Researchers from Carnegie Mellon University have unveiled a new privacy architecture called Peekaboo which is designed to enforce the principle of data minimization among smart home apps, according to The Hacker News.
The framework aims to limit data gathering to that which is required for achieving specific objectives, by using an in-home hub to pre-process and minimize outgoing data in a structured and enforceable manner before sending it to external cloud servers, according to the researchers.
The system utilizes an in-home trusted hub that transmits data between Internet-of-Things devices and their respective cloud services and also allows third-party auditors to confirm data collection claims declared by app developers. It also requires developers to submit a manifest detailing their apps relevant data collection behaviors, which are fed into the hub. Users are able to modify their defined data collection practices, compared with a unilateral approach employed in Android.With Peekaboo, a user can install a new smart home app by simply downloading a manifest to the hub rather than a binary, according to the researchers.
As companies migrate to the cloud, the industry needs a new way to manage data and network security, but security analysts warn that only the most well-heeled enterprises can afford the new zero-trust open approach Oracle touts.
Operators of the Bumblebee malware loader have launched a new campaign involving the exploitation of 4shared Web Distributed Authoring and Versioning services following a two-month hiatus, according to BleepingComputer.