, 'opacity': false, 'speedIn': , 'speedOut': , 'changeSpeed': , 'overlayShow': false, 'overlayOpacity': "", 'overlayColor': "", 'titleShow': false, 'titlePosition': '', 'enableEscapeButton': false, 'showCloseButton': false, 'showNavArrows': false, 'hideOnOverlayClick': false, 'hideOnContentClick': false, 'width': , 'height': , 'transitionIn': "", 'transitionOut': "", 'centerOnScroll': false }); }) HazDat
5Sep/13

N.S.A. Foils Much Internet Encryption

NSAThe National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.

Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. ... CONTINUE READING »

Share
2Sep/13

Facebook Wants to Use Your Profile Pic to Help Automatic Photo Tagging

20130902-160235.jpg Facebook is proposing a series of changes to its terms if service. There's a lot of legal mumbo jumbo, but the most interesting piece is that Facebook wants to start using your profile photo as the basis for suggesting that you be tagged in your friends' photos. What Facebook's really saying here is that the content of your profile photo—and your face really—is now an actionable piece of data that it can associate with your identity. Previously, you could keep Facebook from "knowing" your face by not letting other people removing any tags of you. That's not exactly an option any more. In theory, you could refuse to upload your likeness to Facebook, but that's a pretty extreme measure. It's always been possible to turn off tag suggestions for your profile. When you do so, it deletes the "template" that Facebook created to identify you. It appears that this deletion applies to any template information that would be created from your Facebook profile photo as well. When we're talking about all this, it's important to remember that most people don't ever touch their privacy settings. So if the proposed changes go through, this is how it's going to be for a majority of users. So far, Facebook has only posted a section-by-section summary of the changes has been posted, but the actual tracked changes document isn't online yet that we can see. Luckily, ATD has the relevant section in its news post:

We are able to suggest that your friend tag you in a picture by scanning and comparing your friend’s pictures to information we’ve put together from your profile pictures and the other photos in which you’ve been tagged.

The old language:

We are able to suggest that your friend tag you in a picture by scanning and comparing your friend's pictures to information we've put together from the other photos you've been tagged in. This allows us to make these suggestions.

In the short-term, the change will improve the company's facial recognition so that it can suggest you be tagged in more photos all over the site. And of course, if it can find you all over the site, then it's got a more comprehensive sense of who you are. And of course since this is a proposed change, it won't take effect until after a certain waiting and deliberation period—so if it matters to you, make sure to weigh in.

Via http://gizmodo.com/facebook-wants-to-get-a-better-picture-of-what-your-loo-1222315712

Share
4May/12

Corporations Are People, My Friend. But, IP Addresses Are Not.

When a judge makes a good decision, it shouldn't be news. But, in this case, it's very good news indeed.  This week New York Magistrate Judge Gary Brown for the United States District Court for the Eastern District of New York filed a 26-page ruling pointing out that the person listed as an Internet account holder is often not the person using the account.

"It is no more likely that the subscriber to an IP address carried out a particular computer function–here the purported illegal downloading of a single pornographic film–than to say an individual who pays the telephone bill made a specific telephone call," Brown said in his Order & Report & Recommendation, filed May 1.

"An IP address merely identifies the location where a certain activity occurred", Brown noted. A computer in a household is usually shared, which means a child, a boyfriend, or any other visitor, is just as likely to be using the computer. Brown also noted that many households now have a wireless network. If the network is not secured, many people, including neighbors and strangers, can be sharing that IP address without the original account holder's knowledge.

"Considering the weak relationship between an IP address and personal identity, it's likely copyright holders were accusing the wrong people of violating copyright", Brown noted. Mass-BitTorrent lawsuits relying entirely on IP addresses to identify copyright infringers were a "waste of judicial resources," he wrote.

VIA: http://securitywatch.pcmag.com/security/297475-ip-address-not-a-person-judge-says-in-copyright-lawsuit

Share
30Mar/12

‘Massive’ credit card data breach involves all major brands

This breach has already been confirmed by the big processors, and seems to be larger in scope than prior breaches.

VIA http://money.cnn.com/2012/03/30/technology/credit-card-data-breach/?source=cnn_bin

Share
19Mar/12

There’s an app for that: How researchers pwned your mind

Researchers turn smartphone users into unwitting minions with a simple app

With mobile users becoming more reliant on their devices and accompanying applications, researchers from Northwestern University have discovered the ease with which user’s mobility can be “soft” controlled.

As smartphone apps become further and further integrate into our daily lives, you have to wonder if we’re in control of our desires or if mobile applications are starting to controlling us.

To discover the ease with which app users can be manipulated, researchers from the McCormick School of Engineering at Northwestern University underwent a study to determine whether they could change the habits of a smartphone user’s mobility through gaming and social-networking applications. The goal was to compel them to visit areas less frequented.

How can an application affect on our decisions on a daily basis?

Like with advertising, we can be compelled by Foursquare to achieve or maintain our “Mayor” standing at a particular restaurant or venue. We might be manipulated, for instance, to travel not to the local pizza shop, but instead to the Chinese food store that we’ve been visiting repeatedly for the last month.

The research was conducted by John Rula and Fabián E.

Bustamant and titled, “Crowd (Soft) Control Moving Beyond the Opportunistic.” They used four foundational elements that work together offer individuals incentives:

  • Location: The location desired stated in terms of latitude and longitude, and optionally altitude and heading.
  • Action: The type of action to be triggered at the particular location and time.
  • Expiration Time: The time when the request is no longer valid; this is used to control the timing and relevancy of actions.
  • Ranking: The relative importance of the location. This can be used by the game to differentiate incentives by priority Rula and Bustamant created an Android-based augmented reality game titled, “Ghost Hunter,” which required users to chase monsters and ghosts throughout the neighborhood. The objective of the game was to “zap” the ghosts and monsters by capturing the augmented image on their mobile phone’s camera. But what users were not aware of was the researcher’s underlying intent.

