Privacy

Apple’s fingerprint scanner on the latest iPhone could become a ‘Holy Grail’ for hackers, experts have warned.

Fingerprint recognition technology on the iPhone 5s captures a permanent biometric feature, German data protection expert Johannes Casper said.

If the ‘secure enclave’ that stores the data in the device’s A7 chip was hacked, thieves would have information about you that does not change, he added. Mr Casper explained: ‘Biometric fingerprints cannot be erased. They are with us for life.

Internet regulators are pushing a controversial plan to restrict public access to WHOIS Web site registration records. Proponents of the proposal say it would improve the accuracy of WHOIS data and better protect the privacy of people who register domain names. Critics argue that such a shift would be unworkable and make it more difficult to combat phishers, spammers and scammers.

The way Chris Frydrych tells it, monitoring schoolkids’ public social media posts and then reporting questionable activities about them daily to school officials is an unquestionable net positive.

So his new startup, Geo Listening, does just that. Geo Listening looks for social media posts that deal with depression, despair, online bullying, hate speech, or other words and phrases that may indicate a possible violation of school codes of conduct—whether it's by a student or someone in and around a school’s location.

There’s a lot of talk around biometric authentication since Apple introduced its newest iPhone, which will let users unlock their device with a fingerprint. Given Apple’s industry-leading position, it’s probably not a far stretch to expect this kind of authentication to take off. Some even argue that Apple’s move is a death knell for authenticators based on what a user knows (like passwords and PIN numbers).

"We want to be really, really clear that whenever you give us information, we're going to take it."

These aren't the words of some suede-shoed government spy, trying to put an honest face on an inherently sneaky job.

It was only a matter of time before we learned that the NSA has managed to thwart much of the encryption that protects telephone and online communication, but new revelations show the extent to which the agency, and Britain’s GCHQ, have gone to systematically undermine encryption.

After a review on the language changes to its Statement of Rights and Responsibilities and Data Use policy, Facebook could decide to go back to the drawing board.

Last week, the social network made a host of changes to the language it uses to describe its privacy policy, and these changes were up for user review for one week. Now that the review period has ended, it's unclear whether the social network will keep the language or massage it some more.

Google's attorneys say their long-running practice of electronically scanning the contents of people's Gmail accounts to help sell ads is legal, and are asking a federal judge to dismiss a lawsuit that seeks to stop the practice.

In court records filed in advance of a federal hearing scheduled for Thursday in San Jose, Google argues that "all users of email must necessarily expect that their emails will be subject to automated processing."

It's easier to identify TOR users than they believe, according to research published by a group of researchers from Georgetown University and the US Naval Research Laboratory (USNRL).

Their paper, Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries, is to be presented in November at November's Conference on Computer and Communications Security (CCS) in Berlin. While it's been published at the personal page of lead author Aaron Johnson of the NRL, it remained under the radar until someone posted a copy to Cryptome.

In 2004, a 22-year-old technology enthusiast named Ladar Levison hatched a venture that fused his passion for open-source software with his belief that privacy was a fundamental right. Using the OpenSSL cryptography library, the Linux-based operating system, and close to 10,000 programming hours, he built what ultimately became Lavabit, an e-mail service that, when used correctly, made it impossible for even him to read the encrypted messages stored on his servers.