Florida State Tax Website Bug Exposed Filers’ Data
Read more of this story at Slashdot.
Computers Tech Games Crypto Music and More
Read more of this story at Slashdot.
Some Florida residents may be keeping a close eye on their finances after a security incident. Researcher Kamran Mohsin tellsTechCrunch that Florida’s Department of Revenue website had a flaw that exposed hundreds of filers’ bank account and Social Security numbers. Anyone who logged in to the state business tax registration site could see, modify and even delete personal data just by modifying the web address pointing to a taxpayer’s application number — you just needed to change the digits in the link.
There were over 713,000 applications in the Department’s pipeline at the time of the discovery, Mohsin said. Mohsin warned the Department about the flaw on October 27th.
Department representative Bethany Wester said in a statement that the government fixed the flaw within four days of the report, and that two unnamed firms have deemed the site secure. She added there was “no sign” attackers abused the flaw, but didn’t say how officials might have spotted any misuse. The agency contacted every affected taxpayers by phone or writing within four days of learning about the issue, and has offered a year of free credit monitoring.
Bugs like these, known as insecure direct object references, are relatively easy to fix. The damage might also be limited compared to other tax-related breaches, such as a Healthcare.gov intrusion that compromised about 75,000 people in 2018. However, the incident underscores the potential harm from weak security — even a small-scale exposure like this could be used to commit tax fraud and steal refunds.
Thousands of immigrants had their personal information released by U.S. Immigration and Customs Enforcement (ICE) on Monday.
On Wednesday, the LA Times reported that 6,252 migrants who said they were escaping torture and persecution in their countries of origin had their personal information published by ICE on the agency’s website.
According to the report, ICE claims it accidentally publicly posted the data while carrying out a “routine update of its website.” The LA Times says the data includes migrants’ names, case statuses, and detention locations. The data was uploaded to a page on the ICE website where the agency normally posts information pertaining to detentions.
The human rights organization, Human Rights First, reached out to ICE as soon as they noticed the data being posted on its website, and the agency worked to delete it shortly after. However, the data was available for approximately five hours.
ICE provided the LA Times with an official statement.
“Though unintentional, this release of information is a breach of policy and the agency is investigating the incident and taking all corrective actions necessary,” said an ICE spokesperson.
ICE says it is working to notify both the migrants affected as well as those that downloaded the data. The agency also says it is monitoring the internet for the potential of the data being re-uploaded.
The identity of these individuals is seen as highly confidential, as some of these migrants face threats on their lives. Those included in this incident are seeking asylum from countries such as Iran, China, and Russia.
According to an official from the Department of Homeland Security who spoke with the LA Times, the incident was “embarrassing” and for those affected, possibly even dangerous.
An Garda Síochána was one of many international authorities involved in the investigation to bring down iSpoof.
Read more: Criminal ‘spoofing’ website taken down and more than 140 arrested
The page can be customized, with users able to choose which apps appear in each tile or remove a tile entirely. The bottom of the page displays your iCloud storage plan and usage, as well as a link to recover recently deleted files from iCloud Drive and other apps.
In the top menu bar, users can click or tap on the plus sign to create a new email, note, calendar event, and more. The menu also provides access to settings for iCloud+ features such as Hide My Email, iCloud Private Relay, and HomeKit Secure Video.
All in all, the redesigned iCloud.com page provides a more streamlined experience that makes it easier to view information at a glance.
(Thanks, Joern Hartmann!)
This article, “Apple Launches Revamped iCloud.com Website With All-New Design” first appeared on MacRumors.com
Discuss this article in our forums
Allbritton announced the launch of Protocol in late 2019 to much buzz. The Washington media mogul told Vanity Fair at the time that he wanted to replicate Politico’s successful model for the technology industry. “I would love for this to be as big as, if not larger than, Politico is right now,” Allbritton told Vanity Fair in 2019. But Protocol never had much luck. Shortly after launching, the global pandemic unleashed brutal economic headwinds on the media industry, resulting in some cuts to staff. Finally, when it seemed that the outlet might catch its footing as the pandemic’s grip on the economy lifted, German publishing giant Axel Springer closed a deal to purchase Politico. That acquisition resulted in Protocol, which had operated independently, being folded into Politico Media Group. “We have great appreciation for the impact of the journalism that Protocol has produced, and I want to personally thank each of them for the unique talents they brought to Protocol,” Goli Sheikholeslami, the chief executive of Political Media Group, wrote in an email to staffers Tuesday afternoon. Sheikholeslami reiterated that Politico sees “great opportunity in technology coverage” and wants “to win the conversation on the future of tech in the same way we do politics.”
Sheikholeslami also said Politico US and EU will combine to form one operational company with a single executive team.
Read more of this story at Slashdot.
The emissions tool employs over 300 satellites; sensors on land, planes and ships; as well as artificial intelligence to build models of emission estimates. Right now, it tracks about 72,000 of the highest emitting greenhouse gas sources. That includes every power plant, large ship and large plane in the entire world, Gore said. And that’s just the beginning. By next year, Gore hopes to be tracking millions of major emitting sites. “We will have essentially all of them,” he said. Gore said 75% of the world’s greenhouse emissions come from countries that have made pledges to become carbon-neutral by 2050. “Now that they know exactly where it’s coming from, they have tools that will enable them to reduce their emissions,” he told NPR.
He added that the database, which is free and accessible online, can help inform countries about how much pollution is being emitted by the companies they are working with or considering working with. It is not enough for companies to self-report, he said. For instance, Climate Trace found that the oil and gas industry has been significantly underreporting its emissions. That doesn’t mean companies were intentionally cheating, Gore added. However, he said underreporting prevents governments and the public from staying on track with their net-zero pledge. Six regional governments in Mexico, Europe and Africa have already entered into working agreements for using the tool, Gore said.
Read more of this story at Slashdot.
The updated design is a notable departure from the current iCloud design, showing full tiles with previews for Photos, Mail, iCloud Drive, Notes, and more, on a customizable Home page.
You can choose the apps that you use most for the iCloud Home page, selecting from all of the above listed apps as well as apps that include Pages, Numbers, Keynote, and Calendar.
Apple slightly redesigned some of the apps, tweaking toolbars and button locations for a more streamlined experience.
Anyone can see the new iCloud interface by visiting the beta site. It will be in testing for some time, and after Apple works out any bugs with the design, the new look is likely to expand to the main iCloud website.
(Thanks, Tim!)
This article, “Apple Introduces New Test Design for iCloud Website” first appeared on MacRumors.com
Discuss this article in our forums
In 1987, Ronald Reagan nominated Robert Bork to the Supreme Court. Bork was an extreme, hard-line conservative whose views included the idea that Roe v. Wade should be overturned because he believed there was no constitutional right to privacy whatsoever. In response, a Washington, DC video store leaked a list of his…