Some churches across the United States are using invasive phone-monitoring technology in efforts to discourage “sinful” behavior, a WIRED investigation revealed this week. The churches are using a series of apps, dubbed “shameware,” that track people’s activity and use their personal data as a way to control their lifestyle choices. The apps can record everything you do on your phone, like your browsing history, by capturing thousands of screenshots of your activity before reporting it back to a designated chaperone. In addition to their draconian surveillance, our investigation found the apps are full of security flaws.
As Vladimir Putin once again raises the specter of nuclear weapons in his full-scale invasion of Ukraine, we have looked at one way in which Russia is trying to integrate areas of Ukraine into its territory. In recent months, new Russian mobile network providers have appeared in Ukraine, promising they will provide internet connectivity to “liberated” regions. While Russian officials plan to hold referendums in some of these areas, they are also losing ground to successful Ukrainian counteroffensives. When that happens, these shadowy mobile companies wipe their existence in the areas from the web.
Iran’s latest internet shutdowns are significant as the government continues to tighten its grip on citizens’ ability to connect, and the roots of Nigeria’s cybersecurity problem shed light on digital challenges in the country, including how data collection remains largely unmonitored despite strong data protection laws. The supply chain security firm Chainguard launched an open source way to guard against supply chain attacks this week, and new research indicates that the workplace communication platforms Slack and Microsoft Teams have gaps in their security that could be exploited.
And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.
The popular streaming service Twitch, owned by Amazon, offers a rich source of information about the daily lives of kids to child predators, according to new research. A researcher who manually browsed Twitch from October 2020 to August 2022 found hundreds of seemingly predatory accounts run by adults that mostly followed children or young teenagers. Each account followed more than 1,000 children, and the study found 279,016 children who were potentially targeted by predatory accounts. “In the course of reporting, Bloomberg discovered additional live videos and predatory accounts not cataloged by the researcher, suggesting the problem could be even more widespread than the data portrays,” the investigation reads. Bloomberg granted the researcher anonymity but conducted its own vetting of the findings. “We know that online platforms can be used to cause harm to children, and we have made extensive investments over the last two years to better stay ahead of bad actors and prevent any users who may be under 13 from accessing Twitch,” the company said in a statement to Bloomberg.
In March, the nonprofit transparency group DDoSecrets published a trove of more than 160,000 records, or 700 GB of data, from the Bashkortostan regional office of Russia’s internet regulator, Roskomnadzor. This week, The New York Times published an in-depth analysis of the documents, revealing rare insights into how the agency, which wields significant digital monitoring and censorship powers, goes about exerting control. The documents highlight how the Kremlin works to silence detractors, monitor social movements including those related to topics like “sexual freedoms” and recreational drug use, control the flow of information within Russia, spread disinformation, and monitor dissidents such as opposition leader Alexey Navalny. The analysis also provides insight into how Roskomnadzor’s role has shifted in recent years. “Roskomnadzor was never part of this game before of providing political intelligence,” Andrei Soldatov, a fellow at the Center for European Policy Analysis, told the Times. “They’re getting more and more ambitious.”
In implementing their speech policies, Facebook and Instagram impeded the human rights of Palestinian users last May during a rash of Israeli attacks on the Gaza Strip, an investigation commissioned by Meta found. The independent group Business for Social Responsibility, which Meta has previously tasked with conducting third-party audits on controversial topics, found “a lack of oversight at Meta that allowed content policy errors with significant consequences to occur.” While the report was scheduled to come out at the beginning of 2022, Meta delayed the release of the report to this week. Last month, human rights groups protested the delay in an open letter. “Meta’s actions in May 2021 appear to have had an adverse human rights impact … on the rights of Palestinian users to freedom of expression, freedom of assembly, political participation, and non-discrimination, and therefore on the ability of Palestinians to share information and insights about their experiences as they occurred,” the report said.
Optus, Australia’s second-largest telecommunications company, said Thursday that a “significant” portion of its almost 10 million customers had been impacted by a data breach. It’s unclear whether the attack came from criminal or state-sponsored actors, but Australian officials warned that affected customers will face the threat of identity theft because of the breach. “If you are an Optus customer, your name, date of birth, phone number, email addresses may have been released,” wrote the Australian Competition and Consumer Commission’s Scamwatch group. “For some customers identity document numbers such as driver’s licence or passport numbers could be in the hands of criminals. It is important to be aware that you be may be at risk of identity theft and take urgent action to prevent harm.”
Optus chief executive Kelly Bayer Rosmarin was contrite in an interview with ABC’s Afternoon Briefing on Thursday. “We’re so deeply disappointed because we spend so much time and we invest so much in preventing this from occurring,” she said. “Our teams have thwarted a lot of attacks in the past, and we’re very sorry that this one was successful.”