Welcome to the Net Muslims Forums.
Page 4 of 6 FirstFirst 123456 LastLast
Results 61 to 80 of 111

Thread: Tech news

  1. #61
    Member Array
    Join Date
    Jan 2007


    What Is PRISM?

    Last night, the Washington Post and Guardian dropped concurrent bombshell reports. Their subject was PRISM, a covert collaboration between the NSA, FBI, and nearly every tech company you rely on daily. PRISM has allowed the government unprecedented access to your personal information for at least the last six years. But what is it, exactly?

    PRISM is a secret government program...

    As much as PRISM might sound like a comic book antagonist of S.H.I.E.L.D., it's the codename for a very real US government program. According to leaked documents, it went into effect in 2007, and has only gained momentum since. Its stated purpose is to monitor potentially valuable foreign communications that might pass through US servers, but it appears that in practice its scope was far greater.

    PRISM information, according to the Post, accounts for nearly 1 in 7 intelligence reports. That's staggering.

    ...that gives the NSA unprecedented access to the servers of major tech companies...

    Microsoft. Yahoo. Google. Facebook. PalTalk. AOL. Skype. YouTube. Apple. If you've interacted with any of those companies in the last six years, that information is vulnerable under PRISM. But how?

    The initial reports from last night suggested that the process works as follows: The companies mentioned above (and who knows how many others) receive a directive from the attorney general and the director of national intelligence. They hand over access to their servers—and the tremendous wealth of data and communiques that passes through them every day—to the FBI’s Data Intercept Technology Unit, which in turn relays it to the NSA.

    And that's when things get interesting.

    ...so that the agency can spy on unwitting US citizens...

    It seems impossible that the NSA, an agency which by law is only allowed to monitor foreign communications, has so much access to domestic information. And yet!

    There are, as you might expect, filters in place to help handle the fire hose of data that comes through daily, the trillions of bits and bytes that make up our online identities and lives. Something to ensure that only the bad guys are being tracked and not honest, everyday citizens. Actually, there's one filter, and it's ridiculous: an NSA analyst has to have "51 percent" confidence that a subject is "foreign." After that, it's carte blanche.

    That's it. That's the only filter. And it's an ineffective one, at that; the PowerPoint slides published by the post acknowledge that domestic citizens get caught in the web, but that it's "nothing to worry about."

    ...with terrifying granularity...

    It's something to worry about.

    What's most troubling about PRISM isn't that it collects data. It's the type of data it collects. According to the Washington Post report, that includes:

    …audio and video chats, photographs, e-mails, documents, and connection logs… [Skype] can be monitored for audio when one end of the call is a conventional telephone, and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms.

    Did you get all that? Similar depth of access applies to Facebook, Microsoft, and the rest. Just to be clear: this covers practically anything you've ever done online, up to and including Google searches as you type them.

    ...which is both different from and more aggressive than the Verizon scandal...

    The news of PRISM broke soon after a separate report, about the NSA's having access to Verizon customer—and, according to an NBC report, everyone else's—phone logs. Surprisingly enough, this is a totally different program! And PRISM makes the Verizon thing look like an ACLU company picnic by comparison.

    When the NSA monitors phone records, it reportedly only collects the metadata therein. That includes to and from whom the calls were made, where the calls came from, and other generalized info. Importantly, as far as we know, the actual content of the calls was off-limits.

    By contrast, PRISM apparently allows full access not just to the fact that an email or chat was sent, but also the contents of those emails and chats. According to the Washington Post's source, they can "literally watch you as you type." They could be doing it right now.

    ...and has the full (but contested) cooperation of tech giants...

    PRISM's first corporate partner was allegedly Microsoft, which according to the Post and Guardian signed on back in 2007. Other companies slowly joined, with Apple being the most recent enlistee. Twitter, it seems, has not complied.

    But why would all of these companies agree to this? Mostly because they have no choice. Failure to hand over server data leaves them subject to a government lawsuit, which can be expensive and incredibly harmful in less quantifiable ways. Besides, they receive compensation for their services; they're not doing this out of charity. There is incentive to play ball.

    Here's where things get a little complicated, though. Apple, Microsoft, Yahoo, and Google have all given full-throated denials of any involvement whatsoever. Most of them aren't just PR syntactical trickery, either; they are unequivocal.

    ...and which is, shockingly enough, totally legal.

    What's most horrifying about PRISM might be that there's nothing technically illegal about it. The government has had this authority for years, and there's no sign that it's going to be revoked any time soon.

    A little bit of history might be helpful for context. Back in 2007, mounting public pressure forced the Bush administration to abandon the warrant-less surveillance program it had initiated in 2001. Well, abandon might be too strong a word. What the administration actually did was to find it a new home.

    The Protect America Act of 2007 made it possible for targets to be electronically surveilled without a warrant if they were "reasonably believed" to be foreign. That's where that 51% comes in. It was followed by the 2008 FISA Amendments Act, which immunized companies from legal harm for handing information over to the government. And that's the one-two punch that gives PRISM full legal standing.

    All of which is to say that PRISM is an awful violation of rights, but it's one that's not going to disappear any time soon. The government is so far completely unapologetic. And why wouldn't they be? It's easy enough to follow the letter of the law when you're the one writing it.

    Powerpoint slides via Washington Post


    The Government Responds to the PRISM Spying Program

    So PRISM totally exists. James Clapper, the Director of National Intelligence, basically confirmed the Washington Post and Guardian report about how the NSA can pry data from Apple, Facebook, Google and whoever else.

    Here's what Clapper wrote about PRISM:

    The Guardian and The Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act. They contain numerous inaccuracies.

    Section 702 is a provision of FISA that is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States. It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.

    Activities authorized by Section 702 are subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress. They involve extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons.

    Section 702 was recently reauthorized by Congress after extensive hearings and debate.

    Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats.

    The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.
    Okay. Translation: hey, we're doing this because it's all totally legal! And that there are a lot of procedures to get stuff like this done so don't worry! And it's all a secret! And that revealing that we've had access to data from bigwig Internet companies is an awful thing to do! Basically, trust us to keep you safe even if it means we're completely untrustworthy.


  2. #62
    Member Array
    Join Date
    Jan 2007


    NSA slides explain the PRISM data-collection program

    Published: June 6, 2013

    Through a top-secret program authorized by federal judges working under the Foreign Intelligence Surveillance Act (FISA), the U.S. intelligence community can gain access to the servers of nine Internet companies for a wide range of digital data. Documents describing the previously undisclosed program, obtained by The Washington Post, show the breadth of U.S. electronic surveillance capabilities in the wake of a widely publicized controversy over warrantless wiretapping of U.S. domestic telephone communications in 2005. These slides, annotated by The Washington Post, represent a selection from the overall document, and certain portions are redacted.


    More Info @ http://gizmodo.com/what-is-prism-511875267

    Documents: U.S. mining data from 9 leading Internet firms; companies deny knowledge

    The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.

    The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

    Congress obliged with the Protect America Act in 2007 and the FISA Amendments Act of 2008, which immunized private companies that cooperated voluntarily with U.S. intelligence collection. PRISM recruited its first partner, Microsoft, and began six years of rapidly growing data collection beneath the surface of a roiling national debate on surveillance and privacy. Late last year, when critics in Congress sought changes in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to hold their tongues.

    The court-approved program is focused on foreign communications traffic, which often flows through U.S. servers even when sent from one overseas location to another. Between 2004 and 2007, Bush administration lawyers persuaded federal FISA judges to issue surveillance orders in a fundamentally new form. Until then the government had to show probable cause that a particular “target” and “facility” were both connected to terrorism or espionage.

    In four new orders, which remain classified, the court defined massive data sets as “facilities” and agreed to certify periodically that the government had reasonable procedures in place to minimize collection of “U.S. persons” data without a warrant.

    In a statement issued late Thursday, Director of National Intelligence James R. Clapper said “information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats. The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.” ...
    (full article at link below)


  3. #63
    Member Array
    Join Date
    Jan 2007


    50GB FREE Upgrade of Online Cloud Storage @ AT&T Locker

    Are there limits on the size and type of file I can store in my AT&T Locker?
    There are no current limits on the size or type of file you can store in AT&T Locker as long as you don’t exceed your total storage space

    Great for storing those large backup files or any other large files you would like to share with others. I wouldn’t store confidential personal documents or pictures as nothing is safe online, especially from 3rd parties.



    • Sign up at the link above (You only need email, username and password)
    • Confirm your email address via the link sent to your email
    • Login into your account
    • Click "My Plan" under Account Settings
    • Click "Upgrade Plan"
    • Select the 50GB offer and confirm

    Now you have 50GB FREE storage from a reputable company.

  4. #64
    Member Array
    Join Date
    Jan 2007


    Sponsored Giveaway: Free Copies of WinX DVD Copy Pro

    Have you ever wanted to backup a DVD movie so you’ll still have a copy once it gets scratched up? Or maybe your disk is already scratched and you want to make a new one. We’re giving away DVD Copy Pro, which can do those things for you.
    Note: this is a sponsored giveaway, which basically means that the company that made the software has paid us to give away free copies to you, the reader. We won’t pretend to understand their business plan, but we’re happy to be able to give away free stuff and pay our bills at the same time. (We will always disclose sponsorships).
    Giveaway Page

    You can click on the following URL to get your copy. This is an unlimited giveaway, and the license code is in the zip file download. Note that it’s only for PC users.

    PC Users: Download WinX DVD Copy Pro for PC

  5. #65
    Member Array
    Join Date
    Jan 2007


    Privacy advocates worry over new Apple iPhone tracking feature

    Barely noticed by most consumers, Apple’s (AAPL) latest software upgrade for iPhones, iOS 7, included a capability for malls, museums or stadiums to identify visitors and track their movements indoors with a startling degree of accuracy.

    Known as iBeacons, the feature allows a store to pop up, say, a coupon offer for Coca Cola on a customer’s phone just as they pass by the soda aisle. It also allows the store to track and record a customer’s movements for later analysis.

    The rapid growth of smartphone use has opened a huge new opportunity for marketers to collect detailed location data on consumers, so far mostly outdoors. But the sensitivity of the information has already sparked numerous controversies, including in 2011 when iPhone users discovered their phones were keeping a list of their movements in an unencrypted text file.

    And Nordstrom (JWN) created a stir when it was caught last year secretly tracking shoppers’ mobile phones via Wifi in 17 stores. The department store chain quickly ended the practice, which did not include identifying the phones' owners, after the controversy erupted.

    With iBeacons, unlike some more-surreptitious retail location tracking systems that have come to light, however, iPhone users have to give their consent to be tracked by installing an app. So far, just Apple’s own Apple Store app on the iPhone, and coupon and rewards apps from a company called inMarket have disclosed they will use iBeacons for tracking customers.

    The scope of risks

    But some privacy advocates are concerned the simple explanations offered by the apps when they seek a consumer’s consent don’t come close to revealing just how much data could be collected or how it will be used.

    “The scope and the risks and the sharing that takes place now is so far beyond the disclosures consumers typically see,” warns Fordham University law professor Joel Reidenberg. "They’re not in a position to really know.”

    Regulators have mostly taken a piecemeal approach so far. One industry-led effort hopes to create a "Do Not Track" list modeled on the successful "Do Not Call" list for telemarketing.

    Apple did not respond to a request for comment. Customers can turn access to iBeacons on and off for any app via a location services settings screen on the iPhone, Apple says on a Web page called iOS: Understanding iBeacon.

    “If you allow third-party apps or websites to use your current location, you agree to their terms, privacy policies, and practices,” Apple states on the page. “You should review the terms, privacy policies, and practices of the apps and websites to understand how they use your location and other information.”

    Of course, few consumers read the fine print in privacy policies and, as Facebook (FB) has aptly demonstrated, privacy policies can be changed frequently. Further, the data is often sold to third parties whose privacy policies are not made available to an app’s users. And storing extensive amounts of data creates the risk that hackers will steal the information, as happened during the Target (TGT) breach.

    "Consumers can't make good decisions"

    “Without knowing where the data is flowing and what is going to happen with it, consumers can't make good decisions,” says Jennifer Urban, co-director of the Samuelson Law, Technology & Public Policy Clinic at the University of California, Berkeley Law School.

    Buried in inMarket’s privacy policy, for example, the company says third-party marketers, advertisers, analytics firms and others may track consumers via their software. And if consumers sign up for mailing lists or click social media links, personally identifiable information could be shared.

    The company says protecting consumer privacy is important. "Our system considers privacy by design, and requires users to opt-in by downloading apps and opt-in to location services," inMarket said in a statement. "This is a fundamentally different design than the systems that require opt-out."

    It also says it doesn't currently use analytics firms for location tracking and only "occasionally" uses third party ad networks. The company offered links to privacy policies of several ad networks it uses, but an ordinary user of an inMarket app wouldn't know which ad networks to check based on the general language of inMarket's own privacy policy.

    Unlike Apple’s shopping app, which only registers iBeacons in physical Apple stores, inMarket’s more general apps such as “CheckPoints” and “Free Grocery List Ease” work across many retailers’ stores. The recent announcement of iBeacons service in 200 supermarkets relies on customers using inMarket apps.

    The iBeacons feature relies on the Bluetooth wireless adapter in each phone and tiny, quarter-sized sensors that can be placed inside buildings. An app on a phone picks up the sensor signals and contacts a retailer or advertiser which can register the location information and offer a coupon or other piece of information. By prompting customers to create individual rewards accounts or link apps to their Facebook accounts, retailers can tie data from a specific phone app to a specific person.

    Because every phone’s Bluetooth adapter has a unique serial-number-like identifier, called a MAC Address, retailers and other trackers can also tie movement data to a specific device.

    To be sure, iBeacons could also be used to provide new kinds of useful services that don’t threaten consumer privacy, such as triggering phone-based guided audio tours around a museum or tracking children’s toys so they don’t get lost.
    Some privacy advocates would like the government to step in and regulate the collection and uses of location-tracking data. Others see industry self-regulation as a better path.

    A code of conduct

    Under an agreement prompted in part by New York Senator Charles Schumer, a handful of the biggest location tracking analytics firms agreed in October to a code of conduct to protect consumer privacy. The code requires stores to post signs warning customers if surreptitious tracking is going on.

    Another part of the effort will be creating the “Do Not Track” list. But retailers and other businesses will have to agree to abide by the wishes of consumers who enter themselves on this list.

    “It’s critical for retailers to step up and lean in,” says Jules Polonetsky, who helped craft the code. Polonetsky knows the issues well. He was the chief privacy officer for AOL and DoubleClick and now heads the advocacy group The Future of Privacy Forum in Washington, D.C.

    Self-regulation may be just the first step needed, says Anita Ramasastry, a law professor at University of Washington, who thinks the industry-led effort should be given a chance.

    “I’m in wait-and-see mode,” she says. “Although I’m in Seattle and I’ve yet to see a sign posted in any stores.”


  6. #66
    Member Array
    Join Date
    Jan 2007


    Data Mining: How Companies Now Know Everything About You

    Three hours after I gave my name and e-mail address to Michael Fertik, the CEO of Reputation.com, he called me back and read my Social Security number to me. "We had it a couple of hours ago," he said. "I was just too busy to call."

    In the past few months, I have been told many more-interesting facts about myself than my Social Security number. I've gathered a bit of the vast amount of data that's being collected both online and off by companies in stealth — taken from the websites I look at, the stuff I buy, my Facebook photos, my warranty cards, my customer-reward cards, the songs I listen to online, surveys I was guilted into filling out and magazines I subscribe to. (See pictures of a Facebook server farm.)

    Google's Ads Preferences believes I'm a guy interested in politics, Asian food, perfume, celebrity gossip, animated movies and crime but who doesn't care about "books & literature" or "people & society." (So not true.) Yahoo! has me down as a 36-to-45-year-old male who uses a Mac computer and likes hockey, rap, rock, parenting, recipes, clothes and beauty products; it also thinks I live in New York, even though I moved to Los Angeles more than six years ago. Alliance Data, an enormous data-marketing firm in Texas, knows that I'm a 39-year-old college-educated Jewish male who takes in at least $125,000 a year, makes most of his purchases online and spends an average of only $25 per item. Specifically, it knows that on Jan. 24, 2004, I spent $46 on "low-ticket gifts and merchandise" and that on Oct. 10, 2010, I spent $180 on intimate apparel. It knows about more than 100 purchases in between. Alliance also knows I owe $854,000 on a house built in 1939 that — get this — it thinks has stucco walls. They're mostly wood siding with a little stucco on the bottom! Idiots.

    EXelate, a Manhattan company that acts as an exchange for the buying and selling of people's data, thinks I have a high net worth and dig green living and travel within the U.S. BlueKai, one of eXelate's competitors in Bellevue, Wash., believes I'm a "collegiate-minded" senior executive with a high net worth who rents sports cars (note to Time Inc. accounting: it's wrong unless the Toyota Yaris is a sports car). At one point BlueKai also believed, probably based on my $180 splurge for my wife Cassandra on HerRoom.com, that I was an 18-to-19-year-old woman.

    RapLeaf, a data-mining company that was recently banned by Facebook because it mined people's user IDs, has me down as a 35-to-44-year-old married male with a graduate degree living in L.A. But RapLeaf thinks I have no kids, work as a medical professional and drive a truck. RapLeaf clearly does not read my column in TIME.

    Intellidyn, a company that buys and sells data, searched its file on me, which says I'm a writer at Time Inc. and a "highly assimilated" Jew. It knows that Cassandra and I like gardening, fashion, home decorating and exercise, though in my case the word like means "am forced to be involved in." We are pretty unlikely to buy car insurance by mail but extremely likely to go on a European river cruise, despite the fact that we are totally not going to go on a European river cruise. There are tons of other companies I could have called to learn more about myself, but in a result no one could have predicted, I got bored.

    Each of these pieces of information (and misinformation) about me is sold for about two-fifths of a cent to advertisers, which then deliver me an Internet ad, send me a catalog or mail me a credit-card offer. This data is collected in lots of ways, such as tracking devices (like cookies) on websites that allow a company to identify you as you travel around the Web and apps you download on your cell that look at your contact list and location. You know how everything has seemed free for the past few years? It wasn't. It's just that no one told you that instead of using money, you were paying with your personal information.

    The Creep Factor

    There is now an enormous multibillion-dollar industry based on the collection and sale of this personal and behavioral data, an industry that Senator John Kerry, chair of the Subcommittee on Communications, Technology and the Internet, is hoping to rein in. Kerry is about to introduce a bill that would require companies to make sure all the stuff they know about you is secured from hackers and to let you inspect everything they have on you, correct any mistakes and opt out of being tracked. He is doing this because, he argues, "There's no code of conduct. There's no standard. There's nothing that safeguards privacy and establishes rules of the road."

    At Senate hearings on privacy beginning March 16, the Federal Trade Commission (FTC) will be weighing in on how to protect consumers. It has already issued a report that calls upon the major browsers to come up with a do-not-track mechanism that allows people to choose not to have their information collected by companies they aren't directly doing business with. Under any such plan, it would likely still be O.K. for Amazon to remember your past orders and make purchase suggestions or for American Express to figure your card was stolen because a recent purchase doesn't fit your precise buying patterns. But it wouldn't be cool if they gave another company that information without your permission

    Taking your information without asking and then profiting from it isn't new: it's the idea behind the phone book, junk mail and telemarketing. Worrying about it is just as old: in 1890, Louis Brandeis argued that printing a photograph without the subject's permission inflicts "mental pain and distress, far greater than could be inflicted by mere bodily harm." Once again, new technology is making us weigh what we're sacrificing in privacy against what we're gaining in instant access to information. Some facts about you were always public — the price of your home, some divorce papers, your criminal records, your political donations — but they were held in different buildings, accessible only by those who filled out annoying forms; now they can be clicked on. Other information was not possible to compile pre-Internet because it would have required sending a person to follow each of us around the mall, listen to our conversations and watch what we read in the newspaper. Now all of those activities happen online — and can be tracked instantaneously.

    Part of the problem people have with data mining is that it seems so creepy. Right after I e-mailed a friend in Texas that I might be coming to town, a suggestion for a restaurant in Houston popped up as a one-line all-text ad above my Gmail inbox. But it's not a barbecue-pit master stalking me, which would indeed be creepy; it's an algorithm designed to give me more useful, specific ads. And while that doesn't sound like all that good a deal in exchange for my private data, if it means that I get to learn when the next Paul Thomas Anderson movie is coming out, when Wilco is playing near my house and when Tom Colicchio is opening a restaurant close by, maybe that's not such a bad return.

    Since targeted ads are so much more effective than nontargeted ones, websites can charge much more for them. This is why — compared with the old banners and pop-ups — online ads have become smaller and less invasive, and why websites have been able to provide better content and still be free. Besides, the fact that I'm going to Houston is bundled with the information that 999 other people are Houston-bound and is auctioned by a computer; no actual person looks at my name or my Houston-boundness. Advertisers are interested only in tiny chunks of information about my behavior, not my whole profile, which is one of the reasons M. Ryan Calo, a Stanford Law School professor who is director of the school's Consumer Privacy Project, argues that data mining does no actual damage. (See "How Facebook Is Redefining Privacy.")

    "We have this feeling of being dogged that's uncomfortable," Calo says, "but the risk of privacy harm isn't necessarily harmful. Let's get serious and talk about what harm really is." The real problem with data mining, Calo and others believe, arises when the data is wrong. "It's one thing to see bad ads because of bad information about you. It's another thing if you're not getting a credit card or a job because of bad information," says Justin Brookman, the former chief of the Internet bureau of the New York attorney general's office, who is now the director of the Center for Democracy and Technology, a nonprofit group in Washington.

    Russell Glass, the CEO of Bizo — which mines the fact that people are business executives and sells that info to hundreds of advertisers such as American Express, Monster.com, Citibank, Sprint and Google — says the newness of his industry is what scares people. "It's the monster-under-the-bed syndrome," Glass says. "People are afraid of what they really don't understand. They don't understand that companies like us have no idea who they are. And we really don't give a s — -. I just want a little information that will help me sell you an ad." Not many people, he notes, seem to be creeped out by all the junk mail they still get from direct-marketing campaigns, which buy the same information from data-mining companies. "I have a 2-year-old daughter who is getting mail at my home address," he says. "That freaks me out."

    Why That Ad Is Following You

    Junk mail is a familiar evil that's barely changed over the decades. Data mining and the advertising it supports get more refined every month. The latest trick to freak people out is retargeting — when you look at an item in an online store and then an ad for that item follows you around to other sites.

    Last year, Zappos was the most prominent company in the U.S. to go all out in behavioral retargeting. And people got pissed off. One of the company's mistakes was running ads too frequently and coming off as an annoying, persistent salesman. "We took that brick-and-mortar pet peeve and implied it online," says Darrin Shamo, Zappos' director of direct marketing. Shamo learned, the hard way, that people get upset when their computer shows lingerie ads, even if they had been recently shopping for G-strings, since people share computers and use them in front of their kids. He also learned that ads that reveal potential Christmas gifts are bad for business.

    Since then, Zappos has been experimenting with new ads that people will see no more than five times and for no longer than eight days. Zappos has also dumbed the ads down, showing items that aren't the ones you considered buying but are sort of close, which people greatly prefer. And much like Amazon's "Customers who bought 1984 also bought Brave New World"–style recommendation engine, the new ads tell people what Zappos knows about them and how they got that information ("a company called Criteo helps Zappos to create these kinds of personalized ads"). It also tells them how they can opt out of seeing them ("Some people prefer rainbows. And others prefer unicorns. If you prefer not to see personalized ads, we totally get it").

    If that calms the angry 15% of the people who saw these ads, Zappos will stick with them. Otherwise, it plans on quitting the retargeting business. Shamo thinks he'll just need to wait until the newness wears off and people are used to ads tailored for them. "Sometimes things don't move as fast as you think," he says.

    They're not even moving that much faster with the generation that grew up with the Internet. While young people expect more of their data to be mined and used, that doesn't mean they don't care about privacy. "In my research, I found that teenagers live with this underlying anxiety of not knowing the rules of who can look at their information on the Internet. They think schools look at it, they think the government looks at it, they think colleges can look at it, they think employers can look at it, they think Facebook can see everything," says Sherry Turkle, a professor at MIT who is the director of the Initiative on Technology and Self and the author of Alone Together: Why We Expect More from Technology and Less From Each Other. "It's the opposite of the mental state I grew up in. My grandmother took me down to the mailbox in Brooklyn every morning, and she would say, 'It's a federal offense for anyone to look at your mail. That's what makes this country great.' In the old country they'd open your mail, and that's how they knew about you."

    Data mining, Turkle argues, is a panopticon: the circular prison invented by 18th century philosopher Jeremy Bentham where you can't tell if you're being observed, so you assume that you always are. "The practical concern is loss of control and loss of identity," says Marc Rotenberg, executive director of the Electronic Privacy Information Center. "It's a little abstract, but that's part of what's taking place."

    The Facebook and Google Troves

    Our identities, however, were never completely within our control: our friends keep letters we've forgotten writing, our enemies tell stories about us we remember differently, our yearbook photos are in way too many people's houses. Opting out of all those interactions is opting out of society. Which is why Facebook is such a confusing privacy hub point. Many data-mining companies made this argument to me: How can I complain about having my Houston trip data-mined when I'm posting photos of myself with a giant mullet and a gold chain on Facebook and writing columns about how I want a second kid and my wife doesn't? Because, unlike when my data is secretly mined, I get to control what I share. Even narcissists want privacy. "It's the difference between sharing and tracking," says Bret Taylor, Facebook's chief technology officer.

    To get into the Facebook office in Palo Alto, Calif., I have to sign a piece of physical paper: a Single-Party Non-Disclosure Agreement, which legally prevents me from writing the last paragraph. But your privacy on Facebook — that's up to you. You choose what to share and what circle of friends gets to see it, and you can untag yourself from any photos of you that other people put up. However, from a miner's point of view, Facebook has the most valuable trove of data ever assembled: not only have you told it everything you like, but it also knows what your friends like, which is an amazing predictor of what you'll like.

    Facebook doesn't sell any of your data, partly because it doesn't have to — 23.1% of all online ads not on search engines, video or e-mail run on Facebook. But data-mining companies are "scraping" all your personal data that's not set to private and selling it to any outside party that's interested. So that information is being bought and sold unless you squeeze your Facebook privacy settings tight, which keeps you from a lot of the social interaction that drew you to the site in the first place.

    The only company that might have an even better dossier on you than Facebook is Google. In a conference room on the Google campus, I sit through a long privacy-policy PowerPoint presentation. Summary: Google cares! Specifically, Google keeps the data it has about you from various parts of its company separate. One category is the personally identifiable account data it can attach to your name, age, gender, e-mail address and ZIP code when you signed up for services like Gmail, YouTube, Blogger, Picasa, iGoogle, Google Voice or Calendar. The other is log data associated with your computer, which it "anonymizes" after nine months: your search history, Chrome browser data, Google Maps requests and all the info its myriad data trackers and ad agencies (DoubleClick, AdSense, AdMob) collect when you're on other sites and Android phone apps. You can change your settings on the former at Google Dashboard and the latter at Google Ads Preferences — where you can opt out of having your data mined or change the company's guesses about what you're into.

    Nicole Wong, deputy general counsel at Google, says the company created these tools to try to reassure people who have no idea how all this information is being collected and used. "When I go to TIME.com as a user, I think only TIME.com is collecting my data. What I don't realize is that for every ad on that page, a company is also dropping a code and collecting my data. It's a black box — and we've tried to open up the box. Sometimes you're not even sure who the advertisers are. It's just a bunch of jumping monkeys or something." Google really does want to protect your privacy, but it's got issues. First, it's profit-driven and it's huge. But those aren't the main reasons privacy advocates get so upset about Google. They get upset because the company's guiding philosophy conflicts with the notion of privacy. As the PowerPoint says right up top: "Google's mission: to organize the world's information and make it universally accessible and useful." Which is awesome, except for the fact that my information is part of the world's information. (See "Quilting for Data: How Google Gets Information from Inside People's Heads.")

    Tracking the Trackers

    To see just what information is being gathered about me, I downloaded Ghostery, a browser extension that lets you watch the watchers watching you. Each time you go to a new website, up pops a little bubble that lists all the data trackers checking you out. This is what I discovered: the very few companies that actually charge you for services tend not to data mine much. When you visit TIME.com, several dozen tracking companies, with names such as Eyeblaster, Bluestreak, DoubleClick and Factor TG, could be collecting data at any given time.

    If you're reading this in print as a subscriber, TIME has probably "rented" your name and address many times to various companies for a one-time use. This is also true if you subscribe to Vanity Fair, Cosmopolitan or just about any other publication.

    This being America, I don't have to wait for the government to give me an opt-out option; I can pay for one right now. Michael Fertik, the CEO and founder of Reputation.com, who nabbed my Social Security number, will do it for me for just $8.25 a month. His company will also, for a lot more money, make Google searches of your name come up with more flattering results — because when everyone is famous, everyone needs a public relations department. Fertik, who clerked for the chief judge of the Sixth Circuit after graduating from Harvard Law School, believes that if data mining isn't regulated, everyone will soon be assigned scores for attractiveness and a social-prowess index and a complainer index, so companies can avoid serving you — just as you now have a credit score that they can easily check before deciding to do business with you. "What happens when those data sets are used for life transactions: health insurance, employment, dating and education? It's inevitable that all of these decisions will be made based on machine conclusions. Your FICO score is already an all-but-decisional fact about you. ABD, dude! All but decisional," says Fertik.

    Even if I were to use the services of Reputation.com, there's still all the public information about me that I can't suppress. Last year, thousands of people sent their friends a Facebook message telling them to opt out of being listed on Spokeo.com, which they described as the creepiest paparazzo of all, giving out your age, profession, address and a photo of your house. Spokeo, a tiny company in Pasadena, Calif., is run by 28-year-old Stanford grad Harrison Tang. He was surprised at the outcry. "Some people don't know what Google Street View is, so they think this is magic," Tang says of the photos of people's homes that his site shows. The info on Spokeo isn't even all that revealing — he purposely leaves off criminal records and previous marriages — but Tang thinks society is still learning about data mining and will soon become inured to it. "Back in the 1990s, if you said, 'I'm going to put pictures on the Internet for everyone to see,' it would have been hard to believe. Now everyone does it. The Internet is becoming more and more open. This world will become more connected, and the distance between you and me will be a lot closer. If everybody is a walled garden, there won't be an Internet."

    I deeply believe that, but it's still too easy to find our gardens. Your political donations, home value and address have always been public, but you used to have to actually go to all these different places — courthouses, libraries, property-tax assessors' offices — and request documents. "You were private by default and public by effort. Nowadays, you're public by default and private by effort," says Lee Tien, a senior staff attorney for the Electronic Frontier Foundation, an advocacy group for digital rights. "There are all sorts of inferences that can be made about you from the websites you visit, what you buy, who you talk to. What if your employer had access to information about you that shows you have a particular kind of health condition or a woman is pregnant or thinking about it?" Tien worries that political dissidents in other countries, battered women and other groups that need anonymity are vulnerable to data mining. At the very least, he argues, we're responsible to protect special groups, just as Google Street View allows users to request that a particular location, like an abused-women's shelter, not be photographed.

    Other democratic countries have taken much stronger stands than the U.S. has on regulating data mining. Google Street View has been banned by the Czech Republic. Germany — after protests and much debate — decided at the end of last year to allow it but to let people request that their houses not be shown, which nearly 250,000 people had done as of last November. E.U. Justice Commissioner Viviane Reding is about to present a proposal to allow people to correct and erase information about themselves on the Web. "Everyone should have the right to be forgotten," she says. "Due to their painful history in the 20th century, Europeans are naturally more sensitive to the collection and use of their data by public authorities."

    After 9/11, not many Americans protested when concerns about security seemed to trump privacy. Now that privacy issues are being pushed in Congress, companies are making last-ditch efforts to become more transparent. New tools released in February for Firefox and Google Chrome browsers let users block data collecting, though Firefox and Chrome depend on the data miners to respect the users' request, which won't stop unscrupulous companies. In addition to the new browser options, an increasing number of ads have a little i (an Advertising Option Icon), which you can click on to find out exactly which companies are tracking you and what they do. The technology behind the icon is managed by Evidon, the company that provides the Ghostery download. Evidon has gotten more than 500 data-collecting companies to provide their info.

    It takes a lot of work to find out about this tiny little i and even more to click on it and read the information. But it also took people a while to learn what the recycling symbol meant. And reading the info behind the i icon isn't necessarily the point, says Evidon CEO Scott Meyer, who used to be CEO of About.com and managed the New York Times' website. "Do I look at nutritional labeling? No. But would I buy a food product that didn't have one? Absolutely not. I would be really concerned. It's accountability."

    FTC chairman Jon Leibowitz has been pleased by how effective he's been at using the threat of legislation to scare companies into taking action and dropping their excuse that they don't know anything about you personally, just data associated with your computer. "We used to have a distinction 10 years ago between personally identifiable information and non-PII. Now those distinctions have broken down." In November, Leibowitz hired Edward Felten, the Princeton computer-science professor famous for uncovering weaknesses in electronic-voting machines and digital-music protection, to serve as the FTC's chief technologist for the next year. Felten has found that the online-advertising industry is as eager as the government is for improved privacy protections. "There's a lot of fear that holds people back from doing things they would otherwise do online. This is part of the cost of privacy uncertainty. People are a little wary of trying out some new site or service if they're worried about giving their information," Felten says.

    He's right: oddly, the more I learned about data mining, the less concerned I was. Sure, I was surprised that all these companies are actually keeping permanent files on me. But I don't think they will do anything with them that does me any harm. There should be protections for vulnerable groups, and a government-enforced opt-out mechanism would be great for accountability. But I'm pretty sure that, like me, most people won't use that option. Of the people who actually find the Ads Preferences page — and these must be people pretty into privacy — only 1 in 8 asks to opt out of being tracked. The rest, apparently, just like to read privacy rules.

    We're quickly figuring out how to navigate our trail of data — don't say anything private on a Facebook wall, keep your secrets out of e-mail, use cash for illicit purchases. The vast majority of it, though, is worthless to us and a pretty good exchange for frequent-flier miles, better search results, a fast system to qualify for credit, finding out if our babysitter has a criminal record and ads we find more useful than annoying. Especially because no human being ever reads your files. As I learned by trying to find out all my data, we're not all that interesting.
    With reporting by Eben Harrell / London

    Freeing Its Data, London Turns Access into Apps

    The London Datastore urges the city's agencies and civil servants to put their data into a public repository where anyone can access it, graph it, map it or track it, making the city more friendly, transparent and efficient

    Read more: http://www.time.com/time/photogallery/0,29307,2040574,00.html#ixzz1GGlV2A30

  7. #67
    Member Array
    Join Date
    Jan 2007


    Despite US opposition, UN approves rights to privacy in the digital age

    November 27, 2013

    Summary: Despite last week's US-led opposition to the United Nations' "Rights To Privacy In The Digital Age," the resolution put forward as a reaction to US surveillance activities was passed.

    The United Nations on Wednesday approved 18 draft resolutions, notably "The right to privacy in the digital age," despite opposition from the U.S. government.

    It is the first such document to establish privacy rights and human rights in the digital sphere.

    Sponsored by Germany and Brazil, it is specifically concerned with the negative impact of surveillance, "in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights."

    Brazil's representative said: "Through this resolution, the General Assembly establishes, for the first time, that human rights should prevail irrespective of the medium and therefore need to be protected both offline and online."

    The draft was approved without a vote.

    According to The Guardian, the major concession made to the US, UK, and Australia was to include a reference linking "human rights violations" to extraterritorial snooping.

    No countries moved against the measure, though last week the United States lobbied its fellow so-called "Five Eyes" nations of the UK, Australia and New Zealand to weaken the language of the resolution.

    A leaked copy of the US negotiating position prior to today's announcement revealed that the US does not feel that its surveillance activities and practices are illegal.

    According to the AFP news agency, as a result of the US-led efforts, language stating that foreign spying would be a rights violation was weakened.

    "The right to privacy in the digital age" will have the UN General Assembly "call upon Member States to review their procedures, practices and legislation on the surveillance of communications, their interception and collection of personal data, including mass surveillance, with a view to upholding the right to privacy by ensuring the full and effective implementation of all relevant obligations under international human rights law."

    According to the UN's General Assembly press release today: "Following the approval, some delegates stressed the need for agreed international human rights mechanisms in relation to ensuring privacy and freedom of expression.

    The statement added: "Some expressed regret over the lack of a specific reference to such mechanisms in the draft, while others applauded the consensus as a clear international reaction to the national and extraterritorial electronic surveillance activities conducted by the United States."

    Sweden expressed disappointment regarding the outcome of the resolution's language regarding human rights.

    The representative of Sweden said he "would have preferred a reference" to the enjoyment of all human rights — online and offline — including the freedom of expression and the right to privacy.

    The representative of the US suggested that information collection was linked to privacy saying, "seeking, receiving and imparting information were linked to the right to privacy."

    According to the UN, "The representative of the United States said her country had long championed the right to privacy and to freedom of expression as pillars of democracy and reaffirmed the relevant human rights instruments, such as the International Covenant on Civil and Political Rights."

    It added: "Privacy and freedom of expression should be promoted online and offline, she said, adding that seeking, receiving and imparting information were linked to the right to privacy."
    Korea: US talk of democracy "hypocritical"

    The representative of North Korea (DPRK) said the draft was timely and had been tabled in the appropriate forum.
    The reclusive country's representative told the Committee that it was a reaction to "the massive electronic surveillance activities conducted by one country that had shocked public opinion."

    He stressed that, "infringements of State sovereignty should no longer be tolerated," and, "massive espionage activities were targeting Heads of State, who were symbols of State sovereignty, resulting in rampant violations and interference in internal affairs."
    Talk of democracy by the U.S. was "hypocritical," he said, saying that it should therefore abstain from talking about human rights violations in other countries, especially in light of its use of drones against civilians.
    Resolution to strengthen human rights against drone use

    The Committee next went onto vote and approve a resolution specifically aimed at the use of drones and human rights violations, with an urgent stress on the legalities of drone use.

    Pakistan's representative told the Committee the use of drones against innocent civilians is a clear violation of international law, stressing that drone strikes were counterproductive in the fight against terrorism.

    He called for an end to illegal drone strikes against his country’s territories, emphasizing that the use of armed drones against innocent civilians was a clear violation of international law.

    The resolution regarding drones titled, "Protection of human rights and fundamental freedoms while countering terrorism," was also passed without a vote.

    The international bloc of nations said in a statement: "By that text, the General Assembly would take note of the report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, which referred to the use of remotely piloted aircraft."

    "The Assembly would also note the urgent and imperative need to seek agreement among Member States on legal questions pertaining to the use of remotely piloted aircraft," it added.
    Passed: Resolution to protect journalists against intimidation and arbitrary detention

    Next, the Committee passed a resolution to protect journalists worldwide, specifying that the arbitrary detention, harassment and intimidation of journalists would now be universally condemned — bringing to mind the UK's recent detention of David Miranda, partner to journalist Glenn Greenwald.

    The Committee approved "Safety of journalists and the issue of impunity" without a vote.

    The UN said: "By its terms, the General Assembly would condemn unequivocally all attacks and violence against journalists and media workers, such as torture, extrajudicial killings, enforced disappearances and arbitrary detention, as well as intimidation and harassment in both conflict and non-conflict situations."

    "It would also decide to proclaim 2 November as the International Day to End Impunity for Crimes against Journalists," it added.
    The UN's document noted, "the representative of Qatar, noting that her delegation had co-sponsored the draft, stressed the critically important role of journalists and the need to safeguard their work."

    By far, the most impressive piece of today's announcement is the passing of the UN's "Rights to privacy in the digital age."

    It was created in a committee comprised of 193 member states and is the biggest demonstration against mass digital surveillance by the United States as revealed by former government contractor Edward Snowden.


  8. #68
    Member Array
    Join Date
    Jan 2007


    Microsoft Rushes To Fix Major Internet Explorer Security Flaw

    BOSTON, April 27 (Reuters) - Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

    PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP

    Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

    Cybersecurity software maker FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed "Operation Clandestine Fox."

    FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.

    "It's a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors," FireEye spokesman Vitor De Souza said via email. "It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."

    He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

    Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.

