Articles about Privacy

Google is no stranger to upsetting people, and it certainly managed to do this back when Google+ launched three years ago. The social network that finds itself the butt of many jokes has long been criticized for forcing users to reveal their real names. But this policy is no more.

As well as reversing the real name requirement, Google has also apologized for the restrictions that have been in place over the past three years. The change of heart was announced, of course, in a Google+ post, and has been welcomed by the + community.

Continue reading →

It's a little while since a European Court of Justice ruling forced Google to start removing search links to certain articles. Dubbed the "right to be forgotten", the ruling led Google to create an online form making it easier for people to get in touch about search results relating to them thought to be "inadequate, irrelevant or no longer relevant". But just like those requests from celebrities to stop publishing compromising images online, it seems like asking for search links to be censored serves only to highlight the existence of the web pages they correspond to.

The court's decision that people should be able to request that information about them be removed from Google searches came after Spaniard Mr Costeja González took exception to links to stories about a series of old debts he had. There are now few people who follow news about Google who are not aware that Mr González has a less than perfect credit history. It's not clear whether he regards the ruling as a personal victory, but the appearance of Hidden From Google is sure to ruffle the feathers of many who have submitted similar removal requests to the search giant.

Continue reading →

The hacking and spying techniques of the UK's Government Communications headquarters (GCHQ) have been exposed in the latest leak by Edward Snowden. The wide-ranging techniques include invasive methods for online surveillance, as well as some of the very techniques that the US and UK have harshly prosecuted young online activists for employing, including distributed denial of service (DDoS) attacks and "call bombing".

The document is set out in a massive Wikipedia-style archive used by GCHQ to internally discuss its surveillance and online deception activities.

Continue reading →

News and review website CNET has been targeted by a team of Russian hackers called W0rm. CNET's servers were hit over the weekend, but details have only just been released.

Although CNET has not given a concrete confirmation of exactly what happened, the site explains that a representative of W0rm claims to have stolen a database containing the usernames and passwords of over a million users. It seems a security hole in the Symfony PHP framework was exploited, and it is not yet clear what the fallout could be.

Continue reading →

When we talk about surveillance online, it is almost always with reference to the NSA and activities in the US. But US citizens are far from being the only web users affected by surveillance. The NSA has long arms, but there are also similar activities going on in plenty of other countries. This week in the UK, the government is pushing through legislation that requires phone and internet companies to store information about customers' communication, and to hand it over to authorities on request. What made this particularly unusual was the fact that this was classed as emergency surveillance legislation with little to no debate and, more importantly, no public consultation whatsoever. Edward Snowden has plenty say on the matter, likening the British government to the NSA.

The legislation covers not only UK-based companies, but also those based in other countries who have gathered data about UK customers. It is in direct opposition to a recent European court ruling that said retention of data was a violation of European law. This in itself would be reason for any surveillance-related laws to be debated, but the government chose instead to use emergency measures -- usually reserved for times of war or disaster -- to push through laws it knows will prove unpopular. As we are now used to hearing, the surveillance is not about recording phone calls, or storing individual emails and text messages, but about retaining the related metadata -- who contacted who, when, for how long, from where, and so on.

Continue reading →

As a test, Avast purchased 20 used and supposedly wiped Android phones and discovered that it was able to recover vast amounts of personal user data. My colleague Brian Fagioli reported the story here.

Google responded to the news, stating "This research looks to be based on old devices and versions (pre-Android 3.0) and does not reflect the security protections in Android versions that are used by the vast majority of users". It went on to offer users advice on how to make sure when selling an old mobile phone you aren’t also gifting your personal data to buyers.

Continue reading →

Phones hit the headlines for lots of reasons -- the biggest, the most expensive, the shiniest, or just the newest. We live in times in which security and privacy are major concerns for people in all walks of life. The activities of the NSA, as revealed by Edward Snowden, served only to heighten paranoia -- the prospect of having one's phone calls and text messages intercepted is something that fills few people with joy. Enter Vysk communicastions' Vysk QS1 phone case which can be used with an iPhone 5 or 5s, and a Samsung Galaxy S5 or S4. The selling point here is that it's not just your phone that's protected, but also your privacy.

The privacy features come in mechanical and software forms. On the mechanical front there are "shutters" that can be used to obscure your phone's front and rear cameras, and there's also a jamming system for microphones. This is described by Vysk as "Lockdown Mode", but you can take things a step further. For $9.95 you can subscribe to "Private Call Mode". This introduces encryption to your texts and phone calls, with an onboard processor taking care of encryption on the fly and sent via the Vysk encrypted network. As Vysk puts it: "No one -- not even Vysk -- will know the identity of the caller or the recipient. No data is collected -- no phone numbers, call times or content - so there is no data to record. Because nothing is recorded, nothing is at risk."

Continue reading →

Buying and trading goods used to be so easy. If I needed a rake and my neighbor needed a hoe, we could simply swap. If I wanted to sell something, I would take out a classified ad in a local newspaper, like the Penny Saver. Hell, I bought my first car that way -- loved that thing.

Nowadays, buying and selling is much more complicated -- especially electronics. You can buy something from eBay or Craigslist only to find out that it doesn't work or is stolen. Smartphones and tablets can be risky to sell, because you have to remember to wipe your data before giving it to the other party. If you forget, the buyer can get your personal information and private photos. Forget to delete that sexy selfie that you took? Some weirdo from eBay now has it and will spread it around the net. Today, Avast announces that as a test it purchased 20 used and supposedly wiped phones from the net. The personal data recovered is shocking.

Continue reading →

We already knew that the dragnet style of data collection employed by the NSA resulted in a huge level of collateral damage. As revealed by whistle-blower Edward Snowden the agency had been intercepting huge amounts of web traffic -- often with the assistance of web firms -- on an almost unbelievable scale. The NSA has tried to improve its public image by playing the national security card, as well as releasing a "transparency report" but there's no getting away from the fact that countless innocent web users got caught up in the net. But an investigation by the Washington Post reveals the true extent of the impact on the average internet users -- and it's far worse than many thought.

A four-month investigation by the newspaper found that the number of average internet users who had their data intercepted far outweighs the data of targeted individuals. And not just by a bit -- by a factor of nine. Data provided to the Washington Post by Edward Snowden shows that an astonishing 900 percent more innocent users than intended targets fell victim to the NSA's surveillance. (For the purposes of accuracy the exact figures are closer to an 11 to 89 percent split). These are staggering revelations. There has already been very vocal opposition to the NSA's activities but these were essentially "blind" complaints. Without knowing the scale of operations, it was difficult to know just how upset to be. Nine out of ten people who had their data collected were nothing more than collateral damage caught in the extremely wide net cast by the agency.

Continue reading →

The idea of a closed internet is hardly new; turn your eyes to East Asia, and the Great Firewall of China looms large. The Chinese government is well known for the control it likes to exert over the levels of access its citizens have to the internet, and there have been numerous well-publicized cases of censorship and access being restricted to pages that refer to certain events in the county's history. The country is highly defensive of its image, and goes to great lengths to fight off western influence -- including going as far as banning Windows 8 on government computers lest machines furnished with Microsoft's most recent operating system be used for spying on the People's Republic of China. Now it looks as though Russia could be going down a similar route.

Russian parliament has just passed a law that requires internet companies to store data about Russian citizens within the county's boundaries. The move can be viewed in a couple of ways. It is no secret that the Russian government, and Vladimir Putin in particular, is no fan of social media -- social networks were used by Russians to voice their disapproval at Putin's activities. It is thought that the move to contain citizen's data without Russia is a bid to create a Russian version of China's closed internet.

Continue reading →

The revelations about Facebook's emotional experiment with users' newsfeeds back in 2012 has seen the social network fighting off a torrent of criticism. Users were upset to learn that the content of their newsfeed may have been manipulated as researchers tried to determine the effects exposure to positive and negative newsfeed content had on users' subsequent output. Now an official complaint has been lodged against the social network by thee Electronic Privacy Information Center. Epic filed a complaint with the US Federal Trade Commission, alleging that "the company purposefully messed with people’s minds".

There are several lines of attack in the complaint, but the main thrust is that Facebook neither obtained permission from the 700,000 affected users, nor informed them about what was happening. Epic also complains that Facebook failed to warn users that their data would be shared with researchers at Cornell University and the University of California. The complaint points out that "at the time of the experiment, Facebook was subject to a consent order with the Federal Trade Commission which required the company to obtain users' affirmative express consent prior to sharing user information with third parties".

Continue reading →

Seven internet service providers (ISPs) have filed a legal complaint against the UK's intelligence agency GCHQ.

Since a series of high-profile allegations made last year by US whistleblower Edward Snowden, government agencies have had to face claims of spying and intrusion but this is the first time GCHQ has faced legal action.

Continue reading →

We looked yesterday at the ten most serious security breaches of recent years, but the threat landscape is constantly changing. So what will happen in the future and which threats should we be most concerned about?

A new report by PewResearch, as part of its series marking 25 years of the internet, looks at how things might be in 2025. More than 1,400 experts in various fields were canvassed for their views on future threats.

Continue reading →

Security breaches happen all the time but it's the biggest ones that hit the headlines and send ripples through the IT community. Security consultancy TSC Advantage has looked at the top ten breaches from the last five years and what effect they've had.

Top of the list is the Adobe hack of 2013, made possible by weak password requirements and affecting 152 million customers. In second place comes the recent eBay hack involving stolen employee credentials and affecting 145 million users.

Continue reading →

A new report from research specialist Gartner says that the physical location of data is becoming increasingly irrelevant and that by 2020 a combination of legal, political and logical location will be more important.

Gartner research vice president Carsten Casper says that the number of data residency and data sovereignty discussions has soared in the past 12 months, and that this has stalled technology innovation in many organizations. Originally triggered by the dominance of US providers on the Internet and the Patriot Act, the perceived conflict has since been fueled by revelations of surveillance by the NSA made public by Edward Snowden.

Continue reading →