Apple’s New Data & Privacy Portal Lets You Download Your Data
Apple has released a new data & privacy portal that can be used to download data that is linked to your Apple ID. This data can include transaction history, Apple app history, AppleCare history, marketing data, and more.
To access the portal, you need to go to https://privacy.apple.com and login with the Apple ID associated with your account.
Once you are logged in, you will be presented with the “Get a copy of your data”, “Correct your data”, “Deactivate your account”, “Delete your account” choices.
For the most part, the choices are self explanatory and in this article we will focus mostly on using the portal to download your Apple data. It should be noted, though, that the “Correct your data” option simply brings you to a page containing links to the Apple ID and Apple Store account pages.
To download your data, click on the “Get a copy of your data” option and you will be presented with a page displaying the type of information that can be downloaded.
The data that can be downloaded using this portal includes:
App Store, iTunes Store, iBooks Store, Apple Music activity Apple ID account and device information Apple Online and Retail Stores activity AppleCare support history, repair requests, and more Game Center activity iCloud Bookmarks and reading list iCloud Calendars and Reminders iCloud Contacts iCloud Notes Maps Report an Issue Marketing subscriptions, downloads, and other activity Other data iCloud Drive files and documents iCloud Mail iCloud Photos
When downloading your data, it will be delivered in various formats. For textual data, it will be delivered as a spreadsheet or in JSON, CSV, XML, or PDF files. For binary files, it will be delivered in its original format. For example, images will be sent as image files and files stored in iCloud will be delivered as its native format.
Apple states that adding iCloud Drive files and documents, iCloud Mail, and iCloud Photos iCLoud Drive files will increase the size and time required to collect your data.
Once you have selected all of the items you wish to download, Apple will compile it into a downloadable archive. According to Apple this process can take up to 7 days to complete.
“As a reminder, this process can take up to seven days. To ensure the security of your data, we use this time to verify that the request was made by you.”
While the archive is being created, you can check on its status by visiting https://privacy.apple.com/account.
Read the original article over at BleepingComputer.com.
How to Backup Google Authenticator or Transfer It to a New Phone
Courtesy of Protectimus.com
Our regular readers know that we strongly recommend applying two-step verification wherever it’s possible. In the contemporary world, where database leaks are a standing affair, two-step authentication is not an option, it is, in fact, a must. If you use two-factor verification, an intruder would need to get both the unique password you came up with, and the gadget, which produces the verification codes, to break into your account. Thus, two-factor authentication protects from brute force, keyloggers, most cases of phishing and social engineering. It also complicates man-in-the-middle and man-in-the-browser attacks.
So why two-factor verification is still unpopular? Sure, it creates an extra step to take to log in, but most users omit it not because of this extra time and effort, but because they are afraid of losing access to their credentials if something goes wrong with their authentication devices.
“As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace.”
From all available options of one-time passwords generation or delivery (SMS, emails, hardware and software tokens) most people choose Google Authenticator or other similar applications like Authy, Protectimus Smart etc. Operating principle is pretty much the same for all the software OTP tokens – they generate authentication codes for logging into your account right on your smartphone.
It’s very convenient to use the smartphone for two-factor verification, but there are always these nagging questions: What do you do if you lose the smartphone which generates your one-time passwords? What occurs if you switch smartphones, do you lose the entire account? How do you transfer Google Authenticator to a new phone? In this article, we will answer these nagging questions and help you protect your invaluable personal data.
3 ways to backup Google Authenticator
1. Backup codes
Google, as well as some of the other websites where you can protect your user account with two-step authentication, provides backup codes. These are the one-use codes that allow you to login into your account if you lose access to your OTP token. After you use a backup code once it’s gone for good. Most people print out these Google Authenticator backup codes and keep them at hand.
It is imperative to understand that Google Authenticator is a multi-token, thus you can enroll many tokens for various websites using one app. Some of these websites provide backup codes, and a user can gain access to these websites if his/her smartphone is lost. But what do you do with the websites which do not support backup codes?
Another point against Google Authenticator backup codes is – they are as secure as a password written down on a paper. An intruder can easily copy them if they are in physical vicinity and use them to gain access to your account. Granted, the intruder will have to be among your peers and know the user password, but you know… things happen.
Other things that you might want to keep in mind when it comes to printed out backup codes:
- You do not have them at hand at all times
- You can lose the paper or destroy it by mistake
- Only a few services provide them
Google Authenticator backup codes have their perks, but you have to be ready for the drawbacks as well.
