Software Integrity Blog

Archive for the 'Privacy' Category

 

LifeLock lesson—Third party security is your security

On July 25, on his blog Krebs on Security, Brian Krebs covered a flaw in how LifeLock processed “unsubscribe” information related to its marketing activities. For those unfamiliar with LifeLock, it is a subsidiary of Symantec offering identity monitoring and protection services in the U.S. market. Brian outlined an issue impacting recipients of LifeLock marketing material […]

Continue Reading...

Posted in Privacy, Security Standards and Compliance

 

Golden Cup was a world cup of trouble

Nobody with any connection to, or interest in, the FIFA World Cup can say they weren’t warned. In the days leading up to the quadrennial world championship of European football (or soccer), security experts put the word out constantly that everybody involved—players, organizers, staff, and spectators (including those watching on TV or online)—would be a […]

Continue Reading...

Posted in Mobile Application Security, Privacy

 

Another inside job, Gmail privacy, and UK cyber crime court

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Another inside job, or perhaps it should be described as an “insider job.” A former NSO employee has been accused of stealing spyware. Who is […]

Continue Reading...

Posted in Government Security, Privacy, Weekly Security Mashup

 

Supreme Court puts the brakes on Big Brother

The troops on the front lines of the war to protect personal privacy won a couple of significant battles last week. Significant, but likely not seismic—at least not yet. It’s not like the clock got rewound to 1990, before the Internet became mainstream, when mobile phones were still relatively rare. And we still live in […]

Continue Reading...

Posted in Privacy

 

Privacy still an uphill climb on Data Privacy Day

It’s been called Data Privacy Day since it was launched in 2008 to commemorate the signing of Convention 108—the first legally binding international treaty dealing with privacy and data protection—on Jan. 28, 1981. But you could make a pretty solid case that a decade later, this year’s observance, on Sunday, ought to be called Lack […]

Continue Reading...

Posted in Internet of Things, Privacy

 

What Dark Web failures can teach us about security at Black Hat and DEF CON

Last week, authorities in multiple countries served warrants to take down a Dark Web site generating a reported $600,000-$800,000 a day in sales of illegal drugs and other products. The clue that led authorities to the real-world admin behind the site was a personal email address used in the site’s early days. It provided a […]

Continue Reading...

Posted in Privacy