Categories
Europe Featured Guest Post Meta Privacy Region Tech News Uncategorized Unicorns

Irish Data Protection Commission Fines Facebook €17m For Breaching EU Data Privacy Laws in 2018

The Irish Data Protection Commission has hit Facebook with a fine of €17m after finding they did not fully comply with GDPR. The decision followed an inquiry by the commission into 12 breach notifications it received in six months period between June and December 2018, examining their compliance with GDPR requirements for personal data processing at different points during this time frame.

The Data Protection Commission found that Meta Platforms failed to put in place adequate technical and organizational measures, which would make it easy for them to demonstrate the security precautions they implemented. This is despite having 12 personal data breaches.

According to The Irish data watchdog, Meta’s platforms had “failed to have in place appropriate technical and organizational measures” in the context of the 12 personal data breaches.

Ireland has a well-established tradition in regulating the tech industry, especially with regard to internet companies that have their European Union headquarters there.

References:

  • https://www.bbc.com/news/articles/cp9yenpgjwzo#
  • https://techcrunch.com/2022/03/15/facebook-2018-breaches-dpc-decision/
  • https://www.rte.ie/news/business/2022/0315/1286598-facebook-fined-by-dpc/
Categories
Featured Language Meta Security Tech News Uncategorized Unicorns

This Open-Source Browser Extension Verifies Code Authenticity on The Web

WhatsApp has long protected your messages with end-to-end encryption as they transit from sender to recipient. But now, security-conscious users need to be confident that when WhatsApp Web receives these encrypted messages, it is also protected – in contrast, what happens when people download a mobile app onto their device instead of using the internet through a desktop browser or laptop hotspot, etc. WhatsApp has been on the rise as a popular messaging platform. With more users every day, it’s important for WhatsApp Web to be secure so that your messages are safe from hackers trying in on them. But now, Code Verify is bringing even more security to WhatsApp Web.

Code Verify works in partnership with Cloudflare, an internet infrastructure and security company, to provide independent third-party verification that your code is being served correctly. 

WhatsApp has come up with a way to make its messaging service even more secure. They are now offering it as an open-source so that other companies can use this for themselves and improve on what WhatsApp does best: encryption! 

Source: https://engineering.fb.com/2022/03/10/security/code-verify/

The team at Code Verify is passionate about making the web more secure, and they’ve come up with a way to enhance security by checking resources on the entire webpage. This process relies heavily upon Cloudflare as an independent third party that acts as a trusted source for verifying the integrity of all files being requested from websites across their network.

The Code Verify extension will be available on the official browser extensions stores for Google Chrome, Microsoft Edge, and Mozilla Firefox. The plugin doesn’t log any data or user information – it just checks if there are hints of malware in your WhatsApp web traffic so you can take action before anything happens. You can think of Code Verify as a traffic light for your WhatsApp Web code.

Reference: https://engineering.fb.com/2022/03/10/security/code-verify/

Download Extensions: Chrome | Edge | Firefox 

Categories
Featured Guest Post Java Language Meta Tech News Unicorns

Meta Open-Sources A Compositional Deadlock Detector for Android Java

The research team at Meta has developed a new static analyzer that catches deadlocks in Java code for Android without ever running the app. What distinguished this work from past efforts is its ability to analyze revisions within large software libraries with hundreds of millions of lines–enough time and space so problems can be found before they manifest themselves as bugs or crashes. The proposed analyzer is open-sourced and forms part of the Infer static analysis framework.

Using abstract interpretation techniques, the proposed analyzer has been designed to summarize how each method behaves when acquiring locks and releasing them and whether it can run on the main thread or background task. This is done elegantly by compounding all behaviors into one summary that reflects what callers will be affected if their operation depends upon this particular piece of code being fast enough for them not to experience lags while running through various parts within your application’s workflow process.

This tool takes a different approach by not analyzing all source files in an app. Instead, it starts with the revisions’ modified methods first and uses that data for its analysis – which can be scalable because of this heuristic.

The team’s research proves that their analysis is sound and complete for a non-deterministic programming language, which means it can detect all deadlocks without false positives.

The static detection of deadlocks has been very valuable in analyzing and diagnosing. Our approach achieves this goal while also making it sufficiently scalable to deploy analyzers on large codebases.

Paper: https://discovery.ucl.ac.uk/id/eprint/10140070/1/deadlocks_final.pdf

Reference: https://engineering.fb.com/2022/03/08/android/deadlock-detector-for-android-java/