Tag Archives: UK International News

Meta explains how third-party apps will hook into Messenger and WhatsApp

Posted on by

Meta has revealed more details about how third-party messaging apps can be interoperable with WhatsApp and Messenger. The company is being required to open up its apps to a certain extent to comply with the Digital Markets Act (DMA), a new European Union law that comes into effect this week.

"We think the best way to deliver interoperability is through a solution which builds on Meta’s existing client/server architecture," Meta wrote in a blog post. "The approach we have taken in terms of implementing interoperability is the best way of meeting DMA requirements, whilst also creating a viable approach for the third-party providers interested in becoming interoperable with Meta and maximizing user security and privacy."

Meta says it has been working on interoperability with the European Commission for nearly two years. To begin with, interoperability will need to support text-based messages and the ability to share images, voice notes, videos and other files. In the future, Meta will need to enable group chats and calling between WhatsApp and Messenger and third-party apps.

For the time being, third-party developers will likely have to use the Signal protocol to hook into Messenger and WhatsApp. Meta uses that protocol for end-to-end encryption (E2EE) on both apps, "as it represents the current gold standard for E2EE chats." Developers will have the option of using a compatible protocol, but only "if they are able to demonstrate it offers the same security guarantees as Signal."

Meta notes that when it comes to messaging entirely within the WhatsApp and Messenger ecosystems, it controls both the sending and receiving clients. In such cases, it can affirm that only the sender and intended recipients will be able to see messages. 

However, it added that "while we have built a secure solution for interop that uses the Signal protocol encryption to protect messages in transit, without ownership of both clients (endpoints) we cannot guarantee what a third-party provider does with sent or received messages, and we therefore cannot make the same promise." As such, Meta is indicating that messages that originate from or are sent to a third-party app may not be as secure as those that stay completely within its own ecosystem.

Developers who connect their apps to WhatsApp and Messenger will have to host media files that they send to Meta's platforms on their own servers. WhatsApp or Messenger will then download the media from the media via a Meta proxy service.

To enable interoperability, makers of third-party messaging apps will need to sign an agreement with Meta. The company notes that it needs to be ready to turn on interoperability with another service within three months of receiving a request, though "it may take longer before the functionality is ready for public use."

This article originally appeared on Engadget at https://www.engadget.com/meta-explains-how-third-party-apps-will-hook-into-messenger-and-whatsapp-192532065.html?src=rss

Meta explains how third-party apps will hook into Messenger and WhatsApp

Posted on by

Meta has revealed more details about how third-party messaging apps can be interoperable with WhatsApp and Messenger. The company is being required to open up its apps to a certain extent to comply with the Digital Markets Act (DMA), a new European Union law that comes into effect this week.

"We think the best way to deliver interoperability is through a solution which builds on Meta’s existing client/server architecture," Meta wrote in a blog post. "The approach we have taken in terms of implementing interoperability is the best way of meeting DMA requirements, whilst also creating a viable approach for the third-party providers interested in becoming interoperable with Meta and maximizing user security and privacy."

Meta says it has been working on interoperability with the European Commission for nearly two years. To begin with, interoperability will need to support text-based messages and the ability to share images, voice notes, videos and other files. In the future, Meta will need to enable group chats and calling between WhatsApp and Messenger and third-party apps.

For the time being, third-party developers will likely have to use the Signal protocol to hook into Messenger and WhatsApp. Meta uses that protocol for end-to-end encryption (E2EE) on both apps, "as it represents the current gold standard for E2EE chats." Developers will have the option of using a compatible protocol, but only "if they are able to demonstrate it offers the same security guarantees as Signal."

Meta notes that when it comes to messaging entirely within the WhatsApp and Messenger ecosystems, it controls both the sending and receiving clients. In such cases, it can affirm that only the sender and intended recipients will be able to see messages. 

However, it added that "while we have built a secure solution for interop that uses the Signal protocol encryption to protect messages in transit, without ownership of both clients (endpoints) we cannot guarantee what a third-party provider does with sent or received messages, and we therefore cannot make the same promise." As such, Meta is indicating that messages that originate from or are sent to a third-party app may not be as secure as those that stay completely within its own ecosystem.

Developers who connect their apps to WhatsApp and Messenger will have to host media files that they send to Meta's platforms on their own servers. WhatsApp or Messenger will then download the media from the media via a Meta proxy service.

