Information Technology

Amazon/ZDNETAmazon is curtailing a privacy-minded feature that will affect owners of certain Echo devices.In an email sent last Friday to a number of customers, Amazon revealed that as of March 28, it will remove an opt-in setting that prevented audio of your Alexa requests from being shared with the company. Available to users with certain Echo devices, this option processes your Alexa requests locally instead of sending their recordings to the cloud.Also: Echo Pop vs Echo Dot: Which Alexa speaker should you choose?Though this option sounds like it should have been available to all Alexa users, it was limited to those with the Echo Dot 4th generation, Echo Show 10, and Echo Show 15 devices and only to people in the US with English set as their language. To enable this in the Alexa app, at least until March 28, select the supported Echo device and tap Settings. From there, turn on the switch for “Do Not Send Voice Recordings.”With this option soon to be disabled, does that open up Alexa users to privacy risks?To address such concerns, Amazon will automatically update the privacy settings for affected users to not save voice recordings, a company spokesperson told ZDNET. In this case, the recordings are still shared with Amazon. But those recordings will then be deleted after the request has been answered. Amazon will also remove any previous recordings still accessible. More

ZDNETSince 2014, Google’s Chromecast has been an affordable means for helping viewers turn their older model TVs into smart TVs, allowing them to stream content from their phones, tablets, and computers to a bigger screen. Alas, the era of the Chromecast has come to an end. Google is replacing it with the Google TV Streamer, promising a faster processor, Thread and Matter integration, and the ability to summarize TV episodes or whole seasons, among other new tricks.Also: ‘Untrusted device’ errors on Chromecast? Google is rolling out a fixBut that doesn’t mean the Chromecast is obsolete yet; in fact, Google has promised to continue providing software and security updates for now. I found a number of cool things anyone can do with their trusty Chromecast that most users are unaware of. More

Maria Diaz/ZDNETApple joined the RCS bandwagon last year, giving its users the ability to exchange rich text messages with their Android counterparts. The only problem? Those messages are not encrypted, exposing them to security risks. Now, Apple will soon eliminate that obstacle. Also: Google Fi users finally get RCS on iPhone – here’s how to check if it’s activatedIn a new announcement, Apple said it will add support for encrypted RCS messages in future updates to iOS, iPadOS, MacOS, and WatchOS. This means that any rich text messages exchanged between Apple and Android users will automatically be secured through the latest industry standard. RCS with E2EEThat industry standard comes from the GSM Association, which announced on Friday new specifications for RCS that include end-to-end encryption (E2EE). Thanks to the new standard, RCS will be the first major messaging format to support this type of encryption among different providers, including Apple and Google. The latest standard is based on a protocol known as Messaging Layer Security (MLS). With MLS in place, RCS messages and their rich content remain confidential and secure as they’re routed from one device to another. By adding other security features such as SIM-based authentication, the end-to-end encryption will help keep RCS messages private, protecting people from scams, fraud, and other threats, the GSMA said.Also: How to send RCS messages from your iPhone to your Android user friends”End-to-end encryption is a powerful privacy and security technology that iMessage has supported since the beginning, and now we are pleased to have helped lead a cross-industry effort to bring end-to-end encryption to the RCS Universal Profile published by the GSMA,” Apple spokesperson Shane Bauer said in a statement shared with The Verge and other media outlets. “We will add support for end-to-end encrypted RCS messages to iOS, iPadOS, MacOS, and WatchOS in future software updates.” More

ebrublue10/Getty Images Cybercriminals are weaponizing artificial intelligence (AI) across every attack phase. Large language models (LLMs) craft hyper-personalized phishing emails by scraping targets’ social media profiles and professional networks. Generative adversarial networks (GAN) produce deepfake audio and video to bypass multi-factor authentication. Automated tools like WormGPT enable script kiddies to launch polymorphic malware that evolves […] More

ZDNETI’ve been using Bitwarden for a long time. I like it for its ease of use, security, feature set, and that it’s open-source.One thing about Bitwarden is that it makes it easy to move between different accounts. With the click of a menu item, you can switch between your personal account and your work account — without having to leave the Bitwarden window. That’s right, multiple accounts. But why? Also: 7 ways to get more out of your Bitwarden password managerSome businesses have policies that require users not to include personal items within a password manager. Or maybe you don’t want to have to use separate password managers for your personal and work accounts. That’s inefficient. Another reason I like to separate the two is simply for peace of mind. When I’m not in my office, I’m not working; and when I’m not working, I don’t always want to be reminded of work. By separating those accounts, I don’t have the reminders of clients and deadlines when I’m “off the clock.” But how do you do this? It’s remarkably easy. Let me show you. How to add a second account to Bitwarden What you’ll need: To make this work, you’ll need at least two valid Bitwarden accounts. You can do this on the desktop, mobile, and web versions of Bitwarden, and I’m going to demonstrate it on my Pop!_OS desktop.Let’s go. More

Yaroslav Kushta/Getty Images It’s an age-old adage of cyber defense that an attacker has to find just one weakness or exploit, but the defender has to defend against everything. The challenge of AI, when it comes to cybersecurity, is that it is an arms race in which weapons-grade AI capabilities are available to both attackers […] More

ZDNETA persistent malware campaign is exploiting the ubiquitous CAPTCHA process to try to steal data from unsuspecting victims.Also: Got a suspicious E-ZPass text? It’s a trap – how to spot the scamAs described by security firm Malwarebytes in a new report, this scheme relies on the ease with which people often follow the steps in a CAPTCHA prompt without thinking.How the attack worksYou land on a website that promises movies, music, pictures, news articles, or some other interesting content. A CAPTCHA prompt pops up, asking you to prove that you’re not a robot. As we’re all so used to these types of requests, many of us wouldn’t think twice about accepting it. Also: Why rebooting your phone daily is your best defense against zero-click attacksBut instead of the usual CAPTCHA challenge that asks you to choose certain images in a picture or identify distorted characters, this one serves up the instructions seen in the image below: More

ZDNETThe ill-fated March Pixel update has apparently introduced yet another problem.When Google released its Pixel Feature Drop earlier this month, it introduced several new features, including real-time alerts for suspicious texts and the ability to share your location through Find My Device. Unfortunately, it also introduced several frustrating problems, including a screen-dimming issue, a strange haptic feedback change, and a glitch with EQ audio.Also: Google is trying to fix Messages – but it needs your helpNow there’s another issue to add to the list — problems with the fingerprint scanner. Mostly affecting Pixel 9 phonesA post on the GrapheneOS Discussion Forum highlights a problem that’s affecting mostly Pixel 9 phones (but there have been scattered reports on other Pixel devices). After the recent update, the post says, the phone’s fingerprint scanner has stopped working. What’s most strange is that the phone acts like the scanner doesn’t even exist, as it has disappeared from the settings menu too. If this were several years ago and the fingerprint scanner were only used to unlock the phone, this would be a minor annoyance. But since so many apps today use biometric login, this could be a very frustrating problem. Also: 12 Android phone settings you should change to dramatically increase battery lifeThe issue seems to be fairly rare, but it was reportedly seen in the earlier Android 15 QPR2 Beta releases. It’s likely still appearing because it doesn’t happen enough for developers to replicate and track down the issue. A report from Android Authority last summer uncovered code in an Android 15 beta that indicated your phone would be able to tell if your face or fingerprint login wasn’t working and delete that credential, requiring you to create a new one. There’s no indication this issue is tied to that feature, but the timing is suspicious. More