Privacy International has asked Google to do something about Android bloatware. The advocacy group posted an open letter to Google CEO Sundar Pichai to subject pre-installed programs that come bundled on Android phones to the same scrutiny Play Store apps receive. They also asked that mechanisms be put in place to enable users to receive updates on such software, and that users be given the means to permanently uninstall unwanted programs should they desire to do so. As Naked Security observes, preinstalled bloatware has attracted ire for the ways in which it obtains excessive access to sensitive user information.
Those leery of what Google can learn about them when they use its search engine have alternatives. Computing provides a brief overview of a dozen other services that are more reassuring from the point of view of privacy.
Microsoft’s January 2020 patches, issued this afternoon, include a fix for a core cryptographic component shared by all versions of Windows. That module is crypt32.dll, which Microsoft characterizes as handling “certificate and cryptographic messaging functions in the CryptoAPI.” The vulnerability, which has not yet been observed being exploited in the wild, in principle poses a significant risk to security in general and privacy in particular. In a media call shortly after noon today, the US National Security Agency, which found the bug and disclosed it to Microsoft, urged everyone to apply the patch as soon as possible, “as we ourselves will be doing.”
The US Justice Department has concluded its investigation into December’s Pensacola Naval Air Station shootings. The results are as expected: Lieutenant Mohammed Saeed Alshamrani of the Royal Saudi Air Force had been radicalized in a jihadist ideology, and he acted alone. While much of the shooter’s radicalization is evident in his digital exhaust, the Justice Department complains that it’s been unable to unlock the two iPhones he left behind, and Attorney General Barr has renewed calls for some arrangement by which law enforcement could obtain warrants that would require tech companies to assist in breaking encrypted communications when there were serious and legitimate investigative reasons to do so. The other side of the crypto wars remains unconvinced, as Decipher notes.