5 Companies That Had A Rough Week
For the week ending Jan. 10, CRN looks at IT companies that were unfortunate, unsuccessful or just didn't make good decisions.
The Week Ending Jan. 10
Topping this week's roundup of those having a rough week is Apple for the resurgence of the controversy over whether the company should help law enforcement unlock iPhones owned by alleged criminals.
Also making the list is Google for getting hit with a patent infringement lawsuit, Amazon for the disclosure that it has fired employees who watched video from customers’ Ring home security cameras, Mozilla for scrambling to deal with a critical vulnerability in the Firefox browser, and TikTok for doing likewise with bugs in its popular video sharing software.
Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves—or just had good luck—check out this week's 5 Companies That Came To Win roundup.
Apple On Potential Collision Course—Again—With Law Enforcement Over Unlocking iPhones
In a possible repeat of a controversy that hit the company in 2015, Apple is facing a demand from the FBI that it help unlock iPhones linked to a shooting incident last month.
This week FBI general counsel Dana Boente, in a letter to Apple’s top lawyer, Katherine Adams, asked that Apple help the agency unlock the contents of two encrypted iPhones owned by Saudi military student Ahmed Mohammed Alshamrani, according to NBC News and Washington Post reports.
Alshamrani is alleged to have carried out a shooting at Naval Air Station Pensacola, Florida on Dec. 6 that killed three people.
NBC reported that Monday Apple said it has been working with the government. “We have the greatest respect for law enforcement and have always worked cooperatively to help in their investigations," Apple said in a statement. "When the FBI requested information from us relating to this case a month ago, we gave them all of the data in our possession and we will continue to support them with the data we have available.”
The situation places Apple in the same uncomfortable situation it found itself in during a legal standoff with the U.S. Justice Department in 2015 over a demand that Apple help unlock an iPhone owned by a San Bernardino county employee who, along with his wife, killed 14 people in a shooting rampage, the Washington Post noted.
Google Sued By Sonos For Patent Infringement
Google found itself on the wrong end of a patent infringement lawsuit this week after smart speaker manufacturer Sonos charged Google with allegedly stealing its technology.
In the lawsuit filed in the Federal District Court in Los Angeles, Sonos charges Google with five violations of the company’s patents, including technologies that allow speakers to wirelessly communicate and synchronize with each other, according to a New York Times story.
Sonos, which also filed a parallel complaint with the U.S. International Trade Commission, is seeking financial damages and a ban on sales of Google Home smart speakers, according to the New York Times story.
Sonos and Google partnered in 2013 to bring Google Play Music to Sonos’ speakers, according to a SiliconAngle report. For that development Sonos said it provided Google with details about how its speakers worked, including the patented technology and, according to the lawsuit, Google later incorporated that technology into its Chromecast Audio and Google Home products.
Amazon Ring Workers Fired For Accessing, Viewing User Video
Amazon and its Ring home security camera company were on the hot seat this week when Amazon acknowledged that it has fired Ring employees in four cases when they viewed customer video feeds in violation of company policy.
The disclosure came in a Jan. 6 letter from Amazon to five U.S. senators in response to the senators’ inquiries about Amazon Ring’s security practices, according to reports on the BBC and Threatpost web sites.
The senators, in a letter to Amazon on Nov. 6, 2019, asked a series of questions about security and data privacy practices around Ring’s home security products.
Amazon said that over the past four years it had investigated four complaints about employees exceeding their video access privileges and inappropriately viewing video from customer devices. In all four cases the employees were fired, according to a copy of the letter posted by the website The Register. The company offered no additional details about where and when the violations occurred.
Mozilla Warns Of Major Vulnerability In Firefox Browser
Mozilla issued warnings to users to upgrade to the most recent version of the open-source web browser after the discovery of a critical vulnerability in older versions that could allow an attacker to take control of a user’s computer.
The flaw, which reports said was already being exploited by hackers, was considered so severe that it prompted a warning from the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency that encouraged users and administrators to update to version 72 of the browser that was released Jan. 7, according to a Forbes story.
The vulnerability was discovered in Firefox’s just-in-time compiler by Chinese security firm Qihoo 360, according to a Techcrunch story. The researchers found that a vulnerability could allow malicious JavaScript to run outside of the browser on a host computer. An attacker could use the bug to break into a user’s computer by tricking them into accessing a website running malicious JavaScript code.
TikTok Security Flaws Found
Mozilla wasn’t the only organization dealing with fallout from critical vulnerability issues this week. Popular video-sharing application TikTok was found to have serious vulnerabilities that could allow hackers to manipulate user data, access smartphone videos and reveal personal information.
The vulnerabilities were discovered by Check Point Research late last year and made public this week, according to reports by The New York Times and The Verge.
TikTok said it was informed by Check Point of the vulnerabilities on Nov. 20 and had fixed them by Dec. 15, according to the reports.
The flaws allowed attackers to send TikTok users messages with malicious links that when clicked on allowed hackers to take control of their accounts, including videos, according to the New York Times story. Another flaw could have allowed hackers to retrieve personal information from TikTok user accounts through the company’s website.