Transport for London plans to make £322m by collecting Tube users' location data and potentially selling it to third parties. At the end of 2016, TfL ran a pilot which tracked the Wi-Fi signals from 5.6 million phones as people moved around the London Underground, even if they weren't connected to a Wi-Fi network.
TfL publicly stated that the purpose of the scheme was to use the aggregated, anonymised data "to better understand how people navigate the London Underground network, allowing TfL to improve the experience for customers". It is now in consultation about tracking passengers on a permanent basis.Read more
UK home secretary Amber Rudd has called on messaging apps like WhatsApp to ditch end-to-end encryption, arguing that it aids terrorists.
Writing in The Telegraph on Tuesday, the Conservative minister said that "real people" don't need the feature and that tech companies should do more to help the authorities deal with security threats. But activists have reacted with concern to her remarks, blasting them as "dangerous and misleading." Strong end-to-end encryption involves encoding messages or data so it cannot be read by anyone other than the intended recipient — including the company whose tech encrypts it, or law enforcement with a warrant.Read more
The British government issued new guidelines on Sunday requiring manufacturers of internet-connected vehicles to put in place tougher cyber protections to ensure they are better shielded against hackers.
The government said it was concerned that smart vehicles, which allow drivers to do things such as access maps and travel information, could be targeted by hackers to access personal data, steal cars that use keyless entry systems, or take control of technology for malicious reasons. The new guidelines will also ensure that engineers seek to design out cyber security threats as they develop new vehicles, the government said.Read more
The government digital service is to make users of its data.gov.uk website change their passwords, following a security breach. It said a database of usernames and email addresses had been discovered on a publicly accessible system during a routine security review.
The data.gov.uk site lets registered users browse information published by a variety of government departments. The GDS has informed the information commissioner of the leak. A GDS spokeswoman told that the breach had affected only data.gov.uk accounts, and people with separate accounts for other government websites were not affected.Read more
Parliament has been hit by a cyber attack, officials at Westminster say. The "sustained" hack began on Friday night, prompting officials to disable remote access to the emails of MPs, peers and their staff as a safeguard.
The parliamentary authorities said hackers had mounted a "determined attack" on all user accounts "in an attempt to identify weak passwords". Government sources say it appeared the attack has been contained but it will "remain vigilant". A parliamentary spokeswoman said they were investigating the attack and liaising with the National Cyber Security Centre.Read more
Samsung, the most popular smartphone maker in the world, left millions of customers vulnerable to hackers after it let expire a domain that was used to control a stock app installed on older devices, security researchers say.
If you own an older Samsung smartphone, chances are you have a stock app designed to recommend other popular apps named S Suggest installed on it. The company says it discontinued S Suggest in 2014, and it recently let one of the domains used to control the app — ssuggest.com — expire. By letting the domain expire, Samsung effectively gave anyone willing to register it a foothold inside millions of smartphones, and the power to push malicious apps on them.Read more
The UK’s Trident submarine fleet is vulnerable to a “catastrophic” cyber-attack that could render Britain’s nuclear weapons useless. The report, Hacking UK Trident: A Growing Threat, warns that a successful cyber-attack could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads”.
The Ministry of Defence has repeatedly said the operating systems of Britain’s nuclear submarines cannot be penetrated while at sea because they are not connected to the internet at that point. But the report’s authors, the British American Security Information Council, expressed scepticism.Read more
Based on name alone, the futuristic iris-scanning feature on the Galaxy S8 sounds like it would be the most secure way to lock your phone. Hacker Jan Krissler, who goes by the name Starbug, shows in a recent video that, despite the impressive technology in unlocking your phone with your eyes, the security system can be beaten with a relatively low-tech hack.
As the video shows, Starbug is able to take a infrared picture of a person’s face using the night mode setting on a regular point and shoot camera. Print it out on an ordinary laser printer and it fools the camera by placing a contact lens over the image to give it the appearance of an actual human eye.Read more
Cyberattacks against businesses operating in the UK are more prevalent than ever yet many customers may never become aware about major hacking incidents as the majority of firms are not required by law to report breaches to public bodies.
Survey results released by DCMS stated that "nearly half" of UK firms sampled had identified a "breach or attack" in the last year. It was carried out by Ipsos Mori and included 1,523 UK-based businesses in total. "While breaches do not always result in a material outcome, such as loss of data or network access, in cases where this does happen, it has a significant impact on the organisation," it warned.Read more
The tech industry has a bad case of four-wheel fever, and it looks like there's no cure in sight. Before too long, it will be impossible to buy a new car without an embedded LTE modem—ostensibly there for our convenience, but with the side effect of creating a new revenue stream from monetized data.
And then there's the self-driving car gold rush. Anyone who's anyone in the tech or automotive worlds is working on an autonomous vehicle, a list that now includes Samsung. The company has been granted permission by the South Korean government to begin testing an autonomous vehicle on public roads.Read more