To enable interoperability, makers of third-party messaging apps will need to sign an agreement with Meta. The company notes that it needs to be ready to turn on interoperability with another service within three months of receiving a request, though "it may take longer before the functionality is ready for public use."

This article originally appeared on Engadget at https://www.engadget.com/meta-explains-how-third-party-apps-will-hook-into-messenger-and-whatsapp-192532065.html?src=rss

Japan’s SLIM lunar spacecraft landed upside down on the moon

Posted on by

Shortly after Japan’s space agency became the fifth country to land a spacecraft on the surface of the moon, its scientists discovered the Smart Lander for Investigating Moon (SLIM) unfortunately touched down upside down. The Japan Aerospace Exploration Agency (JAXA) said that the SLIM landed on the lunar surface on January 20 but it knew it might have bigger problems due to an issue with power generation. Just hours after making landfall, JAXA expected the power to run out, before it ultimately did.

SLIM met the moon’s surface about 55 meters east of the original target landing site, JAXA said. The agency did get all of the technical information related to its navigation prior to landing and ultimately becoming stationary on the lunar surface. JAXA captured photos of the SLIM from its The Lunar Excursion Vehicle 2, its fully autonomous robot currently exploring the moon.

The reason behind the main engine malfunctioning is under investigation by the space agency. There is a slim chance for regeneration because the solar cells that power the spacecraft are facing west, meaning there is a chance for SLIM recovery if enough light from the sun reaches the cells as more time passes. The SLIM JAXA team took to X earlier this week to write, “We are preparing for recovery.” The agency said it will “take the necessary preparations to gather more technical and scientific data from the spacecraft.

This article originally appeared on Engadget at https://www.engadget.com/japans-slim-lunar-spacecraft-landed-upside-down-on-the-moon-202819728.html?src=rss

Whatsapp adds disappearing voice messages to its roster of privacy features

Posted on by

When Snapchat introduced the notion of “ephemeral data” to the masses a decade ago, self-destructive messaging really took off. There were tons of companies trying to cash in, from Meta-created Poke to Wickr, Confide, Hash and others. For the most part, all of those companies failed, but the idea has thrived. To that end, WhatsApp just introduced voice messages that automatically delete after being played.

The messaging app’s View Once feature already exists for photos and messages, but this is the first time it has been applied to voice messages. The interface is simple. Just select View Once and make a voice message. It’ll self-destruct after the recipient hears it. This is not only fun in a Mission Impossible sort of way, but actively enhances privacy in the case of audio recordings that mention sensitive topics. Hey, once in a while you have to give someone credit card details and it’s better to be safe than sorry.

There are some caveats, as no technology is foolproof. WhatsApp encourages users to only send View Once voice messages to people they trust, as there are ways to get around the ephemeral nature of the data. For instance, Android users can use the screen record function as they listen and anyone can use another camera or external microphone to capture the message.

The tool’s rolling out globally over the next few days, so it might be a bit before the update hits your box. WhatsApp has been making all sorts of improvements throughout the past year. Just last week, the platform introduced the ability to share photos in their original format, without compression. The app also recently added a tool that masks your IP address when making calls.

This article originally appeared on Engadget at https://www.engadget.com/whatsapp-adds-disappearing-voice-messages-to-its-roster-of-privacy-features-172813331.html?src=rss

Whatsapp adds disappearing voice messages to its roster of privacy features

Posted on by

When Snapchat introduced the notion of “ephemeral data” to the masses a decade ago, self-destructive messaging really took off. There were tons of companies trying to cash in, from Meta-created Poke to Wickr, Confide, Hash and others. For the most part, all of those companies failed, but the idea has thrived. To that end, WhatsApp just introduced voice messages that automatically delete after being played.

The messaging app’s View Once feature already exists for photos and messages, but this is the first time it has been applied to voice messages. The interface is simple. Just select View Once and make a voice message. It’ll self-destruct after the recipient hears it. This is not only fun in a Mission Impossible sort of way, but actively enhances privacy in the case of audio recordings that mention sensitive topics. Hey, once in a while you have to give someone credit card details and it’s better to be safe than sorry.

There are some caveats, as no technology is foolproof. WhatsApp encourages users to only send View Once voice messages to people they trust, as there are ways to get around the ephemeral nature of the data. For instance, Android users can use the screen record function as they listen and anyone can use another camera or external microphone to capture the message.