2. Saving screenshots of the secret keys
This is by far the easiest way to never lose access to your account. When you first set up your Google Authenticator simply make a screenshot of the barcode with the secret key. Keep the screenshot very secure though, if someone in your vicinity finds it they can access your data. Please, mind, if it really happens and someone steals your secret key, they will still need to know your user password, so make sure it’s not a simple combination to guess.
3. Programmable hardware token
Created as a more secure alternative to the authentication apps, hardware tokens Protectimus Slim NFC can be used with Google, Facebook, GitHub, Dropbox etc. These tokens are easily programmed with an application for Android with NFC support.
The token looks like a credit card and can be carried with you effortlessly. So you’ll always have an alternative source of one-time passwords on all times, for example, if your smartphone battery is out of charge or you’ve reset the phone or deleted the token accidentally.
The hardware token is far more secure than a backup code on paper or a screenshot of the key – extracting the secret key from the token is absolutely impossible. Protectimus Slim NFC allows for unlimited reprogramming, so every time you change a token on a service you can simply reprogram it and stay protected.
The main drawback here is that one token allows for one secret key only.
How to transfer Google Authenticator to a new phone
1. Move Authenticator to a different phone
NOTE: You will transfer only the Google token this way.
With Google, it is pretty straightforward to transfer the authenticator and all the secret keys within it to another smartphone. All you’ve got to do is go to the two-step verification page, click the “Get started” button, enter your password to verify it’s you, and click the “Change phone” button. Then either scan the QR or barcode, or put in the secret key on the other gadget manually. That’s it.
This works only with the Google account, the other accounts where you use Google Authenticator for two-step authentication might not support this option. You will transfer only the Google token this way. So you might want to try the next two options instead.
2. Disable & Re-enable Two-Factor Authentication
Disabling two-step verification is pretty easy if you still have your old smartphone. It’s usually required to enter the OTP from the currently used token to disable two-factor authentication on any account. To disable 2FA for a while, just click the “Turn Off 2-Step Verification”, “Delete the token”, “Disable 2-step verification” or similar button, depending on the service you use. You’ll find it at the two-step verification page in security settings.
3. Manually Extract Your Credentials [Root Only]
Note: There are many ways to manually transfer Google Authenticator if you have an Android smartphone with root access to it. We do not recommend using them though. Getting root access can significantly damage the security of your apps and make the device prone to getting viruses and errors.
This is a more time and effort consuming way to transfer Google Authenticator key to the other smartphone. It requires you to have root access to the smartphones.
To extract the secret keys manually you need to give adb root access, this is easily done with an app like [root] adbd Insecure if you’ve got stock ROM. And in case you happen to have custom ROM you might already have the necessary root access adb, so no additional apps are needed.
Set adb onto insecure mode with the application or directly, connect the smartphone to your PC or laptop and copy the Google Authenticator databases to the computer using the commands.
This is the pathname:
adb pull /data/data/com.google.android.apps.authenticator2/databases/databases
After the file is copied you can open it and see the keys using these sqlite editor commands:
select * from accounts;
Now you have your secret keys and can add them to your new device.
Two-phase authentication is a reliable and reasonable way to shield your invaluable personal data. Whether you use a hardware token or apps like Google Authenticator or Protectimus Smart, you now know how to stay safe even if you change devices or lose your smartphone.
So now you do not have any excuses not to protect your info better. All that is left to do is come up with proper user passwords which are not the name of your cat!
Read the original article over at Protectimus.com.
YouTube fixes “access issues” that caused widespread outage
Courtesy of CBS News
YouTube, the second most visited website in the world, had experienced an outage across its various platforms Tuesday night for more than an hour. The Google-owned streaming site took to Twitter to thank users for “your reports about YouTube, YouTube TV and YouTube Music access issues.”
CNET reports users who tried to access videos or upload content were greeted with an error message. The outage apparently began at 9 p.m. ET and services seemed to have restored after 10:30 p.m. ET.
YouTube had said it was “working on resolving this and will let you know once fixed. We apologize for any inconvenience this may cause and will keep you updated.”
The company announced at 11 p.m. “we’re back!” and said “if you continue to experience issues, please let us know.” There was no immediate word as to the cause of the outage.
We're back! Thanks for all of your patience. If you continue to experience issues, please let us know. https://t.co/NVU5GP7Sy6
— Team YouTube (@TeamYouTube) October 17, 2018
There were a couple server errors users noticed during the outage, including 503 and 500 error messages.
What does Error 503 mean?
- While most users are familiar with 404 – page not found – error message 503 means “service unavailable.” Generally, this message is displayed when servers are overloaded and cannot handle the volume of traffic trying to access it. A 503 error is usually associated with a temporary condition.
A “500 Internal Server Error” displayed on some pages Tuesday night, such as visiting individual YouTube accounts like CBS News.
CBS News had reached out for comment during the outage, but YouTube didn’t respond beyond the company’s Twitter posts.
CoinMiners Use New Tricks to Impersonate Adobe Flash Installers
Cryptocurrency miners are now being distributed by a new campaign pretending to be Adobe Flash Player installers. While this is not new, this particular campaign is going the extra mile to appear legitimate by not only installing a miner, but also updating Flash Player as well.
Fake Flash Player installers with miners are not new, but in the past they have always just installed the miner and then either exited or opened a browser to the Adobe Flash Player web site.
In a new malware campaign discovered this by Palo Alto Unit 42 researcher Brad Duncan, it was found that a fake Flash Player Trojan not only installed a XMRig miner, but it also automatically updated his installed Flash Player. This real Flash installer was downloaded by the Trojan from Adobe’s site.
By actually performing an upgrade of the desired program, it makes the user less suspicious and adds further legitimacy that the Trojan was a real Adobe installer for Adobe Flash Player.
“The installers caused traffic behind the scenes to retrieve the official Adobe Flash player from Adobe servers,” Duncan told BleepingComputer. “They worked very similar to an actual Flash installer.”
While Flash Player is now udpated, what the victim does not know is that a coinminer was silently installed on the computer and started. Once started, this sample would connect to a mining pool at xmr-eu1.nanopool.org and begin to use almost 100% of the computer’s CPU in order mine the Monero digital cryptocurrency.
Tracking the installers
Duncan noticed that this campaign was downloading fake Flash installers using URLs that contained “flashplayer_down.php?clickid=”, with some of the downloads being hosted on Amazon AWS instances.
Based on the amount of of fake Flash players released from March through September 2018, he was able to see that this campaign started to be heavily distributed at the end of July through the end of September.
Unfortunately, Duncan told BleepingComputer that he was unable to find the actual web sites that were distributing these fake Flash Player installers.
The take away from this, is that you should only download and install Adobe Flash Player installers directly from the Adobe.com site.
If you see a non-Adobe site offering a Flash installer, just close the browser. These are not the Flash Player installers you are looking for.
Read the original article over at BleepingComputer.com.
Windows 10 October 2018 Update: Microsoft releases fix for data deletion bug
Microsoft announced that it has identified the underlying cause of the bug that deleted data for some customers who were among the first to install the Windows 10 October 2018 Update (version 1809). The fix is rolling out to members of the Windows Insider Program first.
After taking the unprecedented step of halting the rollout of the latest Windows feature update only days after its public release, Microsoft announced today that it has isolated the cause of the bug and is rolling out a fix to members of the Windows Insider Program.
In a blog post, the company says the number of customers impacted by the bug was small, with “reports of data loss” limited to “one one-hundredth of one percent of version 1809 installs.”
We have fully investigated all reports of data loss, identified and fixed all known issues in the update, and conducted internal validation. Also, Microsoft Support and our retail stores customer service personnel are available at no charge to help customers.
Rather than immediately make the updated bits available to the public, Microsoft says it’s limiting the initial release of this update to devices that are part of the Windows Insider Program. Devices configured for the Slow and Release Preview rings should receive the new build.
We will carefully study the results, feedback, and diagnostic data from our Insiders before taking additional steps towards re-releasing more broadly. […] Once we have confirmation that there is no further impact we will move towards an official re-release of the Windows 10 October 2018 Update.
For those who previously installed the October 2018 Update without incident, Microsoft released the first cumulative update as part of the scheduled Patch Tuesday releases, The update incorporates a few additional fixes, including a remediation for a bug that incorrectly deleted user profiles on systems with a specific Group Policy enabled. More details are available in KB4464330. The cumulative update takes Windows 10 to version 17763.55.
Also included in the most recent round of updates is a new servicing stack update for Windows 10 version 1809, documented as KB4465477.
According to Microsoft’s John Cable, Director of Program Management, Windows Servicing and Delivery, the original problem occurred on systems where Known Folder Redirection (KFR) had been previously enabled but some files remained in the original location. If, for example, you moved the Documents folder from its location in the user profile to a new location, such as a secondary data drive, but some files remained in the old location, the setup logic for the version 1809 upgrade removed the folder in the old location as well as all of the files in it.
As I had speculated earlier, the problem also occurred on some systems that used the relatively new Auto Save feature in OneDrive to relocate the contents of the Desktop, Documents, and Pictures folders to corresponding locations in the cloud. Here, too, the bug was triggered when some files remained in the old location.
Microsoft says it has fully investigated the issues and has resolved all the scenarios under which data could be lost, keeping all files in the original folder location and relocated folder intact.
If Microsoft’s estimation of the percentage of affected users is accurate, it’s likely that a few hundred people were affected by this bug. The company says it will offer data recovery options but cannot guarantee the outcome of any such recovery efforts.
Read the original article over at ZDNet.com.
Google Plus shutting down after security glitch exposes up to 500,000 users’ data
Courtesy of CBS News
Google is closing its troubled Google Plus social network following the discovery of a software glitch this past spring that may haveof up to 500,000 customers between 20015 and 2018, the company said Monday.
Ben Smith, Google’s vice president of engineering, confirmed in a blog post the company had detected a “bug” in March that impacted the profiles of as many as 500,000 Google Plus users. Google said it immediately fixed the security flaw and had not uncovered evidence that the information was mishandled by any of hundreds of third-party developers that may have had access to the user data.
Despite the size of the security flaw, Google executives opted not to disclose the problem at the time because they feared trouble from regulators after the intense criticism encountered by Facebook over its privacy woes, according to the Wall Street Journal.
Google hoped to avoid comparisons to Facebook’s leak of user information to Cambridge Analytica, the data firm accused of improperly using information on 87 million Facebook users on behalf of Donald Trump’s 2016 presidential campaign, the Journal said.
The Google Plus data potentially exposed includes names, email addresses, occupations, dates of birth, genders and profile photos. In addition, 438 third-party applications may have used the application programming interface, or API, that allowed possible access to the data, according to Google.
The company will wind down the Google Plus network during a 10-month period expected to be done by the end of next August, Smith wrote in his post. He also vowed additional security steps would result in the wake of the incident.
Since launching in 2011, Google Plus, and was broken into separate products in 2015.
CBSNews.com sibling website CNET noted on Monday that after Google announced the social network’s shutdown, even people who helped launch the product said the time had come to end it. “As a tech lead and an original founding member of Google+, my only thought on Google sunsetting it is… FINALLY,” tweeted David Byttow, a former Google engineer.
As a tech lead and an original founding member of Google+, my only thought on Google sunsetting it is… FINALLY.
— David Byttow (@davidbyttow) October 8, 2018
News of the security woes at Google Plus — and the company’s failure to disclose them in a timely manner — sent shares of Alphabet were down $9.35, or 0. 8 percent, to $1,148.00, on Monday.
Microsoft pulls Windows 10 October 2018 Update 1809 after reports of mass file deletion
Some users say the October 2018 Update ate entire folders full of files.
Microsoft is slamming the brakes on the Windows 10 October 2018 Update’s rollout. The upgrade became available during the company’s Surface event on Tuesday, but in the days that followed, numerous users across the web reported that the transition deleted massive chunks of data. User profiles and entire folders full of files went missing in some cases and rolling back the upgrade didn’t restore them. Now Microsoft is temporarily halting the October 2018 Update’s distribution due to the issue.
“We have paused the rollout of the Windows 10 October 2018 Update (version 1809) for all users as we investigate isolated reports of users missing some files after updating,” Microsoft’s support page for build 1809 says.
Fortunately, the issue was caught before mass rollout. While enthusiasts could manually install the October 2018 Update since October 2, it was scheduled to be pushed out to the masses via Windows Update on October 9 as part of Patch Tuesday. “If you have manually downloaded the Windows 10 October 2018 Update installation media, please don’t install it and wait until new media is available,” the support site suggests. We recommend heeding the advice.
The halted rollout is no consolation to early adoptees affected by the data deletion bug, however. Microsoft says to call 1+800+MICROSOFT or your local customer service number if the October 2018 Update wiped out any of your files.
