Skip to content

Posts tagged ‘privacy’

18
Jan

Banking Whistleblower Rudolf Elmer Hands Tax Information to Wikileaks

Swiss ex-banker, Rudolf Elmer, has handed over financial information on 2,000 individuals (including 60 politicians) to Wikileaks. Elmer is himself on trial for previous leaks to Julian Assange’s group and breaking notoriously strict Swiss banking privacy laws. The information, stored on two CDs, was handed over to Julian Assange in a public press conference. The discs supposedly contain evidence of tax evasion that will be reviewed by Wikileaks, with plans to disclose parts of it publicly, and to relevant authorities.

Assange said that it will be at least two weeks before any of the information can be reviewed and released. Are you a rich tax evader? Ready… set… sweat!

17
Jan

Insecurity: Bad Secret Questions and Information Disclosure

It’s a little known fact that most websites have a backdoor that can get you access in other people’s accounts – weak secret questions! Ok, so maybe it’s not a back door as such, but the threat is so high that for some websites it might as well be. Let me explain… Read moreRead more

8
Jan

Department of Justice Subpoenas Twitter for Personal Info of Wikileaks Supporters

The US Department of Justice (DoJ) filed a subpoena against Twitter, demanding for the personal information of a number of known Wikileaks supporters. These include Birgitta Jonsdottir (a member of the Icelandic parliament), Rop Gongrijp (a Dutch hacker), Jacob Applebaum (Tor developer), Bradley Manning (solder believed to have leaked info to Wikileaks), and Julian Assange himself. The order requests a large amount of personal information including:

  1. Subscriber names, username, etc
  2. Mailing, residential, business and email addresses
  3. Connection records, and records of session times and durations
  4. Length of service, and type of service utilized
  5. Telephone or other subscriber number
  6. Means of payment (including any credit card of bank account number)
  7. All Tweets (private or not)

The original Order was sealed, meaning that the intended targets of the information request could not be informed that their data was being subpoena’d. At Twitter’s request, the Order was unsealed, and the targets informed. Many of these individuals will undoubtedly be contesting the subpoena, for which they now have 10 days. It is believed this information is being requested as part of a growing criminal investigation into Wikileaks.

A copy of the Order served to Twitter is available here (PDF), and a more in-depth report can be found here. I wonder if the Electronic Frontier Foundation (EFF) will weigh in on this one…

[Update] According to Wikileaks, the subpoena potentially covers over 637,000 people who follow Wikileaks on Twitter. Iceland has blasted the US’ demand.

Sources: Salon, cnet

23
Dec

Top 100 Security and Privacy Tips

In celebration of the 100th post on Security Generation, I’ve decided that a list of 100 security and privacy tips would be appropriate. The tips start off basic then get a bit more complex, and cover a range of areas from general computer and information security, to safe web browsing, email security and privacy.

Thanks to everyone who’s been visiting (and to those who are following on Twitter), I hope to keep bringing you useful and interesting content into 2011. Those of you who feel so-inclined, please drop by the forums. Feel free to share this with others, and suggest any other tips that you think I may have missed out!

Let’s kick off the 100 Security Tips, enjoy:

  1. Keep informed of current events in security by reading (or listening to) relevant security news (Check – you’ve already done this one!)
  2. Always be aware and alert for threats, and adjust your security to fit your current environment
  3. Be skeptical (not paranoid), and use common sense
  4. Ask for help or information if you’re ever suspicious or unsure about something
  5. Help educate others about good security practices, and point them to useful resources
  6. Regularly patch your system, browsers, and other software and mobile devices when updates are available
  7. If you use antivirus, and you probably should, update the signatures hourly at a minimum
  8. Don’t use an Administrator (root) account for day-to-day use. Set yourself up a standard user account
  9. Use good, strong passwords with a minimum of 8 characters
  10. Do not use “password”, abc123, 12345, qwerty, your username, any dictionary word, or any derivatives of these as your password! Read moreRead more
21
Dec

Plugin to Disconnect: Regain Browsing and Search Privacy

Ex-Google employee Brian Kennish has been developing a web browser plugin dubbed ‘Disconnect‘, which aims to restore users’ web browsing and searching privacy on a number of major sites. The plugin, which current supports Google, Facebook, Digg, Twitter and Yahoo, blocks uniquely-identifying cookies which are used to track individual users’ browsing activity and searches. Brian also created ‘Facebook Disconnect‘ which prevents Facebook from tracking you on any website that uses the Facebook Connect functionality.