The tool’s rolling out globally over the next few days, so it might be a bit before the update hits your box. WhatsApp has been making all sorts of improvements throughout the past year. Just last week, the platform introduced the ability to share photos in their original format, without compression. The app also recently added a tool that masks your IP address when making calls.

This article originally appeared on Engadget at https://www.engadget.com/whatsapp-adds-disappearing-voice-messages-to-its-roster-of-privacy-features-172813331.html?src=rss

Apple Watch SE falls to another new low in Black Friday sale

Posted on by

There's never been a better time to buy the Apple Watch SE (2nd Gen), as it has fallen to another new low on Amazon. Both sizes (40mm and 44mm) are available with discounts of $70, with the 40mm GPS Watch SE starting at just $179, or 28 percent ($70) off and the 44mm model starting at $209 (25 percent off). That's an all-time low, besting the $189 price we saw just two days ago. 

With solid performance, a familiar design and support for numerous apps, the 2022 Watch SE scored a solid 89 in our Engadget review. It looks nearly identical to the latest Watch models, and delivers smooth performance despite the slightly older processor. Most importantly, it offer all the same features you'd get in the more expensive models, like all-day heart rate monitoring, built-in GPS, fall detection, Apple Pay support, sleep-tracking and more. Battery life has also been improved over the previous model.

It doesn't include a blood oxygen sensor or ECG, nor the always-on display of the Series 8 or Series 9 models. If those things aren't terribly important, you'll still get a full Watch experience. The other main drawbacks with all Watch models are sleep tracking that doesn't quite measure up to the competition, and less than a full day of battery life.

If you want the higher-end models, there's more good news too. All the Watch Series 8 models are on sale, starting at $299 for the Watch Series 8 (GPS 41mm), $329 for the Watch Series 9 (in red only, $100 off) and $359 for the Watch Series 9 in other colors.  

Your Black Friday Shopping Guide: See all of Yahoo’s Black Friday coverage, here. Follow Engadget for Black Friday tech deals. Learn about Black Friday trends on In The Know. Hear from Autoblog’s experts on the best Black Friday deals for your car, garage, and home, and find Black Friday sales to shop on AOL, handpicked just for you.

This article originally appeared on Engadget at https://www.engadget.com/apple-watch-se-falls-to-another-new-low-in-black-friday-sale-110511086.html?src=rss

‘Minecraft’ mod exploit lets hackers control your device

Posted on by

You might want to run antivirus tools if you use certain Minecraft mods. The MMPA security community has learned that hackers are exploiting a "BleedingPipe" flaw in the Forge framework powering numerous mods, including some versions of Astral Sorcery, EnderCore and Gadomancy. If one of the game tweaks is running on Forge 1.7.10/1.12.2, intruders can remotely control both servers and gamers' devices. In one case, an attacker was using a new exploit variant to breach a Minecraft server and steal both Discord chatters' credentials as well as players' Steam session cookies.

As Bleeping Computerexplains, BleedingPipe relies on incorrect deserialization for a class in the Java code powering the mods. Users just have to send special network traffic to a server to take control. The first evidence of BleedingPipe attacks surfaced in March 2022 and were quickly patched by modders, but MMPA understands most servers running the mods haven't updated.

We've asked Mojang parent company Microsoft for comment. It's not responsible for Forge, so the tech giant can't necessarily stop or limit the damage. You won't be affected if you use stock Minecraft or stick to single-player sessions.

The full scope of the vulnerability isn't clear. While there are 46 mods known to fall prey to BleedingPipe as of this writing, there's the potential for considerably more. Users are asked to scan their systems (including their Minecraft folder) for malware. Server operators, meanwhile, are urged to either update mods or stop running them entirely. MMPA also has a PipeBlocker mod that protects everyone involved, although mod packs may cause problems if the mods haven't been updated.

This article originally appeared on Engadget at https://www.engadget.com/minecraft-mod-exploit-lets-hackers-control-your-device-162231445.html?src=rss

New privacy deal allows US tech giants to continue storing European user data on American servers

Posted on by

Nearly three years after a 2020 court decision threatened to grind transatlantic e-commerce to a halt, the European Union has adopted a plan that will allow US tech giants to continue storing data about European users on American soil. In a decision announced Monday, the European Commission approved the Trans-Atlantic Data Privacy Framework. Under the terms of the deal, the US will establish a court Europeans can engage with if they feel a US tech platform violated their data privacy rights. President Joe Biden announced the creation of the Data Protection Review Court in an executive order he signed last fall. The court can order the deletion of user data and impose other remedial measures. The framework also limits access to European user data by US intelligence agencies.

