For a brief moment in a five-hour House hearing on Thursday, TikTok’s CEO Shou Zi Chew let his frustration show. Asked if TikTok was prepared to split off from its Chinese parent company if ordered to do so by the U.S. government, to safeguard Americans’ online data, Chew went on offense.
Meta awarded researcher a $27,200 bug bounty for glitch that bypassed Facebook 2FA

Facepalm: Meta recently implemented a centralized login system to make it easier for Instagram, Facebook, and Meta (VR) users to manage their accounts. Unfortunately, in setting up the 2FA system, engineers overlooked a glaring failure regarding attempt limitation.
A freshman security researcher named Gtm Mänôz noticed the bug in July 2022. While looking for his first bug bounty to present at BountyCon 2022, Mänôz started playing around with the Meta Accounts Center interface, which manages all Meta accounts, adding similar functionality as Google’s one-stop login for its various services (YouTube, Gmail, Docs, etc).
He noted that the page allowed users to associate a phone number with their accounts when linking them. Users simply enter their phone number and then the six-digit 2FA code the system sends them. However, Mänôz discovered that if the wrong code is entered, the Account Center just asks the user to reinput it instead of sending a new code.
Furthermore, there was no limit on how many failed attempts one could enter into the verification box. This oversight allowed Mänôz to brute force the 2FA on his own account to associate his phone number with another Facebook profile. The only warning comes after the phone number is stolen in an email from Meta to the victim informing them that it has been linked to another user’s account.
While the harmfulness of this exploit is mainly limited to a bothersome re-establishing of the owner’s phone number, it effectively disables 2FA on the victim’s account, albeit temporarily. Until the target takes action, they are open to password phishing attacks.
“Basically, the highest impact here was revoking anyone’s SMS-based 2FA just knowing the phone number,” Mänôz told TechCrunch.
Mänôz notified Meta of the bug in September, and it patched the vulnerability immediately. A spokesperson said that when Mänôz found the problem, the Meta Accounts Center was still in beta and only available to a small number of users. The representative also noted that Meta’s investigation revealed no spikes in the usage of that feature, indicating that hackers hadn’t exploited it.
Despite the relatively low-treat of the glitch, Meta awarded Mänôz a $27,200 bug bounty. Not too shabby for his first bug hunt.
Meta has stumbled a few times in the last couple of years regarding the login features of its various accounts. In 2021, it caused a mild panic when it logged everyone out of Facebook when reconfiguring the website. Last year, it purposefully locked many users out of their accounts for not enabling “Facebook Protect” by a deadline set by an official Meta email that looked suspiciously like a phishing scam.
Mark Zuckerberg, wife Priscilla Chan welcome third baby girl

From Facebook to family of five!
Mark Zuckerberg and Dr. Priscilla Chan announced on Friday that their third baby girl arrived.
“Welcome to the world, Aurelia Chan Zuckerberg!” the couple wrote via Instagram. “You’re such a little blessing.”
Zuckerberg and his former Harvard University classmate previously welcomed daughters Max, 7, and August, 5, in 2015 and 2017, respectively.
The entrepreneur, 38, mentioned the little ones in his September 2022 Instagram post announcing his 38-year-old wife’s pregnancy.
“Lots of love,” Zuckerberg captioned a smiling selfie with his hand on Chan’s budding belly.
“Happy to share that Max and August are getting a new baby sister next year!”
The couple met in 2003 at a frat party while in line for the bathroom.
“He was this nerdy guy who was just a little bit out there,” Chan told the New Yorker in 2010, joking that Zuckerberg had a “nerdy, computer-science appeal.”
On their first date, the Meta CEO told Chan that he would rather go out with her than “finish his take-home midterm.”
The sentiment “appalled” the “the type-A first child,” the pediatrician told “Today” show co-hosts in 2014.
The couple got married in 2012, and Zuckerberg called Chan the “most important” part of his life in a commencement speech at their alma mater five years later.
While trying to start a family, the doctor struggled to conceive and suffered three miscarriages.
Zuckerberg called the pregnancy losses “a lonely experience” in a 2015 Facebook post.
As the CZI co-founder and co-CEOs’ family began growing, Zuckerberg told North Carolina Agricultural and Technical State University students that he had been changed in a “pretty dramatic way” by parenthood.
“The thing that I’m most proud of and the thing that brings me the most happiness is my family,” he gushed in 2017.
TikTok hearing obscures wider issue of Americans’ online privacy

“I don’t think ownership is the issue here. With a lot of respect: American social companies don’t have a great record with privacy and data security. I mean, look at Facebook and Cambridge Analytica,” Chew said, referring to the 2018 scandal in which Facebook users’ data was found to have been secretly harvested years earlier by a British political consulting firm.
He’s not wrong. At a hearing in which TikTok was often portrayed as a singular, untenable threat to Americans’ online privacy, it would have been easy to forget that the country’s online privacy problems run far deeper than any single app. And the people most responsible for failing to safeguard Americans’ data, arguably, are American lawmakers.
The bipartisan uproar over TikTok’s Chinese ownership stems from the concern that China’s laws could allow its authoritarian government to demand or clandestinely gain access to sensitive user data, or tweak its algorithms to distort the information its young users see. The concerns are genuine. And yet the United States has failed to bequeath Americans most of the rights it now accuses TikTok of threatening.
While the European Union has far-reaching privacy laws, Congress has not agreed on national privacy legislation, leaving Americans’ online data rights up to a patchwork of state and federal laws. In the meantime, reams of data on Americans’ shopping habits, browsing history and real-time location, collected by websites and mobile apps, is bought and sold on the open market in a multi-hundred-billion-dollar industry. If the Chinese Communist Party wanted that data, it could get huge volumes of it without ever tapping TikTok. (In fact, TikTok says it has stopped tracking U.S. users’ precise location, putting it ahead of many American apps on at least one important privacy front.)
That point was not entirely lost on the members of the House Energy and Commerce Committee, which convened Thursday’s hearing. Last year, their committee became the first to advance a comprehensive data privacy bill, hashing out a hard-won compromise. But it stalled amid qualms from House and Senate leaders.
Likewise, worries about TikTok’s addictive algorithms, its effects on teens’ mental health, and its hosting of propaganda and extreme content are common to its American rivals, including Google’s YouTube and Meta’s Instagram. Congress has not meaningfully addressed those, either.
And if Chinese ownership is the issue, TikTok has plenty of company there, as well: A glance at Apple’s iOS App Store rankings earlier this week showed that four of the top five apps were Chinese-owned: TikTok, its ByteDance sibling CapCut, and the online shopping apps Shein and Temu.
The enthusiasm for cracking down on TikTok in particular is understandable. It’s huge, it’s fast-growing, and railing against it allows lawmakers to position themselves simultaneously as champions of American children and tough on China. Banning it would seem to offer a quick fix to the problems lawmakers spent five hours on Thursday lamenting.
And yet, without an overhaul of online privacy laws, it ignores that those problems exist on all the other apps that haven’t been banned.
“In most ways, they’re like most of the Big Tech companies,” Rep. Jan Schakowsky (D-Ill.) said of TikTok after the hearing. “They can use Americans’ data any way they want.” She and several other committee members said they’d prefer to address TikTok as part a broader privacy bill, rather than a one-off ban.
But the compromises required to pass big legislation can be politically costly, while railing against TikTok costs nothing. If Chew can take any consolation from Thursday’s hearing, it’s that congressional browbeating of tech companies are far more common than congressional action against them.
For an example, he has only to look at the one he raised in that moment of frustration: For all the hearings, all the grilling of Mark Zuckerberg over Cambridge Analytica, Russian election interference and more, Facebook is still here — and now Congress has moved on to a new scapegoat.
Celebrity doctor linked to Facebook rapist Thabo Bester leaves rented Hyde Park mansion

Johannesburg – Dr Nandipha Magudumana, the celebrity doctor linked with Facebook rapist Thabo Bester, has allegedly abandoned her rented Hyde Park …
Source link
-
AMAZON4 days ago
The Top 10 Benefits of Amazon AWS Lightsail: Why It’s a Great Choice for Businesses
-
WORDPRESS3 days ago
Internal Linking for SEO: The Ultimate Guide of Best Practices
-
SEO13 hours ago
Optimize Your SEO Strategy For Maximum ROI With These 5 Tips
-
SEARCHENGINES2 days ago
Google Search Status Dashboard Adds Google Ranking Updates
-
SEARCHENGINES1 day ago
Google Bard Won’t Link To Sources Too Often
-
SEARCHENGINES9 hours ago
Google Mars Space Office Design At Belo Horizonte, Brazil
-
WORDPRESS6 days ago
The best web hosting solutions for your personal webpage or business site
-
SEARCHENGINES21 hours ago
Google Search Console Shows If embedURL Page Uses indexifembedded