Evil WiFi Hotspots Hacking Apple Pay to Steal Credit Card Information

By Brandon Stosh

Apple has been altered by mobile security researchers that a potential security flaw in iOS could lead to hackers stealing the personal credit card information of millions through Apple Pay. Due to iOS devices default setting to auto connect to Wi-Fi networks, a vulnerability in Apple pay could allow a hacker to display a fake image on the device appearing to be Apple Pay asking for your credit card information.

Today, wherever you go there are open wifi hotpots, it makes traveling easier, even when we’re are stuck without a data connection. But with the alarming amount of open hotspots, hackers are beginning to take advantage and abuse public hotspots.

Full article at: https://freedomhacker.net/evil-wifi-hacking-apple-pay-steal-credit-cards-4255/

iOS 9: Apple Introduces 6 Digit Passcodes, Stronger Encryption and Brute Force Prevention

By Brandon Stosh on June

Apple is taking their security to the next level, making it significantly harder for hackers to break into iPhones with the bundle of new features jam packed in iOS 9.

Following Apple’s announcement on iOS 9, the company has said they’ve clipped their four digit passcode for a more secure option, a new and improved six digit passcode lock.

Full article at: https://freedomhacker.net/ios-9-apple-6-digit-passcodes-stronger-encryption-brute-force-prevention-4275/


The Big Data picture – just how anonymous are “anonymous” records?

By Paul Ducklin

There are things that obviously aren’t big data, like the modest collection of pictures you took of your cat until you snapped one that made a decent computer wallpaper image.

And there are things that obviously are big data, like the giant database of Wi-Fi access points from Google’s StreetView cars that it uses to aid and abet its geolocation services.

Of course, even your cat pictures – the ones that were captured with a single short press of the BURST option on your new iPhone – probably take up several times more storage than your first computer had in total.

But they fail to make the cut as “big data” not only because they’re small by modern standards, but also because you can’t dissect, compare and contrast them to look for patterns in the whole cat world, and from that to draw inferences about one particular cat in the database.

Now, if you had pictures of 1,000,000 different cats, organised by location, that would be big data.

Full article at: https://nakedsecurity.sophos.com/2015/02/12/the-big-data-picture-just-how-anonymous-are-anonymous-records

Facebook’s DeepFace facial recognition technology has human-like accuracy

By Lee Munson

Facial recognition technology has been around for many years…

DeepFace is so accurate that there is barely a difference between its ability to identify a person and that of a real human being. The software’s algorithms are able to determine whether two different photographs feature the same person with an accuracy rate of 97.25%, regardless of the angle of the shot or the background lighting conditions.

So Facebook’s going to turn this technology on its 1.3 billion users and root out and quantify even more of the social connections implied by your photos, right? They say not.

The social network plans to use the system to identify its users in new photos as they are uploaded. If your visage appears in one of the 400 million pictures added to the network each day you’ll receive an email from Facebook alerting you.

Full article at: https://nakedsecurity.sophos.com/2015/02/06/facebooks-deepface-facial-recognition-technology-has-human-like-accuracy

Facebook’s got a new privacy policy, and it plans to share your data with partners

By Lee Munson

Late last year you may recall receiving a message from Facebook saying that its privacy policy was set to change again.

But can you remember when the new policy was due to come into effect?

Well, it’s already arrived and, if you have logged into your account at any point since its implementation on Friday, you’ve already agreed to its terms and conditions.

The new policy, which applies to European users of the social network, contains some interesting changes which have already drawn criticism.

Full article at: https://nakedsecurity.sophos.com/2015/02/02/facebooks-got-a-new-privacy-policy-and-it-plans-to-share-your-data-with-partners

Google to change privacy policy after settling case with ICO

By Lisa Vaas

Google and the ICO have settled a case over the company’s privacy policy being too vague, with the upshot being that policy changes are now in the works.

The case concerned Google’s 2012 privacy policy revision, which consolidated 70 individual privacy policies into one, with the exception of a few services (Wallet, Chrome/Chrome OS and Books).

That change sparked an investigation by the Article 29 Working Party: the group of EU data protection authorities which includes the UK’s Information Commissioner’s Office (ICO).

Full article at: https://nakedsecurity.sophos.com/2015/02/02/google-to-change-privacy-policy-after-settling-case-with-ico

People happily give away their (bad) passwords to TV reporter

By Lisa Vaas

Yes, it’s a time warp in password land, according to the yearly list of the 25 worst passwords collected by password management app company SplashData.

It’s a fresh list, but this bakery’s full of stale bread.

Welcome back, 123456 and password! You’ve been glued to the top two spots since the company first put out a list in 2011!

But wait, we have two newcomers to welcome to the top 25 worst passwords: 696969 and batman.

Full article at: https://nakedsecurity.sophos.com/2015/01/21/people-happily-give-away-their-bad-passwords-to-tv-reporter

David Cameron’s internet surveillance plans rival Syria, Russia and Iran

By Cory Doctorow for the guardian.com

13 January 2015

Cameron says there should be no means of communication that ‘we cannot read’. Let’s examine what that actually means.

What David Cameron thinks he’s saying is: “We will command all the software creators we can reach to introduce back doors into their tools for us.” There are enormous problems with this: there’s no back door that only lets good guys go through it. If your WhatsApp or Google Hangouts has a deliberately introduced flaw in it, then foreign spies, criminals, crooked police (such as those who fed sensitive information to the tabloids who were implicated in the phone-hacking scandal – and like the high-level police who secretly worked for organised crime for years) and criminals will eventually discover this vulnerability. They – and not just the security services – will be able to use it to intercept all of our communications, from the pictures of your kids in your bath you send to your parents to the trade secrets you send to co-workers.

Full article at: http://www.theguardian.com/commentisfree/2015/jan/13/david-cameron-internet-surveillance-syria-russia-iran-communication

Web Sends Lovers Flocking to Private Eyes to Find Out Truth

Background Checks for Deal-Breaking Secrets and Habits Surge in Recent Years

Updated Jan. 16, 2015 5:44 p.m. ET

Private detectives increasingly are helping lovers solve an age-old question: Is my partner marriage-material?

Investigators across the nation (USA) say business has boomed in recent years from clients who want their sweethearts investigated for potentially deal-breaking habits and secrets.

Copyright: The Wall Street Journal

Full article at: http://www.wsj.com/articles/web-sends-lovers-flocking-to-private-eyes-to-find-out-the-truth-1421436350

Barack Obama and David Cameron fail to see eye to eye on surveillance

Nicholas Watt in Washington
The Guardian, Friday 16 January

Barack Obama and David Cameron struck different notes on surveillance powers after the president conceded that there is an important balance to be struck between monitoring terror suspects and protecting civil liberties.

As Cameron warned the internet giants that they must do more to ensure they do not become platforms for terrorist communications, the US president said he welcomed the way in which civil liberties groups hold them to account by tapping them on the shoulder.

Obama agreed with the prime minister that there could be no spaces on the internet for terrorists to communicate that could not be monitored by the intelligences agencies, subject to proper oversight. But, unlike Cameron, the president encouraged groups to ensure that he and other leaders do not abandon civil liberties.

The prime minister adopted a harder stance on the need for big internet companies such as Facebook and Twitter to do more to cooperate with the surveillance of terror suspects.

Full article at: http://www.theguardian.com/us-news/2015/jan/16/barack-obama-david-cameron-surveillance-terrorists