Britain's Information Commissioner’s Office is sounding the alarm on some of the most recent but privacy-intrusive techniques used by retailers to track their customers.
After participating in a meeting of the International Working Group on Data Protection and Telecommunications, ICO's staff decided it was time to inform users of modern-day tracking habits and also urge retailers to take the proper measures needed to safeguard user privacy. For quite some time now, it has been known that Wi-Fi signals from modern smart devices allow a third-party to track the gadgets' movements. Tracking shoppers via their smartphones is not a theory anymore.Read more
New surveillance powers given to internet companies as part of the government’s Investigatory Powers Bill could have “very dire consequences,” the chief executive of tech giant Apple has warned.
Tim Cook told the new legal obligation for companies to help security services bypass encryption would hurt “the good people,” rather than stopping those with nefarious intentions. He added that communications companies need to have secure encryption services to protect their customers. “You can just look around and see all the data breaches that are going on. These things are becoming more frequent,” Cook told the paper.Read more
Police are to get the power to view the web browsing history of everyone in the country. Home Secretary Theresa May will announce the plans when she introduces the Government's new surveillance bill in the House of Commons.
The new powers for the police will form part of the new bill. It would make it a legal requirement for communications companies to retain all the web browsing history of customers for 12 months in case the spy agencies or police need to access them. Police would be able to access specific web addresses visited by customers.Read more
We’re now over-familiar with the concept of the reality show “journey”, where someone insists that they’ve become a better person through singing, dancing or playing the didgeridoo.
In Channel 4’s ambitious new series Hunted, the journey is rather more extreme, involving panicked scrambles over country stiles and ducking down secluded backstreets. The 14 volunteer contestants are literally on the run, pursued by a dedicated team of professional trackers and hackers burrowing deep into their private lives. The six-part series is being edited right up until transmission, but early footage looks both intriguing and chaotic.Read more
The British spying agency, found to have been conducting wholesale surveillance on UK citizens, has recommended that the public make their passwords less complex.
The agency gives a range of hints to those working in IT as well as normal consumers. Those include warning people to change their default passwords, to make sure that accounts can be locked out if they’re under attack and avoid storing passwords as plain text files that can be read by anyone. The agency also warns against the problems of password overload. That is what happens when people create too many complex and unmemorable passwords.Read more
Security researchers have discovered malicious adverts on the UK version of dating site Match.com. Malwarebytes, which found the cyber-threat, said that anyone caught by the ads could fall victim to ransomware.
Malicious ads were appearing on pages of the site via an ad network that passes content to Match.com and other places, redirecting those who click on the adverts through a series of links to a site embedded with code that checks if a visitor is running outdated versions of commonly-used software. Bugs in the versions of Flash, Java, Adobe Reader and Silverlight used in browsers were all being exploited by the malicious code.Read more
Cyber-attackers have taken down the website of the National Crime Agency in apparent revenge for arrests made last week. The NCA website was temporarily down, four days after six teenagers were released on bail on suspicion of using hacking group Lizard Squad’s cyberattack tool to target websites and services.
The six suspects are accused of usinga tool that bombards websites and services with bogus traffic to attack a national newspaper, a school, gaming companies and a number of online retailers. The NCA is the latest body to fall foul of what is called a Distributed Denial of Service attack, stopping real visitors from reaching the site.Read more
The finance chief at Fortelus Capital Management LLP got an alarming phone call just as he was getting ready to leave work on a Friday. The caller said he was from Coutts, the London-based hedge fund’s bank, and warned there may have been fraudulent activity on the account.
Fortelus Chief Financial Officer Thomas Meston was reluctant, but agreed to use the bank’s smart card security system to generate codes for the caller to cancel 15 suspicious payments. When Meston logged on to the firm’s online bank account the following Monday, he saw that $1.2 million was gone. The incident shows how even the most sophisticated online security systems can fail because of human error.Read more
The Sunday Times produced what at first sight looked like a startling news story: Russia and China had gained access to the cache of top-secret documents leaked by former NSA contractor turned whistleblower Edward Snowden.
Not only that, but as a result, Britain’s overseas intelligence agency, the Secret Intelligence Service, better known as MI6, had been forced “to pull agents out of live operations in hostile countries”. These are serious allegations and, as such, the government has an obligation to respond openly. The story is based on sources including “senior officials in Downing Street, the Home Office and the security services”.Read more
British and American intelligence agencies have spied on anti-virus companies and probed their software for weaknesses, as the snoops sought to enhance their offensive surveillance techniques.
This was predictable given previous revelations around the extensive hacking capabilities at GCHQ and the NSA, but for reasons not outlined in the leaks or by the agencies themselves, notable US and UK anti-virus providers were seemingly left untouched, despite being used across the world. Older versions of F-Secure also used the Kaspersky signature database, which contained lists of blacklisted malware.Read more