BYOD #4: Mac bugs and Android security
This week’s round-up of digital security news and investigative journalism.
1. Mac users, turn off your notifications now
A bug in the macOS client for end-to-end encrypted messaging app, Signal means self-destructing messages don’t completely disappear, reports The Hacker News.
Security researcher Alec Muffet noticed that messages were being copied onto the notification bar even after the message disappeared on the app.
Another security researcher Patrick Wardle explains the technical details on his blog.
We would advise turning off your notifications until the bug is patched.
2. Better security for Android users
Since its inception, Android users have had to deal with several vulnerabilities due to a lack of regular security updates. According to The Hacker News, all that is about to change as Android has modified its Original Equipment Manufacturer (OEM) agreements to include provisions for security patches for all devices on a regular basis.
This is set to start with Android P devices, as revealed by David Kleidermacher, head of Android platform security, at the Google I/O Developer Conference held last week.
3. Rise of DDoS attacks in Australia
Australia was hit with a total of 7200 Distributed Denial of Service (DDoS) attacks in April, nearly four times the usual amount. These figures were discovered after the latest NETSCOUT Arbor’s Active Threat Level Analysis System (ATLAS). According to a report on cso.com, these attacks have become increasingly popular and easy to carry out.
For civil society organisations and newsrooms, for example, having a DDoS defence tool such as Project Shield has become an effective way of preventing such attacks.
BYOD (Bring Your Own Device / Bring Your Own Data) refers to owning your data and digital property, and keeping it secure. This newsletter is brought to you with support from Project Shield and Code For Africa.
Do you need help with digital security? ANCIR is offering a helpline, technical resources, and sharing best practices with newsrooms and human rights activists for free. If you’d like to get access to these and more, sign up here to be considered for our digital security support.
The African Network of Centers for Investigative Reporting (ANCIR) is an association of the continent’s best investigative newsrooms, ranging from large traditional media to small specialist units.
ANCIR works to strengthen African investigative journalism by improving the techniques, expertise, the tools used in muckraking newsrooms. This includes providing member newsrooms with the world’s best encryption and semantic analysis technologies, to forensic research support (through the Investigative Dashboard), legal services, and seed grants for cross-border collaboration.
ANCIR is incubated by and receives technical support from Code for Africa.