Both of these plugins de-personalize your normal browsing and searching, whilst allowing you to continue using services like Google and Facebook normally. You can see which cookies are being blocked in real-time, and unblock any that you may want. Note that the search de-personalization currently only works on the google.com domain (not local country domains).

At the moment these plugins are only available for Chrome and RockMelt (a new social media-embedded browser I just heard of), but a Safari extension and Firefox add-on are on the way!

1
Dec

Creating a Secure Mac/PC Portable USB Drive

Ever since the release of the IronKey I’ve been drooling over the device (good thing it’s waterproof I guess). Due to not wanting to pay so much for a USB key, I decided to make my own. I grabbed myself a 32GB USB key, and got to work on making it as close to the IronKey as possible.

In this article I’m going to illustrate some of the things you can do to secure the information on your portable thumb drive, increase your privacy, and even install Mac OS X or Linux.
25
Nov

TSA Body Scanner Missed 12-inch Razor Blades

Mythbusters’ Adam Savage recently went through a TSA checkpoint and body scanner, and once on the plane realized he had two 12″ razor blades in his jacket pocket. I’ll let the man tell you himself, but I love his quote: “WTF TSA?”. Clearly the screening agent was focusing on Adam’s myth-busting junk.

Privacy fail and security fail two-in-one. Security theater++

25
Nov

Swinglet CAM: Your Own UAV Spy Plane

This is epic full of awesomeness. The Swinglet CAM is a small computer-controlled flying thing (plane?) with a built-in camera. The computer software allows you to define a flight path that the Swinglet will automatically follow and pictures from the sky. You can even do in-flight path modifications and it will adjust its trajectory. It takes off when you throw it in the air, can fly for up to 30 minutes, and lands by itself.

Supposedly you can use it to look at the state of your crop fields from the sky, which sounds like a stupid use for this toy. If you know the girl next door sunbathes naked on the roof, now we’re talking! I want one but I’ll wait for a video-capable model that can fly for miles, and be controlled from my secret basement lair.

Check out this sample photo and the video below to make you want one for Christmas. The Swinglet CAM costs only €8,400 ($11,000)!

23
Nov

iOS 4.2.1 Released with Free “Find My iPhone”

Apple has finally released the highly-anticipated iOS 4.2 (actual version is 4.2.1), bringing support for the iPad along with several other feature including AirPlay and AirPrint.

Along with this release, Apple has made the “Find My iPhone” functionality in MobileMe free to all iPhone, iPad and iPod Touch device owners. This service uses a combination of GPS, cell tower and wifi-network triangulation to obtain the location of the device, which can then be mapped. It also allows you to send messages, lock or completely wipe the remote device. To use this feature, you’ll need add a MobileMe account using your iTunes Apple ID by going to Settings > Mail, Contacts, Calendars > Add account. You can then track your device using the Find My iPhone app available in iTunes, or using the MobileMe web interface.

Users concerned about the privacy implications of this feature can easily disable it by going to Settings > Mail, Contacts, Calendar > Select your MobileMe account > Set ‘Find My iPhone’ to Off. Have a look at Apple’s KnowledgeBase article for more info on this feature.

iOS 4.2.1 brings with it a number of security updates (including Safari and numerous WebKit patches). Although it’s not mentioned in the update details, the previously-reported cool-but-deadly keylock bypass vulnerability has been fixed. Hit the jump for full details.

Related: Protecting and Recovering Your iPhone and iPad from Loss and Theft!

Read moreRead more

18
Nov

Securing Leopard – 10.6 Edition

I’ve finally re-written my article on Securing Leopard, with some updates to reflect the changes made in 10.6. This is still an early edition, and I’d be happy to hear feedback/suggestions (contact form) on how I could improve it.

The article is aimed at new and developing Mac OS X users, and covers a variety of suggestions on how to quickly and easily improve the security of your (Snow) Leopard install. It also provides tips on how to manage your privacy and protect your personal information.

It includes a quick checklist which can help when trying to secure an install of Mac OS X. Enjoy!

Securing Leopard

Securing Leopard: 10.6 Edition

« Older Entries
Newer Entries »
Stop ACTA
WordPress主题
WordPress Themes