The researchers had positioned the ghosts in exact locations, around a predetermined building. The resulting photographs of the “ghosts” enabled the researchers to create a 3D picture of the building from the collected images. While the photographic modeling of the building was successfully crowdsourced by the unsuspecting “Ghost Hunter” gamers, what the researchers had also discovered was the ability to compel users to capture images of the building from angles and locations typically not frequented, as the image below indicates.

While mobile users are concerned about their privacy, the ease with which they can be “soft” controlled raises a whole new issue altogether. Games and social networks not only offer a means of learning more about the people who use them, they can potentially offer a way to control their actions. Manipulating users into conducting illegal acts or luring them to dangerous locations is very much a reality.

Only days ago, three Japanese tourists were mislead by their GPS into the Moreton Bay in Australia during a low tide and became trapped in the thick mud. With the tide rising, they were forced to abandon their waterlogged rental car.

Ultimately, users will have to decide for themselves where they draw the line. As the research reiterates, “As augmented reality gamers can be trusted to exercise their best judgment during play, users of extended location based applications should be trusted to judge the suggestions made through CSC (Crowd Soft Control).”

Via http://www.digitaltrends.com/mobile/researchers-turn-smartphone-users-into-unwitting-minions-with-a-simple-app/

 

 

Share
1Feb/11

Internet Explorer Flaw Could Disclose Passwords

Via MSNBC:

A recently discovered flaw in Internet Explorer could allow criminals to collect passwords and banking information. Microsoft is warning Windows users to be aware of the problem, with a manual work-around available, but there is no downloadable software fix available yet. So far, Microsoft says it “has not seen any indications of active exploitation of the vulnerability.”

Read the article: http://technolog.msnbc.msn.com/_news/2011/02/01/5967710-ie-flaw-could-mean-access-to-passwords

Share
31Jan/11

Security Minded: Drive Encryption

The Need

Where do I begin? Even before (maybe especially before) storage devices were portable, they were still vulnerable to theft, due more to their high resale value than the questionable value of their contents. Today, the market value of even a brand-new desktop computer may not be worth the potential consequences of being caught. But, the lucrative identity theft trade has given rise to an entirely different motive for computer, tablet, and cellphone theft. In this case, the device is simply a means to an end.

But theft and the obvious concern over losing such easily and commonly misplaced devices as thumb drives are far from the only reason to encrypt hard drive data. Today, for instance, international travelers may be subject to the copy and search of their hard drives, as authorized by the Department of Homeland Security's U.S. Customs and Border Enforcement's "Policy Regarding Border Search of Information" (July 16, 2008), which, among other things, allows Customs Agents broad discretion to detain "electronic devices, or copies thereof, for a reasonable period of time to perform a thorough border search." Regardless of your motivation, encrypting mobile data storage should be high on your list of priorities. Like my AmericanExpress card, I never leave home with out it.

Note to attorneys, medical professionals, or anyone with a fiduciary responsibility: Unlike most professionals, you may have a legal, if not ethical, responsibility to protect your clients' data. Even if a standard for "reasonableness" has previously been applied to "locks" and other 20th century security practices, it may not apply to devices removed from a secure space. Check with your respective associations and/or licensing boards for more information. ... CONTINUE READING »

Share
27Jan/11

Unlike: Facebook’s Plan To Turn YOU Into A Spokesperson

The funny thing about world-domination is that even when you achieve it, you still have to finance it. Maybe that's why Facebook keeps coming up with crazy money-making schemes.

Last week it was disclosing users' addresses and phone numbers to third-parties. The latest puts you in the role of company spokesperson by turning your "likes" and "checkins" into sponsored ads on your friend's pages--without your consent. Currently there is no way for users to disable this "feature".

Read more at http://news.yahoo.com/s/ap/20110126/ap_on_hi_te/us_tec_facebook_ads

Share
18Jan/11

Facebook Drops Plan to Disclose Users’ Home Addresses and Personal Phone Numbers

Via Epic.org: Facebook has retreated from its decision to allow third-party access to users home addresses and phone numbers. Facebook backed off after criticism of the new policy, but said it would go forward once it has made further changes. EPIC Executive Director Marc Rotenberg said "Facebook is trying to blur the line between public and private information. And the request for permission does not make clear to the user why the information is needed or how it will be used." EPIC, and several consumer organizations, have complaints pending at the Federal Trade Commission concerning Facebook's earlier changes to users' privacy settings. For more information, see EPIC: In Re Facebook, EPIC: In Re Facebook II, and EPIC: Facebook Privacy.

Read full article at http://epic.org/2011/01/facebook-drops-plan-to-disclos.html

Share
8Jan/11

Obama Looks to Silicon Valley to Solve Identity Crisis

The federal government thinks identity and passwords need to be fixed to keep the internet healthy, but is declining, thankfully, to try to fix it themselves. Instead, they are pushing internet entrepreneurs to build something robust and open.

Read full article at http://feeds.wired.com/~r/wired/index/~3/3Uts2JG5xFc/

Share

Log In


Join the conversation...

Join the conversation on Twitter

Join the conversation on Facebook

disquslogo_180 Subscribe to RSS feed

Join the Google conversaton…

Geo Visitors Map