    FireEye and Microsoft have not provided much information about the security flaw or the approach that hackers could use to figure out how to exploit it, said Aviv Raff, chief technology officer of cybersecurity firm Seculert.

    Yet other groups of hackers are now racing to learn more about it so they can launch similar attacks before Microsoft prepares a security update, Raff said.

    "Microsoft should move fast," he said. "This will snowball."

    Still, he cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.

    The software maker said in a statement to Reuters that it advises Windows XP users to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.


  9. #69
    Member Array
    Join Date
    Jan 2007


    Google encrypts Gmail in an attempt to make it 'NSA proof' and stop mass surveillance

    • All messages sent and received through Gmail are now encrypted, making them extremely difficult to intercept
    • Move follows revelations in documents leaked last year by Edward Snowden that spy agency can look at private messages
    • In the first half of 2013, Google received 25,879 requests for user information from federal government and courts

    By Daily Mail Reporter | 22 March 2014

    Amid revelations that the National Security Agency has the ability to intercept data going between servers and other computers, tech giant Google now says it will encrypt all messages sent through its Gmail email service to prevent prying eyes from looking at private messages.

    In a blog post made Thursday by head Gmail security engineer Nicolas Lidzborski, Google said that every time a user checks or sent email, it will be encrypted as the data goes to and from Google's servers.

    Although Google has given Gmail users the ability to sign into their accounts through an encrypted connection (known as HTTPS) since 2010, Gmail will now automatically default users to the more secure network.

    'In addition, every single email message you send or receive—100 percent of them—is encrypted while moving internally,' the post reads. 'This ensures that your messages are safe not only when they move between you and Gmail's servers, but also as they move between Google's data centers—something we made a top priority after last summer’s revelations.'

    Those revelations were made last year by Edward Snowden, a former NSA contractor, who leaked documents about global surveillance efforts used by the agency, including snooping on emails.

    Reports have indicated that the NSA was hacking into fiber optic cables used by tech companies to send data to and from data servers scattered around. The trouble is that the data sent through these cables is usually not encrypted, which allowed NSA spies easy access to the information being sent.

    Video: 5 steps to staying safe on the web

    Encrypting messages not only protects users from the NSA, but from computer hackers as well. 'By protecting the connection between you and Google servers, they protect you against tons of attackers,' Mikko Hypponen, a security researcher in Finland, told CNNMoney.com.

    However, Google hasn't NSA-proofed Gmail completely. The agency still has the ability to send out National Security Letters compelling a company to release information. And the federal government hasn't been shy requesting data from Google. In a transparency report, Google said that for the first half of 2013, it received 25,879 requests for user information from government agencies and courts.


  10. #70
    Member Array
    Join Date
    Jan 2007


    New All-Way Standard for USB Cables

    Alyssa Bereznak - Apr 3, 2014

    Soon you’ll never have to worry about plugging in your USB cord the wrong way again.

    Photos of a new standardized design for USB cables emerged showing a thinner design that plugs into a new USB slot no matter which way it’s turned.

    In addition to having no wrong-way-up issues, the cable is also the same at both ends, unlike today’s USB cables that usually have a fat, square plug on the computer (or power brick) side and a smaller, D-shaped connector at the other.

    The new cable, dubbed “Type C,” will likely become modern society’s default connector for most devices. The new design is meant to catch up with the fact that devices are getting thinner and thinner. And that people don’t like having to worry about which side is up.


    This is the reversible USB cable that will end your frustrations

    By Vlad Savov - Apr 4, 2014

    The most abundant connector standard in technology, the Universal Serial Bus, is getting ready for its most revolutionary change yet with a new specification that will be finalized in July of this year. Breaking physical compatibility with current ports, USB Type-C is much smaller than the USB plugs you're used to and is, perhaps more importantly, symmetrical. The reversible design means you'll be able to connect a Type-C cable without worrying about the plug's orientation or the cable's direction.

    Intended to replace both USB and Micro USB with one universal standard, Type-C looks to be pretty much the same size as Apple's proprietary Lightning cable, which has a similar reversible design. With support for USB 3.1, the new cables will offer bandwidth of up to 10Gbps, though their biggest benefit will surely be in eliminating the frustration of trying to plug devices in the right way round. The design and the full spec have not been fully settled yet, but the USB Implementers Forum is confident enough in its current plans to release these images illustrating what can be expected.


  11. #71
    Member Array
    Join Date
    Jan 2007


    MS Windows Gadgets have been discontinued

    Gadgets are no longer available on our website because the Windows Sidebar platform in Windows 7 and Windows Vista has serious vulnerabilities. Microsoft has retired the feature in newer releases of Windows. Gadgets could be exploited to harm your computer, access your computer's files, show you objectionable content, or change their behavior at any time. An attacker could even use a gadget to take complete control of your PC. If you're concerned about the safety of gadgets you’ve downloaded, find out more about gadgets and steps you can take to protect your PC. .


  12. #72
    Member Array
    Join Date
    Jan 2007




    The heartbleed bug lets hackers eavesdrop on supposedly secure communications.

    It was uncovered by a team of researchers from Google Security and Codenomicon in the OpenSSL cryptographic software.

    The software offers encryption services, such as when people log into internet banking, or into a webmail service like Yahoo.

    The fault lets a hacker craft an attack which, under the right conditions, will return small chunks of information from the remote system or service.

    For example, it has been demonstrated that hackers can steal other users’ usernames and passwords from Yahoo - although this flaw has now been fixed.


    Experts are predicting around 17 per cent of all websites are affected.

    The flaw originated in 2011 which means in theory, if you’ve used any of the affected sites in the last three years, you may be at risk.

    OpenSSL is open-source software that is widely used to encrypt web communications.
    It is used to protect websites, instant messaging, email servers, virtual private networks and other communications.

    OpenSSL certificates are also used to protect credit card details on select services and the software is used in two of the most widely used Web servers, Apache and nginx.

    Research by analytics firm Netcraft found the figure of affected websites is almost 500,000.

    The figures vary because many sites use OpenSSL in one way or another, leaving them vulnerable, but a select few use additional measures and encryption techniques to protect data.


    Not necessarily. It may be that the Google researchers who discovered the flaw were the first to notice it. However, because a hack wouldn’t leave a trace, it’s hard to tell.

    Security expert Graham Cluely told MailOnline: ‘We don’t know if someone was exploiting it beforehand so I think we shouldn’t leap to any conclusions. Assume the worst and restart from scratch where possible.’

    David Emm from Kaspersky Lab urged people to be vigilant; to check their bank and online accounts for any suspicious activity and flag it up to providers as soon as possible.


    The flaw only affects sites that use OpenSSL in one way or another, so if your websites doesn’t use this software then you are not affected.

    If you are unsure, speak to your web developer or IT team, where appropriate.

    If you know that your site runs Open SSL, update it as soon as possible and replace your encryption keys.


    Websites fall into one of three groups - affected and at risk, affected and fixed and not affected.

    Affected and at risk: This applies to sites that use the OpenSSL software but have not patched the flaw. Password and security experts have created tools to see which sites are at risk including the Heartbleed Test and Heartbleed Checker.

    Affected and fixed: Affected sites include a number of Google services, including Gmail and YouTube, Facebook, Tumblr, Yahoo and Dropbox.

    All of these sites have been patched and security experts are advising people to change their passwords on these accounts, even if the sites themselves aren't issuing the advice directly, as is the case with Google.

    Users should ask sites directly for more information if they feel they're not being well informed.

    Not affected: Sites that don't use the OpenSSL software are not affected by the flaw. This includes PayPal, Microsoft accounts and Twitter.


    Researchers have even given the bug its own logo

    The Heartbleed bug lets anyone on the web read the memory of the systems protected by vulnerable versions of the OpenSSL software.

    It compromises secret keys used to identify the service providers and to encrypt web traffic.

    This includes the names and passwords of the users and the actual content, such as credit card numbers.

    Attackers can 'eavesdrop' on communications between servers, steal data directly from the them, and use the information to impersonate services and users on other sites or platforms.

    James Lyne, global head of research at security firm Sophos told MailOnline: 'This fault undermines the fundamental trust on the internet for anyone running the vulnerable software and it is widely integrated into the technology we all use every day.

    'While the fault has now been fixed, providers must apply it manually, so many still are vulnerable.

    'Worse still, the defect was in the code for over two years before being discovered by security researchers - attackers could have discovered this at any time during that period and retrieved large volumes of data without anyone knowing.

    'At this point the best thing for consumers to do is to assume their passwords and alike have been leaked. They may not have been, but since it's very hard to actually tell retrospectively, it is better to be safe than sorry.

    'As providers rush to patch [the flaw], consumers should apply typical IT security best practice: ensure you change passwords - once you know the issue has been fixed by your provider; update your computers; and don't use the same password across multiple sites or services.

    'This is not the first defect of its kind and it certainly won't be the last, but it is one of the more serious faults we've seen in recent Internet history.'


    Virtual private network expert IVPN has created an infographic to reveals the sites that have been affected by Heartbleed, those that do not use OpenSSL and which sites users should change their password on.

    Infograph can be viewed at: http://postimg.org/image/5qw0xegap/

    Below are statements from the individual firms.

    Google: Search, Gmail, YouTube, Wallet and the Play store were affected, but the Chrome browser and Chrome OS were not.

    Google said it identified and solved the problem across its affected services, and is advising users they don't need to change their passwords. However, security experts are advising they should anyway, just in case.

    Facebook: In a statement, the firm said: 'We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity.'

    It is encouraging users 'to take this opportunity to follow good practices and set up a unique password for your Facebook account that you don't use on other sites.'
    Yahoo logo

    Yahoo: Site has fixed the problem and is urging customers to change their passwords.

    Tumblr: Owned by Yahoo, the blogging site was affected, but claimed it has spotted no evidence the breach affected its accounts.

    Amazon Web Services (used by websites): Advisory note said 'most services were unaffected or Amazon was already able to apply mitigations' meaning passwords should be changed just in case.

    Netflix: Statement said 'we took immediate action to assess the vulnerability and address it. We are not aware of any customer impact.'

    Dropbox: The site tweeted it has patched all of its user-facing services and will continue to work to 'make sure your stuff is always safe'.

    Canada's Tax Agency: Shut off public access to its website 'to safeguard the integrity of the information'; it holds. The agency said it hopes to re-open its website this weekend.

    Instagram: Site runs on the nginx server, which uses OpenSSL software, and its SSL certificate was last valid three years ago meaning LastPass has flagged it as a potential risk and the company is working on a fix.
    Twitter logo

    Twitter: Site confirmed its websites weren't affected and details weren't exposed, so is safe.

    PayPal: In a statement, the site said PayPal is secure. Your PayPal account details were not exposed in the past and remain secure. You do not need to take any additional action to safeguard your information and there is no need to change your password.

    Ebay: As its payments are handled predominantly through PayPal, Ebay transactions were not affected.

    Microsoft accounts, Hotmail and Outlook and Bing: Microsoft services don't use OpenSSL so were unaffected.


    Websites fall into one of three groups - affected and at risk, affected and fixed and not affected.

    Affected and at risk: This applies to sites that use the OpenSSL software but have not patched the flaw. Password and security experts have created tools to see which sites are at risk including the Heartbleed Test and Heartbleed Checker.

    Affected and fixed: Affected sites include a number of Google services, including Gmail and YouTube, Facebook, Tumblr, Yahoo and Dropbox.

    All of these sites have been patched and security experts are advising people to change their passwords on these accounts, even if the sites themselves aren't issuing the advice directly, as is the case with Google.

    Users should ask sites directly for more information if they feel they're not being well informed.

    Not affected: Sites that don't use the OpenSSL software are not affected by the flaw. This includes PayPal, Microsoft accounts and Twitter.


    Check the service providers’ official blogs for statements about whether or not they were affected and if the problem has been fixed.

    The sites may have also emailed you so check your inbox, as well as junk mail.

    Once a site has confirmed it is safe, update your login details. Even if a site claims you don’t need to, change it anyway – just in case.

    Make sure to use different passwords across all accounts. This is good password management generally.

    If you are unsure if a site has been affected, or is now safe, contact them. You can call or email and ask them to reassure you.

    Take advantage of sites that use two-factor authentication. LifeHacker has a useful list of all the sites that offer this security measure.

    As its name suggests, two-step authentication involves giving users two security steps to go through before being allowed access to their account.

    This can include a text message sent to a phone, or a device that generates a unique number every 15 minutes.

    In the case of the Heartbleed flaw, this means even if hacker steals a password from a site, they can’t access the account without the text or email code.

    LastPass' Heartbleed Checker (https://lastpass.com/heartbleed/) looks to see when a site's secure encryption certificate was last regenerated and warns if the server may be at risk. It also reveals the websites that either aren't affected by the bug, or have updated their certificates.

    Full article attached and available here: http://www.dailymail.co.uk/sciencete...ly-severe.html

    Has the NSA has been using the Heartbleed web bug for TWO YEARS to spy on people? Claims exploit was a 'basic part' of agency's arsenal

    • Agency has been aware of bug for two years, according to reports
    • Code was added on New Year's Eve in 2011 and no-one picked up the error
    • Agency exploited the flaw to obtain passwords and other information, it is claimed

    By Mark Prigg and Victoria Woollaston | 11 April 2014

    The U.S. National Security Agency has been using the Heartbleed bug for at least two years to gather intelligence, it has been claimed.

    The agency is believed to have used the bug, which affects web servers and allows hacker to obtain supposedly secure information, to gather 'critical intelligence'.

    However, the agency has denied the claims, saying it would have been 'in the national interest to responsibly disclose the vulnerability'.

    Bloomberg quotes 'two people familiar with the matter' in its damning report.

    However, the Agency has denied the report.

    'If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL.' it said in a statement.

    'When Federal agencies discover a new vulnerability in commercial and open source software – a so-called 'Zero day' vulnerability because the developers of the vulnerable software have had zero days to fix it – it is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose.'

    John Perry Barlow of the Electronic Frontier Foundation tweeted 'National Security!? The NSA knew about and exploited #Heartbleed for two years, thereby leaving America's finances open to plunder.'

    Vanee Vines, an NSA spokeswoman, declined to comment on the agency’s knowledge or use of the bug.

    If criminals found the flaw before a fix was published this week, they could have used it to obtain of passwords for online bank accounts, e-commerce sites, and e-mail accounts across the world.

    Initially it was even claimed the Heartbleed flaw was deliberately created by government agencies to spy on us - until a developer has now come forward and confessed to causing the problem.


    Millions of Android smartphones and tablets ARE vulnerable to Heartbleed security breach, warn experts

    • A 2012 version of Google's mobile operating systems is susceptible to the glitch, which allows hackers to steal passwords
    • The flaw was revealed last week but Google said all Android devices were immune save for a 'limited exception'
    • Researchers now say the 'exception' covers millions of devices that still run the old software and a solution won't come easily

    13 April 2014

    Millions of Android smartphone and tablet users are vulnerable to the Heartbleed security flaw despite Google's insistence to the contrary, researchers reveal.

    The tech giant assured panicked users last week that their mobile platform was safe save for a 'limited exception.'

    It's now been revealed that the exception refers to millions of devices running a 2012 version of the operating system.

    Security experts say the vulnerable software can be found on popular phone and tablet brands including Samsung, HTC and others, reports Bloomberg.

    More than 900 million Android devices have been purchased worldwide. Of those, Bloomberg reports that 34 percent run some version of the outdated software.

    While a fix for computers and websites was readily available after news of Heartbleed sent internet users into a panic last week, the same cannot be said for Android.

    While a patch is available for devices with the flaw, wireless carriers and handset makers must now provide updates and the process is long.

    'One of the major issues with Android is the update cycle is really long,' Michael Shaulov, CEO of mobile security company Lacoon Security Ltd. told Bloomberg.

    'The device manufacturers and the carriers need to do something with the patch, and that’s usually a really long process.'

    Panic was triggered last week when it emerged that tens of millions of websites around the world did not have the security promised.

    The Heartbleed bug bypasses the encryption – called OpenSSL - that normally protects data as it is sent between computers and servers, leaving personal and sensitive data vulnerable.

    The problem has existed for at least two years, however details were only made public this week by Google and a small company from Finland, called Codenomicon.

    The fact the loophole has existed for so long is a huge blow to the credibility of websites and consumer trust in the internet.

    Experts at the American security and training company, the SANS Institute, suggested that the software that runs smartphones, tablets and laptops could have the same flaw.

    Spokesman Jake Williams said a malicious server could easily send a message to vulnerable software on phones, laptops, PCs, home routers and other devices, and retrieve a 64KB block of sensitive data from the targeted system.

    That would gather keystrokes which could, in theory, provide log-in and password details for internet banks and other sites.

    Mr Williams criticised companies with websites that are vulnerable to the Heartbeat bug for failing to admit the problem to consumers. ‘Too many vendors not communicating with their customers,’ he said.

    He suggested it could take the industry until 2020 and beyond to eliminate the problem.


  13. #73
    Member Array
    Join Date
    Jan 2007


    New app that allows San Francisco drivers to sell their street parking spot draws criticism and questions over legality

    • 'Monkey Parking' allows drivers who are looking for spaces with motorists who are already occupying a space for a fee
    • Fee ranges from $5 to $20
    • City officials are looking into whether the practice is legal

    The app, called 'Monkey Parking,' connects drivers looking for empty spaces with someone who is also on the app who is willing to give up their prized spot, but for a fee of anywhere between $5 and $20.

    San Francisco has a severe parking crunch already, given that the city has about 500,000 parking spots and there are about 750,000 residents. And that doesn't even include the tens of thousands of drivers who come into city daily.

    Although the app is slowly catching on in the city by the bay, San Francisco officials are questioning whether the practice is even legal. Others in the city have complained that the app is unfair as it is lining the pockets of some motorists out to make quick buck at the expense of other drivers.

    'You are trying to monetize public parking spaces and it is disgusting,' one person wrote on Monkey Parking's Twitter feed.

    However, Monkey Parking CEO and co-founder Paolo Dobrowolny tells the San Francisco Chronicle those reactions are unfair. He claims that the app just acts as a facilitator between those looking for parking and those who need a financial reward to move from their space.

    'We’re just providing information when someone is leaving,' he said. 'That is valuable information for everybody.'

    He also dismisses claims that that the app discriminates against those who are not able to pay up to $20 for a space.

    'It’s a fair business for anybody,' Dobrowolny said. 'It’s not just for rich people. If you think you can get that money back when you leave that parking spot, you can earn back the money when you leave the spot.'

    He adds that the app will help to improve the lives of San Franciscans as well.

    'If it’s faster to get a parking spot, or if someone was leaving in any case, that is an improvement to urban city living overall,' he told CBS San Francisco. 'We’re not trying to create this strange thing that they’re saying we are.'


  14. #74
    Member Array
    Join Date
    Jan 2007


    Thousands of sites STILL at risk from Heartbleed bug

    Half of the websites affected by the Heartbleed bug that exposed user's passwords and other information have not been updated to fix the problem, it has been claimed.

    Security experts said that even though the bug was revealed a month ago, 300,000 sites are still affected.

    They claim that is half the sites at risk - and the security experts admit the poor response is 'strange'.

    Security researcher Robert Graham of Errata security scanned over 1.5m servers that supported the vulnerable software in his report.

    'It's been a month since the Heartbleed bug was announced, so I thought I'd rescan the Internet (port 443) to see how many systems remain vulnerable,' he said.

    'Whereas my previous scan a month ago found 600,000 vulnerable systems, today's scan found roughly 300,000 thousand systems (318,239 to be precise).'

    However, he admits the tests hit problems.

    'The numbers are a little strange.

    'Last month, I found 28-million systems supporting SSL, but this month I found only 22-million. I suspect the reason is that this time, people detected my Heartbleed 'attacks' and automatically firewalled me before the scan completed.

    'Or, another problem is that I may have more traffic congestion at my ISP, which would reduce numbers.'

    All of these sites have been patched and security experts are advising people to change their passwords on these accounts, even if the sites themselves aren't issuing the advice.

    Yahoo was the only major site that has explicitly said its users should change their password.

    A number of these sites have been criticized for not contacting individual users to reassure them.

    Graham Cluely from security software company Sophos suggests Google could post a link on its homepage for anyone who is concerned about the bug. In response to this, Google said: 'The security of our users' information is a top priority. We fixed this bug early and Google users do not need to change their passwords.'

