Spanish security researcher Sebastián Guerrero has discovered a flaw in Instagram which he has dubbed the "Friendship Vulnerability." In short, it allows anyone to add themselves as a friend to your Instagram account. As a result, they can then view photos you have set to Private as well as profile information.
It seems the Federal Trade Commission has finally located its cojones, at least when it comes to Google. According to the Wall Street Journal, the federales have decided to fine Google $22.5 million for ignoring the Do Not Track privacy settings of Safari browsers and leaving DoubleClick tracking cookies behind on their hard drives.
Social networking site Formspring said Tuesday that it was disabling nearly 30 million registered users' passwords after hundreds of thousands of them were leaked to the Web in their encrypted form.
Formspring said in a blog post that the breach happened after someone hacked into one of the San Francisco-based company's servers.
A few months ago I got an e-mail from a woman about a story I'd written nearly three years ago. To protect her privacy I'll call her Samantha Sugarlips.
An inquiry by Congressional Representative Edward Markey (D-Mass) has revealed that the number of requests wireless carriers receive from US law enforcement for information about their customers has increased steadily, but just how often the police use mobile phones to track individuals' whereabouts remains unclear.
Cyberoam, a maker of appliances designed to secure sensitive networks, said it has issued an update to fix a flaw that could be used to intercept communications sent over the TOR anonymity network.
When selling or giving away your old iPhone, you could be granting the person who buys it access to your personal data, even after you've wiped it.
Certain applications use your phone's unique ID (known as a UDID) to identify you and sign you in to their service.
Does anyone else shake their head in irritated bewilderment when privacy is quoted as the reason you cannot be told how your privacy has been invaded? The most recent example of such ridiculous reasoning comes from mobile phone service providers who happily collect and store your data for law enforcement to tap, but refuse to tell you the details of how your location information was otherwise shared with the government or advertisers.
Cisco Systems said a privacy policy for the Cisco Connect Cloud service that alarmed some customers was a mistake and has been removed.
The cloud service, which among other things allows users of some Wi-Fi home routers to manage their devices from away from home, went live last week and was included in an automatic firmware update to those routers. That brought a flood of complaints to online forums about both the firmware update and the privacy document, which said Cisco might track and share information about customers' Internet use and other data.
Islamic hackers on Sunday revealed hundreds of Israeli email addresses and their passwords on the website of Anonymous Arab. According to Avnet Security Systems, most of the addresses and passwords listed are active accounts.
Roni Bachar, the manager of the cyber-attack department at Avnet, said in a statement, "There was apparently penetration of an Israeli site which cannot be determined at this stage, a site that requires identification by email address and a password, as is usual at forum, content and commercial sites.
