Post Tagged with: "social networking"

Analysis Finds Blurry Lines Between Rovio, Advertisers

March 28, 2014 15:520 comments
Analysis Finds Blurry Lines Between Rovio, Advertisers

Rovio, the maker of the massively popular Angry Birds, makes no secret about collecting personal data from those who download and play its games. But an analysis from the advanced threat detection firm FireEye is helping to expose the extend of data harvesting, and also to sketch out the blurry line that separates Rovio and third-party advertising networks it contracts with. In a blog post on Thursday, FireEye analysts Jimmy Suo and Tao Wei described the findings of an investigation into the interaction between Rovio’s mobile applications, including the latest version of Angry Birds, and third party ad networks such as Jumptap and Millenial Media. Using FireEye’s Mobile Threat Prevention (MTP), the two gathered and analyzed network packet capture (PCap) information and analyzed the workings of Angry Birds and its communications with third-party ad networks. The two were able to reveal a multi-stage information sharing operation, tracking code paths from the reverse-engineered […]

Read more ›

Mobile Metadata, Google Dorking Expose Your Secret Life

March 13, 2014 12:230 comments
Mobile Metadata, Google Dorking Expose Your Secret Life

A study of more than 500 mobile phone owners by researchers at Stanford University suggests that call records and other “metadata” stored on our phones can easily be used to infer a wealth of sensitive information about phone owners – laying bare details of private lives that many would prefer to keep hidden. The findings of the study were outlined in a blog post by researcher Patrick Mutchler on Wednesday. Researchers concluded that the data collected from the phones was very accurate in painting a picture of the phone’s owner, including their work, social interests and medical conditions. That was true even across a small sample population monitored for just a few weeks. In the study, researchers placed an application, MetaPhone, on Android smartphones belonging to 546 participants and collected a wide range of information including device logs, social network information and call records for analysis. In all, researchers collected calls […]

Read more ›

Facebook Joins In Tech Industry Demands For Surveillance Reform

February 12, 2014 11:26Comments Off
Facebook Joins In Tech Industry Demands For Surveillance Reform

Facebook on Tuesday reiterated calls for reform of laws pertaining to government surveillance practices in the U.S. and elsewhere. The company, in a blog post, urged governments to stop bulk collection of data and enact reforms to limit governments’ authority to collect users information to pertain to “individual users” for “lawful purposes.” The company also called for more oversight of national intelligence agencies such as the US National Security Agency, and more transparency about government requests for data. The blog post was authored by Facebook general counsel Colin Stretch. Facebook reiterated its calls for surveillance reform in recognition of “The Day We Fight Back,” a grass roots effort to use Tuesday, February 11th as a day to rally support for more civil liberties protections.   [Read more Security Ledger coverage of Facebook here.] The date is the one year anniversary of the suicide of Internet activist Aaron Swartz. Leading online […]

Read more ›

Can Google Hold Back Facial Recognition For Glass?

February 4, 2014 11:18Comments Off
Can Google Hold Back Facial Recognition For Glass?

The New Yorker blog has an interesting, short piece by Betsy Morais on the challenges posed by facial recognition and wearable technology that’s worth reading. The post, “Through a Face Scanner, Darkly” picks up on recent reports about a proliferation of facial recognition applications for the Google Glass platform, addressing the ethical implications of the intersection of wearable technology with powerful sensors and analytics capabilities, including facial recognition. Specifically, Morais zeros in on an app called NameTag that adds a face scanner to the Glass. “Snap a photo of a passerby, then wait a minute as the image is sent up to the company’s database and a match is hunted down. The results load in front of your left eye, a selection of personal details that might include someone’s name, occupation, Facebook and/or Twitter profile, and, conveniently, whether there’s a corresponding entry in the national sex-offender registry,” Morais writes. NameTag’s focus […]

Read more ›

Two Million Passwords Stolen From Facebook, Twitter, ADP

December 4, 2013 11:481 comment
Passwords belonging to users of Facebook, Google, Yahoo and Twitter were stolen by the Pony botnet.

The passwords to access more than two million online accounts have been recovered from a server that is part of the command and control network for the Pony botnet, a large and active network of infected computers, according to a blog post from the security firm Trustwave. The company said that it found a cache of approximately two million compromised accounts, most from popular online services such as Facebook, Yahoo, Google and Twitter. More concerning: the cache also contained tens of thousands of credentials for FTP (File Transfer Protocol) servers, remote desktop and secure shell (SSH) accounts, and a site belonging to ADP, the payments processing firm. Facebook accounts made up the lion’s share of the haul, with 318,121 user credentials discovered – 57% of the total. Yahoo was the next biggest victim, with 59,549, almost 11% of the total. Leading Russian social networking sites vk.com and odnoklassniki.ru were also in […]

Read more ›

Supply Chain Transparency Doesn’t Extend To Security

November 12, 2013 09:54Comments Off
Supply Chain Transparency Doesn’t Extend To Security

We live in an ever-more unstable world in which massive disruptions, whether natural or man-made, are a frequent occurrence. Companies that make everything from aircraft to mobile phones to cappuccino need to be nimble – sidestepping global calamities that might idle assembly lines or leave customers without their morning cup of coffee.  As in other areas, the benefits of technology advancements like cheap, cloud based computing, remote sensors and mobility are transforming the way that companies manage their vast, global network of suppliers. These days, supply chain transparency is all the rage – allowing companies to share information seamlessly and in realtime with their downstream business partners and suppliers. Firms like the start-ups Sourcemap, and LlamaSoft are offering “supply chain visualization” technology that leverages a familiar formula these days: mobility, social networking, crowd-sourced intelligence, and “Big Data” analytics. [There's more to read about supply chain security on The Security Ledger.]  However, as […]

Read more ›

Gartner: Traditional IT Security Dead By End of Decade?

October 28, 2013 12:46Comments Off
Will this decade see the end of IT security as we know it? Gartner thinks so.

The analyst firm Gartner Inc. prides itself on its ability to identify emerging technology trends and talking up what’s next before it has even happened. The firm’s Hype Cycle maps the familiar path from promising new technology to ‘hot technology buzz word du jour,’ and (maybe) on to useful, less buzzy technology that’s actually being used. More important: the Gartner Magic Quadrant rates  technology companies (and their products) according to a set of criteria that includes how forward-looking (or “visionary”) the company is. Given the sway Gartner’s ratings have in companies’ willingness to invest in products, it’s a foregone conclusion that companies Gartner picks to ‘do well’ end up…umm…doing well. Gartner has an interest in finding the next big thing in every market – but also of preserving as much of the status quo as possible. (All those quadrants generate some serious cash!!) So I was interested to read about […]

Read more ›

At MIT Conference, Warnings of Big Data Fundamentalism

October 9, 2013 23:04Comments Off
At MIT Conference, Warnings of Big Data Fundamentalism

A senior Microsoft researcher issued a stern warning about the negative consequences of the current mania for data harvesting saying that a kind of “fundamentalism” was emerging regarding the utility of what’s been termed “Big Data” that could easily lead to a Orwellian future of ubiquitous surveillance and diminished freedom. Speaking to an audience of around 300 technology industry luminaries at the Massachusetts Institute of Technology’s annual Emerging Technology (EMTECH) conference, Kate Crawford, a Principal Researcher at Microsoft Research in Boston said that the technology industry’s fetish for “Big Data” had blinded it to the limits of analytics, and the privacy implications of wholesale data harvesting. The Massachusetts Institute of Technology’s (MIT’s) annual Emerging Technologies (EMTECH) conference, a high-gloss event that throws entrepreneurs, venture capitalists and academics together to talk ‘big ideas’ on TED-inspired sets. Crawford’s speech, coming on the heels of a talk about transforming healthcare with big data […]

Read more ›

Health Exchanges Need A Fail Whale

October 3, 2013 17:04Comments Off
Health Exchanges Need A Fail Whale

In a blog post on Veracode’s blog today, I write about the problems encountered at government-run online health exchanges that were intended to connect millions to private insurance plans under the Affordable Care Act. The exchanges opened to the public on Tuesday, and they got off to a rocky start, with reports of web sites paralyzed as millions of uninsured Americans logged on to sign up for subsidized health insurance. In some cases, the problems appear to have been caused by “external factors.” New York State’s online health exchange was felled by the weight of more than 10 million requests of dubious origin, The New York Post reported. But other exchanges, including Healthcare.gov the federal government’s main health insurance storefront, which is used by residents or more than half of the states, were victims of their own success: overwhelmed when the doors swung open and millions of eager customers poured […]

Read more ›

Losing The Future: Schneier On How The Internet Could Kill Democracy

October 2, 2013 12:02Comments Off
Schneier warns that, without changes, the growth of the Internet will strengthen the hand of central authorities at the expense of individual liberties and democracy. (Photo courtesy of Schneier.com.)

With his deep background in both cryptography and Internet security, Bruce Schneier is of the most thoughtful commentators on all matters cyber. So revered is he, that he even inspired a list of humorous Chuck Norris-style “Bruce Schneier” facts . In recent months, Bruce has been an invaluable sounding board amid the drip-drip-drip of details of ubiquitous government surveillance stemming from Edward Snowden’s leak of classified intelligence on NSA spying and cyber operations. In this video, from a recent speech Bruce did at the TEDxCambridge event up here in the Boston area, he goes a bit deeper: drawing out the current trend lines like hacktivism, Facebook- and Twitter-fueled popular revolutions, civil war and mass surveillance, and trying to discern what the future might look like. /div> Bruce’s theory: although nimble groups of activists, dissidents and hackers have been more adept at using the Internet and innovative technologies and platforms built on […]

Read more ›

Security Ledger Uses: