Security & Privacy

Kim Dotcom threatens to sue Twitter, others over patent

Kim Dotcom says he doesn't really want to sue Google, Facebook, Twitter, and other companies, but he really needs some help funding his defense.

The eclectic and controversial MegaUpload founder today said he invented two-factor authentication, which is being used by more and more companies to secure access to their sites. The verification steps aim to reduce the likelihood of online identity theft, phishing, and other scams because the victim's password would no longer be enough to give a thief access to their information.

Along with Twitter's recent introduction, Microsoft, Apple, Google, Facebook, PayPal, and countless other … Read more

SAP touts service that sells customer data from phone firms

Verizon Wireless already sells its customers' mobile data to marketers. Now European enterprise-software giant SAP is taking things a step further by testing a service that will sell data collected by a number of wireless providers.

SAP announced its Consumer Insight 365 mobile service this week at the CTIA 2013 wireless show in Las Vegas. The service will, the company said in a release, pull data from SAP's "extensive partner network" including "over 990 mobile operators;" aggregate and analyze it "without drilling down into user-specific information;" and make results available to subscribers through … Read more

Power utilities claim 'daily' and 'constant' cyberattacks, says report

Power utilities in the U.S. are under daily cyberattacks, according to report released Tuesday by members of Congress.

Of about 160 utilities surveyed in the 35-page report (PDF), more than a dozen reported "daily," "constant," or "frequent" attempted cyberattacks on their computer systems.

"Grid operations and control systems are increasingly automated, incorporate two-way communications, and are connected to the Internet or other computer networks," the report said. "While these improvements have allowed for critical modernization of the grid, this increased interconnectivity has made the grid more vulnerable to remote cyber … Read more

Guantanamo Wi-Fi shuttered after Anonymous hacking threat

After the hacking collective Anonymous launched a Twitter campaign pledging to go after the Guantanamo Bay Naval Base in Cuba, the U.S. military barred all Wi-Fi access on the base, according to the Associated Press. All social media, including Facebook and Twitter, also has been banned.

Army Lt. Col. Samuel House told the Associated Press that the shuttering of the base's Wi-Fi was because of Anonymous' public plans to "disrupt activities" at the military prison.

While no disruptions have yet been reported, according to the Associated Press, Anonymous has promised to make good on its threats.… Read more

Google breach may have led to sensitive data leaks

U.S. officials are concluding that the 2010 hacks into Google's servers may have ended with Chinese hackers getting ahold of sensitive data, according to The Washington Post.

Current and former government officials told the Post that the hackers were able to access information on U.S. intelligence, as well as find out which possible Chinese spies government officials may have been targeting.

In January 2010, Google shocked the security community by being one of the first tech companies to disclose that it and other companies had been hit by attacks that originated in China. The Web giant said … Read more

Future Firefox takes tougher stance on mixed content

Mozilla is taking steps to lock down mixed content Web sites for Firefox in an update Friday to Firefox 23 Aurora.

In Firefox 23 Aurora, the pre-beta version of the browser for Windows, Mac, and Linux, Mozilla will block by default mixed active content. Mixed content is a term that refers to a Web site secured with HTTPS that loads some of its content, such as images or scripts, from standard HTTP sources, and can lead to eavesdroppers and man-in-the-middle attacks.

Mixed active content describes things like scripts because they can actively change how you interact with the site. Mixed … Read more

Google security: You (still) are the weakest link

SAN FRANCISCO--Two of Google's top Chrome and Google Apps security experts confessed that the problem of passwords will continue to plague the people who use them and computer security for the foreseeable future.

On the second day of the company's I/O conference here on Thursday, Eran Feigenbaum, the director of security for Google Apps, suggested that people follow three recommendations to stay safer online.

"You should turn on two-step verification, make sure [the browser] is up to date, and make sure your password recovery options are set," the six-year veteran of Google said.

His colleague, … Read more

Google Glass spurs privacy questions from Congress

Several members of Congress sent a letter to Google to ask about privacy concerns related to Google Glass, including how the company will prevent Glass from unintentionally collecting data without user consent.

"Because Google Glass has not yet been released and we are uncertain of Google's plans to incorporate privacy protections into the device, there are still a number of unanswered questions that we share," the Bi-Partisan Privacy Caucus, led by Rep. Joe Barton (R-Texas) wrote in a letter to Google CEO Larry Page.

Eight members of Congress signed the letter, and they want information from Google … Read more

New Mac spyware found in the Oslo Freedom Forum

F-secure is reporting on new malware found for OS X, which appears to be a backdoor application that so far is known to take screenshots of the user's computer and then attempt to upload them to remote servers. The malware is being called OSX/KitM.A.

It's a small application called macs.app and was found on the Mac of an African activist who was a member of of the Oslo Freedom Forum. When installed, the application is appended to the current Mac user's log-in items so it runs whenever the affected user account is logged in. … Read more