“There are tons of reports in Feedback Hub about data loss on upgrade, not painting a particularly nice picture,” Thurrott.com contributor Rafael Rivera noted on Twitter, posting screenshots from “as early as 3 months ago.” Windows Insiders testing preview builds of upcoming versions of Windows 10 use the Feedback Hub to log bugs and other issues they encounter. Rivera notes that while he found lot of reports about the issue, they didn’t receive many upvotes, and thus “got buried in the noise”—until now.
This issue drives home the importance of backing up your data every time you upgrade to a new version of Windows 10. Upgrading isn’t as much of a hassle as it was pre-Windows 10, and new milestone releases roll out twice a year now, but tinkering with the very core of your operating system always carries some inherent risk. When Microsoft re-releases the Windows 10 October 2018 Update, this particular data deletion bug will be fixed, but you’ll still want to back up your data before making the jump, just in case.
Check out PCWorld’s guides to the best backup software and best online backup services if you don’t already have a system in place. We’ve also evaluated the best free backup software and services, though no-cost options tend to be more limited in features.
Read the original article over at PCWorld.com.
Facebook hacker stole login information for 50 million accounts
Around 90 million users now have to log back into their accounts to be safe
This morning, Facebook disclosed a widespread security flaw that could have allowed hackers or other malicious third parties to access an affected user’s account by gleaning their security token. The flaw affected as many as 50 million people, and Facebook says it’s forcibly making around 90 million users log back into their accounts in full today to be safe. The company says that’s because in addition to the impacted accounts, around 40 million additional people simply used the exploitable feature since the exploit was active starting in July of 2017.
It also says it’s fixed the issue and alerted law enforcement, indicating that this is not an accidental engineering mistake, but a purposeful exploit discovered and used by some third-party organization or hacker. The company says its engineering team was made aware of the issue on September 25th, but Guy Rosen, Facebook’s vice president of product management, says it’s not clear whether accounts were compromised, when the issue was exploited, or who might have been behind the attack.
“On Tuesday, we discovered that an attacker exploited a technical vulnerability to steal access tokens that would allow them to log into about 50 million people’s accounts on Facebook,” wrote CEO Mark Zuckerberg in a post to his personal Facebook page. “We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more.”
The flaw could have let someone exploit the “View As” feature, which lets you view your own profile as it appears to another user or to the public, as a way of evaluating your specific sharing settings. However, it appears that the feature inadvertently exposed Facebook security tokens when someone selected a profile as the desired View As target. That would let someone gain access to the person’s account. Facebook access tokens are the digital keys that allow mobile users to log in to their accounts without having to retype their passwords.
In addition to making 90 million users log back in today, Facebook said it’s also disabling the View As feature “while it conducts a thorough security review.” The company gives a bit of technical analysis about how the exploit worked, but there still aren’t a lot of concrete details here:
This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted “View As.” The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.
On a call with reporters following the announcement, Facebook said that the “video uploading feature” in July of last year related to a tool that allowed users to upload birthday videos in a way that would allow the View As feature to expose secure information, but only when interacting with two other bugs. The company also confirmed that no credit card info was exposed.
Facebook’s @guyro says that the breach that affected 50 million users involved a vulnerability in a tool that allowed users to upload Happy Birthday videos
— Kevin Roose (@kevinroose) September 28, 2018
I asked Facebook how sophisticated the hackers were and whether this could be nation-state activity. Rosen says attack was "complex" and leveraged three multiple bugs that interacted together. "We may never know" the identity of the hackers, Rosen adds.
— Dustin Volz (@dnvolz) September 28, 2018
News of this security exploit comes just hours after a prominent Taiwanese hacker by the name of Chang Chi-yuan pledged to delete Zuckerberg’s personal page on Sunday as a way to demonstrate some type of security flaw in Facebook, Chang’s proficiency as a hacker, or both. It was not immediately clear whether the issue affecting Facebook’s View As feature is the one Chang intended to exploit, but the timing had some suspecting they could be related.
Facebook said on the call with reporters today that the View As exploit does not have anything to do with Chang’s stunt, which he reportedly planned to stream on Facebook Live. Later on in the day, Chang backed down from his pledge, writing on his personal page that he “reported the bug to Facebook and I will show proof when I get bounty.”
A more pressing concern for Facebook is the absence of a chief security officer, after former CSO Alex Stamos left the company last month. Following Stamos’ departure, Facebook said it would not be filling the CSO role and would instead restructure its security organization and embed specialists through its many divisions. A Facebook spokesperson said at the time that the company would “continue to evaluate what kind of structure works best” to protect users’ security.
