Your Privacy & Se...
Follow
Find
603 views | +0 today
Your Privacy & Security Online
Your daily briefing on privacy and security on the internets.
Curated by Kathy Szczesny
Your new post is loading...
Your new post is loading...
Scooped by Kathy Szczesny
Scoop.it!

How Heartbleed Bleeds Your Privacy

How Heartbleed Bleeds Your Privacy | Your Privacy & Security Online | Scoop.it
This bug matters for everyone

Just because 1Password’s technology isn’t affected by this doesn’t mean that you aren’t. Pretty much everyone is affected by this. Many of the secure connections that you use with various services, including HTTPS connections to secure sites for shopping and many other activities, may be fully readable to attackers. Of course, this includes the usernames and passwords that you use to log in to various services. It’s not just HTTPS connections, but IMAPS—how your email program, such as Mail.app or Outlook, talks to a mail server—may be vulnerable.


The heartbleed bug pretty much allows an attacker to probe a server that will end up revealing the private key. Once an attacker knows the private key, they can decrypt session keys that have been sent to the server, and thus decrypt all of the encrypted traffic that goes back and forth between the browser and the server.

Another bit of magic with public key encryption is the notion of “digital signature.” Your browser can create a mathematical challenge using the public key that only someone with knowledge of the private key can solve. This is part of how a website proves to a browser that it is what it says it is. If an attacker learns the private key of some website, then it can masquerade as that site.

 

All in all, the capture of a server’s private key is a bad thing, and that is what this bug enables.

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Flaw Found in Key Method for Protecting Data on the Internet

Flaw Found in Key Method for Protecting Data on the Internet | Your Privacy & Security Online | Scoop.it
The tiny padlock next to web addresses that promised to protect sensitive information is broken, a team of security researchers has discovered. Experts are examining how best to secure their users’ confidential data.
Kathy Szczesny's insight:

Time to change your passwords again!

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Privacy watchdog: End NSA phone program

Privacy watchdog: End NSA phone program | Your Privacy & Security Online | Scoop.it
The government’s independent privacy watchdog on Thursday recommended an end to the U.S.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

The Dangers of “Sponsored Data” | Center for Democracy & Technology

The Dangers of “Sponsored Data” | Center for Democracy & Technology | Your Privacy & Security Online | Scoop.it

AT&T this week announced a new program under which providers of online services or apps can negotiate special deals to “sponsor” data usage by AT&T mobile customers, allowing those customers to use the services or apps without it counting towards their bandwidth caps. The argument for this idea is that consumers get some relief from the feeling that the data meter is always running, and online services get a way to overcome possible consumer reluctance to make full use of data-intensive services. But if AT&T’s model were to catch on widely, it would carry serious risks to the Internet’s open and innovative nature.

Kathy Szczesny's insight:

If sponsored data arrangements become a more pervasive part of the online ecosystem, however, the risks to innovation will outweigh any potential benefit. Read why.

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Data Security Act of 2014

A Bill to protect information relating to consumers, to require notice of security breaches, and for other purposes.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

The 2014 cyber security roadmap | Information Age

The 2014 cyber security roadmap | Information Age | Your Privacy & Security Online | Scoop.it
This month, we asked a wide range of security experts and solutions vendors to consider the enterprise security issues that will define the next 12 months.
Kathy Szczesny's insight:
Cyber is the new battlefield, and the fifth element of warfare, with states already pouring a huge range of resources into both defensive and offences capabilities. ‘Within the next couple of years, we will experience an increasing number of cyber attacks resulting in militaristic and economic damage,’ says Jarno Limnell, director of cyber security at McAfee Group security vendor Stonesoft. - See more at: http://www.information-age.com/technology/security/123457584/the-2014-cyber-security-roadmap#sthash.MECS7cOL.LApXfYvI.dpuf
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Big Data, meet Big Privacy

Big Data, meet Big Privacy | Your Privacy & Security Online | Scoop.it
Consumers react to personalized communications
Kathy Szczesny's insight:

Deep down, we want to share things with people who are like us. All this means we need visibility on common interests. But if a brand’s connections with us are utterly personal, not only does it undermine our privacy, it undermines our desire and ability to share (and, by extension, gain recognition).


To live up to its promise, then, personalized marketing will have to appeal to the crowd. Otherwise, Big Data could quickly take us somewhere we don’t really want to go.

