Tag: Privacy

‘Good for the world’? Facebook emails reveal what really drives the site

The central mythos of Facebook is that what’s good for Facebook is good for the world. More sharing, more friends and more connection will “make the world more open and connected” and “bring the world closer together”, Mark Zuckerberg has argued, even as his company has been engulfed by scandal.

But confidential emails, released by the British Parliament, reveal the hardheaded business calculations that lurked beneath the feel-good image projected by Zuckerberg and Facebook. “That may be good for the world, but it’s not good for us,” Zuckerberg wrote in a 2012 email about the possibility that developers would build applications that used data about Facebook users and their friends, but not provide any data back to Facebook.

Read more about this developing story on The Guardian.

SKY Brasil Exposes 32 Million Customer Records

Data belonging to 32 million customers of SKY Brasil has been exposed online long enough to make their theft very likely, an independent security researcher discovered. Fábio Castro found that the data cache could be reached by anyone that knew where to look on the internet. Using the Shodan search engine, he was able to discover multiple servers in Brazil running Elasticsearch that made information available without authentication.

A cluster of servers called “digital-logs-prd” attracted the researcher’s attention and with a simple command, he listed the indices available, one of them 429.1GB in size. The file included personally identifiable information of SKY Brasil customers, which featured full name, email address, service login password, client IP address, payment methods, phone number, and street address.

Read more about this massive data leak on BleepingComputer.

Data about 57 million people exposed by Elasticsearch servers

A data breach involving Elasticsearch search-engine technology exposed the personal information of nearly 57 million people for at least two weeks, according to report by the cybersecurity organization Hacken.

The breach exposed 73 gigabytes of data as early as Nov. 14, Hacken said, including the names, employers, job titles, emails, addresses, phone numbers and IP addresses of 56,934,021 U.S. residents. There was a separate cache of data titled “Yellow Pages,” the report said, with 25 million records about businesses, including information such as names, company details, zip addresses, latitude/longitude, census tract, phone numbers, web addresses, emails, revenue numbers and more.

Read more about the massive data breach on CyberScoop.

European consumer groups want regulators to act against Google tracking

Consumer agencies in the Netherlands, Poland and five other European Union countries asked privacy regulators to take action against Google for allegedly tracking the movements of millions of users in breach of the bloc’s new privacy law.

Google is already facing a lawsuit in the United States for allegedly tracking phone users regardless of privacy settings. The consumer groups, which included those in the Czech Republic, Greece, Norway, Slovenia and Sweden, filed complaints with their respective national data protection authorities, based on research by their Norwegian counterpart.

Read more about the complaints that could result in astronomical fines for Google under the General Data Protection Regulation (GDPR) on Reuters.

China is exporting digital surveillance methods to other governments

The U.S. trade war with China is focused on products ranging from agricultural goods to household appliances, but the United States and other democracies should worry about a different type of Chinese export: digital authoritarianism.

China has consistently been ranked by digital advocates as the world’s worst abuser of internet freedom. The country, however, isn’t just tightening online controls at home but is becoming more brazen in exporting some of those techniques abroad including in Africa, says a new report from the U.S.-based think tank Freedom House.

Read more about the new Freedom House report on E Hacking News.

Why We Should Fear China’s Emerging High-Tech Surveillance State

Earlier this month, when Nikki Hayley, the US Ambassador to the UN, described China’s subjugation of Xinjiang’s Uighurs as being “straight out of George Orwell”, she pretty much nailed it. Xinjiang is a state surveillance laboratory, with unconstrained deployments of early-stage, commercial technologies being used to suppress an ethnic minority.

Upwards of a million people forced into re-education camps. Police checkpoints. Facial, iris and license plate recognition. Geofenced travel restrictions. Biometric registration. GPS tagging. Blanket video surveillance. And, of course, mandatory communications monitoring. This is the reality of a high-tech surveillance state.

Read why Forbes’ Zak Doffman believes that China has opened AI’s Pandora’s Box in Xinjiang, and why we should fear the developments there, on Forbes.

Facebook May Buy A Cybersecurity Company To Prevent Another Major Hack

Just weeks ago Facebook revealed a massive security flaw on its website. That flaw allowed hackers to compromise tens of millions of accounts. Ever since the hack went down Facebook has been scrambling to shore up its defenses.

Now it looks as though the company has come up with a solution. According to a report from The Information, Facebook is currently talking to several major cybersecurity firms about an acquisition. By the sound of things, Facebook is hoping that talks progress quickly. Sources familiar with company plans say that Facebook wants to close the deal by the end of this year.

Read more about this story on Forbes.

Nearly Half of Americans Willing to Give Brands a Pass for a Data Breach

New data shows that the U.S. public is surprisingly forgiving despite data breaches and controversies as long as companies demonstrate good faith.

Consumer Attitudes Toward Data Privacy and Security Survey by Janrain also found that 42 percent of U.S. consumers surveyed report at least being open to forgiving the brand, while 7% refuse to forgive brands for allowing bad actors access to their personal data. Fourteen percent have lost all faith in an organization’s ability to protect their data.

Read more about the findings of the new survey on Security Magazine.

Health websites routinely share your activity with 57 third-parties

B9 Systems conducted research into the use of cookies by health websites and discovered that all the major players share your private information with, on average, 57 other websites. These include advertising & marketing websites, social media outlets and resellers.

Further research indicated that in a survey of 100 internet users, 89% had used a medical website to help self-diagnose an ailment at some point, yet only 42% understood that the activity they conducted was then shared with other third-party companies. This means 58% of the users surveyed had no idea that their information was being passed onto companies after they had clicked ‘Accept’ on the site’s cookies policy.

Read more about the findings of the new research on Help Net Security.

Web inventor Berners-Lee creates a new privacy first way of dealing with the internet

When Sir Tim Berners-Lee invented the web, he made it easy for everyone to use it and share information. Fast forward 28-years, and your personal information is controlled largely by major companies. Enough already. Berners-Lee wants to put our data back in our hands.

Berners-Lee wants to do this with a new open-source project: Solid. He’s not the first. People are sick of having their personal data locked in the hands of giant corporations. Berners-Lee who “was devastated” by recent privacy abuses, decided enough was enough.

Read more about how the creator of the web wants to save it now, on ZDNet.