Tag Archives: privacy

Articles, Digital Parenting, Identity Theft Prevention, Online Security

Snapchat Suffers Major Security Breach Plans to Make App More Secure

Snapchat suffered a major security breach on New Year’s Eve when a reported 4 million usernames and passwords were collected by hackers.  Snapchat had been warned twice by security experts about a vulnerability in its system, according to Yahoo News.

Snapchat is a private company that has marketed itself on being a more secure alternative that Facebook and Instagram. It lets users send photo and video messages that disappear once viewed.  According to the New York Times, users of the self-destruct message service were sending 350 million photos a day in September –increased from 200 million in June.

Related content:  Are Instagram and Snapchat safe for Kids?

Security researchers were not convinced that the app actually deleted information.  The hackers who stole the usernames and passwords from Snapchat were actually security researchers with Gibson security who were able to hack into Snapchat’s servers and find the data that had been stored in a database similar to other big internet companies.

The security researchers posted the hacked information onto a website called SnapchatDB.info after privately warning Snapchat about the weakness in its system.  The researchers then posted a warning about the security hole online on Christmas Eve after the notice was ignored. Snapchat did patch the hole in the system but it didn’t do enough.  The data was not encrypted nor were there any basic security measures in place to prevent hacking.

The usernames and passwords put online in the data dump on New Year’s Eve had the last two digits of phone numbers removed. Snapchatdb.info has since been suspended for the data dump, but not before word spread of the breach.

The breach severely tarnishes Snapchat’s reputation and image. It could threaten the company’s rapid growth.

Gibson Security says users can delete their Snapchat accounts and ask their phone company to change their phone number in order to protect their information. Although, they warn that deleting the account won’t remove information from the leaked database information.

“Ensure that your security settings are up to scratch on your social media profiles. Be careful about what data you give away to sites when you sign up –if you don’t think a service requires your phone number, don’t give it to them,” Gibson told the Associated Press.

Snapchat is trying to reassure users’ that is has adopted security measures that would prevent spam and abuse. They also claim they are working to prevent “future attempts to abuse our service.”

Agencies, Articles, News

American’s Under Surveillance: NSA admits tracking cell phone locations

The National Security Agency (N.S.A.) has started to come clean about tracking Americans cell phone data and what data was being collected. NSA admits to tracking the cell phone location of Americans in a test pilot project in 2010 and 2011.

According to the New York Times, “it was unclear how many Americans’ locational data was collected as part of the project, whether the agency has held on to that information or why the program did not go forward.”

NSA  claimed that they never moved forward with the program.  The “experiment” pilot project was to test how location information would move into the massive databases containing other information on Americans.  Cell phone location is considered to be one of the most sensitive data that a cell phone emits, according to the Electronic Frontier Foundation.  Since most people carry their cell phones everywhere they go it is possible that the location data tracking could lead to the government knowing most intimate daily habits and movements of not only the person whose phone is being tracked but friends and family members whom the person had come into contact with throughout the day.

The biggest problem with NSA’s admission of the test pilot program is that it admitted to doing an illegal activity.  NSA’s chief Keith Alexander said during a Senate hearing, “Under Section 215, NSA is not receiving cell site location data and has no current plans to do so.”  The recent admission of past collection clearly violated Section 215 of the Patriot Act.

In order to counter-act negative reaction to the admission, Director of National Intelligence (DNI) James Clapper told Congress that if they started their location recollection program they would inform the intelligence committee and FISA court. That means that Americans could still be kept in the dark if the program, a clear violation of the Patriot Act and one that brings up Fourth Amendment issues, were to become restarted.

I feel safer already, don’t you?

Agencies, Articles, News

FISA Court Releases Opinion Upholding NSA Phone Program

The federal surveillance court has released a declassified opinion that upholds the National Security Agency’s (NSA) phone program. The FISA court decided that the gathering of billions of phone records for counterterrorism purposes was constitutional and justified.

Gathering of “all call detail records” of phone companies by NSA is justifiable as long as the gathering of the data is relevant to an authorized investigation. The most significant part of the ruling is that it mentions that the data is justifiable if the government can show that there is an authorized investigation into unknown terrorists who may be in the United States. This begs the question of how there could possibly be an authorized investigation into unknown terroristic persons on reasonable grounds without the collection of the phone data.

According to the opinion, the government only needs “reasonable grounds to believe” that the phone records will be relevant to the investigation in order to legally collect the phone records.  The burden of proof the government needs is much lower than that needed in a criminal investigation.  The court claims this is because the goal is not to solve a crime but to prevent a terrorist attack.

Critics claim that the opinion released by the court is not justifiable by the Foreign Intelligence Surveillance Act (FISA) or the Constitution.  Jameel Jaffer, American Civil Liberties Union deputy legal director, told the Washington Post, “This isn’t a judicial opinion in the conventional sense. It’s a document that appears to have been cobbled together over the last few weeks in an effort to justify a decision that was made seven years ago. I don’t know of any precedent for that, and it raises a lot of questions.”

Privacy issues have come into question when Edward Snowden leaked information about the NSA spy program. The government’s stance from the beginning has been that the broad collection of data is needed to find unknown terrorist operatives in the United States.  It is still unclear how much scope the NSA program actually has over the data it has collected from billions of homes across the nation.

And, now we also hear about  . . . N.S.A. Gathers Data on Social Connections of U.S. Citizens

Agencies, Online Security

National Security Agency Broke Privacy Rules, Audit Finds

The National Security Agency (NSA) has been spying on Americans. The agency was given broad powers in 2008 and has been accused of overstepping its authority thousands of times. Edward Snowden leaked information that told the world about the agency’s spy programs including the interception of e-mails and data collection of phone calls.

Snowden recently leaked documents to The Washington Post showing that the NSA has repeatedly exceeded its legal powers and broken privacy rules every years since it was granted broad new powers. The internal audit shows violations ranging from unauthorized surveillance of Americans or foreign intelligence targets in the United States to the “unintended interception” of U.S. e-mails and telephone calls.

The documents provided to the Washington Post showed that Congress wasn’t even aware of some of the details that the NSA was pulling from its programs. One document instructed agency personnel to remove details and substitute more generic language in reports that went to the Justice Department and the Office of the Director of National Intelligence.

Another document showcased the “unintended  surveillance” of Americans. The Washington Post reports, “A notable example in 2008 was the interception of a ‘large number’ of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a ‘quality assurance’ review that was not distributed to the NSA’s oversight staff.”

The once-secret Foreign Intelligence Surveillance Court was also kept in the dark about some of the NSA’s spy programs and the information being gathered. The court did not learn of new collections methods until months after it had been in use. When it did find out about the new collection method it ruled it unconstitutional.

The Obama administration has attempted to remain quiet about the NSA.  The first excuse was that Continue reading National Security Agency Broke Privacy Rules, Audit Finds

Articles, Credit Cards, Digital Parenting, General Identity Theft Help, Online Security

Opposing Views of Fingerprint Payments

fingerprint takes place of credit cardWhen my child’s school started scanning fingerprints for lunch payments, I was opposed to the idea. But I like to be a pretty fair person so I weighed the pros and the cons. As it turns out, this could be a budding popular method of payment and there are actually quite a few perks involved.

Pros

There isn’t a person on the planet who hasn’t lost their wallet, purse, or at least one credit card. Personally, I am well known for all of the above. One of the advantages of fingerprint payments is that it’s pretty hard to lose your finger. Even if someone did manage to take it from you in some unspeakable way, new fingerprint systems monitor for pulse as well as scanning the fingerprint. Another positive point is that identity theft is a lot easier to prove when you aren’t even in the same location.

Let’s just assume that someone used some sort of technology to duplicate your fingerprint. They put it on their own finger, which obviously has a pulse. They make a purchase. You try to dispute it. If this had been a credit card and you weren’t in the same location as the purchase, your creditors might accuse you of lending it out in an effort to obtain the merchandise without having to pay for it. This is clearly an impossible task when you use fingerprints instead of credit cards.

Cons

While there are plenty of pros when it comes to fingerprint payments, there are cons as well. How you look at each depends a great deal on how you view the financial and governmental system, not to mention your own body. I have to admit, when I first heard of it at my son’s school I wondered how much he would hate me for allowing this if later on down the road he wanted to live “off the grid”.

I don’t even like the idea of Social Security numbers. The idea of submitting my young child’s fingerprint to anyone was appalling to me. For me, the biggest downside of all to fingerprint payment Continue reading Opposing Views of Fingerprint Payments

Agencies, Articles, Online Security

Is Your Status Drawing Homeland Security’s Attention? Keywords Revealed

Have you ever wondered which words posted on social networks can draw the attention of Homeland Security and federal analysts? Now, because of the Freedom of Information Act, the list of keywords has now been posted for public view. Many of the keywords are actually pretty self explanatory, although there are a few that are relatively innocent. So the next time you post about an earthquake, are you going to have federal agents knocking down your door?

Actually that’s pretty unlikely. Although these words can trigger an additional look at your profile by investigators, they say they’re really only looking for threats, not general discontent. Unless you make a habit of posting inflammatory tweets and status updates that either suggest the government needs to be punished or seem to be using code words to cover your true intent, the analysts will probably just rubber-stamp you as investigated and nothing more will happen.

What are the disadvantages of social media monitoring? Continue reading Is Your Status Drawing Homeland Security’s Attention? Keywords Revealed

Articles, Identity Theft Prevention, Identity Theft Protection, Online Security

Will New Innovations From 2013 International CES Put Your Information at Risk?

The 2013 International CES was host to plenty of exciting exhibits to choose.  Revenues for consumer electronics are expected to keep growing to new record levels! At the show, over 20,000 new products were launched from more than 3,250 exhibitors, making it a sure bet that there is something for everyone being revealed. There’s always a lot of excitement for CES because it’s often a first look at the years’ best new innovations.

Going Wireless in More Ways

There were more than 1,200 exhibitors showing off their wireless technology this year. Wireless technology is taking center stage at CES this year, including new and improved smartphones and tablets, making it more important than ever that people understand how to protect their information and identity when using these devices.

With that many exhibitions, there are bound to be plenty of awesome gadgets and programs, but Continue reading Will New Innovations From 2013 International CES Put Your Information at Risk?

Articles, Hoaxes, Identity Theft Prevention

Yahoo! Hacked Learn How to Protect Yourself

Yahoo! Hacked Learn How to Protect Yourself

by guest writer, Linda St.Cyr

 

YAHOO! was hacked by a group calling themselves D33DS. The group claimed that the hack which released 450,000 email addresses and passwords to the public was “a wake-up call not as a threat.” But those who were affected by the hack might not see D33DS benevolence. I know that I don’t and I was one among the half a million emails to be released to the public. Luckily, the password that was associated with my email was outdated. Many other people were not as lucky.

People tend to use the same password for various sites. This can be detrimental if a hack takes place like the one that was done by D33DS. Although, I didn’t use the password that D33DS released I still had to take a day to change the passwords for all the websites that I used. Most of the websites had security measures in place that automatically locked me out the account (and any hackers as well) until I took steps to reset my passwords.

There are three basic steps that can help keep your internet and email activities safe:

 DON’T USE THE SAME PASSWORD

Do not use the same password for various websites. It may make life easier but it also makes you more susceptible to hackers and spam. If you use various websites for business or pleasure create a hard copy list and put it in a desk drawer or in a safe place. If you have ten different website accounts, you should have ten different website passwords.

 CREATE A STRONG PASSWORD

Websites that recommend that you use 6-8 letters including a capital letter and a number or a symbol are ones that want you to have a strong password. The stronger a password is, the harder it is for a hacker to get into your account. A strong password will have a combination of letters, numbers and symbols. Your password should not be your social security number, your birthday, your kids birthdays, your phone number or even your anniversary. That information is easily accessible, especially on social media platforms, which makes using it easily accessible for a hacker.