The Trans-Atlantic Data Privacy Framework is the latest chapter in a saga that is now more than a decade in the making. It was only earlier this year the EU fined Meta a record-breaking €1.2 billion after it found that Facebook's practice of moving EU user data to US servers violated the bloc's digital privacy laws. The EU also ordered Meta to delete the data it already had stored on its US servers if the company didn't have a legal way to keep that information there by the fall. As TheWall Street Journal notes, Monday's agreement should allow Meta to avoid the need to delete any data, but the company may end up still paying the fine.

Even with a new agreement in place, it probably won't be smooth sailing just yet for the companies that depend the most on cross-border data flows. Max Schrems, the lawyer who successfully challenged the previous Safe Harbor and Privacy Shield agreements that governed transatlantic data transfers before today, told The Journal he plans to challenge the new framework. "We would need changes in US surveillance law to make this work and we simply don't have it," he said. For what it's worth, the European Commission says it's confident it can defend its new framework in court.

This article originally appeared on Engadget at https://www.engadget.com/new-privacy-deal-allows-us-tech-giants-to-continue-storing-european-user-data-on-american-servers-214347975.html?src=rss

WhatsApp makes it harder for scammers to steal your account

Posted on by

WhatsApp has begun rolling out a handful of new security features. The most notable sees the company doing more to protect users against SIM jacking and other social engineering attacks that could compromise your account. The next time you download WhatsApp on a new device, you may be asked to use your old device to confirm you want to move your account to a new phone.

If you’re worried about the potential of being locked out of your account, a WhatsApp spokesperson told Engadget Account Protect will only activate if the company detects a suspicious registration attempt. Moreover, if you don’t have access to your old device, you can request the company send you a second one-time passcode.

Whether or not you decide to switch devices anytime soon, your WhatsApp account will be safer, thanks to the new introduction of new background checks. You won’t need to directly interact with the verification features WhatsApp is adding. Nonetheless, the company says they will help secure your account against malware, and better protect you if your WhatsApp is ever compromised.

Separately, WhatsApp is also making it easier for users to verify their connection with someone is encrypted. Right now, verifying your connection with someone involves either scanning a QR code or comparing a 60-digit number, both of which you can find by tapping the Encryption tab under a contact’s info sheet. Moving forward, tapping the tab will automatically verify whether your connection is secure.

The new features will roll out to all WhatsApp users in the coming months. In the meantime, if you want to do the most you can to secure your account, WhatsApp parent company Meta recommends you enable two-factor authentication and encrypted backups.

This article originally appeared on Engadget at https://www.engadget.com/whatsapp-makes-it-harder-for-scammers-to-steal-your-account-130054789.html?src=rss

WhatsApp makes it harder for scammers to steal your account

Posted on by

WhatsApp has begun rolling out a handful of new security features. The most notable sees the company doing more to protect users against SIM jacking and other social engineering attacks that could compromise your account. The next time you download WhatsApp on a new device, you may be asked to use your old device to confirm you want to move your account to a new phone.

If you’re worried about the potential of being locked out of your account, a WhatsApp spokesperson told Engadget Account Protect will only activate if the company detects a suspicious registration attempt. Moreover, if you don’t have access to your old device, you can request the company send you a second one-time passcode.

Whether or not you decide to switch devices anytime soon, your WhatsApp account will be safer, thanks to the new introduction of new background checks. You won’t need to directly interact with the verification features WhatsApp is adding. Nonetheless, the company says they will help secure your account against malware, and better protect you if your WhatsApp is ever compromised.

Separately, WhatsApp is also making it easier for users to verify their connection with someone is encrypted. Right now, verifying your connection with someone involves either scanning a QR code or comparing a 60-digit number, both of which you can find by tapping the Encryption tab under a contact’s info sheet. Moving forward, tapping the tab will automatically verify whether your connection is secure.

The new features will roll out to all WhatsApp users in the coming months. In the meantime, if you want to do the most you can to secure your account, WhatsApp parent company Meta recommends you enable two-factor authentication and encrypted backups.

This article originally appeared on Engadget at https://www.engadget.com/whatsapp-makes-it-harder-for-scammers-to-steal-your-account-130054789.html?src=rss