Alerts This Week
Warning Icon 1 933
Alerts This Week
Warning Icon 1 933

Linux Privacy - Page 42

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Tor Browser is a privacy-focused web browser that routes traffic through the Tor network to obscure a user’s identity and destination—and that design has direct implications for Linux security teams. It’s built to limit tracking, resist surveillance,...

Linux systems block a lot of noise that targets other p...

You’ve got Linux installed, the terminal doesn’t scare ...

Discover Privacy News

LS Hmepg 337x500 34 Esm H267

Student Monitoring Practices In China: Hu Yingying's Experience

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To her fellow students, Hu Yingying appears to be a typical undergraduate, plain of dress, quick with a smile and perhaps possessed of a little extra spring in her step, but otherwise decidedly ordinary. And for Hu, in her second year at Shanghai Normal University, coming across as ordinary is just fine, given the parallel life she leads. For several hours each week she repairs to a little-known on-campus office crammed with computers, where she logs on, unsuspected by other students, to help police her university's Internet forums.

LS Hmepg 337x500 34 Esm H267

Jeanson James Ancheta: 57 Months For Botnet Crimes And Computer Fraud

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

LOS ANGELES (Reuters) - A 20-year-old who prosecutors say highjacked computers to damage computer networks and send waves of spam across the Internet was sentenced on Monday to nearly five years in prison. Jeanson James Ancheta, a well-known member of the "Botmaster Underground" who pleaded guilty in January to federal charges of conspiracy, fraud and damaging U.S. government computers, was given the longest sentence for spreading computer viruses, federal prosecutors said.

LS Hmepg 337x500 34 Esm H267

Malware Trends: 70% Profit-Driven Threats With Spyware Dominance

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Malicious software coded by cyber criminals for financial gain accounted for some 70 percent of all malware detected during the first quarter of 2006, according to a report released today. According to a new study from anti-virus developer Panda Software, the new malware dynamic saw financial profit become malicious software creators' top priority. Of all malware detected by the company's free online scanner, about 40 percent was spyware. Some 17 percent of the total was made up by trojans, including banker trojans that steal confidential data related to bank services and "droppers" or "downloaders" that download malicious applications onto systems.

LS Hmepg 337x500 34 Esm H267

Digital Signatures: Risks and Legal Binding in Linux Systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Digital signatures were designed to allow secure, confidential communication between two parties. As Wikipedia describes it: "A user may digitally sign messages using his private key, and another user can check that signature (using the public key contained in that user's certificate issued by a certificate authority). This enables two (or more) communicating parties to establish confidentiality, message integrity and user authentication without having to exchange any secret information in advance."

LS Hmepg 337x500 34 Esm H267

Effective Email Filtering with SpamBayes for Better Management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Spam email is the plague of the 21st century; SpamBayes is its cure. This client-side application analyzes all incoming email messages and automatically sorts out those that are unwanted. SpamBayes digests the contents of email messages and counts how often certain words -- e.g. Viagra -- occur in spam (bad) or ham (good) messages. Based on these word patterns, it calculates an overall score that rates a message as spam, ham, or unknown. You can manually classify unknown mail as spam or ham and SpamBayes will learn accordingly.

LS Hmepg 337x500 34 Esm H267

Blue Security BlueFrog User Alert: Spammer Threats to Expose Emails

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A company that's promoted an anti-spam "Do Not Intrude Registry" and essentially spammed spammers said Monday that many of its members have received threatening e-mails from a major junk mailer. Blue Security, a Menlo Park, Calif.-based start-up, debuted its registry and BlueFrog client last summer. The company's researchers, who work out of Israel, analyze and vet the spam, trace the message to a Web site (typically the site selling the product or service), and find a form on the site that can be used to complain or opt-out. The BlueFrog client then sends automatically fills out the found form once for each spam received. The result: the site is overwhelmed with opt-out requests or complaints.

LS Hmepg 337x500 34 Esm H267

Exploring User Monitoring And Privacy Rights In Online Behavior

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I’ve been spending a little too much time thinking about snooping lately. Actually, I’ve been thinking about snooping in all its various guises: personal, corporate, government, and extra-governmental. I’ve never been a big fan, really, even when my duties have required me to snoop. As an ex-corporate guy, my personal expectations of privacy in the workplace are what you’d expect: Never send an email you wouldn’t want to see on the front page. Seven-plus years in a Fortune 100 shop left me with a healthy dose of paranoia, and a strong aversion to sending anything of personal value via email or IM. I encrypt most of what I send from home, twitch when I’m riding wireless networks, and look over my shoulder as I type.

LS Hmepg 337x500 34 Esm H267

Congress Considers Mandatory ISP Data Retention for User Privacy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It didn't take long for the idea of forcing Internet providers to retain records of their users' activities to gain traction in the U.S. Congress. Last week, Attorney General Alberto Gonzales, a Republican, gave a speech saying that data retention by Internet service providers is an "issue that must be addressed." Child pornography investigations have been "hampered" because data may be routinely deleted, Gonzales warned. Now, in a demonstration of bipartisan unity, a Democratic member of the Congressional Internet Caucus is preparing to introduce an amendment--perhaps during a U.S. House of Representatives floor vote next week--that would make such data deletion illegal.

LS Hmepg 337x500 34 Esm H267

US and EU Corporate Privacy Practices: A Detailed Comparison

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new study on "US and European Corporate Privacy Practices" was released two days ago, and as I constantly monitor the topic knowing EU's stricter information sharing and privacy violations laws comparing to the U.S, thought you might find this useful. To sum up the findings: "European companies are much more likely to have privacy practices that restrict or limit the sharing of customer or employees' sensitive personal information and are also more likely to provide employees with choice or consent on how information is used or shared," said David Bender, head of White & Case's Global Privacy practice." still at the "sharing sensitive information is bad" promotional stage, I feel the research reasonable points out the lack of a systematic technical approach, bureaucracy can also be an issue, but with so many CERTs in Europe there's potential for lots of developments I think. Established in 2004, ENISA is the current body overseeing and guiding the Community towards data protection practices -- slowly, but steadily gaining grounds.

LS Hmepg 337x500 34 Esm H267

Phishing Threats: VoIP Exploited for Data Theft Tactics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Phishing attacks are increasingly using offline components to appear more trustworthy, according to security firms. This week, security firm Cloudmark warned that two customers had been targeted with phishing attacks that used real phone numbers to collect personal information from the victims. The e-mail message alerts users to a fictitious security incident and asks them to call their bank at a certain phone number to verify their account number and PIN code. The fraudsters appear to have cloned the real banks automated telephone system to make the attack appear more real.

LS Hmepg 337x500 34 Esm H267

Personal Data Security: The Role Of Redaction Tools Against Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a previous post, "Give it back!" I mentioned the ongoing re-classification of declassified information and featured some publicly known sources for information on government secrecy. Today I came across to a news item relating to the topic in another way, "States Removing Personal Data from Official Web Sites", more from the article: "At least six states use redaction software, which digitally erases information. It can be tailored to excise nine-digit entries such as SSNs. Chips Shore, circuit court clerk for Florida's Manatee County, removed SSNs and bank account numbers from 3 million public records on the Web site. Another 2.5 million court records were redacted before going online."

LS Hmepg 337x500 34 Esm H267

Enterprises Struggling With Data Privacy Management Complexity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Enterprises are under increasing pressure to safeguard the privacy and security of personal data, but the complexity of the task is making it difficult to meet higher expectations, a Hewlett-Packard Co. (HP) project manager said Tuesday. The pressure is coming from consumers and governments, who want greater control over how data is retained and managed, said Pete Bramhall, project manager at HP's lab in Bristol, England. Internally, enterprises are grappling with the cost and complexity in dealing with distributed networks. Soon, Bramhall predicts, many enterprises will be at a "tipping point," in terms of using new means to protect data.

LS Hmepg 337x500 34 Esm H267

RFDump: RFID Tag Auditing Tool For Data Security and Interoperability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible: Test robustness of data-structures on the reader and the backend-application; Proof-of-concept manipulations of RFID tag contents; Clone / copy & paste User-Data stored on RFID tags; Audit tag-security features.

LS Hmepg 337x500 34 Esm H267

Digital Changes Impacting Contractual Agreements and Evidence

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was only a single digit in a 20-page Microsoft Word contract between two partners, but Scott Cooper earned his fee several years ago when he found it. Cooper, a computer forensics expert, learned that the numeral "1" had been scrubbed in some later versions of this digital document. This gave his client, a partner in a software company that had recently been sold, just a 5 percent rather than a 15 percent share in the company. If the change had gone undetected, the partner would have received $32 million rather than his rightful $96 million payout.

LS Hmepg 337x500 34 Esm H267

Innovative Data Flooding Against Phishing Attacks by RSA Cyota

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A novel tactic to defeat phishers is being employed by Cyota staff: flooding phishing sites with fake bank details to make the real information harder to find. RSA's Cyota division is helping fight phishing attacks by giving the online fraudsters what they want — lots of user names, passwords, online banking credentials and credit card numbers.

LS Hmepg 337x500 34 Esm H267

Exploring User Perception of Phishing Threats and Online Safety

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When asked if a phishing site was legit or a spoof, 23% of users use only the content of the website to make the decision! The majority of users ignore the address and SSL indicators in the browser. Some users think that favicons and lock icons in HTML are more important indicators. The paper hints that the proposed IE7 security indicators and multi-colored address bar will also suffer a similar fate. This study is brought to you by the people who developed the security skins Firefox extension."

LS Hmepg 337x500 34 Esm H267

Understanding E-Mail Security with Advanced Spam Detection Techniques

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As spam filters get more advanced, less spam is allowed to enter into user’s inbox so the business model of spammers gets hurt. Instead of thinking that people don’t really like to receive spam and they would prefer less intrusive ways to get publicity, they try to workaround these filters in, sometimes, really clever ways. So, spam filters have to be continually modified and adapted to not fall into these new tricks.

LS Hmepg 337x500 34 Esm H267

Government Data Demand's Impact On Privacy Rights and Legal Cases

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

'm as big a fan of government intrusion as the next person, but things may have gotten a little out of hand lately. Take last week's legal contretemps between the Justice Department and Google. Forget for a minute that Google really faces no downside by refusing the government's request to turn over search data. Even if Google loses the case and has to turn over some (truncated) amount of (very general) information about a (random) selection of searches, it still wins in the court of public opinion as a defender of personal privacy. As my colleague Chris Murphy put it, Google should take the court costs out of its marketing budget.

LS Hmepg 337x500 34 Esm H267

Insights On Search Companies' Privacy Practices And Data Handling

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We asked the same seven questions of each company. Their answers are reproduced below, with the responses sorted by the companies' names in alphabetical order. What information do you record about searches? Do you store IP addresses linked to search terms and types of searches (image vs. Web)? Weinstein: Any time a search is done on the AOL service or AOL.com, the left rail on the results page offers a list of the most recent searches conducted by that user.

Your message here