Monday, April 25, 2011

Suggests that the original design was not repairable? What happened to “Design for Security?”

http://it.slashdot.org/story/11/04/24/1916210/Sony-Rebuilding-PlayStation-Network-Security-After-Attack?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Sony Rebuilding PlayStation Network Security After Attack

"The outage of Sony's PlayStation Network and Qriocity service, now in its fourth day, looks set to continue after the company said on Sunday that it is 'rebuilding' its system to better guard against attacks. Sony said on Saturday that the outage was caused by an 'external intrusion' into the network, but has yet to detail the problem. The PlayStation Network is used for PlayStation 3 online gaming and sales of software to consoles and the PlayStation Portable. The Qriocity service runs on the same network infrastructure and provides audio and video to Sony consumer electronics products."



For all my students...

http://www.bespacific.com/mt/archives/027087.html

April 24, 2011

'HTTPS Now' Campaign Urges Users to Take an Active Role in Protecting Internet Security

News release: "The Electronic Frontier Foundation (EFF) and Access have launched an international campaign for HTTPS Now, rallying consumers around the world to help us make web surfing safer. HTTPS (Hypertext Transfer Protocol Secure) protects web surfing by encrypting requests from a user's browser and the resulting pages that are displayed, but many websites default to using the unencrypted and vulnerable HTTP protocol. The HTTPS Now campaign takes a three-pronged approach to protecting web surfing, including distributing updated tools for people to use to protect their web browsing, taking an Internet-wide survey of the state of HTTPS deployment, and helping website operators implement HTTPS. As a first step, individuals using the web are encouraged to install HTTPS Everywhere, a security tool for the Firefox browser developed by EFF and the Tor Project. HTTPS Everywhere automatically encrypts a user's browsing, changing it from HTTP to HTTPS whenever possible."



Bad Google, bad...

http://www.bespacific.com/mt/archives/027085.html

April 24, 2011

Dutch Data Protection Authority issues several administrative orders against Google

News release: "[April 19, 2011], the Dutch Data Protection Authority (College bescherming persoonsgegevens, CBP) has issued several administrative orders against Google for incremental penalty payments. Investigations by the CBP show that Google has, for a period of two years, systematically, and without the data subjects’ knowledge, collected MAC addresses of more than 3,6 million WiFi routers, in combination with the calculated location of those routers. This was done by using the so called ‘Street View cars’. MAC addresses in combination with their calculated locations, qualify, in this context, as personal data, because the collected data provide information about the WiFi router’s owners. The Dutch DPA also concludes that Google, using the same Street View cars, collected so called payload data, the contents of internet communication. This information contains personal data such as e-mail addresses, medical data and information concerning financial transactions. Google has been ordered to, within three months, inform the data subjects – off line as well as on line – about the collection of data originating from WiFi routers by the Street View cars. Within the same period of three months, Google must also offer an on line possibility to opt-out from the database in order to enable people to object to the processing of the data concerning their WiFi routers. In case Google does not comply with the administrative order within the time period granted, the penalty amount can increase to a maximum of one million euros. Furthermore, Google is obliged to destroy the payload data it has collected in the Netherlands within four weeks. Read the Dutch press release and the relevant documents (only in Dutch)."


(Related) So perhaps Apple doesn't “need” this data, but someone (DHS?) wants them to keep it anyway? So much for :Opt Out”

http://online.wsj.com/article/SB10001424052748704123204576283580249161342.html?mod=WSJ_Tech_RightMostPopular

IPhone Stored Location in Test Even if Disabled

Apple Inc.'s iPhone is collecting and storing location information even when location services are turned off, according to a test conducted by The Wall Street Journal.

The location data appear to be collected using cellphone towers and Wi-Fi access points near a user's phone and don't appear to be transmitted back to Apple. Apple didn't immediately respond to a request for comment.


No comments: