Articles about Privacy

Password

US commission whistles to FIDO: Help end ID-based hacks by 2021

A White House commission on improving cybersecurity has come up with a list of recommendations for US president-elect Donald Trump’s administration – including a target for no big hacks to involve identity-based compromises. The US Commission on Enhancing National Cybersecurity has identified 16 key recommendations on security …
John Leyden, 08 Dec 2016
My Friend Cayla and i-Que robot

Playtime's over: Internet-connected kids toys 'fail miserably' at privacy

The Electronic Privacy Information Center (EPIC) and the European Consumer Organization (BEUC) are calling for US and EU data protection authorities to take action against insecure networked toys. Declaring that "My Friend Cayla," a Bluetooth-enabled doll released in 2014, and "i-Que," a connected robot released last year, " …
Thomas Claburn, 08 Dec 2016
A brick tunnel

Santa says you've been nice kids: OpenVPN to get security audit

Johns Hopkins University crypto professor Dr Matthew Green is to lead a security audit of OpenVPN 2.4. The open source VPN project, published at GitHub, has been compiled for everything from Solaris to Windows, passing various Linux and BSD distributions along the way (including OSX); Windows and Android (and jailbroken iOSs …
Canadian Mounties

Body cams too fragile for Canadian Mounties – so they won't be used

The Royal Canadian Mounted Police (RCMP) says it will not be equipping its officers with body cameras after the units were found to be not rugged enough for field use. The Mounties say that a three-year trial run of the body-worn camera (BWC) gear has concluded and will not be adopted because the units have neither the battery …
Shaun Nichols, 08 Dec 2016

Could this be you? Really Offensive Security Engineer sought by Facebook

Facebook is hiring an Offensive Security Engineer, and not the sort inclined to disparage the length of your keys or your choice of encryption algorithm. "Facebook's Security team is looking for an offensive security engineer that can deliver technical leadership for our offensive security team and execute tactical, offensive …
Thomas Claburn, 07 Dec 2016

Oz gummint's 'open government' strategy arrives at last

A couple of days after being warned it was dragging its feet on open government strategies, the Federal Government has released its Open Government National Action Plan. A couple of days ago, the government had its attention sharpened by a warning that it would get kicked out of the OGP process if it didn't get cracking (from …
Scrreshot of trailer for dave eggers the circle, movie starring emma watson.

Privacy is theft! Dave Eggers' big-screen takedown of Google and Facebook emerges

The Circle, Dave Eggers' novel about a society dominated by an omniscient, cult-like Silicon Valley internet company, has been given the big-screen treatment, with the trailer emerging this week. The movie's promo site has a witty parody of the "onboarding" process for a web platform – enjoy the unreadable EULA as it flashes …
Andrew Orlowski, 07 Dec 2016

Uber is watching your smartphone's battery charge

Browser authors are abandoning the invasive Battery API W3C specification, but not everybody's got the memo: Uber, for example, still watches battery status. The not-an-employer, not-a-taxi-company's app checks battery status and remaining battery, with the explanation that the feature is used for fraud detection. The …

Microsoft says LinkedIn will make Trump, Brexit, voters feel great again

Microsoft says buying LinkedIn will help to address the middle class discontent that saw Britain vote to leave the European Union and America vote to leave politics as we know it behind by electing Donald Trump. The company has expressed that sentiment in its post announcing the European Commission's approval of its …
Simon Sharwood, 07 Dec 2016

The UK's Investigatory Powers Act allows the State to tell lies in court

Analysis Blighty's freshly passed Investigatory Powers Act, better known as the Snoopers' Charter, is a dog's dinner of a law. It gives virtually unrestricted powers not only to State spy organisations but also to the police and a host of other government agencies. The operation of the oversight and accountability mechanisms in the IPA …
Gareth Corfield, 06 Dec 2016

In the three years since IETF said pervasive monitoring is an attack, what's changed?

Feature After three years of work on making the Internet more secure, the Internet Engineering Task Force (IETF) still faces bottlenecks: ordinary peoples' perception of risk, sysadmins worried about how to manage encrypted networks, and – more even than state snooping – an advertising-heavy 'net business model that relies on collecting …
NHM VR Experience audience

Microsoft boffins think VR visions will rival drugs by 2027

Search as people presently know it – a dialog box for typed queries – will vanish in a decade, according to Susan Dumais, distinguished scientist and deputy managing director of Microsoft Research Lab. Dumais is one of 17 Microsoft researchers who, in a blog post on Monday, offered predictions about technology developments we …
Thomas Claburn, 06 Dec 2016
Bob and Doug McKenzie of Canada

Canada asks citizens: How would you like us to spy on you?

The Canadian government is asking citizens to weigh in on its plans for digital surveillance programs. A government-hosted page called Investigative Capabilities in a Digital World seeks input from residents on matters such as intercepting communications, forcing data decryption, and requiring service providers in Canada to …
Shaun Nichols, 05 Dec 2016

Icelandic Pirate Party asked to form government

Iceland's president Guðni Th. Jóhannesson has asked the nation's Pirate Party to form government. A new proclamation and edict (PDF in Icelandic) gives Pirate captain Birgitta Jonsdottir a mandate to lead negotiations with rival parties in an attempt to find a working majority in the Alþingi, Iceland's Parliament. Jóhannesson …
Simon Sharwood, 04 Dec 2016
Facebook Like. Credit: AlesiaKan https://www.shutterstock.com/gallery-164152730p1.html / Shutterstock.com Release Information: Editorial Use Only.

Axel Springer boss defends Facebook in fake news controversy

One of Silicon Valley’s harshest and most powerful critics has leapt to its defence over the “fake news” controversy. Mathias Döpfner, CEO of the German giant publishing group Axel Springer, says Facebook must retain the liability privileges it enjoys as an internet platform - rather than be reclassified as a publisher. …
Andrew Orlowski, 02 Dec 2016

Brexit means Brexit: What the heck does that mean...

Apparently the Brexit result has caused some IT leaders to look at repatriating data to the UK to “comply with data protection laws and especially GDPR”. But wait a minute – this seems to be more about a lack of understanding of data protection laws. Again. Earlier this year I wrote about emotional knee-jerk reactionism being …
Frank Jennings, 02 Dec 2016
Photo by Phil Stafford / Shutterstock

Renewed calls for Tesla to scrap Autopilot after number of crashes

US advocacy group Consumer Watchdog has renewed its demands for a recall of Tesla's Autopilot feature following a number of crashes. Earlier this week, a Tesla smashed into a construction barrier truck on a German motorway at high speed. Consumer Watchdog said the "growing list of Tesla crashes demonstrates the urgent need to …
Kat Hall, 01 Dec 2016
ISIS fighters

Still too much discretion when it comes to that 'terrorism' stuff, repeats David Anderson QC

There is still too much discretion in what the State is talking about when discussing terrorism, according to the outgoing independent reviewer of terrorism legislation. Seeking to limit the growth of public suspicion regarding the State's increasing investigatory powers, it is still necessary to establish a proper definition …
Data breach

Clients say they'll take their money and run if service hacked – poll

Further evidence has emerged that hacked firms might subsequently suffer a customer exodus. After TalkTalk's famous data breach, 101,000 of its customers walked. Almost half (48 per cent) of the 1,000 Brits questioned by Onepoll claimed they would cancel accounts if a provider of theirs suffered a data breach. In addition, a …
John Leyden, 01 Dec 2016
Pacemaker

Fatal flaws in ten pacemakers make for Denial of Life attacks

A global research team has hacked 10 different types of implantable medical devices and pacemakers finding exploits that could allow wireless remote attackers to kill victims. Eduard Marin and Dave Singelée, researchers with KU Leuven University, Belgium, began examining the pacemakers under black box testing conditions in …
Darren Pauli, 01 Dec 2016

Wow. What a shock. The FBI will get its bonus hacking powers after all

Three last-ditch legislative efforts to block the changes to Rule 41 of the Federal Rules of Criminal Procedure have failed, and from tomorrow the Feds will find hacking your PC a lot less of a hassle. The rule change was introduced by the Supreme Court in April. It will allow the FBI and police to apply for a warrant to a …
Iain Thomson, 30 Nov 2016
Privacy

UCL snags head of Europol for a seminar on privacy

The head of Europol will be contributing to a seminar at UCL on "the state of the current privacy landscape", which will run in January. The event – Privacy Online and Offline: The Citizen, the Personal and the Public Interest – is being run by UCL's Institute of Brand and Innovation Law. The talks will take place over 23-24 …
lottery

UK National Lottery data breach: Fingers crossed – it might not be you

Cyber criminals appear to be using passwords and email addresses from previous breaches to gain access to 26,000 online UK National Lottery accounts. Camelot, the company behind the National Lottery, detected the scam and subsequent attempted frauds and responded by locking down accounts, triggering compulsory password resets …
John Leyden, 30 Nov 2016
Big bill

UK.gov was warned of smart meter debacle by Cabinet Office in 2012

The government was warned of the risks surrounding its controversial smart meter programme four years ago, according to a leaked internal report seen by The Register, but appears to have largely ignored those concerns. A review of the programme from March 2012 highlights the vulnerability of smart meters to cyber-attacks, and …
Kat Hall, 30 Nov 2016

UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors. As the bill was passing through Parliament, several organizations …
Kieren McCarthy, 30 Nov 2016
Trump, photo by uplift the world via Shutterstock

Internet Archive preps Canadian safe haven to swerve Donald Trump

It's something many Americans have talked about – moving to Canada to escape President Donald Trump – but now the Internet Archive is preparing to do just that. "On November 9th in America, we woke up to a new administration promising radical change," reads a blog post from the organization's founder, Brewster Kahle. "It was a …
Kieren McCarthy, 29 Nov 2016
Queen's Speech 2015. Screen grab from Parliament TV

Investigatory Powers Act signed into UK law by Queen

IPBill Queen Elizabeth II today signs off on Parliament's Investigatory Powers Act, officially making it law in the UK. Her Maj not only had the last word on the new legislation — aka the Snoopers' Charter — she had the first. She publicly announced what the law would be called during the official opening of Parliament after last …
Photo by Diabluses / Shutterstock

Netflix and spill: Web vid giant kills password masking in tests

Netflix is testing a new feature that, for some subscribers, shows their passwords in plain text as they are typed in – and potentially when folks revisit the site. The temporary design tweak, which Netflix says is supposed to help fat-fingered users correctly enter their passwords, does not star out characters as they are …
Shaun Nichols, 29 Nov 2016

Lib Dems to oppose porn checks in Blighty's Digital Economy Bill

The Liberal Democrats are to oppose plans to impose strict age regulations on porn sites in the UK's forthcoming Digital Economy Bill – describing the measures as something the "Russian or Chinese governments" would impose. The proposed law is due for a report-stage vote and third reading in the Commons on Monday afternoon. …
Kat Hall, 28 Nov 2016
Privacy image

100k+ petition: MPs must consider debating Snoopers' Charter again

A petition to Parliament requesting the repeal of the Investigatory Powers Act has received the 100,000 signatures required to make Parliament “consider” debating the issue. Although the Investigatory Powers Act doesn't actually exist at the moment — it remains a Bill of Parliament which will not become an Act until it …
editorial only image of Whitehall. Pic Daniel Gale/Shutterstock

Sharing's caring? Not when you spread data across gov willy-nilly

Digital Economy Bill Privacy campaigners and academics have called for the removal of personal data sharing proposals in the forthcoming Digital Economy Bill. The Bill puts government ministers in control of citizens' personal data, "a significant change in the relationship between citizen and state," wrote 26 signatories in a letter to The …
Kat Hall, 25 Nov 2016

Drops the mic... Hang on, hackers could be listening through my headphones?

Experimental malware has highlighted the possibility that hackers might be able to turn headphones into microphones in order to snoop on computer users. Research by computer scientists at Ben-Gurion University, Israel, has revealed that both headphones and loudspeakers present a potential bugging risk. The boffins put together …
John Leyden, 25 Nov 2016
Daniel Craig in Casino Royale

Small ISPs 'probably' won't receive data retention order following IP Bill

The government “probably won’t” force internet service providers with no history of working with the intelligence services into retaining internet records following wide-ranging new powers passed in the Investigatory Powers Bill, the Home Office has said. Last week the Investigatory Powers Bill - dubbed the Snoopers Charter - …
Kat Hall, 25 Nov 2016
Australian Parliament House Canberra

IBM pays up after 'clearly failing' DDoS protection for Australia's #censusfail

Australia's census all-but failed due to a combination of poor design, bad operational decisions, human error and numerous lazy and/or bad decisions that could have been avoided had warnings about corporate culture been heeded, or Australian government agencies properly educated about what it takes to deliver digital services …
Simon Sharwood, 25 Nov 2016
Bulls_eye_target

Tech giants warn IoT vendors to get real about security

The heavyweights behind the Broadband Internet Technical Advisory Group (BITAG) are sick of Internet of Things (IoT) startups foisting insecure rubbish on consumers, and have fired a report that looks like a stern warning that IoT bandwagon-hoppers need to get their houses in order. The group – which counts vendors like Cisco …

How to confuse a Euro-cop: Survey reveals the crypto they love to hate

European Union (EU) citizens can now get an idea of what their governments want – and are doing about – cryptography regulation. The new opportunity comes courtesy of an freedom of information request by Bits of Freedom, summarised by privacy researcher Lukas Olejnik here. The news is bleak: the responses to a survey sent to …

Signal security revealed: A triple-Diffie-Hellman with a double ratchet

Signal developer Open Whisper Systems has quietly posted some important documents for developer consumption: the specifications of its signature verification, key agreement, and secret key protocols. The posts are dated 20 November, although a Tweet from 4 November suggests the documentation was stealth-published earlier. The …
police

FYI: The FBI is being awfully evasive about its fresh cyber-spy powers

Senior US senators have expressed concern that the FBI is not being clear about how it intends to use its enhanced powers to spy on American citizens. Those are the spying powers granted by Congressional inaction over an update to Rule 41 of the Federal Rules of Criminal Procedure. These changes will kick in on December 1 …
Iain Thomson, 23 Nov 2016
Photo by Andrew Cline / Shutterstock

Pre-Trump FCC – get a grip on mobe data caps, racist Stingray spying, urge Dem senators

Leading Democrat senators are pushing the US Federal Communications Commission (FCC) to address a number of hot topics, including zero rating and the use of the Stingray cellphone-tracking technology, before the Trump Administration takes over in January. In a letter [PDF] sent Friday, seven senators including Elizabeth Warren …
Kieren McCarthy, 22 Nov 2016
cloud

Four IBM data centres planned for Big Blue UK cloud

IBM is expanding its UK data centre footprint, tripling the number of facilities in the region. Big Blue plans four new centres to drive adoption of its various cloud-based services for development and enterprise deployments. It currently operates just two UK data centres. Notably, neither of the first two DCs we know about …
Gavin Clarke, 22 Nov 2016
LinkedIn, photo via Shutterstock

Microsoft promises 'equal access' to LinkedIn to get EC green light for acquisition

Microsoft is offering to crack open access to LinkedIn to secure European Commission approval for its $26bn purchase of the social network for suits. The software giant is reportedly offering competition regulators the continued prospect of open access to LinkedIn’s APIs as well as “allowing” OEMs to install LinkedIn on their …
Gavin Clarke, 22 Nov 2016
German Chancellor Angela Merkel at a press conference. Credit: 360b / Shutterstock.com Release Information: Editorial Use Only.

Merkel calls for balanced approach to data protection

EU countries must not be too restrictive in how they apply EU data protection laws or risk damaging the development of big data projects, German chancellor Angela Merkel has said. Germany has traditionally been cautious over data collection, but if countries are too restrictive then "big data management will not be possible", …
OUT-LAW.COM, 22 Nov 2016

MP Kees Verhoeven wants EU to regulate the Internet of S**t

The Democrats 66 (D66) party, currently in opposition in The Netherlands, hopes it can legislate insecure stuff away from the Internet. The suggestion comes in a multi-part initiative put together by MP Kees Verhoeven, who also wants The Netherlands to fund a local threat analysis capability and a national cyber security …
DNS privacy slide from Dan Gillmor, ACLU

IETF plants privacy test inside DNS

The Internet Engineering Task Force's (IETF's) years-long effort to protect Internet users has taken a small step forward, with one option for better Domain Name System (DNS) privacy reaching the test stage. "Stubby", created by the getdns project team, lets users test encrypted DNS queries. The idea isn't to flick the switch …

Trump hires very best, greatest net neut haters to head FCC transition

President-elect Donald Trump has hired two strong opponents of net neutrality rules to head up his transition team for the US Federal Communications Commission (FCC). Economist Jeff Eisenach, who worked in the Reagan Administration at the Federal Trade Commission (FTC) and does a lot of corporate work for Verizon, and Mark …
Kieren McCarthy, 21 Nov 2016
Nerd kid, image via Shutterstock

Kids' Hour of Code turns into a giant corporate infomercial for kids

A leading education advisor to government ministers in the UK has criticised the aggressive proliferation of software in schools as a "gimmick", and called for ministers to "drain the swamp". British schoolchildren will play Minecraft for an hour as Microsoft's contribution to the global "Hour of Code", a stunt intended to …
Andrew Orlowski, 21 Nov 2016

LinkedIn officially KickedOut of Russia

UPDATE Russian telecoms regulator Roskomnadzor has made it official: LinkedIn is no longer welcome in Putin's formerly-socialist paradise. The regulator's brief statement confirms what we knew last week , namely that LinkedIn hasn't been able to satisfy Russia that it complies with laws requiring personal data to be stored on Russian …
Simon Sharwood, 18 Nov 2016

The encryption conundrum: Should tech compromise or double down?

Versus16 Silicon Valley should work with the US government in Washington to arrive at a solution that gives law enforcement access to encrypted comms, but that respects individual privacy. That's according to former White House counterterrorism and cybersecurity official Daniel Rosenthal, who was debating where the issue of encryption …
Kieren McCarthy, 18 Nov 2016
Woman uses headphones with her iPhone. Photo by Shutterstock

FYI Apple fans – iCloud slurps your call histories

Apple's effort to avoid becoming an on-demand data dispensary for authorities faces unlikely saboteurs: The company's commitment to convenience and its customers' preference for the same. Russian digital forensics company Elcomsoft on Thursday published a blog post claiming that Apple's iCloud Drive service stores phone call …
Thomas Claburn, 17 Nov 2016

Mozilla launches 'privacy edition' Firefox... that phones home

Mozilla popped out a new browser today, aimed at the privacy-aware mobile user. Somewhat ironically, it sends Mozilla user data by default: you’ll need to turn this off manually. FireFox Focus blocks ad trackers, analytics trackers and social network tracers by default, although some tracking is permitted. That can be disabled …
Andrew Orlowski, 17 Nov 2016