Based on my experience in Tallinn, we will see companies become more transparent in how they deal with cyber attacks. After a massive cyber attack in 2007, for example, the Estonian government reacted in the right way.
A similar strategy was used in 2008, Dewes said, to deanonymise a set of ratings published by Netflix to help computer scientists improve its recommendation algorithm: by comparing “anonymous” ratings of films with public profiles on IMDB, researchers were able to unmask Netflix users – including one woman, a closeted lesbian, who went on to sue Netflix for the privacy violation.
card has a tiny RFID sensor chip. These chips are supposed to make life easier by emitting radio signals for fast identification. The technology helps keep track of livestock and inventory. It makes automatic payment on toll roads and faster scanning of passports possible, and, starting around 2004, brought us contactless payment with certain credit cards.
REI and other companies sell a range of RFID-blocking products and say the number of customers looking for travel bags and credit card sleeves has been growing. That’s despite the fact that the percentage of credit cards with RFID chips in the U.S. is extremely small.
Eva Velasquez, president of the Identity Theft Resource Center, says from a consumer perspective, deciding whether to invest in RFID-blocking technology is all about evaluating risk. In the next few years, there will undoubtedly be millions more of these cards on the market.
if you’re worried about e-pickpocketing but don’t want to spend much money, you can make your own blocking wallet or wrap your cards or passport in a thick piece of aluminum foil. According to Consumer Reports, that works as well as most RFID protectors on the market.
more on cybersecurity in this IMS blog
cyber security experts say that weaving your personal and professional lives together via a work laptop is risky business — for you and the company. Software technology company Check Point conducted a survey of over 700 IT professionals which revealed that nearly two-thirds of IT pros believed that recent high-profile breaches were caused by employee carelessness.
DON’T: Save personal passwords in your work device keychain.
DON’T: Make off-color jokes on messaging software.
DON’T: Access free public wi-fi while working on sensitive material.
DON’T: Allow friends or non-IT department colleagues to remotely access your work computer.
DON’T: Store personal data.
DON’T: Work on your side hustle while at the office.
Section 702 — that authorizes them to monitor some Americans’ communications without a warrant.
The spy agencies are supposed to “minimize” details about people swept up in what they call such “incidental collection,” and they say their practices are regularly vetted by Congress and the Foreign Intelligence Surveillance Court.
shows that state and federal laws, as well as industry self-regulation, have failed to keep up with a growing education technology industry.
One-third of all K–12 students in the United States use school-issued devices running software and apps that collect far more information on kids than is necessary.
Resource-poor school districts can receive these tools at deeply discounted prices or for free, as tech companies seek a slice of the $8 billion ed tech industry. But there’s a real, devastating cost — the tracking, cataloging and exploitation of data about children as young as 5 years old.
Our report shows that the surveillance culture begins in grade school, which threatens to normalize the next generation to a digital world in which users hand over data without question in return for free services
EFF surveyed more than 1,000 stakeholders across the country, including students, parents, teachers and school administrators, and reviewed 152 ed tech privacy policies.
“Spying on Students” provides comprehensive recommendations for parents, teachers, school administrators and tech companies to improve the protection of student privacy. Asking the right questions, negotiating for contracts that limit or ban data collection, offering families the right to opt out, and making digital literacy and privacy part of the school curriculum are just a few of the 70-plus recommendations for protecting student privacy contained in the report.
The 188-page “Challenging Government Hacking In Criminal Cases” report, released by the American Civil Liberties Union on March 30, addresses new amendments to Rule 41 of the Federal Rules of Criminal Procedure, which took effect last December.
Under the changes to criminal procedure rules, feds can remotely search computers in multiple jurisdictions with a single warrant. The rules are touted by law enforcement agencies as a way to streamline 100-year-old rules of criminal procedure
Apple, Google and Motorola declined to comment on WikiLeaks’ claims. Samsung didn’t respond to a request for comment.
“The CIA/Wikileaks story today is about getting malware onto phones, none of the exploits are in Signal or break Signal Protocol encryption,” said Moxie Marlinspike, the founder of Signal. “This story isn’t about Signal or WhatsApp, but to the extent that it is, we see it as confirmation that what we’re doing is working.”
Telegram said on its website that the problem lies with operating systems and not encrypted messaging apps and that naming specific encrypted services is “misleading.” WhatsApp declined to comment.
“Framework and Terminology for Understanding Cyber-Enabled Economic Warfare,” a new report by Samantha F. Ravich and Annie Fixler for the Foundation for Defense of Democracies.
Cyber-enabled economic warfare is a “hostile strategy involving attack(s) against a nation using cyber technology with the intent to weaken its economy and thereby reduce its political and military power.”
For example, China’s economic theft of intellectual property from the U.S. is considered CEEW, along with Russia’s cyberattack on Estonia and Iran’s Saudi Aramco attack. The authors also contend that the U.S. sanctions on Iran using cyber means to cut off Society for Worldwide Interbank Financial Telecommunication access also falls under CEEW.