The media recently reported that information from over 500 million Yahoo accounts was breached. According to USA Today, the information may have included “names, email addresses, telephone numbers, dates of birth, and, in some cases, encrypted or unencrypted security questions and answers.” Aside from Continue reading Account breaches and the CFAA
As many Americans have no doubt heard, probable 2016 presidential candidate Jeb Bush has publicly released a large number of e-mails from his tenure as Florida’s governor. Unfortunately, in their rush to release the e-mails, his staff neglected to redact sensitive information from his constituents such as real names, physical addresses, e-mail addresses, and Social Security numbers! According to the article, Bush’s staff is working on fixing the problem.
I’m not sure why anyone would include their Social Security numbers in an e-mail to their governor, but the incident reminds us that we may not always be the weakest link when a leak or breach occurs. This particular one may have been averted if senders had been more careful about including personal information in an e-mail to a public figure or if Bush’s staff had been more thorough, but there will be times when we have to send sensitive information or otherwise place it in the hands of another party, thus taking it out of our direct control. It is therefore not merely as individuals but as a society that we need to be more vigilant about our privacy and security.
Recently, media outlets have been reporting on privacy concerns with Samsung’s SmartTV. Much of the concern appears to be focused on the “Voice Recognition” section of their SmartTV privacy statement:
“If you enable Voice Recognition, you can interact with your Smart TV using your voice. To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you. In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.” Continue reading Privacy Concerns With Samsung’s SmartTV
Yesterday, the New York Times reported on flaws in the security and privacy of cars with wireless systems. The article was based on a report released today by the office of Ed Markey, a United States Senator for Massachusetts. The report is titled “Tracking & Hacking: Security & Privacy Gaps Put American Drivers At Risk” and, as the title implies, focuses on the following two problems:
1. Wireless technologies allow hackers to “gain access and control to the essential functions and features of those cars.”
2. Other parties can “utilize information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent.” Continue reading Modern Cars With Wireless Systems Are A Threat to Privacy And Security
There’s a new Pew report on what experts believe the future of privacy will look like. The responses range from optimistic to grim.
In this case, a predator may been caught, but the incident also indicates that your e-mail is not as private as you might like it to be. Google recently failed to have a potential class action lawsuit alleging that it wiretaps Gmail dismissed.
As Google itself has said, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties”. These words serve as a sobering reminder that whenever you place any kind of information into the hands of Gmail, webmail providers in general, or any third-party service, even for completely legal purposes, you can expect that the information may be seen by humans other than your intended recipient (or at least scanning bots). This includes apps such as Snapchat, which, as I wrote in an earlier post, Bruce Schneier does not think we can rely on to protect our privacy.
OkCupid claims that such experiments are necessary for testing out products and features. Testing and obtaining user feedback in an effort to improve a service is one matter, but outright lying is quite another. One example of the kind of experiment OkCupid ran on its users was to tell people they were good matches when in fact they weren’t, leading them to send more messages. This kind of deception bears a remarkable similarity to Facebook’s manipulation of user news feeds.
As with Facebook, OkCupid has significant clout due to Continue reading Like Facebook, OkCupid also Experiments on its Users