Posts

Bepanted shovel-toting farmer wins privacy payout from France TV • The Register

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


A French farmer who was filmed setting about bird conservationists with a shovel while in his underpants has won damages from a TV company that filmed the incident for violating his privacy.

The set-to originally occurred back in 2015, when a French bird conservation group called the Ligue pour la Protection des Oiseaux (LPO, or Bird Protection League in English) invited a group of journalists to accompany them as they investigated a farm in Audon in southwestern France for bird traps.

Bird trapping, in which songbirds are trapped using various techniques and later eaten, is mostly forbidden in France, but it is still practised in many regions either illegally or via legal exemptions issued for supposed small-scale trapping.

According to thelocal.fr, the group duly sneaked on to the farm and began removing what they claimed were illegal traps set for finches from an area planted with corn. They were then confronted by two men, including furious farmer Jean-Marc Dutouya, who appeared wearing just a blue T-shirt and a pair of blue striped underpants and wielding a long-handled shovel like a pike.

A fracas duly ensued between the bird enthusiasts and the farmers in which a number of LPO members alleged they were assaulted, Dutouya’s octogenarian mother was reportedly shoved, and four vehicles had their tyres slashed.

For his part in the bepanted brouhaha, according to the Agence France-Presse, Dutouya was fined €400 in 2018 for violence with a weapon.

But footage of the scuffle shot by the journalists present went viral on the internet and Dutouya and his stripy pants became a sensation on Francophone Twitter, whose users referred to the incident using the hashtag #Slipgate (which translates to #Underpantsgate).

The livid Frenchman became the unwitting hero of countless memes in which his underwear-clad image – clipped from a photograph of the confrontation published by the Agence France-Presse agency – was…

Source…

Mobile app creation: Why data privacy and compliance should be at the forefront

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


In today’s mobile app landscape, providing customers with the most tailored and personal experience possible is essential to edging out competitors. But creating such a custom-made experience requires collecting personal data – and when considering the criticism massive tech companies are garnering for their misuse of sensitive information – mobile app developers must prioritize data privacy and compliance.

mobile app creation

Furthermore, the consequences of data breaches – including financial losses, operational downtime and reputational damage – continue to grow in severity. Financial damages (as fines) are potentially heavy burdens. And while a damaged reputation cannot be measured exactly, the possibility of losing customers due to suboptimal data security could result in the company’s ruin.

A user’s personal data can be anything from their user name and email address to their telephone name and physical address. Less obvious forms of sensitive data include IP addresses, log data and any information gathered through cookies, as well as users’ biometric data.

Any business whose mobile app collects personal information from users is required to have a Privacy Policy. Regardless of app geography or business domain, there are mandatory regulations such as the GDPR, the CCPA, and the PDPA, as well as Apple, Google and Android guidelines that ensure accountability and user data privacy. Some apps do not directly collect personal data but instead use a third-party tool like Google Analytics – they, too, need a Privacy Policy.

Data privacy and security and the mobile app creation process

The mobile app creation process begins by identifying a problem and determining how to fill that need. App developers will then decide on the look, feel and design of the app, and will establish a continuous feedback loop for consistent consumer recommendations. Although this is a truncated look at an app’s development, data privacy and compliance must be strategically intertwined from the very beginning of the mobile app creation process, as it is central to its success and longevity.

This theme is our view of Continues Compliance that we believe is now a requirement for all…

Source…

ProtonMail privacy questioned, and Banksy blunder • Graham Cluley

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



Smashing Security podcast #242: ProtonMail privacy questioned, and Banksy blunder

ProtonMail finds itself in a privacy pickle, the big problem with Facebook’s algorithmic amplification, and strange things are happening on Banksy’s website.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.




Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Dave Bittner – @bittner

Show notes:

Sponsor: Privacy.com

Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. Right now, new customers will automatically get $5 to spend on their first purchase.

Go to privacy.com/smashing

Sponsor: 1Password

With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now at 1password.com

Follow the show:

Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.



Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.




Source…

‘Nasty stuff’: Research into Russian push-button cellphones uncovers legion of privacy and security issues

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Itel, DEXP, Irbis, and F+ mobile devices put under the microscope

Researchers discover numerous security and privacy issues after analysing Russian cellphones

Many push-button phones on sale in Russia contain backdoors or trojans, a security researcher claims.

According to Russian researcher ‘ValdikSS’, some cellphones are automatically sending SMS messages or transmitting online the fact that the device has been purchased and used, among other issues.

Get the message

As outlined in a technical blog post (Russian language), some models were found to contain a built-in trojan that sends paid SMS messages to short numbers, transmitting text that is downloaded from the server. Others were said to have a backdoor that forwards incoming SMS messages to an unknown server.

ValdikSS says he discovered the issue while considering swapping the USB modems he used to receive SMS messages for phones, as these were cheaper and are capable of taking up to four SIM cards each.

“The research begun due to unexpected behavior of the phone – it sent SMS by itself,” he tells The Daily Swig.

Russian push-button phonesOf the five Russian push-button phones tested, only one was said to be ‘clean’

He then tested a number of push-button models, including the Inoi 101, DEXP SD2810, Itel it2160, Irbis SF63, and F+ Flip 3.

And, he found, some of the phones were not only transmitting IMEI and IMSI numbers for the purposes of tracking sales, but also contained a trojan that sends SMS messages to paid short numbers, after downloading the text and number from a server via the internet.

Finally, a backdoor was found that intercepts incoming SMS messages and forwards them to the server, potentially allowing an attacker to use the phone’s number to register for services that require confirmation via SMS.

Read more of the latest mobile security news

“I was very confused when [a] DEXP SD2160 phone tried to send premium SMS to the number and with the body loaded from its server on the internet,” he says.

“The device, initially manufactured in 2019, was being sold by one of the largest electronic stores in June 2021, with lots of negative reviews in the same store’s website, and they didn’t recall it from sales.

“I’ve watched it to do all the nasty stuff in real time on my GSM…

Source…