    Cluely continued: 'It is confusing and I understand why people are befuddled, but a [password] reset for everything is both unnecessary, and potentially exposing.

    'Changing your password on a vulnerable site makes little difference because the site is still open to attack. This means your old password would have been at risk, but you're also giving hackers access to your new password - a double whammy.’

    'If a site hasn't fixed the security flaw, or hasn't told its users it has, then people should assume that site is vulnerable. It's good to assume that all sites are vulnerable and be cautious, until the sites state otherwise.’

    'My advice is only change the passwords on services that tell you they've fixed the problem.'

    'If people are concerned they can do a quick check using the Heartbleed Test.'

    LastPass’ Heartbleed Checker similarly looks to see when a site’s secure encryption certificate was last valid and warns if the server may be at risk.

    Heartbleed check list: http://postimg.org/image/5qw0xegap/


  15. #75
    Member Array
    Join Date
    Jan 2007


    eBay hacked, requests all users change passwords

    eBay confirms users' passwords were compromised but says there's no evidence any financial information was accessed.

    eBay's morning just went from bad to worse. The e-commerce site confirmed Wednesday that its corporate network was hacked and a database with users' passwords was compromised. While eBay says there is no evidence that users' financial information was accessed in the hack, the company is telling all users to change their passwords.

    eBay contacted CNET after this story was initially published, saying it discovered "recently" that it was a victim of "a cyber attack on our corporate information network, which compromised a database containing eBay user passwords." The company's spokesperson told CNET there is "no evidence that any financial information was accessed or compromised."

    The statement follows an odd stream of events this morning when eBay-owned PayPal posted a blog entitled "eBay, Inc. to Ask All eBay users to Change Passwords." The blog post included nothing but the title, but quickly hit the Web after it was retweeted dozens of times. The blog post was then taken down from PayPal's site, causing even more confusion for users of the online auction house.

    eBay has since posted information about the hack on its official blog. The company will ask all users to change their passwords starting later on Wednesday.

    eBay shares are down 1.73 percent, or 90 cents, to $51.06, following news of the hack.

    The database, which eBay said was compromised in late February and early March, held eBay customer's names, encrypted passwords, email addresses, physical addresses, phone numbers, and dates of birth. However, the company says users' financial information was not accessed.

    "After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats," eBay wrote in the post. "However, changing passwords is a best practice and will help enhance security for eBay users."

    eBay also tried to allay concerns of PayPal users who store credit card information on the service. Although eBay owns PayPal, the online auction site says that "PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted."

    eBay said it detected the hack two weeks ago and engaged in forensics activities to determine what database was compromised and what was stolen. The company narrowed down the attack to "a small number of employee login credentials" stolen by cyberattackers, which it said provided access to eBay's corporate network.

    Starting later on Wednesday, eBay will use email, site updates, and "other marketing channels" to request its users change their passwords. The company also encouraged its users to change the passwords on any other sites they might use with the same log-in credentials. It even ended its blog post with a security tip: "The same password should never be used across multiple sites or accounts."

    eBay's hacking should be taken seriously. The e-commerce site has 128 million active users around the world. While the company has acknowledged that it will ask every user to change their password, eBay hasn't said how many customers might have had information stolen.

    With Heartbleed wreaking havoc on the Web and an increasing number of major companies having their servers hacked and personal information leaked, Web security -- or lack thereof -- is becoming a huge concern for Web users. The eBay hack could prove to be the biggest security flaw to affect users since last year's Target data breach. That hack is believed to have impacted 110 million customers and left personal information -- including names, mailing addresses, phone numbers, email addresses, and debit and credit card data -- open to hackers.

    CNET has contacted eBay for more information on the hack. We will update this story when we have more information.


    Current status of ebay.com (5/21/14) with heartbleed test:

  16. #76
    Member Array
    Join Date
    Jan 2007


    Children failing to use toy building blocks 'due to iPad addictions'

    • Teachers say basic skills are affected by children's excessive iPad use
    • Access to instant information is also reducing memory and attention span
    • They are also struggling to socialize with other children

    Children are not developing the dexterity needed to write and build models because they spend too long on computer tablets
    , teachers warned yesterday.

    They also struggle to learn lines for school plays and answer pen and paper exams because they are used to calling up information instantly on their computers or smartphones.

    Parents are being urged to restrict use of tablets and turn off the wi-fi in their homes at night to stop their children going on the internet.

    Members of the Association of Teachers and Lecturers warned that growing numbers of young children are able to swipe tablet screens but lack the motor skills needed to play with building blocks.

    They also struggle to socialise with others or concentrate unless their focus is on computer-generated images.

    Delegates at ATL’s annual conference in Manchester backed calls for medical experts to help produce guidance for parents as well as teachers on avoiding excessive use of tablets.

    They passed a resolution warning that computer tablet ‘addiction’ was leading to poor performance at school, irritability, furtiveness and loss of interest in other activities.

    Colin Kinney, representing ATL’s Northern Ireland branch, said some parents were substituting the development of social skills with tablets.

    ‘I have spoken to a number of nursery teachers who have concerns over the increasing numbers of young pupils who can swipe a screen but have little or no manipulative skills to play with building blocks or the like, or the pupils who cannot socialise with other pupils but whose parents talk proudly of their ability to use a tablet or smartphone,’ he said.

    ‘Many of us have seen the brilliant computer skills of some pupils outweighed by their deteriorating skills in pen and paper exams because they rely on the instant support of the computer.

    ‘They are often unable to apply what they should have learned from their textbooks or class notes.’

    Pupils were turning up to school exhausted because they had night much of the previous night playing computer games, he added.

    Their attention spans were ‘so limited they may as well not be there’.

    ‘We do not want to deprive our pupils of access to computer tablets but we do want to protect them from withdrawal, poor performance and loss of educational opportunities,’ he said.

    Mark Montgomery, a fellow Northern Ireland delegate, said children increasingly wanted to spend hours playing on tablets instead of ‘playing football outside, building models and learning through playing’.

    ‘During rehearsals for our school play, the producer complained that the children in lead roles had great difficulty in learning all of their lines,’ he added.

    ‘This had not been an issue in previous years and would suggest that because information is always instantly available there is less need to learn and to retain knowledge.’

    He warned that over-use of tablets was also having detrimental effects on pupils’ health, such as weight gain caused by ‘lack of movement and exercise’ as well as repetitive strain injuries and posture problems.

    He added: ‘I have three sons. When they were younger I would go to bed and turn off the wi-fi. Parents need to do that. Turn the wi-fi off.

    ‘There is the ability to restrict the amount of time they are online for, there are apps to download.

    Children get obsessed with things and find it difficult to say no. If you take a two-year-old’s teddy away or a teenager’s X-Box they will rant and rave. But an adult will go and do something different.’

    Mr Montgomery went on: ‘It is our job to make sure that the technology is being used wisely and productively and that pupils are not making backward steps and getting obsessed and exhibiting aggressive and anti-social behaviours.’

    The warning follows research from Ofcom last year which found children’s access to tablets at home has more than doubled from 20 per cent in 2012 to 51 per cent.

    It has also been claimed that the boom in tablet ownership has led to children as young as four are being treated for ‘iPad addiction’.

    One girl of four reportedly became so obsessed with playing games on a tablet she was enrolled in therapy by her parents who wanted her treated for compulsive behaviour.

    The pre-school child, from the south east of England, became hooked on a tablet at the age of three and was using it for up to four hours a day, becoming ‘inconsolable’ when it was taken away.



    Teenagers suffer neck and back pain because they spend too long hunched over iPads and phones, say researchers

    It's unlikely computer addicted teenagers will take any notice – although desperate parents might be grateful for this ammunition.

    Four in ten teens have suffered back or neck pain from spending too much time slouched in front of the TV or a computer screen, according to researchers.

    A study by the British Chiropractic Association revealed that more than one in seven parents said their son or daughter’s problem was a result of using a laptop, tablet or computer.

    The survey of more than 460 parents of 11- to 16-year-olds also found that 23 per cent of teens are spending between two and four hours a day watching TV, while a quarter spend the same amount of time on a laptop, tablet or computer.

    Based on a two hour period, young people spend more time on games consoles (33 per cent) than doing an activity such as riding a bicycle (12 per cent).

    When asked how much time their teenager spends on their bicycle, more than one in five parents (21 per cent) admitted that their child doesn't even have a bike.

    Nearly half of the parents polled (46 per cent) acknowledged that their children don't spend enough time exercising, despite NHS guidelines stating that children and young people between five and 18-years-old need to do at least one hour of physical activity every day.

    Now the BCA is encouraging parents to limit the time their children spend using technology.

    Commenting on the study to mark Chiropractic Awareness Week, BCA chiropractor Rishi Loatey, said: 'We are seeing more and more people under the age of 16 with back and neck pain and technology is so often the cause.

    'Young people are becoming increasingly sedentary which is damaging their posture.

    'There is the tendency to sit in a hunched position when working on computers and laptops, putting a lot of strain on the neck.

    'Learning how to sit properly and keeping active will help to keep young people healthy and pain free.

    'It's important that parents seek help for their children from an expert as soon as any pain starts - if conditions are left untreated it could lead to chronic back and neck problems in later life.'


    Smartphone EXPLODES in girl's pocket

    A seven-year-old girl has been left with horrific injuries after her smartphone EXPLODED in her pocket.
    Ariana Aitzhan was playing in the garden in the Kazakhstan capital Astana when her parents report suddenly hearing screaming. They rushed outside to see the remains of the Samsung Galaxy S2 model on the floor with the girl's friends saying it had exploded in her pocket.

    "The burn was horrific – it went all the way through to the bone."

    Ariana's mother Alia Kamzina added: "She is in shock still, as are we all.

    "She is now afraid of smartphones, she can't bear to even see one being used without being terrified."

    Samsung have offered to pay for all of Ariana's medical bills and plastic surgery but Mr Aitzhan has so far refused to return the torched handset, for fear of his daughter's horrifying story being hushed up.

    A Samsung spokesperson said: "Once we have gotten hold of the product in question, we will investigate internally.

    "We would like to assure that the safety of our customer is our top priority."