Following widespread news coverage of the exploit, Facebook users began reporting that the social network was blocking news links regarding the hack from The Associated Press and The Guardian, leading more cynical critics of the company to assume it was purposefully suppressing negative news about itself on its own platform.
— Jed Bracy (@JedBracy) September 28, 2018
Facebook later confirmed to The New York Times that the stories were being shared so frequently that they tripped the company’s internal spam detection tools.
Update 9/28, 1:35PM ET: Added information from Facebook’s call with reporters this afternoon.
Update 9/28, 4:41PM ET: Added information about Facebook’s internal spam detection tools tripping over fast-spreading Guardian and AP links, as well as an update on Chang Chi-yuan backing down from his pledge to hack Zuckerberg’s page.
Report: Google suppressed an explosive memo about its Chinese search engine
Google’s prototype may have been designed to track citizens.
Every time we hear a new report about Google’s alleged censored search engine for China, it sounds more damning. Now, The Intercept is reporting that Google tried — and apparently, failed — to suppress a memo that may have revealed how that search engine could have allowed the Chinese government to track those citizens who used it.
According to the report, the so-called Dragonfly search engine would require Chinese citizens to log in to perform searches, track their physical location, and then share all of its data with a Chinese partner company that could presumably share it with the Chinese government. The company would reportedly have “unilateral access” to the data. That might also presumably include, as described in an earlier Intercept report.
Plus, that Chinese company would reportedly be able to independently add new words to the blacklist of searches to be censored, according to today’s report.
Here’s how Google is reportedly trying to suppress the memo:
Google human resources personnel emailed employees who were believed to have accessed or saved copies of the memo and ordered them to immediately delete it from their computers. Emails demanding deletion of the memo contained “pixel trackers” that notified human resource managers when their messages had been read, recipients determined.
You may notice a lot of “may” and “could” and “report” in the paragraphs above, since Google still hasn’t confirmed that such a project even existed, much less how it might work —is that it’s “not close to launching a search product in China,” and it’s worth noting that reports suggest the search engine is currently a prototype.
Google declined to confirm or deny the report, but here’s its current statement to CNET: “We’ve been investing for many years to help Chinese users, from developing Android, through mobile apps such as Google Translate and Files Go, and our developer tools. But our work on search has been exploratory, and we are not close to launching a search product in China.”
At leastthe existence of such a project, according to The New York Times, and The Intercept and Buzzfeed report that The protest and resignations echo for the US Department of Defense.
Notably, The Intercept reports that the memo was written by a Google engineer who was asked to work on the Dragonfly project. It’s not clear if the employees who initially protested had reason to believe any of the alleged details above.
Though The Intercept’s report also dives into how some employees are concerned about Google keeping controversial projects a secret, Google tells CNET that its teams need to be able to work on some projects confidentially, particularly when they’re in early exploratory stages — but generally shares as much as possible with employees and lets them give feedback on most products before they’re released.
You can find more alleged Dragonfly details, such as the number of employees allegedly working on the project, at The Intercept.
Read the original article over at CNet.com.
Facebook Is Developing An All-Seeing Camera For Your Home, Because That Is Definitely What People Want
Facebook Is Developing An All-Seeing Camera For Your Home, Because That Is Definitely What People Want
Another masterstroke from Facebook CEO Mark Zuckerberg
Facebook users ditched the social network in droves earlier this year following the Cambridge Analytica scandal, and Mark Zuckerberg has been scrambling to rebuild consumer trust ever since.
His next move? Installing a big camera inside of your home that records conversations.
According to Cheddar, Facebook is set to release Portal, the company’s first foray into the consumer hardware market, next week. It will function as a video chat device and come in two different screen sizes, retailing at $400 (around £300) and $300 (around £225) respectively.
Bloomberg reported that the device was set to be unveiled at the company’s F8 conference in May, but Zuckerberg decided against it amidst the public fall-out from Cambridge Analytica.
The device, which features a wide-angled video camera with the option of a privacy shutter, uses AI to recognise people in the frame and follows you around the room.Portal was reportedly spearheaded by Building 8, Facebook’s secretive hardware project centre.
‘Rather than position the device as a smart assistant akin to Amazon’s Echo speakers, Facebook intends to pitch Portal as a way for families and friends to stay connected through video chatting and other social features,’ Cheddar wrote.
‘Facebook plans a formal product introduction in early May at its annual developer conference and hopes to ship the device in the second half of 2018.’
Read the original article over at Esquire.com.