jump to navigation

Of Payments, Privacy and Social Networks June 13, 2012

Posted by Heather Mark in Industry News, InfoSec & Privacy.
Tags: , , , , , ,
add a comment

By now, many of you have probably heard about the smartphone app creatively and aptly named “Girls Around Me.” For those that have not heard, it is essentially an application that aggregates the “check in” location data of women using Facebook, foursquare, and other social, location based services.  It then displays for the user the locations and names of “girls around” him (or her, I don’t think the app discriminates).  The app promises to “turn your town into a dating paradise.”  For privacy professionals, the app sparks an interesting debate.  Is privacy infringed if the person in question volunteers the information.  On one side of the argument are those that would say “no – if the user has volunteered information then privacy is not compromised by the application.”  The converse of that argument, however, is one that centers on a definition of privacy that hinges on the appropriate use of information.  If the user did not volunteer the information in an effort to join this “dating paradise” then privacy is certainly infringed.  Certainly, one can see that the application in the wrong hands has the potential for misuse.  But, what if we use the information for good, rather than evil? (more…)

Oh My!! More than 6 Million LinkedIn Passwords Stolen! June 6, 2012

Posted by Chris Mark in cybersecurity, Data Breach, Industry News.
Tags: , , , , , , ,
add a comment

Change your LinkedIn password now!  According to an article on CNN, over 6 million LinkedIn passwords were stolen by Russian hackers.  LinkedIn also confirmed in their own blog post that some of the posted passwords did match LinkedIn accounts. According to the story: “The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It’s a format that’s considered weak if added precautions aren’t taken. Roughly half of the “hashed” passwords have already been decoded and posted online in human-readable text.”  You can read more about how Hashes are cracked using Rainbow tables in the awesome post here.

“I can neither confirm nor deny”; NSA + Google = Glomar Response May 12, 2012

Posted by Chris Mark in News, Risk & Risk Management, terrorism.
Tags: , , , , , , ,
add a comment

In a story on Foxnews it is revealed that a US Federal Appeals court has turned down a request under the Freedom of Information Act that would have forced the National Security Agency to disclose what, if any, relationship it has with Google and specifically a cyberattack against Google which originated in China.  According to the story: “The Electronic Privacy Information Center, which focuses on privacy and civil liberties, sought communications between Google and the NSA, which conducts worldwide electronic surveillance and protects the U.S. government from such spying. But the NSA refused to confirm or deny whether it had any relationship with Google. The NSA argued that doing so could make U.S. government information systems vulnerable to attack.”

Now for some history- In April 1968, the Soviet Union’s K129 nuclear submarine sank.  Seeing an opportunity to get some intelligence, the US CIA’s Special Activities Division came up with a plan known as Project Azorian.  Using Howard Hughes’ company as a front, they commissioned the Hughes Glomar Explorer.  Hughes claimed the ship was designed to extract minerals from the ocean floor.  The HGE was sent to pick up the remains of the submarine and return them to the US.  When the project came to light and the US Government was asked about the project, the response was: “I can neither confirm nor deny” the existence of such a project.  Thus was born the Glomar Response or Glomar Denial…

Guest Post: “Of Payments, Privacy, and Social Networks” April 15, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy.
Tags: , , , , ,
add a comment

As I have been out of town at a charity event and had little time to blog, I am publishing a blog from the incomperable Dr. Heather Mark 😉  Please enjoy…

“By now, many of you have probably heard about the smartphone app creatively and aptly named “Girls Around Me.” For those that have not heard, it is essentially an application that aggregates the “check in” location data of women using Facebook, foursquare, and other social, location based services.  It then displays for the user the locations and names of “girls around” him (or her, I don’t think the app discriminates).  The app promises to “turn your town into a dating paradise.”  For privacy professionals, the app sparks an interesting debate.  Is privacy infringed if the person in question volunteers the information.  On one side of the argument are those that would say “no – if the user has volunteered information then privacy is not compromised by the application.”  The converse of that argument, however, is one that centers on a definition of privacy that hinges on the appropriate use of information.  If the user did not volunteer the information in an effort to join this “dating paradise” then privacy is certainly infringed.  Certainly, one can see that the application in the wrong hands has the potential for misuse.  But, what if we use the information for good, rather than evil?”  read more here! 

Ethical Relativism- Sky News Morphs into Anonymous? April 5, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy, Laws and Leglslation.
Tags: , , , , , , ,
1 comment so far

By now most are probably aware of the email hacking scandal that severely damaged Rupert Murdoch’s NewsCorp empire.  NewsCorp reporters were caught illegally accessing phone calls of the UK Royal family and hacking into email accounts of individuals.  Murdochs’ son had to resign from his position as Chairman of BSkyB which own UK’s Sky News.

According to a report on CNN this morning UK news channel Sky News said Thursday it had authorized its journalists to hack into the e-mail of individual members of the public on two occasions.  The very same people (journalists) that will scream for “freedom of speech” and “freedom of the press” and claim journalistic integrity are now violating the public’s privacy in a scramble to maintain market share and increase revenue?  (more…)

%d bloggers like this: