Hexbyte – Tech News – Ars Technica | In new gaffe, Facebook improperly collects email contacts for 1.5 million

Hexbyte – Tech News – Ars Technica | In new gaffe, Facebook improperly collects email contacts for 1.5 million

Hexbyte – Tech News – Ars Technica |

GOT PRIVACY? —

Remember when Facebook asked for email passwords? The blunder just got worse.


Hexbyte - Tech News - Ars Technica | In new gaffe, Facebook improperly collects email contacts for 1.5 million

Facebook’s privacy gaffes keep coming. On Wednesday, the social media company said it collected the stored email address lists of as many as 1.5 million users without permission. On Thursday, the company said the number of Instagram users affected by a previously reported password storage error was in the “millions,” not the “tens of thousands” as previously estimated.

Facebook said the email contact collection was the result of a highly flawed verification technique that instructed some users to

supply the password for the email address

associated with their account if they wanted to continue using Facebook. Security experts almost unanimously criticized the practice, and Facebook dropped it as soon as it was reported.

In a statement issued to reporters, Facebook wrote:

Earlier this month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time. When we looked into the steps people were going through to verify their accounts we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account. We estimate that up to 1.5 million people’s email contacts may have been uploaded. These contacts were not shared with anyone and we’re deleting them. We’ve fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.

Business Insider first reported the harvesting of the email contacts. When users gave their passwords to Facebook, the publication said, they received a message declaring that Facebook was importing their contacts. The collection happened without asking for permission first.

Hexbyte - Tech News - Ars Technica |

While Facebook’s statement referred to the email verification step as an “option,” the language displayed in a tweeted screenshot of the message (right) told users: “To continue using Facebook, you’ll need to confirm your email address.” Many users, it seems, could be forgiven if they thought supplying their password was a condition of using the social media site. A Facebook representative

Read More

Hexbyte – Tech News – Ars Technica | Microsoft buys Express Logic, adds a third operating system to its IoT range

Hexbyte – Tech News – Ars Technica | Microsoft buys Express Logic, adds a third operating system to its IoT range

Hexbyte – Tech News – Ars Technica |

Gotta catch ’em all —

ThreadX joins Azure Sphere, Windows 10 for IoT.


Hexbyte - Tech News - Ars Technica | Different-colored rolls of thread are lined next to each other.
Enlarge /

Multi-threading.

Not content with having a Windows-based Internet of Things platform (Windows 10 IoT) and a Linux-based Internet of Things platform (Azure Sphere), Microsoft has added a third option. The company has announced that it has bought Express Logic and its ThreadX real-time operating system for an undisclosed sum.

Real-time operating systems (RTOSes) differ from more conventional platforms in their predictability. With an RTOS, a developer can guarantee that, for example, interrupt handling or switching from one process to another takes a known, bounded amount of time. This gives applications strong guarantees that they’ll be able to respond in time to hardware events, timers, or other things that might make an application want to use the CPU. This predictability is essential for control applications; for example, ThreadX was used in NASA’s Deep Impact mission that hurled a large object at a comet. ThreadX was also used in the iPhone 4’s cellular radio controller, and ThreadX is embedded in the firmware of many Wi-Fi devices. These tasks need the determinism of an RTOS because there are timing constraints on how quickly they need to respond.

Linux can be built with various options to offer more predictable behavior and so can address some similar scenarios. But ThreadX has another big advantage up its sleeve: it’s tiny. A minimal Thre