China Arrests Apple Distributors Who Made Millions on iPhone Data

An anonymous reader shares a report: Police in China’s Zhejiang province have arrested 22 (apparently third-party) Apple distributors for allegedly selling iPhone user data. Officials say the workers searched an internal Apple database for sensitive info, such as Apple IDs and phone numbers, and peddled it on the black market for between 10 to 180 yuan with each sale ($ 1.50 to $ 26). All told, the distributors reportedly raked in more than 50 million yuan, about $ 7.36 million, before authorities stepped in.

Read more of this story at Slashdot.


Slashdot

White House scrambles to defend Trump’s use of climate data, disputed by the authors themselves

White House scrambles to defend Trump’s use of climate data, disputed by the authors themselvesMIT scientists say that Trump has “badly misunderstood” their study, but EPA administrator Scott Pruitt says other studies back up the president’s position.



Yahoo News – Latest News & Headlines

How Security Experts Are Protecting Their Own Data

Today the San Jose Mercury News asked several prominent security experts which security products they were actually using for their own data. An anonymous Slashdot reader writes:
The EFF’s chief technologist revealed that he doesn’t run an anti-virus program, partly because he’s using Linux, and partly because he feels anti-virus software creates a false sense of security. (“I don’t like to get complacent and rely on it in any way…”) He does regularly encrypt his e-mail, “but he doesn’t recommend that average users scramble their email, because he thinks the encryption software is just too difficult to use.”

The newspaper also interviewed security expert Eugene Spafford, who rarely updates the operating system on one of his computers — because it’s not connected to the internet — and sometimes even accesses his files with a virtual machine, which he then deletes when he’s done. His home router is equipped with a firewall device, and “he’s developed some tools in his research center that he uses to try to detect security problems,” according to the article. “There are some additional things I do,” Spafford added, telling the reporter that “I’m not going to give details of all of them, because that doesn’t help me.”

Bruce Schneier had a similar answer. When the reporter asked how he protected his data, Schneier wouldn’t tell them, adding “I’m kind of a target…”

Read more of this story at Slashdot.


Slashdot

Acer Suffers Data Breach Through Online Store

Sam Pudwell, writing for IT Pro Portal: Taiwanese hardware and electronics giant Acer has announced that it has suffered a data breach via its e-commerce site, and is preparing to inform those customers affected. Due to unauthorised access by a third-party, anyone who accessed the online store between 12 May, 2015 and 28 April, 2016 could have had their personal information compromised. Acer revealed that names, addresses, payment card numbers, card expiration dates and card security codes may have been accessed by the hackers but, following investigations by internal and external professionals, believes login details were not compromised.

Read more of this story at Slashdot.


Slashdot

Wikipedia’s Viewing Statistics Could Provide Better Web-Trends Data Than Google

An anonymous reader writes: Researchers in Japan have established an almost 75% correlation between Google Trends data on keyword surges and equivalent Wikipedia page views. Since Google provides aggregate web-trends data with little granularity, the ‘early ripples’ of web interest are far harder to detect via its APIs than by a system that gathers information from Wikipedia’s publicy accessible page views data.

Read more of this story at Slashdot.


Slashdot

Boston Tracks Vehicles, Lies About It, Leaves Data Exposed

An anonymous reader writes: License plate readers have been in the news a lot lately for the invasion of privacy they represent. Boston is the latest city to make mistakes with the technology. Two weeks ago, a reporter realized that the City of Boston had accidentally exposed records for their automated license plate reader system online. Anyone could have downloaded “dozens of sensitive files, including hundreds of thousands of motor vehicle records dating back to 2012.” What’s worse is that the Boston Police Department claimed in 2013 that it had stopped using license plate readers. A look through the accidentally-public database shows “hundreds of emails” dating from 2013 to the present, indicating that the police were still getting that data with help from the Transportation Department.

Read more of this story at Slashdot.


Slashdot

Apple’s Privacy Policies Are Keeping Data Scientists Away

An anonymous reader writes: The Cupertino-based global device giant is falling behind in the race to create ‘predictive’ services for smartphones because its privacy policies are too protective of the end-user. Data retention policies on user-centric information gathered into its Siri ‘personal assistant’ product is a reasonably generous six months, whilst information retained from the user’s exploration of Apple Maps expires after only 15 minutes. As a consequence Apple’s smartphones attempt to crunch a great deal of user-data locally rather than in the cloud.

Read more of this story at Slashdot.


Slashdot

Bugzilla Breached, Private Vulnerability Data Stolen

darthcamaro writes: Mozilla today publicly announced that secured areas of bugzilla, where non-public zero days are stored, were accessed by an attacker. The attacker got access to as many as 185 security bugs before they were made public. They say, “We believe they used that information to attack Firefox users.” The whole hack raises the issue of Mozilla’s own security, since it was a user password that was stolen and the bugzilla accounts weren’t using two-factor authentication. According to Mozilla’s FAQ about the breach (PDF), “The earliest confirmed instance of unauthorized access dates to September 2014. There
are some indications that the attacker may have had access since September 2013.”

Read more of this story at Slashdot.


Slashdot

Some Uber Ride Data Publicly Accessible Through Google

itwbennett writes: On Thursday, ZDNet reported that Uber ride data had leaked into Google search results. Zach Minors confirms in this article that a “site-specific Google search for trip.uber.com produced dozens of links to Uber rides that have been completed and cancelled, in countries around the world including the U.S., England, Russia, France and Mexico. Each link leads to a Web site with a map showing the ride’s route, with the pickup and destination tagged with markers. A card on the page also shows the first name of the rider and driver, along the driver’s photo, make and model of the car, and license plate number.” However, what appeared to be a privacy red flag was not a “data leak,” according to an Uber spokeswoman: “We have found that all these links have been deliberately shared publicly by riders. Protection of user data is critically important to us and we are always looking for ways to make it even more secure.”

Read more of this story at Slashdot.


Slashdot