InSecurity Complex

With a mobile privacy scandal coming every few weeks or so it seems, consumers are getting so they don't trust app developers to do the right thing. But what exactly is the right thing?

The Electronic Frontier Foundation has some ideas. The non-profit organization today released a Mobile User Privacy Bill of Rights that offers up suggestions for how data should be treated to protect the privacy of consumers.

"It's time to articulate what the best practices are and what people should reasonably expect," Kurt Opsahl, senior staff attorney at EFF, said in announcing the privacy … Read more

The Federal Communications Commission wants to know what the public has to say about government officials asking carriers to disable cell service for public safety purposes. The agency's concern is a reaction to last year's cutting of service by San Francisco Bay Area subway police ahead of a protest.

"Our democracy, our society, and our safety all require communications networks that are available and open, FCC Chairman Julius Genachowski said in a statement. "Any interruption of wireless services raises serious legal and policy issues, and must meet a very high bar. The FCC, as the agency … Read more

The Anonymous online activists do keep themselves busy. When they're not defacing Web sites to protest the for-profit prison system or shutting down the public CIA site they're listening in as Scotland Yard and the FBI discuss how to catch them and having a good laugh.

This week, they've ratcheted things up even more by working with WikiLeaks to publish secret stolen e-mails that shine some light on what appear to be the inner workings of Stratfor, a global intelligence firm that seems to have paid informants to monitor, among other things, human rights and environmental activists … Read more

A researcher plans to demonstrate an attack on a smartphone at the RSA security conference this week that starts with social engineering via a text message and leads to a malicious Web link that triggers a browser exploit and silently downloads a Trojan.

"It's a demo of a new attack vector on mobile, using a Remote Access Tool" called Nickispy, which showed up a few months ago in China, said Dmitri Alperovitch, formerly of McAfee Labs who is chief technology officer at a brand new startup called CrowdStrike. "No one has publicly demonstrated an end-to-end attack … Read more

Is one of the biggest digital rabble-rousers about to go legit?

Not quite, but Anonymous, the hacktivist collective that's been on a months-long rampage breaking into corporate and government networks, says it will partner with the Occupy movement to urge people to vote in the November elections.

The activist group today announced a new joint effort to hold politicians accountable to the people.

"Last year, many of our elected officials let us down by giving in to deep-pocketed lobbyists and passing laws meant to boost corporate profits at the expense of individual liberty," the groups said in … Read more

Hackers aligned with the Anonymous group of online activists defaced today the Web site of a major contractor operating detention facilities, calling the move a protest of the for-profit prison system, which, they said, benefits from stricter laws and more arrests.

The home page for the Geo Group's Web site was inaccessible this afternoon after it had had been replaced with an image of imprisoned activist Mumia Abu-Jamal and audio of a song about him, according to news site RT.com.

Phone messages left by CNET at the Geo Group headquarters in Boca Raton, Fla., were not returned late … Read more

In a case that serves as a reminder to: a) use encryption, and b) memorize the encryption pass-phrase, an appeals court has ruled that people have a constitutional right not to be forced to decrypt data that potentially includes evidence that could be used to prosecute them in court.

The Fifth Amendment privilege against self-incrimination that prohibits authorities from forcing a suspect to reveal the combination to open a lock on a safe in an investigation also applies to the digital equivalent--data locked up with encryption, the U.S. District Court of Appeals for the Northern District of Florida ruled yesterday. … Read more

What Do Not Track means to you and what it means to companies that are collecting your data crumbs across the Internet are likely two very different things.

Thus excitement about today's announcement that Google and online advertisers under the Digital Advertising Alliance (DAA) banner will support Do Not Track technology may be tempered as people realize exactly how limited the scope of the effort is. It applies to targeted ads only and not to any other forms of tracking, such as the use of Google "+1" and Facebook "Like" buttons, which have generated public … Read more

The cybersecurity bill introduced last week in the Senate is too broad, say privacy experts who worry that it could authorize wiretapping and curtail civil liberties.

The Cybersecurity Act of 2012, introduced last week by Sens. Joe Lieberman (I-Connecticut), John D. Rockefeller IV (D-West Virginia), Susan Collins (R-Maine), and Dianne Feinstein (D-California), is designed to protect the nation's critical infrastructure, which provides vital services such as water, energy, and transportation. It calls on the Department of Homeland Security to work with network operators to develop security standards, a provision that Republican lawmakers, including Sen. John McCain (R-Arizona), object to … Read more