Archive for the ‘Privacy’ Category

Paying With Prints (iPhone 5S and Its Fingerprint Scanner)

Thursday, October 17th, 2013

Apple’s Touch ID fingerprint scanner is little, round, innocuous looking Rorschach test. Stare into its unflinching gaze and you’ll see wonder, terror, good security, no security, a social revolution, or a lie being foisted on the smartphone buying public by Apple, depending on your background, biases, and philosophical inclinations. (more…)

Wait – HOW MANY websites are tracking me?

Friday, May 31st, 2013
Collusion graph

Collusion graph

If you’ve ever wondered how a certain website ad seems to know who you are, even though you haven’t logged in to it, wonder no longer. The Mozilla Foundation has an add-on for their Firefox web browser called Collusion. What does Collusion do? It shows the relationships between all of the websites you visit. (more…)

No, You Do NOT Want Your Employees’ Passwords!

Thursday, March 7th, 2013

We have several clients who have stated that they “need to have all employees’ passwords.” They don’t, and furthermore, after a brief explanation, they realize they don’t want them either. Here’s why.


Vermont State Employees Credit Union (VSECU) Data Breach

Wednesday, October 24th, 2012

BreachAccording to this report, 80,000 Social Security numbers and personal financial information for members of the Vermont State Employees Credit Union have been lost as a result of “human error.” (more…)

LinkedIn Scam of the Day

Tuesday, September 4th, 2012

We recently handled an incident response case where our client was infected by malware which was delivered by email. The client plead ignorance, and asked “how can we tell what is real and what is a virus?” Here’s a quick tip to do just that!

For starters, several email clients and web browsers will show you the address of a link before you click on it… provided you take a few seconds and look before clicking! Most people just click away without giving a second thought, which is like running out across the street and then, if ever, looking to see if there is any oncoming traffic, so try to resist that urge and put safety first.

Here’s a sample “LinkedIn” notification I just received.

Suspicious "LinkedIn" Email


Deactivate Your Account (for real) With Account Killer

Friday, June 10th, 2011

Have you ever made an account with an online service, then decided not to use it anymore? Last year, the SANS Internet Storm Center had a diary on abandoned email accounts that discussed how they can be abused by spammers. Furthermore, if you left any information in the account and someone managed to compromise it, they could then not only impersonate you, but also access any information you left behind.

But how do you go about deleting an account from popular online services? Every one is different, and the difficulty can range from easy to nearly impossible. Enter Account Killer. Account Killer simplifies the process by giving you direct links to the deletion pages, when available.

If you’re no longer using an account, you should consider deleting it.

GPS = The End of Privacy As We Knew It

Friday, April 22nd, 2011

It doesn’t take a genius to connect the dots made out of a few of this week’s headlines, all relating to GPS/geolocation technologies and our privacy, rather, the death of what we used to know as privacy.

“The Obama administration is urging the Supreme Court to allow the government, without a court warrant, to affix GPS devices on suspects’ vehicles to track their every move.” (Source: Wired Magazine)

Apple Inc.’s iPhones and Google Inc.’s Android smartphones regularly transmit their locations back to Apple and Google, respectively, according to data and documents analyzed by The Wall Street Journal—intensifying concerns over privacy and the widening trade in personal data.” (Sources: Wall Street Journal, InfoWorld, Where 2.0)


Facebook Wants Your Account to Be More Secure (or “Facebook Wants More of Your Private Data”)

Thursday, March 3rd, 2011

Yesterday, I was greeted by the message shown in the first image of the following gallery, informing me that my Facebook account protection status was Low. I was not at all surprised that this was little more than another ploy by Facebook to get more of my private data. (more…)