Skip to main content

Home/ Future of the Web/ Group items tagged security

Rss Feed Group items tagged

Paul Merrell

Nearly Everyone In The U.S. And Canada Just Had Their Private Cell Phone Location Data ... - 0 views

  • A company by the name of LocationSmart isn't having a particularly good month. The company recently received all the wrong kind of attention when it was caught up in a privacy scandal involving the nation's wireless carriers and our biggest prison phone monopoly. Like countless other companies and governments, LocationSmart buys your wireless location data from cell carriers. It then sells access to that data via a portal that can provide real-time access to a user's location via a tailored graphical interface using just the target's phone number.
  • Theoretically, this functionality is sold under the pretense that the tool can be used to track things like drug offenders who have skipped out of rehab. And ideally, all the companies involved were supposed to ensure that data lookup requests were accompanied by something vaguely resembling official documentation. But a recent deep dive by the New York Times noted how the system was open to routine abuse by law enforcement, after a Missouri Sherrif used the system to routinely spy on Judges and fellow law enforcement officers without much legitimate justification (or pesky warrants): "The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show. Between 2014 and 2017, the sheriff, Cory Hutcheson, used the service at least 11 times, prosecutors said. His alleged targets included a judge and members of the State Highway Patrol. Mr. Hutcheson, who was dismissed last year in an unrelated matter, has pleaded not guilty in the surveillance cases." It was yet another example of the way nonexistent to lax consumer privacy laws in the States (especially for wireless carriers) routinely come back to bite us. But then things got worse.
  • Driven by curiousity in the wake of the Times report, a PhD student at Carnegie Mellon University by the name of Robert Xiao discovered that the "try before you buy" system used by LocationSmart to advertise the cell location tracking system contained a bug, A bug so bad that it exposed the data of roughly 200 million wireless subscribers across the United States and Canada (read: nearly everybody). As we see all too often, the researcher highlighted how the security standards in place to safeguard this data were virtually nonexistent: "Due to a very elementary bug in the website, you can just skip that consent part and go straight to the location," said Robert Xiao, a PhD student at the Human-Computer Interaction Institute at Carnegie Mellon University, in a phone call. "The implication of this is that LocationSmart never required consent in the first place," he said. "There seems to be no security oversight here."
  • ...1 more annotation...
  • Meanwhile, none of the four major wireless carriers have been willing to confirm any business relationship with LocationSmart, but all claim to be investigating the problem after the week of bad press. That this actually results in substantive changes to the nation's cavalier treatment of private user data is a wager few would be likely to make.
Paul Merrell

'I made Steve Bannon's psychological warfare tool': meet the data war whistleblower | N... - 0 views

  • For more than a year we’ve been investigating Cambridge Analytica and its links to the Brexit Leave campaign in the UK and Team Trump in the US presidential election. Now, 28-year-old Christopher Wylie goes on the record to discuss his role in hijacking the profiles of millions of Facebook users in order to target the US electorate
Paul Merrell

Facebook blasted by US and UK lawmakers - nsnbc international | nsnbc international - 0 views

  • Lawmakers in the United States and the United Kingdom are calling on Facebook chief executive Mark Zuckerberg to explain how the names, preferences and other information from tens of millions of users ended up in the hands of the Cambridge Analytica data analysis firm.
  • After Facebook cited data privacy policies violations and announced that it was suspending the Cambridge Analytica data analytics firm also tied to the Trump campaign, new revelations have emerged. On Saturday, reports revealed that Cambridge Analytica, used a feature once available to Facebook app developers to collect information on some 270,000 people. In the process, the company, which was, at the time, handling U.S. President Donald Trump’s presidential campaign, gained access to data on tens of millions of their Facebook “friends” and that it wasn’t clear at all if any of these people had given explicit permission for this kind of sharing. Facebook’s Deputy General Counsel Paul Grewal said in a statement, “We will take legal action if necessary to hold them responsible and accountable for any unlawful behavior.”
  • The social media giant also added that it was continuing to investigate the claims. According to reports, Cambridge Analytica worked for the failed presidential campaign of U.S. Senator Ted Cruz and then for the presidential campaign of Donald Trump. Federal Election Commission records reportedly show that Trump’s campaign hired Cambridge Analytica in June 2016 and paid it more than $6.2 million. On its website, the company says that it “provided the Donald J. Trump for President campaign with the expertise and insights that helped win the White House.” Cambridge Analytica also mentions that it uses “behavioral microtargeting,” or combining analysis of people’s personalities with demographics, to predict and influence mass behavior.  According to the company, it has data on 220 million Americans, two thirds of the U.S. population. Cambridge Analytica says it has worked on other campaigns in the United States and other countries, and it is funded by Robert Mercer, a prominent supporter of politically conservative groups.
  • ...1 more annotation...
  • Facebook stated that it suspended Cambridge Analytica and its parent group Strategic Communication Laboratories (SCL) after receiving reports that they did not delete information about Facebook users that had been inappropriately shared. For months now, both the companies have been embroiled in investigations in Washington and London but the recent demands made by lawmakers focused explicitly on Zuckerberg, who has not testified publicly on these matters in either nation.
Gonzalo San Gil, PhD.

