Another week of privacy fails

WhatsApp voice calls used to inject Israeli spyware on phones

An Israeli spy firm faces claims that it built technology to exploit the WhatsApp flaw. The technology could inject malware onto targeted phones - and steal data - with a simple call. Targets didn’t need to pick up to be infected, and the calls often left no trace on the phone’s log.

It is the Israeli NSO Group that is accused of supplying tools for spying on human-rights activists and journalists. WhatsApp says they contacted several human rights groups about the issue and that exploitation of this vulnerability bears “all the hallmarks of a private company known to work with governments to deliver spyware.”

WhatsApp offers encrypted messaging by default to 1.5 billion users worldwide. Their engineers released an update on Monday that removed the vulnerability and encouraged customers to update their apps as quickly as possible.

The NSO Group later released a statement where they denied any involvement in selecting or targeting victims – but not its role in the creation of the hack itself.

Google has a secret page that records everything you've bought online

Google has been doing a big push lately, extolling the importance of protecting your data. However, the PR initiative doesn’t go over well with this week's revelation that Google raids your Gmail account for signs of transactions and collects them all on a separate webpage for your account. You can find yours here.

The page includes most of the items for which you received an emailed receipt – purchases, subscriptions, and tickets. Google claims that the information is not used to serve ads but that the page exists only “to help you easily view and keep track of your purchases, bookings and subscriptions in one place.”

We all knew already that Google’s machines read your email. But how did they reason when maintaining a hidden page where all your buying activity is neatly stored? It’s hard to see that as anything but creepy and invasive.

To delete your purchase history, either remove receipts from your email or go through them one at a time on your Purchase page. And if you want to get a little control back over how Google tracks you, visit this preferences page and click “Do not use private results.” Because why would you make the use of private results an opt-in, when you can make it the default...?

Salesforce gave many sales teams around the world a break on Friday

A database script error forced Salesforce engineers to pull the plug for a large number of customers this Friday. For some customers using its marketing automation service, Pardot, Salesforce was down all Friday.

On Friday morning, Salesforce engineers deployed a database script that “inadvertently gave users broader data access than intended,” according to its status page. On Reddit, one customer said that his company’s project automatically gave access to any Salesforce user.

That is not good, and while the issue only directly affected customers who currently use Pardot or have used it in the past, Salesforce decided to cut service to all customers using instances that hosted Pardot users. Needless to say, many sales teams probably didn’t get much done...

Tool of the week: Outgrow

Outgrow makes it easy to build a variety of interactive online content, such as calculators and quizzes, without coding. Interactive marketing is often very successful, especially in content marketing – 7 of the 20 most shared articles on Buzzfeed are quizzes.

You can embed them on your webpage or share them directly on social media. You can also use them for lead generation – gathering email addresses from participants. In great marketing, it is essential to build beautiful, engaging experiences for your audience – now you have yet another way to do so.