  17. #77
    Member Array
    Join Date
    Jan 2007


    Google offers 'right to be forgotten' by having details of users’ past erased

    • Search engine now allows people to have links about them taken down
    • Thousands of paedophiles have made requests to remove personal data
    • However, Google says it will balance rights of individuals with public interest
    • Most requests received relate to paedophilia, fraud, arrests and convictions
    • The ruling could fundamentally change the nature of the internet in Europe

    By Belinda Robinson | 31 May 2014

    Thousands of pedophiles have rushed to use a new form from Google giving them the 'right to be forgotten' which lets people apply to get themselves removed from search results.

    The changes come after a landmark ruling by the European Court of Justice that people have the 'right to be forgotten' - so they can have Google search results removed if they tarnish their reputation.

    Over 12,000 people across Europe have used the form since Google launched the online form yesterday morning.

    If those requests are granted, anyone searching for those people on Google will not be shown the aspects of their past that they have deemed to be embarrassing or damaging - making internet searches fundamentally less useful.

    At one point Google said it was getting 20 requests per minute. But the ruling has already been criticised after early indications that around 12 per cent of applications were related to pedophilia. A further 30 per cent concern fraud and 20 per cent were about people's arrests or convictions.

    Along with requests from pedophiles, many other applications have come from corrupt public figures and criminals desperate to hide their past.

    An actor who had an affair with a teenager, a celebrity's child who was convicted of criminal offices and a man who tried to kill members of his family were among the first requests.

    The company has set up a team of employees to deal with requests and sift through applications from people desperate to have personal information removed from search results. The team will decide exactly which grievances should be honoured under the European court ruling and which should not.

    However, the company said it will not honour every application and will look at each case based on its merit. These include cases connected with recent criminal convictions, professional malpractice and the conduct of government officials.



    Those seeking to have information about them removed can visit the legal section of Google's website or visit the link: https://support.google.com/legal/con...duct=websearch

    On this page, a form allows users to put in a search removal request under EU data law.


    Only EU citizens are allowed to submit a request via the form and apply to have their links removed if their legal name appears. They will have to explain why the link should be taken down.


    All requests will be considered but Google, but it will have to balance privacy with the public interest, the company has said it will not remove all cases.


    In Britain users can contact the Information Commissioner's Office or take Google to court.
    However, if these types of cases cannot be resolved by Google they may end up being looked at by Britain's privacy watchdog the Information Commisioner's Office or go to a higher court.

    It means that Google now finds itself in the prickly position of having to balance privacy concerns against the principles of free expression and 'the right to know.'

    Critics say the EU ruling has already created a divide between how Google generates search results about some people in Europe and the rest of the world.

    For now at least, Google will only scrub personal information spanning 32-nations in Europe.

    It means that Googling the same person in the United States and dozens of other countries could look much different than it does from Europe.

    And although the court ruling currently applies to 28 countries in the European Union, Google is extending the 'right to be forgotten' to four other countries — Iceland, Liechtenstein, Norway and Switzerland.

    More than 500 million people live in the area affected by Google's potential purge of personal information from its European search results.

    Google said it has established a seven-person advisory committee including Eric Schmidt, Jimmy Wales who is Wikipedia's founder and Jose Luis Piñar, former director of Spain's Data Protection Authority to look at the issues.

    However, in an interview with the Financial Times, Google's co-founder Larry Page warned that the new law will be used by other governments to do bad things.

    He said: 'Other people are going to pile on, probably... for reasons most Europeans would find negative.'



    Note surprises that the corrupt, criminals and perverted are the ones wanting to erase their information. Although the concept in itself is good and there should be an universal form for anyone wishing to erase themselves from online for privacy and wanting to be off the grid.

  18. #78
    Member Array
    Join Date
    Jan 2007


    Cyber-attack at the shopping centre: Experts warn against using public Wi-Fi on smartphones and Tablets

    • Survey of 1,000 Australians reveals fewer than a third of mobile and tablet users install security software
    • 63 per cent of those surveyed never run virus checks
    • 40 per cent of the respondents can't identify online safety breaches
    • Expert advises not to use public WiFi particularly for online banking

    By Leesa Smith |1 June 2014

    Australians are putting themselves at risk of their personal information being hacked with a survey revealing fewer than a third of smartphone and tablet users install security software.

    The survey, released today by the Government's Federal Communications Department, also showed 40 per cent of the 1,000 respondents couldn’t identify any signs of online safety breaches.

    Released as part of Stay Smart Online Week, the national survey found 63 per cent of public WiFi users never run virus checks while less than one in five 'always' do.

    University of Adelaide information security expert Dr Malcolm Pattinson labelled WiFi as the ‘most insecure mechanism’ for sharing information and a ‘goldmine’ for criminals.

    He advised people not to use public WiFi at all and particularly not for online banking, while the Federal Government advises no financial transactions should be done with public WiFi.

    ‘It’s so easy to tap into and they can track keystrokes,’ he told The Advertiser. ‘They get your credit card number and your password.’

    The Australian Institute of Crime reports that one in 20 household users have been victimized by scams or identity fraud with the reasons identified as a lack of knowledge, prevention and behavior change.

    Michael McKinnon from AVG internet security said Facebook and Twitter had increased their use of encryptions to stop hacking of accounts through public WiFi.

    'The problem is there are tens of thousands of websites not using those protections and theoretically anyone could access anything you are sharing with those websites,' he said.

    Mr McKinnon said it was reasonably safe to do online banking in public using full web addresses starting with “http” that users should bookmark, while typing in bank addresses starting with 'www' left users vulnerable to attack.


    iHackers targeting US as Australians told to change iCloud passwords after cyber attack

    • Australian Apple users have been hacked by 'Oleg Pliss' who is demanding US$100 for users to woken early Tuesday to alert their device had been hacked
    • Attack has spread overseas with reports of U.S. users being hacked

    By Kate Lyons | 28 May 2014

    The Apple hackers targeting Australian users over the last few days have spread their operation abroad with the first accounts of attacks in the U.S.

    Reports started surfacing on Tuesday of a hacker calling himself 'Oleg Pliss' locking Australian Apple users out of their devices and then demanding a ransom of between US$50 and US$100 for the device to be unlocked.

    The cyber-attack seems to have spread across the ocean, with U.S. users reporting on Apple support threads they have also received ransom notifications from 'Oleg Pliss'.

    It's unclear how the hackers gained access to the devices, while some users are pointing to a breach of their iCloud accounts, Apple insists iCloud was not compromised.

    It has also been suggested that the breach was the result of a password scam, resulting from people using the same password for multiple accounts.

    Oleg Pliss is likely a pseudonym, a real Oleg Pliss is a software engines at Oracle, he was contacted by the Sydney Morning Herald and confirmed that he had never hacked an Apple device.


  19. #79
    Member Array
    Join Date
    Jan 2007


    Google’s Nest Is Buying a Home-Monitoring Camera Company

    Dropcam will fall under Nest's privacy policy

    Google-owned smart home company Nest is acquiring home-monitoring startup Dropcam for $555 million, in a move that expands the Google-owned Nest’s smart home repertoire from thermostats and smoke detectors into cameras.

    Nest, which was acquired by Google earlier this year for $3.2 billion, makes a thermostat that learns your daily schedule and adjusts your house’s temperature based on your behavior. Nest also makes a smart smoke detector. Dropcam, meanwhile, makes cameras that allow users to remotely monitor their homes, keeping tabs on pets, kids and valuables.

    Matt Rogers, Nest’s founder and head of engineering, said in a statement that Dropcam and Nest will eventually expand their product offering to “help shape the future of the conscious home.”

    “Our companies actually have a lot in common,” Rogers said. Dropcam’s “team has managed to create products that change how people interact with their homes,” he added.

    While some privacy-minded users may be reluctant to put a camera system indirectly owned by Google in their homes, Dropcam will fall under Nest’s business model and privacy policy, Rogers said, meaning user data won’t be shared with Google. Current Dropcam customers will continue to use their regular accounts, he added.

    The $555-million deal was signed Friday but has yet to close, re/code reported.


  20. #80
    Member Array
    Join Date
    Jan 2007


    YouTube Video Quality Report compares ISPs, rats out the slow ones

    Nick Mediati - May 31, 2014

    Does everyone have to wait for a YouTube video to buffer, or are you the only one? Thanks to a new tool from Google, you can now see for yourself.

    Google’s Video Quality Report is a new tool that provides information on your ISP’s performance when it comes to streaming YouTube videos, and lets you see how it stacks up to other popular ISPs in your area.

    The tool ranks ISPs based on the video quality that most customers of various popular service providers can reliably stream. It also displays other information, like the percentage of customers that can stream a 720p HD video stream reliably on average throughout the day, as well as the peak video streaming hours.

    A troubleshooting tips page provides you with information on how you can make sure you’re getting the fastest video stream possible. The site also provides an overview of how a video stream gets from the server to your home—useful if you aren’t well versed in the intricacies of networking technology.

    Of course, there are some limitations: the Video Quality Report provides information about an ISP in broad strokes—it doesn’t give specifics on your connection quality, which does make it less useful than it could be since connection speeds can vary depending on where you live).

    Still, the information it provides is useful, and who knows? Maybe it’ll help convince slow-performing ISPs to up their game.


    Google's Video Quality Report - http://www.google.com/get/videoqualityreport

    Google Add 'Edit Video' Features on YouTube

    Google has added a basic video editing feature on their video service, YouTube. Although not as powerful as Apple's Final Cut Pro or Adobe's Premiere Pro, this feature is quite useful.

    With the video editing feature, users can cut the video and merge several videos into one file.

    For video editors using this, users can simply drag the thumbnail view of the video belong to the filmstrip at the bottom. Shifts the mouse pointer over the thumbnail will make it into the scissors icon. Click there to determine the beginning and end of the video.

    You also can preview low-resolution version of the video in question. And when you're done, save the video in your video collection.

    The process of storing new video edited fast enough because the video is already there on the Google servers. It's just that YouTube takes time to process the results if your video.

    Besides the latest video store into your video collection, YouTube also provides an option to give the title, tag, video-sharing rules, and others.

    As quoted from Cnet, June 17, 2010, there was one thing that is not allowed. Given the rules of copyright, you should not tamper with other people's videos.

    Want to edit your video collection? Please login to YouTube and then visit the following address, http://www.youtube.com/editor


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts