Archive for October 2010
This is really just an automation of something we demonstrated in the Anonymizer Labs section of our website a while back.
Reuters reports that the Google admits that its Street View vehicles captured much more WiFi data than previously reported. It appears that they managed to capture entire emails and passwords among other information.
People are vilifying Google about this, but I am not going to get on that bandwagon. The reality is that they did this accidentally, but the architecture of WiFi allows any bad guy to do the same thing intentionally. Google did not “hack” in to these WiFi communications, they simply configured their WiFi cards to accept all packets flying by them through the air in the clear. Anyone sitting in a Starbucks, driving around town with a laptop in the passenger seat, or in a thousand other ways could intentionally capture and maintain much more information and with it do significant damage.
The take away from this is that you need to take precautions when using open public WiFi. Full VPN technologies like Anonymizer Universal ensure that when (not if) someone sniffs your traffic they will not be able to get any of your personal information.
One of the reasons interception of insecure passwords is so scary is the tendency for people to use the same passwords for many accounts. While you might not care if someone hacks in to your social network or news account, if you use the same password attackers might use it to log in to your bank or email.
3 Comments · Posted by lance in Computer Security, Cryptography, First Amendment, Innovation, Internet, legal, Legislation, National Security, Online Privacy, Personal Privacy, Security Breaches, Surveillance
The EFF has an excellent article on eight reasons why government regulation of cryptography is a bad idea.
The short answer is: the bad guys can easily get it and use it anyway, and it will make security for the rest of us much worse (not including the big brother surveillance and constitutional issues).
Today we are releasing the results of a survey on how people understand the risks of going on-line, and what does and does not work to protect against various threats.
One of the most interesting results was that a significant majority of respondents thought that firewalls provided identity protection on line. While important, they are addressing a very different threat.
More information on our results can be found here.
This WSJ article reports on a new privacy issue with Facebook. It turns out that their application infrastructure allow those applications access to your personal information independent of your privacy settings. They are then able to (and have in many cases been shown to) share that information with third parties. The specific information shared is your Facebook user ID, and in some cases your friend’s user IDs.
Many of the most popular applications have been shown to be sharing this information, including FarmVille, Texas HoldEm Poker and FrontierVille among others.