Capping a week of incompetence, failures, and general shady behavior in responding to its massive data breach, Equifax has confirmed that attackers entered its system in mid-May through a web application vulnerability that had a patch available in March. In other words, the credit-reporting giant had more than two months to take precautions that would have defended the personal data of 143 million people from being exposed. It didn’t.
The privacy-minded search engine DuckDuckGo announced this week that it has reached a milestone. The Google alternative now serves over 10 million searches per day.
Nadim Kobeissi wants to bulldoze that steep learning curve. At the HOPE hacker conference in New York later this month he’ll release a beta version of an all-purpose file encryption program called miniLock, a free and open-source browser plugin designed to let even Luddites encrypt and decrypt files with practically uncrackable cryptographic protection in seconds.
A Chinese state agency that threatened retaliation after the United States obtained indictments of five People’s Liberation Army officers on charges of cyberespionage announced plans on Thursday for tighter checks on Internet technology companies that do business in China.
Don’t ask for your privacy. Take it back…
In a closed-door meeting Tuesday, American tech firms lambasted the White House and its continued endorsement of the National Security Agency’s mass surveillance programs.
There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!
A documentary about what you’re really agreeing to when you click “I accept”.
CISPA, the controversial cybersecurity bill passed by the House last week, appears to be dead in the Senate. It’s deja vu all over again for the measure, which would authorize private companies to share your email, texts and other personal information with federal agencies without a warrant or other privacy protections. Last year, CISPA also cleared the House but foundered in the Senate.
Cory Doctorow on the “privacy bargain”, the war on computer freedom, and his dreams of a ‘techno-utopia. Are you being tricked into giving up your privacy? In an age of social networking, when people everywhere are sharing personal information in exchange for free services, are we over-looking the value of our personal data?
Dubbed a “privacy killer” by online activists, love it or hate it, the cyber-security CISPA bill will likely be brought into law—whether it’s from the reintroduction of the bill by the U.S. House Intelligence Committee, or President Obama issuing (yet another) executive order.