InSecurity Complex

Consumer group files FTC complaint against Google

The Center for Digital Democracy (CDD) today filed a complaint with the Federal Trade Commission claiming that Google's move to consolidate its dozens of privacy policies violates an agreement the company reached with the FTC to settle privacy complaints about the now defunct Google Buzz.

The complaint -- similar to complaints brought by the Electronic Privacy Information Center (EPIC), the World Privacy Forum and Consumer Watchdog -- alleges that Google is misleading users about the "real reasons" for the privacy policy change, which are due to take effect March 1. In addition, the planned policy changes violate … Read more

Tech firms agree to privacy protections for mobile apps

SAN FRANCISCO--California's Office of the Attorney General has gotten agreements from Apple, Google, Microsoft, Amazon, Hewlett-Packard, and Research In Motion to improve privacy protections on mobile apps.

The companies will require developers to include privacy policies in their apps so that users will be informed about the data that apps will access, use, and share before they download the apps, California Attorney General Kamal Harris said today in a news conference. The news follows disclosure that some mobile apps were using address book data without user notification or permission.

Basically, California's Online Privacy Protection Act, one of the … Read more

Hackers nip at LA police canine group

Hackers today released names, addresses and phone numbers of more than 100 officers whose information was pilfered from the Web site of the Los Angeles County Police Canine Association.

LACPCA President Tony Vairo confirmed to CNET that the group's site was hacked and said that the FBI had notified him of the breach. He said he could not comment further.

The hackers also claimed to have found what they described as a couple of objectionable photos of children in the private e-mails of a police officer whose account they were able to access because he purportedly used the same … Read more

Privacy brouhaha reveals Google's split personality

When it comes to privacy, is the Googleplex speaking with one voice?

A new Google privacy controversy has revealed conflicting messages and actions between two different factions within the company: those working to protect consumer privacy on the one hand, and those seeking to improve advertising and social networking on the other.

Meanwhile, the news that Google overrode default cookie settings in Apple's Safari browser has prompted two complaints to the U.S. Federal Trade Commission (FTC) and renewed calls for legislation and industry standards that would protect Web surfers from being tracked across sites if they don't … Read more

JotForm says domain suspended by feds

JotForm, a service that lets people create forms on the Web, has been suspended by the U.S. Secret Service as a result of content a user posted online, according to the co-founder of the company that created JotForm.

But by this afternoon there were signs that the matter was being corrected, Aytekin Tank, who co-founded JotForm creator Interlogy Internet Technology, told CNET.

"Although it is still not propagated, our DNS (Domain Name System) for Jotform.com started pointing back to the correct names. They have not notified us but it looks like they might have lifted the suspension,&… Read more

Security experts: Apple did Mac OS X Gatekeeper right

Many people complain about Apple controlling what apps can run on the iPhone, but with Mac OS X Mountain Lion, the company has struck the right balance between security and freedom, experts say.

"Users can opt to turn this off and allow any software to be installed with the click of a button," said Dino Dai Zovi, chief technology officer at security firm Trail of Bits. "There'll be no need to jailbreak your Mac."

Apple unveiled details today about Mac OS X v.10.8, the latest version of its Macintosh operating system which is … Read more

Apple iOS developers: We'll adjust to privacy change

iPhone apps that access address book data will need to be updated but not overhauled to comply with a new policy from Apple that mandates prior user permission, developers say.

In response to complaints that some iPhone apps were downloading the entire contents of users' address books without asking users first, Apple announced a change earlier today in its developer guidelines. Now, iOS apps will have to get explicit user permission before collecting contacts data from their phones.

The change was prompted after a blogger last week discovered that photo sharing service Path was collecting address book data unbeknownst to … Read more

Lawmakers ask Apple to explain iPhone app privacy policies

One week after the photo-sharing service Path began taking heat for downloading user address books without user permission, a U.S. House subcommittee said it wants to know why Apple doesn't force iOS app developers to seek user permission before downloading their contacts.

"This incident raises questions about whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts," Rep. Henry A. Waxman (D-Calif.), ranking member of the Subcommittee on Commerce, Manufacturing and Trade, wrote in a letter sent to Apple CEO Tim … Read more

Senators introduce new cybersecurity bill

A group of senators today introduced a bipartisan cyber security bill that includes some new regulation requirements but does not give the president emergency authorities to interfere with the Internet as a previous version did.

The Cybersecurity Act of 2012 calls for the Department of Homeland Security (DHS) to assess risks and vulnerabilities of computer systems running at critical infrastructure sites such as power companies and electricity and water utilities and to work with the operators to develop security standards that they would be required to meet.

The DHS would determine which companies fit the definition of critical infrastructure as … Read more