The RFID Ecosystem Project - University of Washington, CSE How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. In many ways, this was all my fault. Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location. Those security lapses are my fault, and I deeply, deeply regret them. But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. This isn’t just my problem. The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification. I realized something was wrong at about 5 p.m. on Friday. Lulz. “Wait. “Mr.
SecureUDID | a Crashlytics Innovation Facebook reveals its evil plans | Cringely Remember how everyone said that after Facebook went public, it would one day begin to reveal its evil plans for turning your personal data into money? It's heeeeeerrre. There are two bits of news that herald the new dawn of Facebook, or as I like to call it, The Social Network That Never Met a Data Point It Didn't Want to Own (TSNTNMADPIDWTO for short). [ Want to cash in on your IT experiences? InfoWorld is looking for stories of an amazing or amusing IT adventure, lesson learned, or tales from the trenches. First: Facebook has begun to archive your search histories. As with Google, you have the option of deleting your searches from your Timeline or making them visible only to you (once you find out where they're kept -- it's not obvious). Second: The Financial Times reports (via CNN) that Facebook has partnered with a company that will allow it to track which users bought products after seeing ads for them on Facebook. Who the heck is Datalogix?
Audiences: Syndicated Segments for Online Consumer Targeting Need to reach pet owners? SUV drivers? Green consumers? Datalogix has assembled over 700 pre-built online segments that are derived from offline purchase transactions, as well as demographic and financial data. DLX Auto powered by Polk® Online audience targeting on real-world automotive data Examples: Vehicle Style, Vehicle Make & Model Online audience targeting based on the actual CPG purchases of Millions of households Examples: Petcare, Naturals & Organics, Allergy Products DLX Retail Online audience targeting on Real-World purchase behavior Examples: Children Product Buyers, Home Renovation Buyers, Gift Card Buyers Online audience targeting based on TRA TV exposure data Examples: comedy, talk shows, food & cooking DLX Philanthropy Online audience targeting based on charitable contributions Examples: Environment, International relief, Family & human services DLX Lifestyles Online audience targeting on real-world lifestyle behavior Examples: Soccer Moms, Green Consumers, Sports Fans DLX Demo
European Data Protection Authorities Publish Guidelines Clarifying Exemptions to Cookie Consent Requirement : Privacy Law Blog Home > Data Privacy Laws > European Data Protection Authorities Publish Guidelines Clarifying Exemptions to Cookie Consent Requirement On June 7, 2012, the Article 29 Working Party, an independent advisory body composed of representatives from the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission, issued Opinion 04/2012 regarding which types of cookies are exempted from the informed user-consent requirement under Directive 2002/58 of the European Parliament (the E-Privacy Directive). Article 5.3 of the E-Privacy Directive requires that websites must obtain informed consent from users prior to storing cookies on users’ equipment. With regard to the first exemption, the Opinion stresses its narrow scope: the words “sole purpose” mean that such cookies will be exempted only if they are strictly necessary for communication to take place over a network between two parties.
Telecommunications data retention In the field of telecommunications, data retention (or data preservation) generally refers to the storage of call detail records (CDRs) of telephony and internet traffic and transaction data (IPDRs) by governments and commercial organisations. In the case of government data retention, the data that is stored is usually of telephone calls made and received, emails sent and received and web sites visited. Location data is also collected. The primary objective in government data retention is traffic analysis and mass surveillance. By analysing the retained data, governments can identify the locations of individuals, an individual's associates and the members of a group such as political opponents. These activities may or may not be lawful, depending on the constitutions and laws of each country. In the case of commercial data retention, the data retained will usually be on transactions and web sites visited. European Union[edit] United Kingdom[edit] Retention of other data[edit] Italy[edit]
2012 Law Enforcement Requests Report Microsoft receives legal demands for customer data from law enforcement agencies around the world. In March 2013, as part of our commitment to increased transparency, Microsoft began publishing details of the number of demands we receive each year in our Law Enforcement Requests Report and clear documentation of our established practices in responding to government legal demands for customer data. We update this report every six months, and each report includes the number of demands we receive and the number of accounts or identifiers that may be affected by these demands. We also provide details on the number of demands we complied with and, if we complied, whether we provided content or non-content data. This Law Enforcement Requests Report is focused only on law enforcement requests at this time and does not include data about national security requests. However, we have also recently been permitted to begin publishing data about the number of legal demands we receive from the U.S.
Anti-Counterfeiting Trade Agreement What Is ACTA? The Anti-Counterfeiting Trade Agreement (ACTA) is an agreement to create new global intellectual property (IP) enforcement standards that go beyond current international law, shifting the discussion from more democratic multilateral forums, such as the World Trade Organization (WTO) and the World Intellectual Property Organization (WIPO), to secret regional negotiations. Through ACTA, the US aims to hand over increased authority to enforcement agencies to act on their own initiative, to seize any goods that are related to infringement activities (including domain names), criminalize circumvention of digital security technologies, and address piracy on digital networks. ACTA was negotiated from 2007 through 2010 by the US, the EU, Switzerland, Canada, Australia, New Zealand, Mexico, Singapore, Morocco, Japan, and South Korea. Eight out of the eleven negotiating countries signed the agreement in October 2011. Why Should You Care About It? Provisions of ACTA What’s Next?
Network Advertising Initiative Opt Out of Interest-Based Advertising NAI members are committed to transparency and choice. The NAI opt-out tool was developed in conjunction with our members for the express purpose of allowing consumers to "opt out" of the Interest-Based Advertising delivered by our members. Some of the ads you receive on Web pages are customized based on predictions about your interests generated from your visits over time and across different Web sites. Using the tools on this page, you can opt out from receiving Interest-Based Advertising from some or all of our participating companies. Following an opt out, the companies listed below cease collecting and using data from across web domains owned or operated by different entities for the purpose of delivering advertising based on preferences or interests known or inferred from the data collected (Interest Based Advertising or IBA). Opting out does not mean you will no longer receive online advertising.
Frequently Asked Questions on Identity Cards » NO2ID What is an ID card? The government is planning to establish a system that will involve unprecedented collation and monitoring of personal information. The House of Lords said the Identity Cards Bills name is misleading. This is about more than plastic cards! An ID card, as part of the National Identity Scheme, will impose upon every adult legally resident in this country, including foreign nationals, a card which will link to the National Identity Register, holding fifty pieces of information about each of them. This technology brings many pitfalls, including enormous cost, a one stop shop for organised criminals and intrusion into civil liberties. Why introduce a National Identity Scheme? The Government claims its decision to introduce its identity scheme is based in part on the fact that many countries are starting to put biometrics into their passports. But this is being used as an excuse for a National Identity Register (NIR), masked by the concept of an ID card. What are biometrics?
OpenID Explained What is OpenID? OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords. You may choose to associate information with your OpenID that can be shared with the websites you visit, such as a name or email address. With OpenID, you control how much of that information is shared with the websites you visit. With OpenID, your password is only given to your identity provider, and that provider then confirms your identity to the websites you visit. Other than your provider, no website ever sees your password, so you don’t need to worry about an unscrupulous or insecure website compromising your identity. OpenID is rapidly gaining adoption on the web, with over one billion OpenID enabled user accounts and over 50,000 websites accepting OpenID for logins. Who Owns or Controls OpenID? OpenID was created in the summer of 2005 by an open source community trying to solve a problem that was not easily solved by other existing identity technologies.