Linux Privacy - Page 41

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Navigating the Tails 6.8 Update: What It Means for Security-Minded Users

As digital privacy and security concerns increase, operating systems that safeguard user anonymity and data privacy have gained greater prominence. One such operating system is Tails (The Amnesic Incognito Live System). ...
Oct 09, 2024
  0

Google Chooses Passkeys Over Passwords: Examining the Security Benefits for Linux Users

In a bold move towards a future without traditional pas...
Sep 26, 2024
  0
24.Key Code Esm H115

Tails 6.6 Released: Unpacking Key Features & Updates

Tails (The Amnesic Incognito Live System) offers hope t...
Aug 15, 2024
  0
10.FingerPrint Locks Esm H115

Discover Privacy News

Privacys Generation Gap

Privacy's Generation Gap

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I’ve been spending a little too much time thinking about snooping lately. Actually, I’ve been thinking about snooping in all its various guises: personal, corporate, government, and extra-governmental. I’ve never been a big fan, really, even when my duties have required me to snoop. As an ex-corporate guy, my personal expectations of privacy in the workplace are what you’d expect: Never send an email you wouldn’t want to see on the front page. Seven-plus years in a Fortune 100 shop left me with a healthy dose of paranoia, and a strong aversion to sending anything of personal value via email or IM. I encrypt most of what I send from home, twitch when I’m riding wireless networks, and look over my shoulder as I type.

Congress may consider mandatory ISP snooping

Congress may consider mandatory ISP snooping

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It didn't take long for the idea of forcing Internet providers to retain records of their users' activities to gain traction in the U.S. Congress. Last week, Attorney General Alberto Gonzales, a Republican, gave a speech saying that data retention by Internet service providers is an "issue that must be addressed." Child pornography investigations have been "hampered" because data may be routinely deleted, Gonzales warned. Now, in a demonstration of bipartisan unity, a Democratic member of the Congressional Internet Caucus is preparing to introduce an amendment--perhaps during a U.S. House of Representatives floor vote next week--that would make such data deletion illegal.

A Comparison of US and European Privacy Practices

A Comparison of US and European Privacy Practices

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new study on "US and European Corporate Privacy Practices" was released two days ago, and as I constantly monitor the topic knowing EU's stricter information sharing and privacy violations laws comparing to the U.S, thought you might find this useful. To sum up the findings: "European companies are much more likely to have privacy practices that restrict or limit the sharing of customer or employees' sensitive personal information and are also more likely to provide employees with choice or consent on how information is used or shared," said David Bender, head of White & Case's Global Privacy practice." still at the "sharing sensitive information is bad" promotional stage, I feel the research reasonable points out the lack of a systematic technical approach, bureaucracy can also be an issue, but with so many CERTs in Europe there's potential for lots of developments I think. Established in 2004, ENISA is the current body overseeing and guiding the Community towards data protection practices -- slowly, but steadily gaining grounds.

Real-world Hooks Add Allure To Phishing

Real-world Hooks Add Allure To Phishing

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Phishing attacks are increasingly using offline components to appear more trustworthy, according to security firms. This week, security firm Cloudmark warned that two customers had been targeted with phishing attacks that used real phone numbers to collect personal information from the victims. The e-mail message alerts users to a fictitious security incident and asks them to call their bank at a certain phone number to verify their account number and PIN code. The fraudsters appear to have cloned the real banks automated telephone system to make the attack appear more real.

In Between The Lines Of Personal And Sensitive Information

In Between The Lines Of Personal And Sensitive Information

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a previous post, "Give it back!" I mentioned the ongoing re-classification of declassified information and featured some publicly known sources for information on government secrecy. Today I came across to a news item relating to the topic in another way, "States Removing Personal Data from Official Web Sites", more from the article: "At least six states use redaction software, which digitally erases information. It can be tailored to excise nine-digit entries such as SSNs. Chips Shore, circuit court clerk for Florida's Manatee County, removed SSNs and bank account numbers from 3 million public records on the Web site. Another 2.5 million court records were redacted before going online."

Enterprises struggling with privacy management

Enterprises struggling with privacy management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Enterprises are under increasing pressure to safeguard the privacy and security of personal data, but the complexity of the task is making it difficult to meet higher expectations, a Hewlett-Packard Co. (HP) project manager said Tuesday. The pressure is coming from consumers and governments, who want greater control over how data is retained and managed, said Pete Bramhall, project manager at HP's lab in Bristol, England. Internally, enterprises are grappling with the cost and complexity in dealing with distributed networks. Soon, Bramhall predicts, many enterprises will be at a "tipping point," in terms of using new means to protect data.

RFDump

RFDump

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible: Test robustness of data-structures on the reader and the backend-application; Proof-of-concept manipulations of RFID tag contents; Clone / copy & paste User-Data stored on RFID tags; Audit tag-security features.

When delete is not enough

When 'delete' is not enough

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was only a single digit in a 20-page Microsoft Word contract between two partners, but Scott Cooper earned his fee several years ago when he found it. Cooper, a computer forensics expert, learned that the numeral "1" had been scrubbed in some later versions of this digital document. This gave his client, a partner in a software company that had recently been sold, just a 5 percent rather than a 15 percent share in the company. If the change had gone undetected, the partner would have received $32 million rather than his rightful $96 million payout.

RSA Looks To Drown Phishers In Data Flood

RSA Looks To Drown Phishers In Data Flood

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A novel tactic to defeat phishers is being employed by Cyota staff: flooding phishing sites with fake bank details to make the real information harder to find. RSA's Cyota division is helping fight phishing attacks by giving the online fraudsters what they want — lots of user names, passwords, online banking credentials and credit card numbers.

Why Phishing Attacks Work

Why Phishing Attacks Work

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When asked if a phishing site was legit or a spoof, 23% of users use only the content of the website to make the decision! The majority of users ignore the address and SSL indicators in the browser. Some users think that favicons and lock icons in HTML are more important indicators. The paper hints that the proposed IE7 security indicators and multi-colored address bar will also suffer a similar fate. This study is brought to you by the people who developed the security skins Firefox extension."

E-mail Security: Detecting Spam (II)

E-mail Security: Detecting Spam (II)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As spam filters get more advanced, less spam is allowed to enter into user’s inbox so the business model of spammers gets hurt. Instead of thinking that people don’t really like to receive spam and they would prefer less intrusive ways to get publicity, they try to workaround these filters in, sometimes, really clever ways. So, spam filters have to be continually modified and adapted to not fall into these new tricks.

IT Confidential: Choose Your Intrusion: Whos Your Friend?

IT Confidential: Choose Your Intrusion: Who's Your Friend?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

'm as big a fan of government intrusion as the next person, but things may have gotten a little out of hand lately. Take last week's legal contretemps between the Justice Department and Google. Forget for a minute that Google really faces no downside by refusing the government's request to turn over search data. Even if Google loses the case and has to turn over some (truncated) amount of (very general) information about a (random) selection of searches, it still wins in the court of public opinion as a defender of personal privacy. As my colleague Chris Murphy put it, Google should take the court costs out of its marketing budget.

Search firms surveyed on privacy

Search firms surveyed on privacy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We asked the same seven questions of each company. Their answers are reproduced below, with the responses sorted by the companies' names in alphabetical order. What information do you record about searches? Do you store IP addresses linked to search terms and types of searches (image vs. Web)? Weinstein: Any time a search is done on the AOL service or AOL.com, the left rail on the results page offers a list of the most recent searches conducted by that user.

Human Rights and Wrongs Online

Human Rights and Wrongs Online

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A government's position on censorship used to protect its citizenry is dictated by who they are. The well-popularized censorship of Internet content in China by Google and other big players, and criticism of this by the U.S. government, is really just the tip of the iceburg. On Febrary 15, the United States Congress held hearings on the role of U.S. Internet companies like Google, Microsoft, Yahoo and Cisco in suppressing free expression and therefore encouraging repressive tactics by countries like China. The hearings explored the role and the responsibility of these companies for deliberately filtering communications, assisting in the interception of citizen's communications, and using technology to restrict access by citizens to information.

Report: 80 percent of emails out to manipulate

Report: 80 percent of emails out to manipulate

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Four out of five inbound emails are designed to deceive the recipient, according to a new report studying the scope of abusive online messages. The Messaging Anti-Abuse Working Group's (MAAWG) Email Metric Report, which analyzed data from more than 127 million mailboxes during last year's fourth quarter, found that more than 142 billion emails either were tagged or blocked before they reached the end user. Another 61.3 billion emails were the victims of dropped connections, the study showed. Nearly 37 billion emails were unaltered before reaching their destination.

Combating identity theft

Combating identity theft

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Identity theft is the major security concern facing organisations today. Indeed, for the banking industry, it is the number one security priority for 2006. In a recent survey of security budget holders and influencers of UK banks, 73% of respondents cited identity management as the top transaction security concern.

Communicating with Confidence

Communicating with Confidence

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Along with the benefits of networked systems – easy information sharing and the ability to work wherever and whenever – comes responsibility. Professionals in all industries have the responsibility to protect their customers’ (and their own) confidentiality. When professionals access their office networks and exchange information with other organisations, confidentiality is paramount, though not always easy to achieve.

Got Data? Beware Privacy Pitfalls, Big Brother

Got Data? Beware Privacy Pitfalls, Big Brother

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With controversy swirling around ID theft and electronic surveillance by the government, what should corporations do to protect customer data? Jim Dempsey, policy director at The Center for Democracy & Technology (CDT), spells out controversial advice such as "gather less data" and seemingly dire warnings such as "if you gather the data, the government will come calling." Whether you view CDT as an advocate or an adversary, its voice is being heard on Capitol Hill, so it's important to be aware of its stance on important corporate data policies and related issues.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved