In this week’s Cyber Blurbs Roundup, we tell you about a company trying to kill off the password, the latest issue with COVID-19 mobile contact tracing, and a strange problem for a popular video game.
Password-Killing Startup Raises Half a Billion
Passwords are often the bane of our existence, with virtually all of the critical tools we use in our day to day living at the mercy of numerous and easily forgettable carefully crafted characters designed to prevent unauthorized access. We’re prone to either forget those passwords altogether, or re-use them to the point of catastrophic security failure.
According to TechCrunch, 80% of all data breaches are attributed to weak passwords, with the average cost of resetting those passwords via help desk assistance sitting at about $70.
So yeah, passwords suck.
Enter Transmit Security, a startup company out of Boston set on making passwords a thing of the past. The company recently raised more $540 million in Series A funding — the largest Series A investment in cybersecurity history, per TechCrunch. The company is said to have a pre-investment valuation of $2.2 billion.
Transmit Security says its platform is powered by Google, Apple, and Microsoft biometrics — effectively eliminating the use for not just passwords, but usernames as well.
“By eliminating passwords, businesses can immediately reduce churn and cart abandonment and provide superior security for personal data,” said Transmit Security CEO Mickey Boodaei (via TechCrunch). “Our customers, whether they are in the retail, banking, financial, telecommunications or automotive sectors, understand that providing an optimized identity experience is a multimillion-dollar challenge. With this latest round of funding from premier partners, we can significantly expand our reach to help rid the world of passwords.”
Microsoft and Apple have both recently announced their intention to move on from passwords as well, signaling the end of times for one of the more frustrating aspects of user experience. Until that day officially comes, be sure to use a password manager to store all of your authentication information.
Google Automatically Installs COVID-Tracing App
It was more than a year ago that Apple and Google announced their joint effort to try and combat the COVID-19 pandemic, creating the foundation for mobile apps that could track COVID-19 outbreaks on Android and iOS.
The companies promised that privacy would be a priority, only for a group of researchers to discover that Android devices were capable of sharing COVID-19 tracking data with other baked-in apps on the device. Then came the promise of ensuring the app would be opt-in by default — meaning, users would need to actively agree to take part in the public health experiment. That, as it turns out for the folks over in Massachusetts, was also not totally true.
Within days of its June 15 launch, MassNotify received the U2 treatment and was automatically and silently installed on Android devices within the state by Google. The company admitted to doing so in a statement to 9to5Google a few days later, stating that a user would still need to actively enable the functionality in order for the exposure tracking to take place.
Users were, as expected, not too happy about this.
MassNotify had approximately 500,000 (or 7% of the state’s population) users as of June 22, according to The Boston Globe. Massachusetts becomes the 29th state to release a contact tracing app using the Google-Apple API.
Video Game Exposes Players’ IP Addresses
Video game developer Crystal Dynamics has released a hot fix for a strange issue that hit one of its bigger titles of 2020. Users playing Avengers on PlayStation 5 (all 11 of them) online saw their IP addresses displayed on screen during gameplay, a curious error that was resolved about a day after players first noticed the issue. Patch 1.8b was released on June 23, with the developers saying the game was now safe to play and stream.
An exposed IP address can have a number of consequences depending on the parties involved. Hackers could take a user’s IP address to block access to specific content, learn about that user’s location, and overload a user’s network, to name a few.
Already a fairly disappointing title within the gaming community, this is probably the last thing Avengers needed.
