Category Archives: Privacy

  • -

Use privacy software if you want to be safe from Facebook, warns watchdog

Category : Privacy

Belgian Privacy Commission: “Facebook tramples on European and Belgian privacy laws.”

A Belgian watchdog has urged all Internet users to download privacy software specifically to shield themselves from Facebook’s grasp. The social network has been under fire for the ways in which it tracks user and non-user behaviour online, without consent, most recently becoming the target of a Europe-wide lawsuit headed up by activist Max Schrems.

REPORT: FACEBOOK TRACKS ALL VISITORS, EVEN IF YOU’RE NOT A USER AND OPTED OUT
In the EU, where free and informed prior consent is required, there could be an issue.
It was revealed in April that 25,000 people had already signed up to be a part of that lawsuit, which argues Facebook has been breaching EU data protection law. Individual regulators have been investigating whether or not this is the case for years, and in April Facebook confessed to tracking non-users using cookies (something for which consent must be sought if related to advertising, according to EU law). The social network blamed it on a bug.

Read more: Article ArsTechnica


  • -

iOS 8 Prevents Apple From Accessing Device Data

Apple says that the most recent version of its mobile operating system
removes the company’s ability to provide law enforcement with data from
devices running iOS 8. Encryption used in this iteration of iOS prevents
everyone expect the device’s owner from accessing data stored on the
device. Apple will still be able to turn over data stored elsewhere,
such as in iCloud. However, while Apple may not have the ability to
access those data, police could ostensibly retrieve the data from locked
devices.

Article: Washingtonpost


  • -

Android-app wist telefoon bij binnenkomst GEOFENCE

Category : CyberSecurity , Privacy

WhisperSystems ontwikkelde verschillende privacy-apps voor Android, zoals RedPhone voor versleuteld bellen en TextSecure voor versleutelde sms-berichten.

Zones is in principe een ‘find my phone’ app om verloren of gestolen toestellen mee terug te vinden. Het biedt echter een aantal opties gebaseerd op de locatie van de telefoon. Deze nieuwe Android-app moet voorkomen dat politie toegang krijgt tot gebruikersgegevens door automatisch alle content te wissen zodra een toestel zich in een vooraf opgegeven plaats / geofence bevindt.

Gebruikers kunnen op een kaart een aantal ‘zones’ aangeven en daar bepaald gedrag aan koppelen. Zo kan er een alarm afgaan als de telefoon buiten een bepaald gebied komt, of is het mogelijk om die te vergrendelen of juist te ontgrendelen.

Om gegevens op een verloren of gestolen toestel te beschermen is het mogelijk om de geschiedenis van alle telefoongesprekken en het adresboek te verwijderen als het toestel buiten een bepaald gebied komt. Voor gebruikers die helemaal geen persoonlijke data op het toestel willen achterlaten kan er een ‘factory reset’ worden uitgevoerd.

Hierbij worden alle gebruikersgegevens en applicaties gewist. De onderzoekers merken op om bijvoorbeeld zones rond politiebureaus te tekenen en in te stellen dat er een factory reset plaatsvindt zodra het toestel binnen een bepaalde zone binnenkomt.

Article: GitHub


  • -

openSUSE Forum 79,500 users’ data compromised.

The openSUSE Forum 79,500 users’ data compromised. Hacker shared the database sample. After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker ‘H4x0r HuSsY’ has successfully compromised the official Forum of ‘openSUSE’, a Linux distro developed, sponsored & supported by SUSE.

Another interesting fact is that openSUSE is still using vBulletin 4.2.1, which is vulnerable to inject rogue administrator accounts flaw. Whereas, the latest patched vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vulnerability to access the website’s administrative panel.

Read more: http://thehackernews.com/2014/01/openSUSE-Forum-Hacked-by-Pakistani-hacker.html#

Innovice-IT is worried about the levels of Data Protection as implemented within companies. Every day businesses, public authorities and individuals transfer vast amounts of personal data across borders. Conflicting data protection rules in different countries would disrupt international exchanges. Individuals might also be unwilling to transfer personal data abroad if they were uncertain about the level of protection in other countries.

We are able to help you with experienced Data Protection officers, or help your officers with advanced training.

 


  • -

Nederlandse smart tv maker schendt privacyregels

Category : Privacy

Veel tv-kijkers weten door gebrek aan informatie vaak niet dat TP Vision gegevens verzamelt over hun online kijkgedrag, aldus het CBP. TP Vision heeft inmiddels actie ondernomen naar aanleiding van het onderzoek, maar volgens het CBP nog niet voldoende. Donderdag meldde het CBP dat het bedrijf tv-kijkers onvoldoende informatie geeft over wat er met hun persoonsgegevens gebeurt die via de smart tv bekend zijn. TP Vision maakt tv’s die onder de merknaam Philips worden verkocht. Een smart tv is een tv die je kunt verbinden met internet, waardoor je onder meer online programma’s kunt terugkijken en films kunt huren.


  • -

Appeals Court Says No Warrant Required for Accessing Cell Phone Location Data

The US Fifth Circuit Court of Appeals in New Orleans, Louisiana, has
ruled that law enforcement agents do not require warrants to track
suspects’ locations through cell phone records. The ruling overturns an
order from a federal judge in Texas. The new ruling indicates that cell
phone records are the property of the carrier and are therefore not
subject to reasonable expectation of privacy under the Fourth Amendment.
Instead, the information is considered a business record. A court order
is still required to search the records, but the requirements for
obtaining a court order are less stringent than those for obtaining a
search warrant. The Louisiana court cited the Stored Communications Act
in support of its ruling.

Article: news.cnet.com

Article: arstechnica.com


  • 1

Dutch Socialist party is worried about personal data use by the government and telecom providers

This week, the Dutch Socialist Party (SP) asked parliamentary questions about several personal data issues in the Dutch Parliament.

First, the SP is worried about the news that Dutch telecom and internet providers are required to pass personal data of customers, such as names, addresses, telephone numbers and e-mail addresses, to the Dutch Department of Justice. According to an article in Dutch newspaper De Volkskrant, the government consults this data 2,3 million times a year. The SP asks whether this news is correct and if so, who has access to the information and if there is any independent supervision on the use of the information.

Second, the SP and the Labour Party ask questions about the storage of data by Dutch telecom providers. Providers are allowed to follow the use of websites and apps within the framework of network management. However, earlier this month, it became known that several providers stored non-anonymous data about the use of websites and apps.  The parties want to know for which purpose this data is collected and stored and whether the data is used for commercial purposes.

Third, the SP reacts on an article about the privacy risks of online searching for certain diseases as cancer, depression or herpes. According to a study of the University of South California, there is a privacy risk when this search information leaks to third parties, for example via trackers on websites or computers. This was the case for 7 of the 20 investigated websites. The SP asks whether these things also happen in The Netherlands and if so, what measures can be taken to prevent this.

Source: Officiële Bekendmakingen 1, 2, 3.


  • -

General Alexander’s Focus on Large Scale Data Collection

National Security Agency (NSA) chief General Keith Alexander has had
success with collecting huge amounts of data and scouring them for
information to solve problems. In an effort to stop attacks harming US
troops in Iraq in 2005, Alexander ordered the collection of Iraqi text
messages, phone calls, and email communication. The program, which was
called the Real Time Regional Gateway, significantly reduced the number
of deaths within three years. A former senior US intelligence official
described Alexander’s approach like this: “Rather than look for a single
needle in the haystack, his approach was, ‘Let’s collect the whole
haystack.'” Alexander became head of the Pentagon’s US Cyber Command in
2010 while remaining in his position at NSA.

Article: washingtonpost.com


  • -

US Justice Department Revises Policies on News Media Data Seizure

Revised guidelines from the US Department of Justice limit the
government’s access to journalists’ records except in cases in which the
journalist is the subject of a criminal investigation. Ideally,
journalists are protected by the First Amendment regarding freedom of
the press and the Fourth Amendment regarding unreasonable search and
seizure, as well as the privacy Protection Act and other laws. The need
for a revised and clarified policy became evident when the government
launched an inquiry that characterized a journalist as a spy,
criminalizing his efforts to obtain information from a source; and when
the government obtained phone records for AP journalists.

Article: information week.com

Article: Justice.gov


  • 3

British border police can seize data of phones without reasonable suspicion

Visitors of the UK should not be surprised if their phones are taken away at the British borders.

British counter-terrorism laws allow police officers to seize mobile devices of any passenger coming through the UK either by aeroplane, boat or railway. Officers are allowed to collect data from the device, including call history, contact books, photo’s and information regarding texting and e-mailing, but not the content of the texts and e-mails. The information can be retained ‘for as long as necessary’.

Although these powers can be very useful in the fight against terrorism, the seemingly missing limits make undesirable situations very real; officers could seize the device of every tourist coming into the UK without needing reasonable suspicion. Although many citizens would not mind giving up a piece of their privacy for national security reasons, the current situation does not provide any warranties for citizens that these powers will not be abused.

This broad blanket power is thus worrisome. Independent reviewer of terrorism laws David Anderson QC is expected to raise concerns over these powers in his annual report this week. Proper checks and balances to ensure the powers are used in a proper way are currently missing.

Source: Telegraph


Search

Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20 percent from 1.5 million in 2015, accordin…

  2. Bas Eikelenboom

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @RidT: A few observations on today's "online escalation" New York Times story. I see lots of people making assumptions and jumping to co…

  4. Bas Eikelenboom
    Bas Eikelenboom: RT @bellingcat: Bellingcat's @Timmi_Allen put together the following video demonstrating how various images of the Kokuka Courageous match…

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: AI and 5G will create an explosion in cybersecurity risks, says FBI agent and general counsel at $50 billion firm https…

Archive

Categories