In this note, we describe a security issue where users in the “Waiting Room” of a Zoom meeting could have spied on the meeting, even if they were not approved to join. Zoom fixed the issue after we reported it to them.

This report provides an in-depth legal and policy analysis of technology-facilitated intimate partner surveillance (IPS) under Canadian law. Stalkerware apps are designed to facilitate remote surveillance of an individual’s mobile device use with the surveillance often being covert or advertised as such. Despite increasing recognition of the prevalence of technology-enabled intimate partner abuse and harassment, the legality of the creation, sale, and use of consumer-level spyware apps has not yet been closely considered by Canadian courts, legislators, or regulators.

The post covers several categories of information that can be gleaned from examining Strava’s fitness tracker data, ranging from enabling the identification of secret military facilities in “dark areas” to specific identifiable behaviour patterns of at-risk individuals.

South Korea requires minors to have content filtering apps installed on their phones. A security audit of two child monitoring apps published by major Korean telecoms —KT Olleh Kidsafe and Clean Mobile Plus—finds serious security and privacy issues that put children at risk.