Privacy

Thanks to last month’s big Facebook acquisition, WhatsApp has been attracting a lot of attention lately. While that should only help grow its already impressively large 450-million-person-strong user base, that extra attention also means that more people are placing the app under a critical light. Today we learn of a potential security vulnerability in how WhatsApp saves logs of your conversations; what exactly is the problem here, and is it one you need to be concerned about?

Edward Snowden has taken part in a video conversation at the South By Southwest (SXSW) conference along with representatives of the American Civil Liberties Union.

The talk was announced last week, and protested this weekend by US congressman Mike Pompeo. Kansas Republican representative Pompeo is not a fan of Snowden and called him an attention seeking self-promoter. He asked SXSW to halt Snowden's appearance, but he was ignored.

The upcoming edition of the SXSW Interactive Festival will be an interesting one. That’s because Edward Snowden, the man who needs no introduction, will speak at the event on Monday, March 10, 2014.

Of course, since SXSW takes place in Austin, Texas, there’s no way for Snowden to attend the event in person so he’ll speak via videoconference.

The Barack Obama administration has filed a civil lawsuit against US wireless operator Sprint, alleging that the carrier intentionally overcharged law enforcement agencies for services related to American government wiretapping programs.

Under current US law, telecommunications carriers are required to assist law enforcement with legally authorized surveillance operations. But they can also ask the government to pick up their costs associated with those operations, so long as they follow billing rules set by the Federal Communications Commission.

The new "Blackphone" smartphone may have only debuted at last week's Mobile World Congress but concerns are already being raised that it will be targeted by hackers and the NSA.

Spanish start-up Geeksphone, Silent Circle and Pretty Good Privacy announced the Blackphone at the technology exhibition in Barcelona last week, with STMicro later demonstrating its own security-focused smartphone, the Boeing Black.

The most interesting device shown at Mobile World Congress (MWC) in Barcelona this week was the secure Blackphone developed by Silent Circle and Geeksphone.

The Blackphone features anonymous search, automatic disabling of non-trusted WiFi hotspots, and private texting, calling and file transfer capabilities. It's available to the general public, and bundles additional security features that apparently go beyond the basic messaging security provided by Blackberry to enterprise customers in its Blackberry Messaging (BBM) service.

Britain's surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal.

GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

Researchers said they have identified a flaw in Apple's iOS that makes it possible for attackers to surreptitiously log every touch a user makes, including characters typed into the keyboard, TouchID presses, and adjustments to the volume control.

A former White House security advisor has suggested that you, dear reader, are naive if you think hosting data outside of the US will protect a business from the NSA.

"NSA and any other world-class intelligence agency can hack into databases even if they not in the US," said former White House security advisor Richard Clarke in a speech at the Cloud Security Alliance summit in San Francisco on Monday. "Non-US companies are using NSA revelations as a marketing tool."

The Office of the Australian Information Commission (OAIC) has confirmed it won’t hold organisations accountable for the exposure of personal information when accessed via a cyber attack, as long as the Office is satisfied with the level of security in place within the targeted systems.

New privacy rules strengthening the enforcement power of the OAIC come into effect in 12 March 2014.