Information Technology

LG Electronics said on Thursday it has acquired Israeli automotive cybersecurity startup Cybellum.Tel Aviv-based Cybellum was founded in 2016 and offers a risk assessment software that can scan software on vehicle components for vulnerabilities and risks.   The South Korean electronics maker signed a deal with the startup to acquire 63.9% of its shares. LG will also acquire additional shares of Cybellum by the year’s end, with the amount to be finalised then.LG has also signed an additional contract, worth $20 million, with the startup for future equity that will see the funds be converted to more shares from the end of 2022 to the first half of 2023.Cybellum’s current management team will continue to run the company independently and work with its existing automobile and component partners, LG said.According to the South Korean company, the importance of security in the automotive industry has become more important as more vehicles connect to networks. Due to this, cybersecurity has become an important barometer for the quality of a vehicle’s life cycle, along with design, development and driving capabilities, the company said.  Through Cybellum’s solutions, LG will look to beef up the security systems on its automotive offerings in the areas of infotainment and telematics, the company said, to preempt security regulations in various countries and become a reliable partner to automobile manufacturers.

LG currently offers various software and components for vehicles. Its affiliate LG Display also supplies display panels to automobile companies.In July, its joint venture with Magna International was formed, which aims to offer electric powertrain components and systems for cars.In March, LG launched a joint venture called Alluto with Luxoft, a subsidiary of DXC Technology that offers connected car solutions based on the webOS Auto platform.Related Coverage More

CISA sent out an advisory on Wednesday centered around the Conti ransomware, providing detailed information for the cybersecurity community about the ransomware group and its affiliates.  Both CISA and the FBI said they have seen more than 400 attacks involving Conti’s ransomware targeting US organizations as well as international enterprises. The FBI has previously implicated Conti in attacks on at least 290 organizations in the US. CISA offered a technical breakdown on how the ransomware group’s operators typically function and what steps organizations can take to mitigate potential attacks. CISA noted that while Conti operates a ransomware-as-a-service model, they do so a bit differently than others. Instead of paying affiliates a cut of the earnings that come from ransoms, the group pays the deployers of the ransomware a wage, according to CISA. Rob Joyce, director of cybersecurity at NSA, said the cybercriminals now running the Conti ransomware-as-a-service have historically targeted critical infrastructure, such as the Defense Industrial Base (DIB). He added that the advisory highlights actions organizations can take right now to counter the threat.”NSA works closely with our partners, providing critical intelligence and enabling operations to counter ransomware activities. We highly recommend using the mitigations outlined in this advisory to protect against Conti malware and mitigate your risk against any ransomware attack,” Joyce said. On Twitter, Joyce said Conti attacks are increasing and he urged organizations to use MFA, segment their networks and explore using a patch management system to keep networks updated. CISA explained that Conti actors typically use a variety of methods and tools to infiltrate systems, including spearphishing campaigns, remote monitoring and management software and remote desktop software.

The spearphishing campaigns seen by CISA used tailored emails that contain malicious attachments or links. Stolen or weak Remote Desktop Protocol (RDP) credentials, phone calls, fake software promoted via search engine optimization, other malware distribution networks like ZLoader and common vulnerabilities in external assets were all cited as tools Conti actors have used during ransomware attacks. “Malicious Word attachments often contain embedded scripts that can be used to download or drop other malware — such as TrickBot and IcedID, and/or Cobalt Strike — to assist with lateral movement and later stages of the attack life cycle with the eventual goal of deploying Conti ransomware,” CISA explained. “In the execution phase, actors run a getuid payload before using a more aggressive payload to reduce the risk of triggering antivirus engines. CISA and FBI have observed Conti actors using Router Scan, a penetration testing tool, to maliciously scan for and brute force routers, cameras, and network-attached storage devices with web interfaces. Additionally, actors use Kerberos attacks to attempt to get the Admin hash to conduct brute force attacks.” The operators of Conti’s ransomware also have been seen using remote monitoring and management software as well as remote desktop software as backdoors to maintain persistence in a victim’s network. CISA explained that sometimes the ransomware group and its affiliates use tools that are already on a victim’s network or add tools like Windows Sysinternals and Mimikatz to “obtain users’ hashes and clear-text credentials, which enable the actors to escalate privileges within a domain and perform other post-exploitation and lateral movement tasks.”The TrickBot malware is also used in some cases as a way to carry out other post-exploitation tasks.The advisory noted that “artifacts from a recently leaked threat actor ‘playbook,’ identify IP addresses Conti actors have used for their malicious activity.” The playbook also shows that Conti operators aim to exploit vulnerabilities in unpatched assets like the 2017 Microsoft Windows Server Message Block 1.0 server vulnerabilities, the “PrintNightmare” vulnerability and the “Zerologon” vulnerability. “CISA and FBI have observed Conti actors using different Cobalt Strike server IP addresses unique to different victims. Conti actors often use the open-source Rclone command line program for data exfiltration,” the advisory said. “After the actors steal and encrypt the victim’s sensitive data, they employ a double extortion technique in which they demand the victim pay a ransom for the release of the encrypted data and threaten the victim with public release of the data if the ransom is not paid.”As Joyce said, CISA, the FBI and NSA suggested organizations segment their networks, filter traffic, scan for vulnerabilities and stay up-to-date with all patches. They added that unnecessary applications and apply controls should be removed, endpoint and detection response tools should be implemented and access should be limited across networks. Conti made a name for itself after attacking hundreds of healthcare institutions — including a debilitating ransomware attack on Ireland’s Health Service Executive on May 14 — as well as schools like the University of Utah and other government organizations like the city government of Tulsa, Oklahoma and the Scottish Environment Protection Agency.Allan Liska, ransomware expert and member of the computer security incident response team at Recorded Future, said much of what was in the advisory was well-known in the information security community. But he noted that experts are not the target audience of the advisory. “There are a lot of security people who will find this very useful because the tools used by Conti are used by other ransomware groups. For example, rclone is mentioned in the report. I see rclone used by many ransomware groups but rarely by legitimate employees of an organization, so looking for rclone hashes on endpoints could be useful,” Liska said. “I also think a lot of people didn’t know that Conti has infected organizations through phone calls. That may be a new threat model for a lot of organizations and one that they have to consider how to defend against. Overall, while it is not a groundbreaking report, it is nice to have so many of Conti’s TTP in a single location rather than combing through 15 different ZDNet articles to find them.” More

Cloud data protection and management provider Druva has come out with an approach called Curated Recovery to help defend against the rapidly growing ransomware problem.Deployed as in addition to the company’s standard Accelerated Ransomware Recovery module, Druva Curated Recovery mitigates the impact of a ransomware attack by building uncorrupted, unencrypted, and malware-free system recovery points to ensure successful recovery–even before one is needed, Druva VP of Products Prem Ananthakrishnan told ZDNet. Curated Recovery, announced Sept. 21, identifies anomalies as they show themselves in an IT system; when an intrusion is deployed, Druva quarantines the malware and, using intelligent automation, reinstates all system files in a state prior to when the ransomware was detected. By pre-establishing a large set of recovery points, Curated Recovery identifies the latest clean version of each file through its recent changes, replacing a resource-intensive process that can take weeks with a simplified recovery workflow. Thus, IT teams can find the most recent clean version of all their data and return operations to normal in a much shorter time frame, Ananthakrishnan said.Ransomware, a malicious software agent that blocks access to a computer system until a sum of money is paid, is one of the most common hacking methods used by hackers and malicious actors. The average ransomware payment, which only a few years ago was about $15,000, has surpassed $240,000, according to a recent survey from IDC. Its profit potential has incentivized bad actors to expand the scope of their attacks, including the introduction of new variants designed specifically to encrypt or delete backup data. “What’s happening is that these new variants of ransomware are staying on the systems (much longer), and they’re encrypting the data so slowly,” Ananthakrishnan said. “It’s taking months (for them) to actually encrypt the data. So the net result of that is that the cleanest version–or the most recent version of each file–is unencrypted, and those files may be sitting across multiple restore or recovery points of the data. “Unfortunately, files now are not available in one single recovery point (such as a snapshot). Users now have to go into all these different datasets, and keep trying and testing each one of them to see if they can get the latest version of the file. If you’ve got 100,000 files, think of how long that would take.”Druva’s Accelerated Ransomware Recovery platform has a zero-trust architecture that ensures only customers have access to their data, while features such as excess deletion prevention stops ransomware from permanently deleting backups, the company said.  Key features

Druva’s Accelerated Ransomware Recovery is designed to reduce data loss via intelligent automation and orchestration; it also integrates with security information and event management (SIEM) and security orchestration, automation, and response (SOAR) tools. Key components include:  Access insights: Understand location and identity for all access attempts to gain situational awareness.Anomaly detection: Gain data-level insights on file changes, creation, recovery, and deletion. Users can create alerts for anomalous activity and use anomaly information to identify the timeframe of an attack.Quarantine: Quickly quarantine infected systems and snapshots.Recovery scans: Scan snapshots for known malware and customer-provided indicators of compromise before restoring to avoid reinfection.Curated recovery: Automatically recover the most recent clean version of every file within a specified time frame, reducing recovery time.  Druva Cloud Platform is built on AWS and offered as-a-service that provides globally accessible, scalable, and autonomous enterprise data resiliency. Druva started out in 2008 specializing in protecting data on mobile devices; it has continued to evolve into the cloud data protection and management space. Since those early days, Druva has become known as an early pioneer of edge-computing data protection. More

The Brazilian government has launched a data protection guide as part of efforts to raise awareness on the issue among the general public. The 19-page guide entitled “How to protect your personal data” was developed by the National Consumer Defense Council, in partnership with the National Data Protection Authority (ANPD). Using simplified language and avoiding the excess of technical jargon, the material outlines examples of situations where treatment of data might be possible, and when it is legal to do so. The document also explains what are the principles that underpin data treatment in Brazil, and how these guidelines comply with the country’s General Data Protection Regulations (LGPD), which is also broadly explained. A list of topics summing up how organizations should act in relation to personal data is also provided. Moreover, the document issued by the Brazilian government agencies outlines the rights of data holders, such as knowing whether their personal data will be treated and for what purpose, of accessing their own data if it is being treated, as well as asking for anonymization, revoking authorization to data access, and even the exclusion of data from a database.

The material offers suggestions of how data holders can protect their personal information, including the use of two-factor authentication, data backups and encryption. It also provides the steps that should be taken in case of incidents relating to personal data.Fostering a data protection culture with material aimed at the general public is one of the first objectives of the ANPD, which published its strategy in February. According to the initial plan of the data protection authority, strategic actions will include educational events and workshops around the theme, as well as guides and recommendations relating to the data protection subject, and dialog with actors inside and outside government to build strategic partnerships for the studies to be carried out.

A study published at the end of 2020 by Brazilian credit intelligence company Boa Vista suggested that consumers in Brazil are mostly unaware of the country’s data protection rules and fail to question companies’ personal data management practices. More recently — and especially the emergence of the largest data leak on record in Brazil — there has been a growing concern with relation to personal data security. A report by Datafolha Institute published in July 2021, suggested Brazilians are worried about what happens to their data, despite knowing that companies they interact with keep some type of information about their consumption and leisure habits. More

A new Kaspersky survey found that internet users in the US and Canada increasingly believe the internet to be a stressful place. The findings coincided with a more general increase in internet usage due to the COVID-19 pandemic.In its “Dealing with a new normal in our digital reality” report, Kaspersky researchers found that almost 70% of the 2,500 consumers surveyed said they find news about data breaches to be stressful.More than half of respondents said their use of online services increased during the pandemic and 56% said being online has become a source of stress for them. A quarter of those surveyed said their time online has increased significantly. The numbers were also far higher for millennials, 64% of whom said their internet usage increased compared to just 45% of Baby Boomers. Surprisingly, the figures represent a decrease compared to previous reports released in 2019 and 2018. Nearly 80% of respondents in 2018 said data breaches caused them stress, a 7% increase compared to the findings in 2021. More than 60% also said ransomware was a “top concern.”Despite the stress caused by news of data breaches, there was an increase in the percentage of respondents who said they felt more prepared to protect their digital accounts from attack. Thirty six percent of respondents said they felt more prepared to deal with an attack while 23% said they felt less prepared. Just 30% of those surveyed said they use any kind of security platform to protect their devices and personal information. Kaspersky researchers found that 46% of respondents believe they have a basic understanding of cybersecurity while 17% said they were “experts.” Those figures represented a decrease compared to 2019, when 52% of respondents said they had a basic understanding of cybersecurity. 

As a way to cut down stress, 53% of respondents said they watched TV while 32% used online workout tools and 14% used meditation apps. Despite the stress of the internet and news, 51% of Gen Z respondents and 49% of millennials told the researchers that they used social media as a way to relax.Archie Agarwal, CEO at ThreatModeler, said the report shows a paradox as respondents are extremely worried about security incidents and yet this does not necessarily translate into action. For example, 64% feel having their bank account compromised would be more stressful than losing their job and yet 44% do not use PINs to protect their mobile devices. “With the prevalence of mobile banking this outwardly seems puzzling. As fear may not necessarily be a good motivator to action, organizations should be mindful of using fear to motivate employee behavior regarding good security practices and look for positive reinforcements,” Agarwal said. “The continual slew of cyber security news will not slow down anytime soon and barring desensitization will continue to be a major stressor in our society. From the research it is clear most respondents consider themselves to be under-equipped in terms of cyber security knowhow. Fear is often a consequence of not knowing or understanding and feeling ill-prepared.” More

Minnesota-based farm supply and grain marketing cooperative Crystal Valley has become the latest agriculture business hit with a ransomware attack. The company released a statement on its website Tuesday afternoon, but the website is currently down as of Wednesday. 

On Facebook, Crystal Valley Cooperative confirmed that it had been hit with a ransomware attack on Sunday, September 19.”The attack has infected our computer systems and interrupted the daily operations of our company. Due to this computer breach, all systems of the Mankato-based cooperative have been shut down until they can be restored safely and securely,” the company said. “Due to this, we are unable to accept Visa, Mastercard, and Discover cards at our cardtrols until further notice. Local cards do work. As we continue to navigate through this with the help of experts, we appreciate your patience and understanding. We will continue to update with information as it becomes available.”In messages to ZDNet, a spokesperson for the company confirmed that their phone system is also down. Based in Mankato, Minnesota, Crystal Valley Cooperative is a local full-service agricultural cooperative focused on helping crop farmers and livestock producers in southern Minnesota and northern Iowa. 

The Free Press in Minnesota reported that the company works with 2,500 farmers and livestock producers while employing 260 full-time workers. CEO Roger Kielholz told the newspaper that the company is “working diligently with our internal IT team along with multiple outside technology vendors to restore our data and return to full-service operation in a matter of days, especially now with fall harvest getting underway.”The ransomware attack is the second in the last week targeting an agriculture cooperative. Iowa-based farm service provider NEW Cooperative was hit with a ransomware attack last week. The BlackMatter ransomware group took credit for the attack and was demanding a $5.9 million ransom.In that case, many observers noted what Kielholz mentioned in his statement: that this was a particularly bad time for a cyberattack considering this is when harvests begin to ramp up for farmers. Curtis Simpson, CISO at cybersecurity firm Armis, said the agriculture industry struggles with the sheer fact that every type of technology from today to decades past is part of a larger supply chain. Budgets, technical projects, cybersecurity, and business risk mitigation efforts are all impacted by the spiderweb of integrated old and new technologies, Simpson explained. “Older, larger organizations are often trying to catch up with technical debt across the organization while trying to keep up with acquisitions of smaller, less secure operations — all while running a fundamentally low-margin business. The smaller operations often outsource security and technology efforts,” Simpson said.”Unfortunately, and once again, many attackers are more than aware of the potential impacts and what this may mean to the number of zeros in a potential ransom payment.”Darktrace director of strategic threats Marcus Fowler added that with two attacks on critical grain cooperatives this week so close together, all organizations in critical infrastructure, specifically the food and agriculture sector, should be on high alert. “If these two attacks were both conducted by BlackMatter, this could indicate a broader supply chain attack or campaign targeting the food chain, which means there may be other companies that were breached and don’t know it yet or have failed to report,” Fowler said. “These ransomware attacks forced both companies to take their systems offline, which could have significant and longer-term consequences. Ceasing operations could cut off feed supply for animals and, in turn, cut meat processing, dairy production, and more, creating enormous unintended consequences and potentially food scarcity nationwide.”Earlier this month, the FBI released a notice warning companies in the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains.”Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information and may suffer reputational damage resulting from a ransomware attack,” the FBI said. The notice goes on to list multiple attacks on the food and agriculture sector since November, including a Sodinokibi/REvil ransomware attack on a US bakery company, the attack on global meat processor JBS in May, a March 2021 attack on a US beverage company and a January attack on a US farm that caused losses of approximately $9 million. JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries. In November, the FBI also cited an attack on a US-based international food and agriculture business that was hit with a $40 million ransom demand from the OnePercent Group. More

Image: User XPS on Unsplash
If you’re going to use a VPN, you’re most likely going to do so away from your home and office. Sure, if you’re in a dorm or your have roommates (or your internet service provider is intrusive), you might use a VPN at your home base. But most often, you’re going to use a VPN because you’re in an airport, at a hotel, in a school, at a coffee shop, and you don’t want your data running over a public Wi-Fi hotspot that could be corrupted in any of a thousand different ways. And, if you’re using a VPN away from home base, you’re probably going to do so with a laptop. Yes, you might put a VPN on your phone or tablet, but if you’re doing real work, you’re almost undoubtedly doing it on a laptop. And if you’re using a laptop, you’re more likely than not running Windows. Yes, Chromebooks and Mac laptops are also prevalent, but PC’s are still the clear winner. In that context, we’re aggregating some of the best VPNs for Windows in this article. Not only have these all been put to the test in various reviews, but we also have aggregate benchmark data that we’re applying to our recommendations. Below, we recommend four VPNs and let you know how they fared in Windows performance testing against each other.

Fastest and most consistent Windows performance

Simultaneous Connections: 6Kill Switch: YesPlatforms: Windows, Mac, iOS, Android, Linux, Android TV, Chrome, FirefoxLogging: None, except billing dataCountries: 59Servers: 5517Trial/MBG: 30 dayAlso: How does NordVPN work? Plus how to set it up and use it on WindowsNordVPN distinguished itself as one of the fastest overall VPNs, as well as the one that turned in the most consistent Windows performance results from testers across the world. That said, ping speeds were slow enough that I wouldn’t want to play a multi-player first person shooter game over the VPN. To be fair, most VPNs have pretty terrible ping speeds, so this isn’t a weakness unique to Nord.Also: My in-depth review of NordVPNIn our review, we liked that it offered capabilities beyond basic VPN, including support of P2P sharing, a service it calls Double VPN that does a second layer of encryption, Onion over VPN which allows for TOR capabilities over its VPN, and even a dedicated IP if you’re trying to run a VPN that also doubles as a server. Also: My interview with NordVPN management on how they run their serviceIt supports all the usual platforms and a bunch of home network platforms as well. The company also offers NordVPN Teams, which provides centralized management and billing for a mobile workforce. Overall, a solid choice, and with a 30-day money-back guarantee, worth a try.

A little slower and a little less consistent than NordVPN on Windows

Simultaneous Connections: 5 or unlimited with the router appKill Switch: YesPlatforms: A whole lot (see the full list here)Logging: No browsing logs, some connection logsCountries: 94Locations: 160Trial/MBG: 30 daysExpressVPN has been burning up the headlines with not the best news. We’ve chosen to leave ExpressVPN in this recommendation, and I wouldn’t necessarily dismiss ExpressVPN out of hand because of these reports, but it’s up to you to gauge your risk level. The best way to do that is read our in-depth analysis:With 160 server locations in 94 countries, ExpressVPN has a considerable VPN network across the internet. In CNET’s review of the service, staff writer Rae Hodge reported that ExpressVPN lost less than 2% of performance with the VPN enabled and using the OpenVPN protocol vs. a direct connection. In ZDNet’s aggregate speed tests, we found that ExpressVPN for Windows came in just after NordVPN and Hotspot Shield in overall performance, but performance was more predictably consistent than that of Hotspot Shield across the world.ExpressVPN is one of the most popular VPN providers out there, offering a wide range of platforms and protocols. In addition to Windows, ExpressVPN offers clients for Mac, Linux, routers, iOS, Android, Chromebook, Kindle Fire, and even the Nook device. There are also browser extensions for Chrome and Firefox. Plus, ExpressVPN works with PlayStation, Apple TV, Xbox, Amazon Fire TV, and the Nintendo Switch. There’s even a manual setup option for Chromecast, Roku, and Nvidia Switch.Must read:While the company does not log browsing history or traffic destinations, it does log dates connected to the VPN service, amount transferred, and VPN server location. We do want to give ExpressVPN kudos for making this information very clear and easily accessible.Exclusive offer: Get 3 extra months free.

Adequate Windows performance that differs based on location

Simultaneous Connections: UnlimitedKill Switch: YesPlatforms: Windows, Mac, Linux, iOS, Android, Fire TV, Firefox, ChromeLogging: None, except billing dataTrial/MBG: 30 dayAt two bucks a month for a two-year plan (billed in one chunk), Surfshark offers a good price for a solid offering. Windows users will like that, in addition to VPN functionality, Surfshark offers some inexpensive add-on features, including ad-blocking, anti-tracking, anti-virus, access to a non-logging search engine, and a tool that tracks your email address against data breach lists.In CNET’s testing, no leaks were found (and given that much bigger names leaked connection information, that’s a big win). The company seems to have a very strong security focus, offering AES-256-GCM, RSA-2048, and Perfect Forward Secrecy encryption. To prevent WebRTC leaks, Surfshark offers a special purpose browser plugin designed specifically to combat those leaks.Must read:Surfshark also offers a multihop option that allows you to route connections through two VPN servers across the Surfshark private network. 

Consistently slowest of our tested Windows VPNs, but still usable

Simultaneous Connections: UnlimitedKill Switch: YesPlatforms: Windows, Mac, iOS, Android, Linux, Chrome, plus routers, Fire Stick, and KodiLogging: None, except billing dataServers: 1,500 Locations: 75Trial/MBG: 30 dayWindows users will appreciate that IPVanish is a deep and highly configurable product that presents itself as a click-and-go solution. Its UI provides a wide range of server selection options, including some great performance graphics. It also has a wide variety of protocols, so no matter what you’re connecting to, you can know what to expect. The company also provides an excellent server list with good current status information. There’s also a raft of configuration options for the app itself.Also: My in-depth review of IPVanishIn terms of performance, connection speed was crazy fast. Overall transfer performance was adequate, but slower overall than our other contenders. However, from a security perspective, it wasn’t able to hide that I was connecting via a VPN — although the data transferred was secure. Overall, a solid product with a good user experience that’s fine for home connections as long as you’re not trying to hide the fact that you’re on a VPN.The company also has a partnership with SugarSync and provides 250GB of encrypted cloud storage with each plan.

Doesn’t Windows 10 come with a VPN?

Yes, and no. Windows 10 includes a VPN client. But to run your data through the internet, you need an endpoint. If you’re connecting to your corporate VPN server, then you can use Windows’ built-in client. But if you want to connect elsewhere, you still need one of the services we’ve profiled. Plus, the base client is pretty barebones. If you want more advanced features, you’ll want to use one of the more premium clients included with the services we’re spotlighting.

Do these VPN clients support Windows on Arm?

Definitely not explicitly. My recent testing of Windows for Arm running on an M1 Mac showed that Intel apps can run on Arm-based devices in emulation. But what does that do for performance? How reliable is it? No idea. It’s not something I’d recommend at this early stage.

If I run these VPNs on my laptop, can I also run them on my phone?

Yes — as long as you’re running iOS or Android on your phone. All of the VPNs we recommend support multiple simultaneous connections for just this reason. Once you sign up for a service, you can generally run the VPN client on five or more devices at once.

You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV. More

Mozilla has released the latest instalment of its “*Privacy Not Included” ranking, where they do deep dives into the privacy features of the most popular apps and platforms. The latest ranking, covering the privacy features of 21 popular video call apps, found that three of the most popular apps are also platforms that Mozilla researchers said had lackluster privacy features: Facebook Messenger, WeChat and Houseparty.Slack was also criticized by Mozilla for not allowing users to block certain contacts. Signal and Threema were both cited as “outstanding” from a privacy perspective, but only Signal is free. Threema costs $2.99.

“Signal’s open-source end-to-end encryption is lauded by many security professionals. And Signal won’t track you or sell your data to strangers who could use it to target you with weird ads. Shoot, it was even recently reported that Facebook CEO Mark Zuckerberg himself uses Signal,” Mozilla said in its analysis of Signal, noting that it has never had a data breach, only collects your phone number and never sells, rents or monetizes your personal data.The report tackles thorny issues like “What data does the product collect?” “Does the product use encryption?” and “How does the product use AI?” Fifteen of the apps were covered in Mozilla’s 2020 report and six new ones were added to the latest version. Jen Caltrider, the lead researcher for Mozilla’s *Privacy Not Included, noted that due to the COVID-19 pandemic, video calling apps have become a routine part of millions of people’s lives. Even as life begins to slowly return to normal, video calls for work and pleasure appear to be a pandemic trend that will continue into the future. “In this new world, people deserve to know if the apps they’re using everyday respect their privacy — or if they’re snooping on them,” Caltrider said. “While video call apps may feel more intimate than social media platforms, there’s still a ton of data being collected, stored, and shared. For that reason, users should assume that anything they say on a video call app could be made public.”

In addition to the six that stood out for good and bad reasons, Mozilla also examined Apple’s FaceTime, 8×8’s Jitsi Meet, Cisco’s Webex, GoToMeeting, Viber, Discord, Doxy.me, Google Hangouts/Meet/Duo, Microsoft Teams, Telegram, BlueJeans, Zoom, Marco Polo, Skype and WhatsApp.The report explains that Facebook Messenger, WeChat and Houseparty all got the *Privacy Not Included tag because they collect significant amounts of personal information and data, share it with “shady data brokers” and use poor encryption, among a host of other issues. Mozilla also criticizes many other apps for either not having a block feature or having a limited one that can only be used in specific instances. “Forcing people to rely on HR or IT departments to protect them from abuse over messaging platforms is not ideal,” Mozilla researchers said, adding that they have launched a petition urging Slack to create a block feature. The report notes that in examining privacy policies, many are effectively unreadable and lack specific language about pertinent issues like data retention periods and how to delete data.Just eight of the 21 had what Mozilla considered “user-friendly” privacy information available to users. They also criticized companies like Microsoft for using umbrella privacy policies that make it difficult to know exactly what data certain platforms collect. “It’s surprising just how terrible video call app privacy policies are. They rarely help consumers understand what personal information a company collects on them and how they use that information,” Caltrider told ZDNet. “Vaguely worded privacy policies can mean companies are collecting just about anything and using it just about any way they want. Yikes! Companies need to do better at being direct, open, and honest with their customers at what data they collect and how they use that data. Our privacy depends on it.”There are signs that more companies are improving their privacy features. Mozilla noted that apps like Zoom have added more end-to-end encryption and others, like Discord and Doxy.me, are now demanding stronger password requirements.  More