CHANGE YOUR PASSWORD OFTEN

Every couple of months take a day to change all the passwords you use. This will make it more difficult for a hack to take place as your accounts. A hacker could be close to figuring out what your password is but because you change it so often, the hacker will have to start all over again.

The Daily Telegraph, who reported on the Yahoo! hack, stated: “Users of online accounts are urged by security experts and technology firms to select tough passwords and change them frequently to thwart hackers.”

 

This guest post is by Linda St.Cyr,  a freelance writer, blogger, and columnist. She covers a wide variety of topics from food to celebrity gossip. Read her work at Ecorazzi, Yahoo! Contributor Network, or The Hungry Kitchen.

Articles, Consumer Protection, Identity Theft Prevention

Facebook age limits lowered?

According to the Facebook Statement of Rights and Responsibilities, 13 is the official “age of consent” for having a Facebook account.   However, we all can probably name at least one child from our friends and family that are on Facebook and under the age of 13.   Some of these accounts are made with their parents’ permission to lie about their age and some are just created with or without permission as pre-teens simply check the “box” and begin LIKING Facebook.    Recently however, Facebook creator Mark Zuckerberg thinks that the age should be even lower.

The Children’s Online Privacy Protection Act (COPPA) was created to protect children online and requires that certain websites that collect information on its users do not allow children under the age of 13 to use the site.   Zuckerberg wants to change that, citing the “educational” benefits of using Facebook.

“That will be a fight we take on at some point,” Zuckerberg said according to CNN. “My philosophy is that for education you need to start at a really, really young age. Because of the restrictions we haven’t even begun this learning process. If they’re lifted then we’d start to learn what works. We’d take a lot of precautions to make sure that they [younger kids] are safe.”

According to projections based on its yearly State of the Net survey conducted by Consumer Reports there are:

  • 7.5 million of the 20 million minors on Facebook in the past year were younger than 13.
  • More than 5 million were 10-years-old or younger.

To counter the consumer report one a Facebook spokesperson said Continue reading Facebook age limits lowered?

Agencies, Articles, Consumer Rights

Does the FBI Need to Wiretap Websites to do an Effective Job?

America’s Federal Bureau of Investigation, the crime- busting branch of the federal government, wants to extend its wiretapping authority to the world wide web in an effort to more effectively control crime and prosecute suspects. The FBI claims that the proposed changes are a necessary modification to existing laws and they will help the FBI zero- in on criminal activity by harnessing the World Wide Web and secretly watching online activity.

What is This Proposed Change All About?

Back in 1994, Congress passed the Communications Assistance for Law Enforcement Act. It was a sweeping and controversial law when it passed because it allowed wiretapping on a telecommunications level and required telecom businesses to cooperate fully by modifying their electronic devices, equipment, and services to make them immediately compatible for surveillance.  This law has been in place now for almost two decades and supporters say that it has helped organizations such as the FBI and others in their efforts to track criminals and gather evidence.

Now, the FBI wants to extend the Communications Assistance for Law Enforcement Act to the internet and its proposal is based on the simple fact that the internet is a form of communication and therefore should be subject to the same rules and regulations as the telecommunications industries. The FBI wants to be able to access everything from Yahoo to Facebook and beyond and subject these online businesses to the same requirements as the telecom industry.

What is at Stake?

The FBI claims it only wants to protect the public and that the added ability to track potential criminals online would provide another weapon in its arsenal. Critics of the plan say it is another step toward a government- controlled state and a blantant infringement on privacy rights. If we allow government agencies like the FBI to tap our Facebook account and our instant message conversations, what step will they take next? Surveillance cameras aimed at the front windows of our homes? Listening devices placed on our doorstep? Continue reading Does the FBI Need to Wiretap Websites to do an Effective Job?