Google

Profile Poisoning the Next Frontier for Hackers

Google and Facebook already know everything about you – your interests, friends, tastes and even your movements. That’s already a privacy nightmare, but researchers at the Georgia Institute of Technology’s Information Security Center (GTISC) think it could soon be a security nightmare, also. Automated information systems already determine what version of the news most of us see. But researchers at Georgia Tech warn that the power of such systems to shape what each of us see online could soon become a powerful tool in the hands of sophisticated attackers, who might look for ways to manipulate victims’ online profile to steer them to certain sites, according to the report “Emerging Cyber Threats Reports 2013.” Researchers at Georgia Tech said attacks that manipulate a victim’s search history, part of their online profile, using cross-site request forgery are already technically feasible. In practice, they would allow for a kind of super-search engine […]

FTC Releases Google Privacy Report – Minus The Juicy Details

Google could tell you about its privacy practices except, well….they’re private. That’s the conclusion privacy advocates are drawing after the Federal Trade Commission took a black marker to an independent audit of the company’s privacy practices before releasing it to the group EPIC in response to a Freedom of Information Act (FOIA) request. The FTC released a copy of a Price Waterhouse Coopers audit¬†(PDF) of Google that was mandated as part of a settlement with the FTC over complaints following a 2010 complaint from EPIC over privacy violations in Google Buzz, a now-defunct social networking experiment. However, the agency acceded to Google requests to redact descriptions of the search giant’s internal procedures and the design of its privacy program. “Part of that (Google Buzz) settlement requires that Google implement a ‘comprehensive privacy program,’ EPIC Consumer Protection Fellow David Jacobs wrote to Security Ledger. “Part of that settlement also requires that […]