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Alessandro Acquisti: Why privacy matters

The line between public and private has blurred in the past decade, both online and in real life, and Alessandro Acquisti is here to explain what this means ...
Kathy Szczesny's insight:

"Any personal information can become sensitive information." e.g. Facial Recognition + Facebook = SSN. Creepy!

more...
No comment yet.
Rescooped by Kathy Szczesny from Online Privacy
Scoop.it!

Cybercriminal Underground

Cybercriminal Underground | Your Privacy & Security Online | Scoop.it

Your online activities make you a cybercriminal
target. Invest in security solutions that keep your mobile and online
activities safe from cybercriminals. Protect yourself online with Internet Security Software: www.trendmicro.com/us/home/products/titanium/internet-security/index.html


Via Trend Micro
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Real damage of cybercrime may be counted in job losses, not dollars, says CSIS report

Real damage of cybercrime may be counted in job losses, not dollars, says CSIS report | Your Privacy & Security Online | Scoop.it
Real damage of cybercrime may be counted in job losses, not dollars, says CSIS report (Real damage of #cybercrime may be counted in job losses, not dollars http://t.co/zoKixWWxjr @CSIS #jobs)...
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Kill the Password: Why a String of Characters Can't Protect Us Anymore | Gadget Lab | Wired.com

Kill the Password: Why a String of Characters Can't Protect Us Anymore | Gadget Lab | Wired.com | Your Privacy & Security Online | Scoop.it
You have a secret that can ruin your life. It’s not a well-kept secret, either. Just a simple string of characters—maybe six of them if you’re careless, 16 if you’re cautious—that can reveal everything about you.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Why passwords have never been weaker—and crackers have never been stronger

Why passwords have never been weaker—and crackers have never been stronger | Your Privacy & Security Online | Scoop.it
Thanks to real-world data, the keys to your digital kingdom are under assault.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Tampering with a car’s brakes and speed by hacking its computers: A new how-to

Tampering with a car’s brakes and speed by hacking its computers: A new how-to | Your Privacy & Security Online | Scoop.it
The "Internet of automobiles" may hold promise, but it comes with risks, too.
Kathy Szczesny's insight:

.


Later this week at the Defcon hacker conference, researchers plan to demonstrate an arsenal of attacks. Among the attacks: suddenly engaging the brakes of the Prius, yanking its steering wheel, or causing it to accelerate. On the Escape, they can disable the brakes when the SUV is driving slowly. With an $80,000 grant from the DARPA Cyber Fast Track program, they have documented the cars' inner workings and included all the code needed to make the attacks work in the hopes of coming up with new ways to make vehicles that are more resistant to hacking.

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Heartbleed Bug

Heartbleed Bug | Your Privacy & Security Online | Scoop.it
Kathy Szczesny's insight:

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

 

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

 

“So I need to change all my login passwords, right?”Your 1Password data remains safe, as does your 1Password Master Password. But whether or not you use 1Password to log into an affected site or service, your username and password, along with everything else that happens over that supposedly encrypted connection, may be exposed to attackers.
You will, at some point, need to change a lot of passwords. But don’t rush to do that just yet. Not every server is affected, and those that are need to fix things at their end before you change your password. If you change your password before the servers fix things, then your new password will also be vulnerable to capture.
All that most of us can do is wait at this point. Presumably, various service providers will announce over the next few days when and whether users should change passwords or be aware that other confidential information may have been exposed.

 

 

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Another Google Privacy Flaw - Calendar Unexpectedly Leaks Private Information (Disclosed)

Another Google Privacy Flaw - Calendar Unexpectedly Leaks Private Information (Disclosed) | Your Privacy & Security Online | Scoop.it
A Web developer named Terence Eden wrote a blog post on how his wife found a peculiar quirk in Google Calendar. Eden's wife Alice created a private reminder for herself on Google Calendar about asking for a raise. After the private event was created, Alice's boss sent her an email saying "Meeting Accepted."

