U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Security

New technologies raise serious doubts on privacy & security

Today a colleague alerted me on a news published on-line related to a patent obtained by Microsoft titled “CONTENT DISTRIBUTION REGULATION BY VIEWING USER” The patent could, according to some experts, a clear violation of privacy because it uses technology to gather information on user’s consumption of video content. The major concerns are related to […]

New technologies raise serious doubts on privacy & security

Today a colleague alerted me on a news published on-line related to a patent obtained by Microsoft titled “CONTENT DISTRIBUTION REGULATION BY VIEWING USER”

The patent could, according to some experts, a clear violation of privacy because it uses technology to gather information on user’s consumption of video content.

The major concerns are related to the use of cameras of video devices such as PC, mobile devices and TVs to identify the user and verify its rights for vision and of course to determine his habits with the purpose to pack it for the best offer in terms of contents.

How does Microsoft will use the cameras?

There are several technologies that can serve the purpose, probably using “facial recognition techniques” combining with analysis of video and audio input.

The patent states:

 “[0028] In an alternative embodiment, a fee can be charged for each viewer of the content for each view. In another alternative, at 225 and 240, a per-viewer license may comprise counting the number of viewers in a viewing area and directly charging for each identified user in the viewing area. Viewers may be uniquely identified and a count of the viewers determined, with the licensee then charged for each viewer accessing the content. Age and identity restrictions can be applied in this embodiment as well. “

The cameras could be used to validate user’s license and enabling content vision, they must be able to count the number of users present in front of video. The patent authorizes a private company to get so invasive in our homes and maybe this is the first of different similar cases.

TV, PC and gaming console are object technological extremely evolved that thanks to sensors, cameras and microphones are able to operate a meticulous control of the surroundings.

Last year I presented a project funded by the U.S. government to acquire information through the analysis of gaming console on the network.

There are several problems with patents like the one under discussion.

Who will govern the information obtained and how?
Are these devices secure from external attacks?
Who guarantees the security of information collected?

The doubts are raised mainly by the implementation of the content of the patent, let’s image for example what could happen if an hacker takes control of such devices. It will be able to spy on victims, and similar attacks represent serious risks from different perspective.

Governments, but also cybercriminals could be interested to exploit the devices, same interest is from a commercial perspective to gather information on user’s habits.

The patent applies to both streaming content as well as downloaded material, and it is sure that many other companies are interested in the technology.

I personally think the technology is ripe for several similar uses but to be really useful it always have to compare with the demands of privacy and safety of users … unfortunately the trade goes in the opposite direction.

Pierluigi Paganini