privacy
IP Addresses: Personally Identifiable Information?
Peter Scharr, Germany’s Commissioner of Data Protection and head of the European Union’s privacy working group, has stated that information identified only by IP address must be considered personally identifiable information. As the AP article points out, this could have rather serious implications for search engines and many other electronic businesses, and RSnake is concerned [...]
Sears & KMart’s Official Malware
CA’s Security Advisor Research Blog has an interesting post about a bit of malware they discovered when doing research for their Anti-Spyware product — the My SHC Community system. You’re offered a chance to join when you buy something from sears.com or kmart.com. The system offers you “special offers and promotions,” the usual marketing stuff [...]
Checks: The Most Dangerous Transaction
During this year’s Christmas shopping season, I made some large in-person transactions at the same time as my wife made an online transaction, and my credit card was suspended by the issuing bank for potential fraudulent activity. This happens relatively often, whenever someone’s spending patterns are flagged by the neural-network based automated fraud detection used [...]
Backdoored PNRGs from the NSA
Bruce Schneier has an article at wired.com about the new government-sponsored official standards for random number generators in NIST Special Publication 800-90. Apparently, it’s possible that one of them contains a back-door for the NSA; depending on how the constants in the algorithm were chosen, the NSA may have another set of constants that let [...]
Secure P2P for Pirates
According to a recent Reuters article, the unrepentant pirates of Sweden’s The Pirate Bay are working on developing their own peer-to-peer networking system. It turns out that this is a relatively fascinating security problem, even though in this case it’s the criminals needing the security, vs. the law-abiding companies trying to break it — a [...]
