Tag Archive for: Privacy

Mozilla: Your New Car Is a Data Privacy Nightmare

/in


Eighty-four percent of the brands that researchers studied share or sell this kind of personal data, and only two of them allow drivers to have their data deleted. While it is unclear exactly who these companies share or sell data to, the report points out that there is a huge market for driver data. An automotive data broker called High Mobility cited in the report has a partnership with nine of the car brands Mozilla studied. On its website, it advertises a wide range of data products—including precise location data.

This isn’t just a privacy nightmare but a security one. Volkswagen, Toyota, and Mercedes-Benz have all recently suffered data leaks or breaches that affected millions of customers. According to Mozilla, cars are the worst category of products for privacy that they have ever reviewed.

Apple has just released a security update to iOS after researchers at Citizen Lab discovered a zero-click vulnerability being used to deliver Pegasus spyware. Citizen Lab, which is part of the University of Toronto, is calling the newly discovered exploit chain Blastpass. Researchers say it is capable of compromising iPhones running the latest version of iOS (16.6) without the target even touching their device. According to researchers, Blastpass is delivered to a victim’s phone through an iMessage with an Apple Wallet attachment containing a malicious image.

The Pegasus spyware, developed by NSO Group, enables an attacker to read a target’s text messages, view their photos, and listen to calls. It has been used to track journalists, political dissidents, and human rights activists around the world.

Apple says customers should update their phones to the newly released iOS 16.6.1. The exploit can also attack certain models of iPads. You can see details of the affected models here. Citizen Lab urges at-risk users to enable Lockdown Mode.

North Korea-backed hackers are targeting cybersecurity researchers in a new campaign that is exploiting at least one zero-day vulnerability, Google’s Threat Analysis Group (TAG) warned in a report released Thursday. The group did not provide details about the vulnerability since it is currently unpatched. However, the company says it is part of a…

Source…

Graduate Certificate Computer Security and Privacy

/in


Who is Computer Security and Privacy Certificate program for?

Drexel College of Computing & Informatics’ Post-Baccalaureate/Graduate Certificate in Computer Security and Privacy provides broad technical expertise in software security, network security and computer privacy. It includes introductory courses in security engineering and computer privacy that cover the technical fundamentals. Electives provide additional in-depth expertise in operating systems, computer networks and cryptography which are essential bodies of knowledge to be able to do technical work in modern computer security. This program is designed to prepare working professionals to meet this demand by providing deep technical expertise in computer security and privacy.

This certificate can be combined with other certificates and/or courses to create the Master of Science degrees listed below.

Fast Facts

Curriculum

IMPORTANT NOTE: Drexel operates on the quarter, not semester, system, offering classes during four 10-week terms throughout the year.

Please visit Drexel’s Course Catalog for a full description of each required and elective course for this program. You can also find a sample Plan of Study for the certificate.

Admissions Requirements

  • A completed application for the online format or on-campus format.
  • A four-year bachelor’s degree or Master’s degree from a regionally accredited institution in Computer Science, Software Engineering or related STEM degree plus work experience equal to Drexel’s Post-Baccalaureate Certificate in Computer Science Foundations.
  • A GPA of 3.0 or higher, in a completed degree program, bachelor’s degree or above.
  • Official final transcripts from ALL Colleges/Universities attended. Please note: For students who have attended an institution outside of the US, it is highly recommended to submit a NACES approved course-by-course transcript evaluation (i.e., WES) for expedited review of your application. This approved evaluation will take the place of the transcript requirement to complete your application.
  • Graduate Record Examination (GRE) Scores (must be five years old or less) are not required but recommended for international students and…

Source…

Congressman Cohen Announces Internet Privacy Research Grant to the University of Memphis

/in


Work on encrypted data over wide-area networks supported by the National Science Foundation

MEMPHIS – Congressman Steve Cohen (TN-9) today announced that the University of Memphis will receive a $220,133 grant from the National Science Foundation for research on privacy in the transmission of encrypted data over wide-area networks. The research is being conducted by Professor Christos Papadopoulos, who holds the Sparks Family Chair of Excellence in Global Research Leadership in the Department of Computer Science.

Congressman Cohen made the following statement:

“I congratulate the University and Professor Papadopoulos on this prestigious National Science Foundation grant award. Clearly, privacy concerns must be addressed as more personal data travels over the internet and I am pleased to see this innovative research addressing them is being undertaken at the University.”

According to the National Science Foundation abstract of the research:

“The PIMAWAT (Privacy in Internet Measurements Applied to WAN And Telematics) project will demonstrate new methods to provide data networking datasets that respect end-user privacy, while still being able to support new research in network protocols, security, privacy, and machine learning. The main insight is that *most data today sent over the wide-area network (WAN) is encrypted*; thus, the challenge is to demonstrate what data is encrypted, detect and scrub any remaining leaks, and finally anonymize the metadata (who talks to whom) before sharing data.

“The intellectual merit of PIMAWAT will be to develop new methods to anonymize network traffic at scale, then use those new algorithms to evaluate potential data leakage, and demonstrate that real-world data sources can be scrubbed for sharing while respecting privacy. PIMAWAT plans to focus the investigator’s prior work on wide-area network data traffic. As possible, it will also explore vehicle telematics as a recently developing dataset that poses unique privacy opportunities and challenges, with a device (not person) focus, yet with geolocation and application details.

“The broader impacts of PIMAWAT will be to democratize the potential to collect and share network data through…

Source…

How Threads’ Privacy Policy Compares to Twitter’s (and Its Rivals’)

/in


Meta’s long-awaited Twitter alternative is here, and it’s called Threads. The new social media app launches at a time when alternatives, like Bluesky, Mastodon, and Spill, are vying for users who are dissatisfied with Elon Musk’s handling of Twitter’s user experience, with its newly introduced rate limits and an uptick in hate speech.

Meta owns Facebook, Instagram, and WhatsApp, so the company’s attempt to recreate an online experience similar to Twitter is likely to attract plenty of normies, lurkers, and nomadic shitposters. Meta is working to incorporate Threads as part of the online Fediverse, a group of shared servers where users can interact across multiple platforms.

If you’re hesitant to share your personal data with a company on the receiving end of a billion dollar fine, that’s understandable. For those who are curious, however, here’s what we know about the service’s privacy policy, what data you hand over when you sign up, and how it compares to the data collected by other options.

Threads

Threads (Android, Apple) potentially collects a wide assortment of personal data that remains connected to you, based on the information available in Apple’s App Store, from your purchase history and physical address to your browsing history and health information. “Sensitive information” is also listed as a type of data collected by the Threads app. Some information this could include is your race, sexual orientation, pregnancy status, and religion as well as your biometric data.

Threads falls under the larger privacy policy covering Meta’s other social media platforms. Want to see the whole thing? You can read it for yourself here. There’s one caveat, though. The app has a supplemental privacy policy that’s also worth reading. A noteworthy detail from this document is that while you’re able to deactivate your Threads account whenever, you must delete your Instagram if you fully want to delete your Threads account.

Below is all the data collected by Threads that’s mentioned in the App Store. Do you have the Facebook or Instagram app on your phone? Keep in mind that this data collection by Meta is comparable to the data those apps collect about you.

For Android…

Source…