Articles about privacy

Christmas santa plastic creepy figurines

Creepy or super creepy? That is the question Mozilla's throwing at IoT Christmas pressies

The FREDI baby monitor has been ranked creepiest connected home gadget on offer this festive season in a survey by Mozilla. According to Mozilla, the babycam uses a default password of "123" that users aren't forced to change, it doesn't use encryption and has a history of being hacked – earning it a "super creepy" tag from …
Rebecca Hill, 15 Nov 2018
Boot print

Bruce Schneier: You want real IoT security? Have Uncle Sam start putting boots to asses

Any sort of lasting security standard in IoT devices may only happen if governments start doling out stiff penalties. So said author and computer security guru Bruce Schneier, who argued during a panel discussion at the Aspen Cyber Summit this week that without regulation, there is little hope the companies hooking their …
Shaun Nichols, 9 Nov 2018

As if connected toys weren't creepy enough, kids' data could be used against them in future

Connected toy makers should make clear what data they slurp up, the UK's Office of the Children's Commissioner has said in a report warning of the long-term impact of amassing data on kids. According to the report (PDF), young folk will have sent out an average of 70,000 social media posts by the time they reach 18, while snap …
Rebecca Hill, 8 Nov 2018
Woman in suit peers through privacy hole in someone's front door

Watchdog slams political data slurpers' 'disturbing disregard' for voters' privacy

Cambridge Analytica, Facebook, universities and political parties are all in the dog house as the UK's data protection watchdog condemned a "disturbing disregard" for personal privacy across the system. 50 of your British pounds. Photo by Shutterstock ICO poised to fine Leave campaign and Arron Banks’ insurance biz £135,000 …
Rebecca Hill, 7 Nov 2018

US draft bill moots locking up execs who lie about privacy violations

Company bosses could be thrown in jail for up to 20 years if they aren't straight with US regulators about privacy violations under a law drafted by senator Ron Wyden. The Democrat has proposed a new privacy bill for the US, with the short title of the Consumer Data Protection Act (PDF), which aims to address the hole in …
Rebecca Hill, 5 Nov 2018

Supreme Court raises eyebrows at Google's cozy $8.5m legal deal

The US Supreme Court is distinctly unimpressed with a cozy deal cooked up by Google's lawyers after the ad giant lost an $8.5m class action lawsuit for violating user privacy. On Wednesday, the nation's top court was asked to tighten up rules over so-called "cy pres" settlements where most, or sometimes all, of a settlement …
Kieren McCarthy, 31 Oct 2018
Dudley Do-Right Royal Canadian Mounted Police

D.O.Eh: Here's the new privacy law Canada can't really enforce

The Canadian government this week will be enforcing a strict new privacy law, with the term "enforcing" up to interpretation because the regulator says he can't enforce it. America's hat says the Personal Information Protection and Electronic Documents Act will be going into effect with the new data breach reporting rules on …
Shaun Nichols, 30 Oct 2018
Tim Cook, photo2 by JStone via Shutterstock

Apple boss decries 'data industrial complex' while pocketing, er, billions to hook Google into iOS

Analysis At a European conference for privacy watchdogs on Wednesday, Apple CEO Tim Cook praised EU data protection supervisor Giovanni Buttarelli for defending privacy and warned that technology, for all its utility, can do harm rather than good. "Platforms and algorithms that promised to improve our lives can actually magnify our …
Thomas Claburn, 24 Oct 2018
Someone spying on someone else

You like HTTPS. We like HTTPS. Except when a quirk of TLS can smash someone's web privacy

Analysis Transport Layer Security underpins much of the modern internet. It is the foundation of secure connections to HTTPS websites, for one thing. However, it can harbor a sting in its tail for those concerned about staying anonymous online. Privacy advocates have long warned about the risks posed by various forms of web tracking. …
Thomas Claburn, 19 Oct 2018
Man and dog listening to headphones

Alexa heard what you did last summer – and she knows what that was, too: AI recognizes activities from sound

Analysis Boffins have devised a way to make eavesdropping smartwatches, computers, mobile devices, and speakers with endearing names like Alexa better aware of what's going on around them. In a paper to be presented today at the ACM Symposium on User Interface Software and Technology (UIST) in Berlin, Germany, computer scientists …
Thomas Claburn, 15 Oct 2018
Spy pointing gun at himself

What could be more embarrassing for a Russian spy: Their info splashed online – or that they drive a Lada?

It has been a busy week for Russian military intelligence – and it's about to get busier. A database search of car registrations appears to have outed more than 300 GRU agents. Following Thursday's report from Dutch and British authorities of a thwarted hacking attack involving four Russian nationals alleged to be officers in …
Beware awkward moments next exit

Sendgrid blurts out OWN customers' email addresses with no help from hackers

Cloud-based email marketing service SendGrid has copped to blabbing customer email addresses, chalking it up to some overenthusiastic indexing without explaining why pages were public-facing in the first place. In a breach notice sent out on Tuesday 2 October, SendGrid said that "some email addresses processed through the …
John Leyden, 4 Oct 2018
London, UK - March, 2018. Police officers patrolling Leicester Square and Piccadilly Circus in central London.  Pic Paolo Paradiso /

Civil rights group Liberty walks out on British cops' database consultation

The UK Home Office's alleged indifference towards civil rights groups' concerns over the creation of a mammoth policing database has caused Liberty to ditch the government-run consultation group on the project. The Home Office is planning to replace the creaky Police National Computer (PNC) and Police National Database (PND) …
Rebecca Hill, 2 Oct 2018

Desktop Telegram users showing off not only their silly selfies but also their IP addresses

Telegram has paid out a €2,000 bounty to a researcher who uncovered a vulnerability that caused the messaging app to expose users' IP addresses. The programming blunder has been fixed in the latest version. Dhiraj Mishra took credit for the discovery and reporting of CVE-2018-17780, a vulnerability in the Windows and tdesktop …
Shaun Nichols, 1 Oct 2018
Silhouette of spy discerning password from code uses a command on graphic user interface

Boffins bypass password protection with pilfering by phony programs

Password managers on mobile devices can be tricked by imposter apps into handing over a user's passwords. This according to a paper [PDF] from researchers with the University of Genoa and EURECOM, who found that the Android Instant Apps feature is designed and can ask for, and receive, stored credentials from password managers …
Shaun Nichols, 26 Sep 2018

Sneaky phone apps just about obey the law, still have no trouble guzzling your data, says Which?

Apps use sneaky tactics to get UK users to hand over more info than they need to – and privacy policies remain long and confusing. These claims were this week emitted by Brit consumer rights body Which? in a report into data privacy of 29 commonly used Android and iPhone apps released. The investigation found that – despite …
Rebecca Hill, 26 Sep 2018
United Nations building photo Arnaldo Jr via Shutterstock

While the UN laughed at Trump, hackers chortled at the UN's lousy web application security

The United Nations has been hit with two damning data leak allegations in as many days. The global organization has seen researchers uncover a pair of flaws that had left a number of its records, and those of its employees, accessible to hackers online. Word of the first issue came out yesterday when security researcher …
Shaun Nichols, 25 Sep 2018

Cookie clutter: Chrome saves Google cookies from cookie jar purges

If you tell Google's latest version of Chrome to delete all of its cookies – surprise, you may still end up with Google cookies on your computer. Christoph Tavan, CTO of publishing biz Contentpass, pointed out this week that when netizens tell the browser to remove all cookies from their machines, Chrome 69 keeps users logged …
Shaun Nichols, 25 Sep 2018

Create a news alert about privacy, or find more stories about privacy.

Biting the hand that feeds IT © 1998–2018