Posts Tagged ‘Personal privacy’
Nearly 5 million Gmail addresses and plain text passwords was posted on a forum this week, which is a massive pain in the arse for someone – probably the person who has to answer questions at Google about security breaches and the like.
Someone called ‘tvskit’ posted the archive file on a Bitcoin security forum called btcsec.com, which you can imagine, is a riotous read and will keep you entertained for literally seconds. They reckon that over 60% of the credentials in the file are valid.
“We can’t confirm that it is indeed as much as 60%, but a great amount of the leaked data is legitimate,” said Peter Kruse, the chief technology officer of CSIS Security Group. “We believe the data doesn’t originate from Google directly. Instead it’s likely it comes from various sources that have been compromised.”
What that means is, Google haven’t been hacked, but rather, accounts on other sites where people have used their Gmail addresses as the user name have been obtained.
Google said: “The security of our users is of paramount importance to us. We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts.”
In conclusion, here’s the usual ‘you might want to change your password on sites where you’ve used your Gmail address as a user name’ advice.
As you’re no doubt aware, Jennifer Lawrence has had some naked selfies stolen from her, and according to the very reputable 4chan, they were swiped by someone hacking her iCloud account. If you haven’t seen the photos, then chances are we’ve lost you and you’re burrowing into a search engine now, looking for boobs.
How can you keep your cloud accounts safe? If you have an account with iCloud, Dropbox or Google+, you might find that they automatically upload and save your images.
First thing to do is to make sure your password doesn’t get stolen or is difficult to guess. That’s blindingly obvious, but worth mentioning. Change your passwords regularly and make sure they’re not words, but rather, a collection of letters, numbers and symbols.
It doesn’t matter how safe cloud accounts are made if your password is 123456 or ‘password’.
Another thing you can do is make sure that you switch off the automatic backup services. In all Apple devices, you can disable Photostream. If you turn it off, it’ll delete any automatically stored images from iCloud. You’ll have to delete any manually shared Photostreams yourself.
With Dropbox, your Android device can be set-up to upload every photo and video you take into the cloud. If that’s not your thing, go to ‘settings’ and turn the option off. You’ll also need to delete them from Dropbox manually.
On Android, G+ and Picasa, you can disable automatic photo backup in the Photos app on your device. You’ll need to go to ‘settings’ then Auto-Backup and then untick ‘Back up local folders’.
Of course, you’re not a celebrity so the chances of someone wanting to hack your account and share your photos are slim. However, if you’re feeling jumpy or just want to disable these functions, now you know how.
You’re still not reading this are you. You’re still looking at boobs.
You know that Google tracks your every movement don’t you? Unless you’ve tinkered with the location settings on your phone, they know where you’ve been going. Including that late night jog you went on… to a massage parlour.
Well, if you didn’t know, there’s a map online, where you can see to what level Google have been following you around.
Of course, many of you will look at your map and realise that you’ve got the life-radius of a beetle tied to a nail, walking around in ever decreasing circles.
You’ll have to log in with your Google account, but once you do, you’ll see a 2D map with a record of where you’ve been for the last month. Whether you think this is a cause for concern is your business, but looking at the map of your recent history might make you feel a bit weird in a Minority Report kinda way.
Have a look at the map of your whereabouts here.
Google have been relatively open about how they scan everyone’s emails – it is so they can tailor adverts to customers and make loads of money. However, not everyone is happy about that, especially with all that NSA business.
However, reports say that a Google tip-off from the contents of a Gmail account ended up in the arrest of a child abuser from Texas. Police say Google told the National Centre for Missing and Exploited Children (NCMEC) about the content in an email sent by John Henry Skillern, who is a registered sex offender.
“He was trying to get around getting caught, he was trying to keep it inside his email,” said Detective David Nettles. “I can’t see that information, I can’t see that photo, but Google can.”
So what’s going on?
Pictures are hashed which creates a unique code for an image. The hash is compared with a database of known child abuse images and, if they match, details are passed to the NCMEC (or, if you’re in Britain, the Internet Watch Foundation, who Google actually give funding to). Then, a trained expert looks at the case and decides whether or not to pass it on to the police.
AOL also employ a similar system and they caught someone sharing illegal images last year.
