Cloudflare security breach exposes data from Uber, Fitbit, OKCupid among 3,400 websites; password changes recommended

User data from 3,400 websites has been leaked and cached by search engines as a result of a bug in Cloudflare, a content delivery network. Sites affected over the course of several months include major ones like Uber, Fitbit and dating site OKCupid. 1Password also uses Cloudflare, but says that end-to-end encryption means that no customer data was exposed.

ArsTechnica reports that the leaks were spotted by Google security researcher Tavis Ormandy.

We observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security.

Cloudflare has admitted that the breach occurred, but Ormandy and other security researchers believe the company is underplaying the severity of the incident …

more…

New Samsung chief expects ‘tough year’ for handsets in 2016, but no major changes needed

Just a few days ago, Samsung replaced the head of its mobile division; removing JK Shin and replacing him with Koh Dong-jin. In his first interview as mobile division chief, Koh stated that he’s expecting 2016 to be a tough year for handset sales, but still believes that no major changes are needed just yet…

more…

Android 8.0 Oreo tidbits: All of the smaller changes and features you might have missed

Since Android 8.0 Oreo has been available in the form of Developer Previews since late March, we essentially knew all of the main features that were coming with the official build of this latest update. However, now that 8.0 Oreo is officially out in the wild, we’ve spotted a few smaller additions that we previously didn’t know about…

more…

Google has fixed the Bluetooth shutdown issue on the Pixel, Pixel XL w/ ‘server-side changes’

For the past month, some Pixel and Pixel XL owners have reported that Bluetooth on their device randomly shuts down. The issue seemingly began in February after that month’s security patch and has persisted through this month’s update. However, according to Google, the issue has now been remedied server-side.

more…

Android Wear 1.5 rolling out to the Gear Live with some minor changes [Update: more watches]

Update 6/8: More watches are now receiving Android Wear 1.5, including the second generation Moto 360 and Moto 360 Sport. Release notes on Motorola’s website point to security and stability improvements, as well as enhancements for Moto Body.

Android Wear 2.0 will introduce a bevy of new features for users and developers when it is released in Q4 of 2016. Before that major update, however, it appears that a more incremental version of Wear is rolling out. Several Samsung Gear Live users have already received Android Wear 1.5 and are only seeing minor changes.

more…

Google Maps for Android changes direction arrow to beam, adds easy compass calibration

The blue dot and direction arrow in Google Maps represent where you are and what direction your device is pointing in. A minor update to the Android app today changes the arrow to a shining blue beam. The beam also conveys how accurate your phone’s direction is and provide an easy way to calibrate it.

more…

Filed under: Google Corporate