Privacy

When Canada's Conservatives took the most votes in the May 2011 federal election, Prime Minister Stephen Harper said that an "omnibus" security/crime bill would be introduced within 100 days. The bill would wrap up a whole host of ideas that were previously introduced as separate bills—and make individual ideas much more difficult to debate. A key part of the omnibus bill will apparently be "lawful access" rules giving police greater access to ISP and geolocation data—often without a warrant—and privacy advocates and liberals are up in arms.

Hackers launched another online attack Wednesday against a California transit agency that found itself in the middle of a debate about free speech after it turned off cellphone service in its stations last week to thwart a potential protest.

This time, hackers gained access to the website of the union that represents Bay Area Rapid Transit police and posted personal information on more than 100 officers.

Another South Korean service provider has reported a large-scale data breach, leaking usernames and passwords for subscribers worldwide.

Late last month, cybercrooks made off with the personal information of up to 35,000,000 users of popular Korean sites Nate and Cyworld.

"The Caterpillar and Alice looked at each other for some time in silence: At last the Caterpillar took the hookah out of its mouth and addressed her in a languid, sleepy voice. "Who are YOU?" said the Caterpillar. This was not an encouraging opening for a conversation." -- "Alice's Adventures in Wonderland" by Lewis Carroll

Indeed ... what a good question: Who are you? And for that matter, who am I?

Sophos has warned LinkedIn users of the need to be aware of a change to the business social networking site's privacy policy, apparently allowing the site to use member's names and photos in promotional advertisements. The change, says the IT security vendor, allows LinkedIn to use the information and pictures by default, meaning that users have to opt out of seeing their names and photos in the site's advertisements.

The portable radios used by many federal law enforcement agents have major security flaws that allowed researchers to intercept hundreds of hours of sensitive traffic sent without encryption over the past two years, according to a new study being released today.

While studying the technology, researchers from the University of Pennsylvania overheard conversations that included descriptions of undercover agents and confidential informants, plans for forthcoming arrests and information on the technology used in surveillance operations.

The Information Commissioner’s Office (ICO) has found a school in Hampshire in breach of the Data Protection Act (DPA) after the personal details of nearly 20,000 people were put at risk when the school’s website was hacked.

According to an undertaking signed by Bay House School, computer hackers, including at least one of its own pupils, accessed the school’s internal information management system via an attack on the school’s remotely-hosted website.

Two companies have been found in breach of the Data Protection Act after tens of thousands of tenants’ details were left at a London pub, alongside 800 records with bank account details. The contractor was working for the latter organisation when he lost an unencrypted USB, which contained data copied from both companies’ networks. Saving personal information on to an unencrypted memory stick is as risky as taking hard copy papers out of the office. The device contained details of over 20,000 tenants of Lewisham Homes and 6,200 from Wandle Housing Association.

A teen who stole images from the online accounts of actress Miley Cyrus before apparently leaving a hard-to-miss chain of evidence that led police to his house, has pleaded guilty to a separate charge of credit card fraud.

Joshua Holly, now 21, has admitted possession of 200 stolen credit card numbers and to having hijacked 20 celebrity online accounts between 2005 and 2008 to aid in spam marketing that made him at least $110,000.

A new bit of Android malware has popped onto security experts’ radar, and this particular trojan can record your phone calls.

Security researchers at CA Technologies have posted their findings about the new trojan. In a blog post, mobile malware specialist Dinesh Venkatesan wrote that the Android package can record phone calls the victim makes as .amr files; the .amr files are then stored to the mobile device’s SD card.