Lie down with dogs
Get up with fleas.
I am amused that anyone would be surprised that hiring out dodgy work carries a risk of backfiring. "Honor among thieves" is a fable for the marks.
The makers of Mobile Spy like to tout their tool for secretly tracking calls and text messages on smart phones as the perfect way to monitor employees or teens or catch cheating spouses. According to F-Secure, the service was also a way to leak sensitive information to anyone with a web browser. For $20 per month or $100 for a …
Quite agree. Problem is, the paranoid eavesdroppers are not the ones getting screwed here, it's the poor sods who're being spied on by snooping spouses (spice?), employers, parents etc who're having their private texts and call histories accessed by random strangers.
Bad enough being a big enough prick to snoop on someone else's phone without getting it done in such a way the whole world can snoop.
"Hey, we've found a vuln in your system."
"Impossible, it can't be done."
"What about this evidence?"
I find it amazing how companies such as Flexispy and Mobile Spy can sell products that are obviously illegal in most countries. Governments have to go through great lengths to get permission to eavesdrop on their citizens, yet companies such as Flexyspy can sell their products to the masses. If nobody can stop them from selling them, then why not go after the PayPal? They are a publicly traded company, yet they are the ones who allow these types of products to be sold. Without PayPal it would be difficult to sell these products. I've checked the PayPal acceptable use policies and they state on their own site that these types of products are prohibited from being sold. When I contacted PayPal and reported them, they simply replied "we are investigating" but its been several weeks and nothing has been done. This is an outrage. PayPal obviously thinks more about profit, then what is sold via their services.
"Governments have to go through great lengths to get permission to eavesdrop on their citizens"
Unfortunately, it would appear that's no longer the case in this so called 'democracy' the UK
It makes you feel physically sick.
This post has been deleted by its author
American lawmakers held a hearing on Tuesday to discuss a proposed federal information privacy bill that many want yet few believe will be approved in its current form.
The hearing, dubbed "Protecting America's Consumers: Bipartisan Legislation to Strengthen Data Privacy and Security," was overseen by the House Subcommittee on Consumer Protection and Commerce of the Committee on Energy and Commerce.
Therein, legislators and various concerned parties opined on the American Data Privacy and Protection Act (ADPPA) [PDF], proposed by Senator Roger Wicker (R-MS) and Representatives Frank Pallone (D-NJ) and Cathy McMorris Rodgers (R-WA).
Brave CEO Brendan Eich took aim at rival DuckDuckGo on Wednesday by challenging the web search engine's efforts to brush off revelations that its Android, iOS, and macOS browsers gave, to a degree, Microsoft Bing and LinkedIn trackers a pass versus other trackers.
Eich drew attention to one of DuckDuckGo's defenses for exempting Microsoft's Bing and LinkedIn domains, a condition of its search contract with Microsoft: that its browsers blocked third-party cookies anyway.
"For non-search tracker blocking (e.g. in our browser), we block most third-party trackers," explained DuckDuckGo CEO Gabriel Weinberg last month. "Unfortunately our Microsoft search syndication agreement prevents us from doing more to Microsoft-owned properties. However, we have been continually pushing and expect to be doing more soon."
Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.
That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.
The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.
A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.
In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence."
A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.
Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.
Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting search.brave.com.
"Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."
Apple's Intelligent Tracking Protection (ITP) in Safari has implemented privacy through forgetfulness, and the result is that users of Twitter may have to remind Safari of their preferences.
Apple's privacy technology has been designed to block third-party cookies in its Safari browser. But according to software developer Jeff Johnson, it keeps such a tight lid on browser-based storage that if the user hasn't visited Twitter for a week, ITP will delete user set preferences.
So instead of seeing "Latest Tweets" – a chronological timeline – Safari users returning to Twitter after seven days can expect to see Twitter's algorithmically curated tweets under its "Home" setting.
A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.
A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.
The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.
Some authorities in Europe insist that location data is not personal data as defined by the EU's General Data Protection Regulation.
EU privacy group NOYB (None of your business), set up by privacy warrior Max "Angry Austrian" Schrems, said on Tuesday it appealed a decision of the Spanish Data Protection Authority (AEPD) to support Virgin Telco's refusal to provide the location data it has stored about a customer.
In Spain, according to NOYB, the government still requires telcos to record the metadata of phone calls, text messages, and cell tower connections, despite Court of Justice (CJEU) decisions that prohibit data retention.
UK automobile service and parts seller Halfords has shared the details of its customers a little too freely, according to the findings of a security researcher.
Like many, cyber security consultant Chris Hatton used Halfords to keep his car in tip-top condition, from tires through to the annual safety checks required for many UK cars.
In January, Hatton replaced a tire on his car using a service from Halfords. It's a simple enough process – pick a tire online, select a date, then wait. A helpful confirmation email arrived with a link for order tracking. A curious soul, Hatton looked at what was happening behind the scenes when clicking the link and "noticed some API calls that seemed ripe for an IDOR" [Insecure Direct Object Reference].
In brief More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.
Data recorded from last year reflected a 64 percent increase over 2020's total (Digital Shadows publishes the data every two years), which is a significant slowdown compared to the two years preceding 2020. Between 2018 and the year the pandemic broke out, the number of credentials for sale shot up by 300 percent, the report said.
Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years. This represents a 34 percent increase from 2020.
Biting the hand that feeds IT © 1998–2022