailbroken. Pwn20wnd—the security researcher behind the unc0ver tool—released a public jailbreak for iOS 12.4 earlier today on Github. While jailbreaking was still doable beforehand, it’s been a while since you could do it on iPhones running the latest version of iOS. A Twitter search reveals that plenty of users have already confirmed they’re successfully running Pwn20wnd’s jailbreak.
Wow, the Weekly Leak!
Massive MoviePass database found exposed on public server
As TechCrunch reported on Tuesday, Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk, recently stumbled across a massive database – TechCrunch’s Zack Whittaker reported that it contained 161 million records “and growing” as of the time he published his report – on one of the movie ticket subscription service’s subdomains.
Up for grabs were mundane logging messages, but the exposed records also included critical data, including customer card numbers and personal credit cards of some subscribers. There were 58,000 subscribers’ cards exposed as of Tuesday, and the number was growing.
And as Whittaker explains, MoviePass customer cards are similar to normal debit cards: issued by Mastercard, they store a cash balance, which subscribers can use to pay to watch a catalog of movies. Subscribers pay a monthly fee, and then MoviePass uses this debit card to load the full cost of the movie. The subscriber then uses that MoviePass card to pay for the movie at the cinema.
Wait, Facebook finally released a feature that helps users's privacy?
Are you sure?
Facebook to let users stop app and website tracking
Facebook collects information about its users by asking them to fill their account with pertinent information, by monitoring their activity on the Facebook website and associated apps, and by getting information about their activity on other websites.
“With Off-Facebook Activity, you can see and control the data that other apps and websites share with Facebook,” Erin Egan, Facebook’s Chief Privacy Officer, explained.
Users will be able to:
- See a summary of the information other apps and websites have sent Facebook through tools like Facebook Pixel, Facebook Login and the “Like” button
- Disconnect this information from their account
- Choose to disconnect future off-Facebook activity from their account.
Considering how much money Facebook makes off of ads, it seems like this peace offering is a bit of voluntary self-flagellation. Don’t think I didn’t notice the slight guilt trip in the announcement: “We expect this could have some impact on our business, but we believe giving people control over their data is more important.”
The feature is only available in three countries at the moment: Ireland, Spain, and South Korea. Facebook says it’ll be rolling the feature out to more countries “over the coming months to help ensure it’s working reliably for everyone.” We’ll have to see how good the tools are once they’re available to us.
Facebook’s New Privacy Feature Comes With a Loophole
Off-Facebook Activity will give you a summary of the third-party websites and apps that share your visit history with Facebook, and will allow you to clear them. You can also choose not to allow Facebook to use your browsing history for personalized advertising in the future, including on Messenger and Instagram. Erin Egan, Facebook’s chief privacy officer, and David Baser, the director of product management, noted in a blog post that the new tool “could have some impact” on Facebook’s business, but that “giving people control over their data is more important.”
But not complete control. Even if you turn off Facebook’s ability to use your browsing history for ads, Facebook will still collect that information, and it will still be connected to your account for up to two days. Buried in a Help Center post behind a drop-down menu, Facebook clarifies: “Your future off-Facebook activity will be disconnected within 48 hours from when it's received. During this time it may be used for measurement purposes and to make improvements to our ads systems.”
Ok, now read this post by Sophos:
Facebook delivers ‘clear history’ tool that doesn’t ‘clear’ anything
Using the Clear History tool, you can “disconnect” that data from your Facebook account. Doing so will mean that the company will no longer be able to use that information for targeted ads, including on its other products, such as Instagram or Messenger.
But that won’t stop Facebook from squeezing that data – including your browsing history, search terms, and online purchases – for other business purposes. A spokesperson told Consumer Reports that Facebook may still use the data in analytics reports for other websites, for example, and for providing advertisers with information about the effectiveness of their campaigns.
Even though you won’t be able to entirely wrestle your data out of Facebook’s maw, the Off-Facebook Activity controls are still going to usher in an unprecedented view of the information Facebook collects about us and what tools – Pixel or Login, for example – that it uses to get it, regardless of whether you actually interact with a given entity or not.
I have big concerns about the quality of this fourth chapter…
The Matrix 4 is officially happening with Keanu Reeves, Carrie-Anne Moss
It's official: the Matrix film series is coming back with a fourth numbered entry. And it will see the return of original trilogy stars Keanu Reeves and Carrie-Anne Moss to their respective roles as Neo and Trinity.
Lana Wachowski, who served as co-writer and co-director for all three original trilogy films alongside sibling Lilly, has been confirmed as the sole Wachowski family member (so far) in the writer/director chair. Wachowski will be joined by Aleksandar Hemon and David Mitchell as co-writers, whose names will likely be familiar to Wachowski fans. Mitchell's novel Cloud Atlas was eventually developed into a feature-length film by the Wachowskis, while Mitchell and Hemon co-wrote much of the Wachowski-helmed Netflix series Sense8.
Time to grab your pleather pants and hack into some robots, because The Matrix is back, baby. Variety has revealed that The Matrix co-creator Lana Wachowski will write and direct a fourth film in the series, with original series stars Keanu Reeves and Carrie-Anne Moss set to return as Neo and Trinity.
Warner Bros. Picture Group chairman Toby Emmerich confirmed to Variety that Lana Wachowski, one-half of the Wachowski sisters filmmaking duo, is returning to The Matrix series. The script is being written with Aleksander Hemon and David Mitchell. No word yet on whether co-creator Lilly Wachowski will be returning in any creative capacity to the project.
“Lana is a true visionary—a singular and original creative filmmaker—and we are thrilled that she is writing, directing and producing this new chapter in The Matrix universe,” Emmerich said.
Wait! Did you say "Breaking Bad"?
El Camino: A Breaking Bad Movie
Netflix has unveiled the title, release date and first trailer for their forthcoming Breaking Bad sequel, titled El Camino: A Breaking Bad Movie.
The influx of information comes within hours of fans discovering that the “movie card” or “landing page” for the film could be found on the official Netflix site, finally confirming its existence.
While a detailed plot description for the film remains under wraps, Netflix said in a statement: “In the wake of his dramatic escape from captivity, Jesse Pinkman (Aaron Paul) must come to terms with his past in order to forge some kind of future.”
In the teaser trailer, Jesse’s friend and former colleague Skinny Pete (Charles Baker) is seen being interrogated about Jesse’s whereabouts.
“I don’t know where he’s headed,” he says. “North, south, west, east, Mexico, the moon. I don’t have a clue.”