Loss of Privacy

Keeping you informed on recent losses to privacy and civil rights worldwide.

Browsing Posts tagged Security

Power exists to be used. Some wish for cyber safety, which they will not get. Others wish for cyber order, which they will not get. Some have the eye to discern cyber policies that are “the least worst thing;” may they fill the vacuum of wishful thinking.

This is Dan Greer‘s keynote speech at Black Hat 2014. The transcript is worth reading as well.

As if it needed saying, cyber security is now a riveting concern, a top issue in many venues more important than this one. This is not to insult Black Hat; rather it is to note that every speaker, every writer, every practitioner in the field of cyber security who has wished that its topic, and us with it, were taken seriously has gotten their wish. Cyber security *is* being taken seriously, which, as you well know is not the same as being taken usefully, coherently, or lastingly. Whether we are talking about laws like the Digital Millenium Copyright Act or the Computer Fraud and Abuse Act, or the non-lawmaking but perhaps even more significant actions that the Executive agencies are undertaking, “we” and the cyber security issue have never been more at the forefront of policy. And you ain’t seen nothing yet.

Not only has cybersecurity reached the highest levels of attention, it has spread into nearly every corner. If area is the product of height and width, then the footprint of cybersecurity has surpassed the grasp of any one of us.

Greer’s speech was broken down into 10 sections: Mandatory reporting, net neutrality, source code liability, strike back, fall backs and resiliency, vulnerability finding, right to be forgotten, Internet voting, abandonment, and convergence.

Papers, Please has a nice breakdown of some of the more pertinent privacy and identification issues.

flattr this!

Some of the biggest banks — including JPMorgan Chase (JPM) — were recently hacked. The attackers used never-before-seen malware to break into the banks’ computer systems, according to someone with direct knowledge of the investigation. And the hackers got in deep enough to delete or manipulate bank records.

More at CNN.

flattr this!

Appelbaum spoke of a NSA program that allows its analysts to search through vast databases containing e-mails, IMs and the browsing histories of millions of people. Called XKeyscore, the program was designed to develop intelligence from the Internet.

Jacob Appelbaum discusses the fallacy of Americans thinking that they won’t be targeted, passive and active surveillance methods, AI and human analyst systems working together, satellite networks, deep packet inspection & injection, military contractors getting special access to surveillance programs, proprietary vs open source software, OTR messaging, hoarding exploits for self-gain.

If you are having trouble viewing the audio or video, there is a cleaned up version here.

What Appelbaum is talking about at 17:30 is the video below.

flattr this!

biggest-security-breaches-in-history-1

Source.

flattr this!

In April, Heartbleed showed us that 66 percent of the Internet was prone to attack. That meant that everybody who had ever used Facebook or made a purchase on Amazon or watched a movie on Hulu or Netflix was in the potential crosshairs of some very bad people. Which is to say, practically everyone who uses the Internet.

While the number of data breaches is increasing – 30 percent higher in 2013 than the previous year – most of them have been deemed preventable. Retailers and any other organizations that are entrusted with consumer data need to get ahead of this issue now. The bad guys do not sleep.

5-Lessons-Learned-From-Recent-Retail-Breaches

Source.

flattr this!