7 steps to proactive security | Network World - 0 views

  •  
    "The key to securing against this threat lies in a common metaphor-if a ship has a hole, it is better to patch the breach than bail the water Network World | Oct 21, 2016 4:00 AM P"
Gonzalo San Gil, PhD.

How To Use Nmap Security Scanner (Nmap Commands) - LinuxAndUbuntu - 1 views

  •  
    "Nmap is a great security scanner. Many systems and network administrators use it for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. In this article, I'll guide you through how to use Nmap commands."
Gonzalo San Gil, PhD.

How 'Security Fatigue' Impacts Our Online Decisions - 0 views

  •  
    "NEWS ANALYSIS: A new study claims many users suffer from 'security fatigue,' which affects the choices we make online. What's the real answer and where does the root cause sit?"
Gonzalo San Gil, PhD.

Linux Today - How 'Security Fatigue' Affects Our Choices Online - 0 views

  •  
    "An overabundance of security news and alerts has led to "security fatigue," which is causing users to make bad choices when it comes to online security, suggests a report from the National Institute of Standards and Technology (NIST)."
Gonzalo San Gil, PhD.

To ensure security and privacy, open source software is required - 0 views

  •  
    "Having access to the source code is an undeniable benefit in ensuring the security of a piece of software"
Gonzalo San Gil, PhD.

Why Privileged Users Are a Major Security Risk - 0 views

  •  
    " Privileged users are a key concern for IT leaders because inadvertent leaks from unsanctioned app usage are more likely to originate from this user group."
Gonzalo San Gil, PhD.

Cybersecurity isn't an IT problem, it's a business problem - 0 views

  •  
    "The emergence of the CISO is a relatively recent phenomenon at many companies. Their success often relies upon educating the business from the ground up. In the process, companies become a lot better about how to handle security and certainly learn how not to handle it."
Gonzalo San Gil, PhD.

Is Biometrics Technology Safe? - 0 views

  •  
    "Biometrics is a step forward, but it increases risks. What happens when the digital code for a fingerprint, iris scan, voice print or facial geometry is hacked?"
Gonzalo San Gil, PhD.

Five EFF Tools to Help You Protect Yourself Online | Electronic Frontier Foundation - 0 views

  •  
    "Do you get creeped out when an ad eerily related to your recent Internet activity seems to follow you around the web? "
Gonzalo San Gil, PhD.

Techdirt Podcast Episode 92: Passwords Suck; What's Next? | Techdirt - 0 views

  •  
    "from the correct-horse-battery-staple dept Data breaches that expose passwords are pretty much a fact of life at this point -- and the effects are multiplied by the fact that many, many people reuse passwords no matter how much they know they shouldn't. "
Gonzalo San Gil, PhD.

Linux Security Guide (extended version) - Linux Audit - 0 views

  •  
    "With so many articles about Linux security on the internet, you may feel overwhelmed by how to properly secure your Linux systems. With this guide, we walk through different steps, tools, and resources. The main goal is to have you make an educated choice on what security defenses to implement on Linux. For this reason, this article won't show any specific configuration values, as it would implicate a possible best value. Instead, related articles and resources will be available in the text. The goal is to make this guide into a go-to article for when you need to secure your Linux installation. If you like this article, help others and share it on your favorite social media channels. Got feedback? Use the comments at the bottom. This document in work in progress and last updated in September 2016"
Gonzalo San Gil, PhD.

5 Best Linux Distros for Security - Datamation - 0 views

  •  
    "Linux distros have has long emphasized security and related matters like firewalls, penetration testing, anonymity, and privacy. These distributions pay special attention to security."
Gonzalo San Gil, PhD.

Sengi IT - Big Brother needs to be stopped! | Indiegogo - 1 views

  •  
    "Independence day for your private data. SENGI: a new way of using cloud services and messaging apps. Johannes Ehrlich Halle, Germany About"
Gonzalo San Gil, PhD.

US Spies On Europe - Business Insider - 0 views

  •  
    "John Kerry on the defensive in Brunei. REUTERS / Ahim Rani BANDAR SERI BEGAWAN, Brunei (Reuters) - Nearly all national governments, not just the United States, use "lots of activities" to safeguard their interests and security, U.S. Secretary of State John Kerry said on Monday, responding for the first time to allegations that Washington spied on the European Union and other allies. "
Gonzalo San Gil, PhD.

Best Open Source Security Tools of 2015 (and 2016) - Linux Audit - 0 views

  •  
    "lways looking for a better tool to help you in your work? If there is one website who knows what is happening in the field of security tools, it is ToolsWatch. The site covers new tools, and promotes existing projects when they release a new version."
Gonzalo San Gil, PhD.

[# ! #Tech:] How do I permanently erase hard disk? - 1 views

  •  
    "I am going to sell my laptop soon. Before discarding my system, I want to make sure that no one should be able to use my personal data using any method (format do not work). Is there any open source software out there that can help me permanently erase my hard disk?"
  •  
    "I am going to sell my laptop soon. Before discarding my system, I want to make sure that no one should be able to use my personal data using any method (format do not work). Is there any open source software out there that can help me permanently erase my hard disk?"
1 - 20 of 144 Next › Last »
Showing 20 items per page