Posted On 11 Jan 2020
Chrome Update Woes
Google has recently released a patch for Chrome and associated WebView software that had removed data access for certain android apps. In addition, the company apologized for any problems caused.
Problems started with the Chrome 79 update that didn’t actually delete data but made it impossible to access, so saved data such as paused games became inaccessible. This problem wasn’t entirely solved by the update because it reverted back to earlier save data, meaning anything saved since the update was lost.
Initial reports suggested that the update had been rolled out to 50% of Chrome users on Android, but it was later found that it had actually only been installed by 15% of users. Nevertheless, with many millions of Android users employing Chrome and Chromium on their smartphones and tablets, a very significant number of people will have suffered, as a minimum, some inconvenience.
Facebook/Twitter data leaks
Facebook and Twitter have both admitted that several hundred users may have had their personal data compromised by logging into third-party Android apps using social media accounts. It’s reported that Android apps using a software development kit (SDK) called oneAudience could have unknowingly given access to email addresses, usernames, etc. The apps that did the damage include photo editors Photofy and Giant Square.
Twitter has stated that enough data could have been harvested to allow malicious actors to take control of a Twitter account, although there is no evidence that this has happened and the company is keen to stress that the breach was not a result of weaknesses in Twitter security.
The company issuing the software, oneAudience, has stated that there was never any intention to harvest user data and that it has never been used; furthermore, they have updated the application so that it no longer collects data. Nevertheless, both Facebook and Twitter have reported the app to Apple Store and Google with a view to having it removed, and are planning further action against the developers. It is a timely reminder that using your social media accounts to sign into apps does carry the danger that your information may be used in ways that you may not be happy with.