Read more: http://www.businessinsider.com/google-calendar-automatic-invites-2014-1#ixzz2rFGbIKrx
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Court Strikes Down Open Internet Rules: What Now? | Center for Democracy & Technology

Court Strikes Down Open Internet Rules: What Now? | Center for Democracy & Technology | Your Privacy & Security Online | Scoop.it

A federal appeals court sent the FCC back to the drawing board on Internet neutrality today,striking down the agency’s Open Internet Rules. The decision is a real loss for US Internet users; the rules offered an important safeguard for keeping the Internet the remarkable engine for free expression, creativity, and innovation that it is. The upside, though, is that the decision also suggests that the thing really tying the FCC’s hands in this area is neither the Communications Act nor the Constitution, but rather the FCC’s own prior decisions regarding how to classify Internet access service. Far from putting Internet access services and Internet neutrality entirely outside the FCC’s purview, the decision effectively puts the ball back in the FCC’s court.

more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Vietnam's 'Cyber Troops' Take Fight to US, France | The Lao Times - Lao Human Rights News, Asian News and Multimedia

Vietnam's 'Cyber Troops' Take Fight to US, France | The Lao Times - Lao Human Rights News, Asian News and Multimedia | Your Privacy & Security Online | Scoop.it
Working on her blog in California one day, Vietnamese democracy activist Ngoc Thu sensed something was wrong. It took a moment for a keystroke to register. Cut-and-paste wasn't working. She had "a feeling that somebody was there" inside her computer.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Cyber Security In America - Volkalize - people power discussion

Cyber Security In America - Volkalize - people power discussion | Your Privacy & Security Online | Scoop.it
Cyber Security In America » http://t.co/xJvj1LFdpd
Kathy Szczesny's insight:
“[G]iven the literally incomprehensible complexity of today’s systems, there is a never-ending stream of previously unknown vulnerabilities that cyber attackers are just as well-qualified-and in some instances better qualified than cyberdefenders-to find.” Lawmakers will continue to debate whether Congress should strengthen existing laws or reform the system to lessen penalties for hacking. In either case, the prosecution of cybercriminals and hacktivists in the United States will likely continue to be controversial.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Lack of stronger cyber security may cost world economy $3 trillion: Report

Lack of stronger cyber security may cost world economy $3 trillion: Report | Your Privacy & Security Online | Scoop.it
Failure to boost cyber security could cost the world economy a staggering $3 trillion as new regulations and approaches to deal with destructive attacks would stifle innovation, says a report. With...
Kathy Szczesny's insight:
Developing resilience to cyber risks in the economic and social systems is not a question of simply building walls for security. “There are trade-offs to be made with other goals we wish to value, such as privacy, growth, innovation, and the free flow of goods and data. But to make good decisions, we need better data,” he said. There needs to be a fundamental change in the way we protect ourselves from cyber attacks, the report said.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Juan Enriquez: Your online life, permanent as a tattoo

What if Andy Warhol had it wrong, and instead of being famous for 15 minutes, we're only anonymous for that long? In this short talk, Juan Enriquez looks at the surprisingly permanent effects of digital sharing on our personal privacy.

more...
No comment yet.
Rescooped by Kathy Szczesny from Online Privacy
Scoop.it!

Are You Safe Online?

Are You Safe Online? | Your Privacy & Security Online | Scoop.it

As more people engage in various online activities, threats become more prevalent and sophisticated. Protect yourself with Internet Security Software: http://www.trendmicro.com/us/home/products/titanium/internet-security/index.html


Via Trend Micro
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Tips for Protecting your Online Data

Tips for Protecting your Online Data | Your Privacy & Security Online | Scoop.it
Last Monday, I received a message from PayPal confirming that a payment from my account had successfully been transacted.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Students “spoof” GPS system to gain control of a yacht

Students “spoof” GPS system to gain control of a yacht | Your Privacy & Security Online | Scoop.it
Yacht owners beware! A group of University of Texas students gained control of the navigation system on an $80 million yacht in the Medittereanean Sea.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

How elite security ninjas choose and safeguard their passwords

How elite security ninjas choose and safeguard their passwords | Your Privacy & Security Online | Scoop.it
There are many ways to manage your digital keys. Here's how five experts do it.
more...
No comment yet.
Scooped by Kathy Szczesny
Scoop.it!

Looking back: the five most important security stories of 2012

Looking back: the five most important security stories of 2012 | Your Privacy & Security Online | Scoop.it
Flame, everyday devices, Mac malware, passwords, and crypto.
Kathy Szczesny's insight:

attacks on entirely new classes of devices or victims, or in the case of passwords and cryptography, the culmination of new exploit techniques quickly eroding the protection we once took for granted.

 
more...
No comment yet.