ANCIR’s weekly post offering interesting — or amusing — digital security news from around the world, and tips for newsrooms, journalists and sources on the latest security measures.
1. Mac users, turn off your notifications now
A bug in the macOS client for end-to-end encrypted messaging app, Signal, means self-destructing messages don’t completely disappear, reports The Hacker News.
Security researcher Alec Muffet noticed that messages were being copied onto the notification bar even after the message disappeared on the app.
#HEADSUP: #Security Issue in #Signal. If you are using the @signalapp desktop app for Mac, check your notifications bar; messages get copied there and they seem to persist — even if they are "disappearing" messages which have been deleted/expunged from the app. pic.twitter.com/CVVi7rfLoY— Alec Muffett (@AlecMuffett) May 8, 2018
Another security researcher Patrick Wardle explains the technical details on his blog.
We would advise turning off your notifications until the bug is patched.
2. Better security for Android users
Since its inception, Android users have had to deal with several vulnerabilities due to a lack of regular security updates. According to The Hacker News, all that is about to change as Android has modified its Original Equipment Manufacturer (OEM) agreements to include provisions for security patches for all devices on a regular basis.
This is set to start with Android P devices, as revealed by David Kleidermacher, head of Android platform security, at the Google I/O Developer Conference held last week.
3. Rise of DDoS attacks in Australia
Australia was hit with a total of 7200 Distributed Denial of Service (DDoS) attacks in April, nearly four times the usual amount. These figures were discovered after the latest NETSCOUT Arbor’s Active Threat Level Analysis System (ATLAS). According to a report on cso.com, these attacks have become increasingly popular and easy to carry out.
For civil society organisations and newsrooms, for example, having a DDoS defence tool such as Project Shield has become an effective way of preventing such attacks.
Do you need help with digital security? ANCIR is offering a helpline, technical resources, and sharing of best practices with newsrooms and human rights activists free of charge. If you’d like to get access to these and more, sign up here to be considered for our digital security support.
BYOD (Bring Your Own Device / Bring Your Own Data) refers to owning your data and digital property, and keeping it secure.
This post originally appeared on ANCIR's Medium page. It was republished on IJNet with permission. The African Network of Centers for Investigative Reporting (ANCIR) is an association of the continent’s best investigative newsrooms, ranging from large traditional media to small specialist units.
ANCIR is incubated by and receives technical support from Code for Africa.
Main image CC-licensed by Unsplash via Blake Connally. Other images courtesy of ANCIR.