As it turns out, not all smartphone users are made alike. researchers can detect and identify users simply comparing gestures and usage of each individual. The findings are based on a study by cybersecurity researchers at the Georgia Institute of Technology. Called LatentGesture, it’s capable of an accuracy 98% of the time on smartphones. Read more
Starting April 28, this online event will show you the best way to start your freelancing career, from the first steps of self-advertising and marketing, to building your schedule and managing clients. By the end of this online boot camp you will have a plan for making a profitable career as a freelancer, and the skill set to devote yourself to it. Register now!
Security researcher, Jaime Sanchez has been blocked by Snapchat after publishing vulnerabilities about the ephemeral texting app. According to the cyber security-consultant, the app can be used to stage a denial of service attack (DDoS). This means, anyone using the app can lose their ability to use their phone if hackers were to target large numbers of Snapchat users.
The security flaw uses a weakness in Snapchat’s system that allows any sender to reuse old tokens, a code used to verify user’s identities. By re-using old tokens, hackers can disable a user’s phone by using computers to send thousands of Snapchat messages, usually causing the device to shut down. Read more
If you are part of a Bring Your Own Device (BYOD) program for work, you might want to consider keeping it separate from your personal uses. Users who have not done so are at risk of losing all of their personal data including their own apps, photos, and contacts since company policies often include remote wiping, often without notification.
This is what happened to Michael Irvin, who saw his phone powering off after an evening meal – he later then noticed that it was completely wiped clean as if it was new from the factory. Irving’s phone was a victim of remote wiping – something his client and 21% of firms do after termination of employment or projects. Read more
Snapchat’s security issues are aplenty, and the latest attempt to keep out the robots with the app’s mascot ghost was no real deterrent for hackers. The app introduced the new feature on Wednesday – users had to select illustrations with the ghost mascot in order to proceed as a real person. Unfortunately, since the ghost is a repeating image with no real geometrical changes, a simple image detection hack took a developer less than one hour to crack.
In a blog post about the techniques, computer programmer, Steven Hickson said he was able to hack the app’s Ghost Captchas in less than 100 lines in about one hour: Read more
Between the dates of December 23,2013 and January 16, 2014, waves of malicious emails were being sent in blurts of 100,000 spam messages several times every day. The culprit? Hacked devices like smart televisions, security cameras, and even one television, which accounted for more than 25% of the malicious messages.
The findings were made by UK security firm, Proofpoint, who pointed out that the internet of things can be just as valuable to hackers as your laptop, desktop, or mobile devices, especially when they are set up with default passwords or just misconfigured. Since these items are not subjected to malware filters or security software like typical computers, they are easily targeted by hackers. Read more
The year’s two popular subjects, healthcare and security makes an uneasy companion, but with the State Department terminating its contract with the site’s developer’s, CGI Federal, it was only a matter of time until the security gaps started to leak from Healthcare.gov with millions of Americans signed on for national health coverage.
For security researcher, David Kennedy, CEO of TrustTec, the site’s problematic lack of security has always been a problem, and he’s able to prove it. Kennedy was able to gain access to 70,000 records in just four minutes. He could have gotten more data, but at that point, his passive reconnaissance proved what security experts have been saying all along: You can literally just open up your browser, go to this and extract all this information without actually having to hack the website itself. Read more
The National Security Agency (NSA) vacuumed up nearly 200 million text messages around the world, according to a new report in the Guardian. The program, Dishfire, used the text messages to dig further into personal details, such as travel plans, location, credit card information and the individual’s contact list.
The most damning bits of the report, though, say the government collected “pretty much everything it can,” including phone metadata from the “untargeted and unwarranted.” In other words, from an average person who isn’t suspected of doing anything wrong. Read more
App security, and security in general have been a major focus for most developers and retailers, especially since the security hack of Neiman Marcus and Target during the holiday season. Now, the latest, is the negligent storage of usernames and passwords of Starbuck’s payment app, which was reported to be simply accessible by plugging a smartphone into a computer.
Watch out NSA spies, here comes the Blackphone. As the scope of data collection by American intelligence agencies seems to swell daily, so too do the options on the marketplace for thwarting government snoops. The yet-to-launch Blackphone is the latest entrant to the category.
This Android-based smartphone aims to prioritize privacy above everything else, according to its early release notes:
Blackphone is the world’s first smartphone which prioritizes the user’s privacy and control, without any hooks to carriers or vendors. It comes preinstalled with all the tools you need to move throughout the world, conduct business, and stay in touch while shielding you from prying eyes. Read more
Media properties Mozilla, Reddit, BoingBoing have joined Access, Demand Progress, the Electronic Frontier Foundation, Fight for the Future, Free Press, and ThoughtWorks to participate in protest against NSA spying.
The event will take place on February 11th and is being called, The Day We Fight Back. Here is more about how Internet users can participate from the event’s site:
- Visit TheDayWeFightBack.org
- Sign up to indicate that you’ll participate and receive updates.
- Sign up to install widgets on websites encouraging its visitors to fight back against surveillance. (These are being finalized in coming days.)
- Use the social media tools on the site to announce your participation.
- Develop memes, tools, websites, and do whatever else you can to participate — and encourage others to do the same.
The protest is being held in honor of technology activist Aaron Swartz.
NEXT PAGE >>