What Do They Have on You?

A secretive consumer surveillance company is unveiling a new website that will let people see just what information has been collected on them.  What do they have on you?  From the New York Times:
Acxiom, one of the most secretive and prolific collectors of consumer information, is embarking on a novel public relations strategy: openness. On Wednesday, it plans to unveil a free Web site where United States consumers can view some of the information the company has collected about them, just as Mr. Howe did.

The data on the site, called AbouttheData.com, includes biographical facts, like education level, marital status and number of children in a household; homeownership status, including mortgage amount and property size; vehicle details, like the make, model and year; and economic data, like whether a household member is an active investor with a portfolio greater than $150,000. Also available will be the consumer’s recent purchase categories, like plus-size clothing or sports products; and household interests like golf, dogs, text-messaging, cholesterol-related products or charities.
It is quite a clever campaign since, in order to find out what information they have on you, you have to give them all your information.
Posted by on No comments:
Labels:

A Closer Look at the Syrian Electronic Army

From Krebs on Security:
A hacking group calling itself the Syrian Electronic Army (SEA) has been getting an unusual amount of press lately, most recently after hijacking the Web sites of The New York Times and The Washington Post, among others. But surprisingly little light has been shed on the individuals behind these headline-grabbing attacks. Beginning today, I’ll be taking a closer look at this organization, starting with one of the group’s core architects.

Earlier this year I reported that — in apparent observation of international trade sanctions against Syria – Network Solutions LLC. and its parent firm Web.com had seized hundreds of domains belonging to various Syrian entities. Among the domains caught in that action were several sites belonging to the SEA . . .
Posted by on No comments:
Labels:

Big Business and Big Government Working Together to Erode the Fourth Amendment

The war on drugs and the war on terror are in fact nothing more than a war on the Bill of Rights and the constitution of the United States.  From the New York Times:
For at least six years, law enforcement officials working on a counternarcotics program have had routine access, using subpoenas, to an enormous AT&T database that contains the records of decades of Americans’ phone calls — parallel to but covering a far longer time than the National Security Agency’s hotly disputed collection of phone call logs.

The Hemisphere Project, a partnership between federal and local drug officials and AT&T that has not previously been reported, involves an extremely close association between the government and the telecommunications giant. 

The government pays AT&T to place its employees in drug-fighting units around the country. Those employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987.
Posted by on No comments:
Labels:

Homeland Security Is Going to Get in Your Face

If you thought Homeland Security checkpoints were intrusive, just wait until they start getting in your face.  An oped in the New York Times:
the Department of Homeland Security is making considerable progress on a computerized tool called the Biometric Optical Surveillance System. The system, if completed, will use video cameras to scan people in public (or will be fed images of people from other sources) and then identify individuals by their faces, presumably by cross-referencing databases of driver’s license photos, mug shots or other facial images cataloged by name . . .

At the moment, there is little to no regulation or legal oversight of technologies like the Biometric Optical Surveillance System. We need to implement safeguards to protect our civil liberties — in particular, our expectation of some degree of anonymity in public.
The Department of Homeland Security is not the only agency developing facial-surveillance capacities. The Federal Bureau of Investigation has spent more than $1 billion on its Next Generation Identification program, which includes facial-recognition technology. This technology is expected to be deployed as early as next year and to contain at least 12 million searchable photos.
Posted by on No comments:
Labels: ,

Facebook: "All Your Data Are Belong to Us"

Just in case there was any doubt, Facebook pwns your data.  From the WSJ:
Goaded by a court decision, Facebook just wants to make it clear: they really can use everything they know about you – including your face.
The company announced Thursday that it was updating its privacy policies to clarify how the personal information of its more than 1 billion users gets collected and used by advertisers. In a blog post, Chief Privacy Officer Erin Egan outlined section-by-section changes to two legal documents, the Data Use Policy and the Statement of Rights and Responsibilities.
“As part of this proposed update,” Egan says, “we revised our explanation of how things like your name, profile picture and content may be used in connection with ads or commercial content to make it clear that you are granting Facebook permission for this use when you use our services.”
Posted by on No comments:
Labels: ,

The Data Security Defense Race

Are we in for a defense and arms race between tech firms or groups dedicated to user privacy and government or corporate entities that seek to undermine that privacy?  From Wired:
Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. . . .

In fact, advancements in the usability of cryptographic protocols have made anti-surveillance features relatively simple for technology companies to bake into their communications products. And public demand for greater security and privacy in the wake of Edward Snowden’s revelations may make it virtually obligatory for them to do so before new wiretapping laws can be introduced.

This heralds a looming standoff between technology companies and government . . . 
Posted by on No comments:
Labels: , ,

Password Security: Is Bigger Better?

From Ars Technica:
For the first time, the freely available password cracker ocl-Hashcat-plus is able to tackle passcodes with as many as 55 characters. It's an improvement that comes as more and more people are relying on long passcodes and phrases to protect their website accounts and other online assets.
Until now, ocl-Hashcat-plus, the Hashcat version that can use dozens of graphics cards to simultaneously crack huge numbers of cryptographic hashes, has limited guesses to 15 or fewer characters. (oclHashcat-lite and Hashcat have supported longer passwords, but these programs frequently take much longer to work.) Released over the weekend, ocl-Hashcat-plus version 0.15 can generally accommodate passwords with lengths of 55 characters. Depending on the hash that's being targeted and the types of cracking techniques being used, the maximum can grow as high as 64 characters or as low as 24.
Posted by on No comments:
Labels:
Subscribe to: Posts (Atom)