The moral quandary is that, while the capture of child abusers is absolutely good and noble, Google and others are sifting through everyone’s correspondence and repacking it for advertisers. With Google’s buying of Nest, some people even think that they’ll be able to spy on you via your thermostat (a bit like the Piers Brosnan robot house in The Simpsons).
So what’s the trade off? If you’re not doing anything wrong, should people be scanning your emails? Do you not mind because child abusers can be caught? Is this case being crowed about in a bid to try and distract users from something a bit dodgy going on? Or do we just accept it because this is how the internet works?
Sounds dodgy doesn’t it? How can a government do something like that? Well, Cameron & Co. have wheeled out the usual excuse of terrorism. See, if the government can snoop on everyone, that’ll stop someone from listening to God and blowing themselves up.
According to Cameron, these fast-tracked measures are absolutely necessary to defend our national security against the threat from Iraq and Syria. If we don’t, the consequences are “grave.” This move is a response to a ruling by the European Court of Justice which struck down regulations that allowed communications companies from storing data for police use for a year. Downing Street reckons that we’re all doomed if phone and internet companies start deleting these records.
“It is the first duty of government to protect our national security and to act quickly when that security is compromised,” David Cameron said. “As events in Iraq and Syria demonstrate, now is not the time to be scaling back on our ability to keep our people safe. The ability to access information about communications and intercept the communications of dangerous individuals is essential to fight the threat from criminals and terrorists targeting the UK. No government introduces fast track legislation lightly. But the consequences of not acting are grave.”
“I want to be very clear that we are not introducing new powers or capabilities – that is not for this Parliament. This is about restoring two vital measures ensuring that our law enforcement and intelligence agencies maintain the right tools to keep us all safe.”
Nick Clegg, a man hired to wander around Whitehall to say ‘does anything need doing? No? Okay. Fancy a pint after? You’re busy? Never mind then’, said these emergency laws “will not be used as an excuse for more powers, or for a ‘snooper’s charter’.”
“Liberty and security must go hand in hand. We can’t enjoy our freedom if we’re unable to keep ourselves safe.”
Tom Watson, meanwhile, isn’t impressed and said on the radio this morning that this is a “stitch up” that denies MPs the chance to be able to scrutinise the legislation: ”This is a secret deal between party leaders. There hasn’t been a bill published, we find out this morning when Parliament is on a one-line whip and MPs are in their constituencies that next week they will railroad through emergency legislation.”
“If you are an MP, you probably shouldn’t bother turning up for work next week because what you think doesn’t really matter. They are ramping up the rhetoric on it but no one in civic society has a chance to form a view on this or lobby their MP or talk to them about it. I understand that Labour’s shadow cabinet is seeing it this morning. They’ve not had a chance to think about it yet.”
Cue: If you’re not doing anything wrong, it doesn’t matter arguments.
They have revealed that governments around the world are using secret wires to listen-in on phone conversations over their networks.
In the 29 countries where Vodafone operate, governments are using wires connected directly (and permanently) to its network so they can spy on people in real-time, while also tracking the location of individuals. Basically, what Vodafone have said, is that some countries don’t have to make an interception request to spy on people.
This news was revealed ahead of Vodafone publishing a Law Enforcement Disclosure Report.
In a number of countries where Vodafone do their business, the law says that mobile operators have to install direct-access wires and if they don’t, the law are allowed to install them.
It seems that this wouldn’t be legal in the UK (as spies need warrants), however, the law does “allow indiscriminate collection of information on an unidentified number of targets”.
The marvellously named Stephen Deadman from Vodafone said: “We need to debate how we are balancing the needs of law enforcement with the fundamental rights and freedoms of the citizens. The ideal is we get a much more informed debate going, and we do all of that without putting our colleagues in danger.”
Vodafone are blowing the whistle on all this because they want to see an end to direct-access wires.
Uncharacteristically nice from Vodafone, right? Maybe they’re hoping all this will make everyone forget about their taxes that made everyone so angry?
Google lost their case in a European court, so now, we all have the right to be forgotten. Basically, if there’s stuff online that you think is irrelevant and you want it removed from Google’s search engine, you can now ask for that to happen.
How do you lose the pointless load? Well, Google have issued a form where you can make your ‘right to be forgotten’ requests online.
The form asks for yours details, the links to the ‘outdated information’, and asks for an explanation of why they should be removed. You’ll also have to provide a scan of your photo ID, so Google know it is you asking, rather than some fraud horsing around or impersonating you.
Google acknowledge that this system might not be perfect as this is their ‘first try’ and they will be “working with data protection authorities” to develop it in the future.
The company haven’t said how long it will take them to action your request: ”We will assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information. When evaluating your request, we will look at whether the results include outdated information about you, as well as whether there’s a public interest in the information—for example, information about financial scams, professional malpractice, criminal convictions, or public conduct of government officials.”
If you want to see the form, click here.
Personal privacy groups have long been unhappy with the internet giant and even Microsoft got in on the action, shouting “Don’t Get Scroogled by Gmail” when they were trying to convince everyone to use Outlook.
One court case against Google’s sniffing around our emails, District Judge Lucy H. Koh said that Google’s terms of service and privacy polices did not explicitly notify the plaintiffs “that Google would intercept users’ emails for the purposes of creating user profiles or providing targeted advertising.”
After that was said, Google spontaneously decided to update their terms of service, which came into play as of Monday, adding the provision that “Our automated systems analyse your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.”
Not only that, but it looks like they’ve got some more wearable tech in the pipeline which could well creep out the kind of people who think the sky is falling on their heads.
Basically, those worried about Google Glass taking photos without consent will love the news that Google now has a pending patent for a contact lens embedded with a camera. That’s Google Glass which you wouldn’t be able to see if someone was wearing it. That’s human beings, essentially walking around with a camera stuck on their eyeball. It’ll be ace of paparazzi photographers.
Google say that the development would be used or diabetics and blind people, which is a nice idea; but if Glass takes off, you can’t see a scenario where Google wouldn’t want to try and make a shedload of money from it with a general sale.
The Australian Law Reform Commission (ALRC) has put forward an approach to privacy, with regards to technology, which is technology-neutral in their definition of “surveillance device”. Basically, what the ALRC are saying is that things like Google Glass are able to record private conversations or activities and if you haven’t got consent, then it should be illegal.
“Offences in surveillance device laws should include an offence proscribing the surveillance or recording of private conversations or activities without the consent of the participants,” say the ALRC.
“This offence should apply regardless of whether the person carrying out the surveillance is a participant to the conversation or activity, and regardless of whether the monitoring or recording takes place on private property.”
Now, of course, people can film things with their mobile phones or digital cameras, but it is a little more clear if someone is filming you with a handset. With Glass, someone could film you without you necessarily knowing. And obviously, governments like to copy each other, so if this move proves popular, we could see personal privacy rules being brought in, with regards to Glass, by other countries.
There’s already been bother with a Glass wearer who went to the cinema with them on, which ended up with homeland security being called out. There’s a whole host of personal privacy issues for anyone who is online, so is Glass potentially a personal privacy minefield which Google are ignoring, or hoping no-one will notice or care?
Do you have a hotmail email account? Firstly – what is this? 1998? Secondly, you might want to know that Microsoft aren’t exactly fussed about your privacy. You see, they’ve admitted that they read the Hotmail inbox of a blogger while they were investigating a software leak.
John Frank, deputy general counsel for Microsoft, said it took “extraordinary actions in this case” and, to keep the lawyers away, the search itself was technically legal.
What happened was that Microsoft’s snooping came to light during a legal case by US prosecutors against an ex-Microsoft employee, Alex Kibalko.
Microsoft were looking into the blogger had been given stolen lines of code from Windows 8. The blogger released screenshots of the code to his blog and Microsoft wanted to find the source of the leak. And so they started looking at the emails in the blogger’s accounts, so they could find the name of the employee dishing out secrets.
This snooping is allowed within Microsoft’s terms of service, which say: ”Microsoft reserves the right to review materials posted to the Communication Services and to remove any materials in its sole discretion.”
However, people are still unhappy with that and there are more debates about privacy violations of tech companies cropping up and, in addition to that, it has to be pointed out that Microsoft have been vocally critical of Google’s scanning of users emails, leaving them looking not only like nosey-parkers, but hypocrites too.