China Intercepts iCloud Logins in Apparent Attempt to Steal Passwords



Chinese authorities are attacking users who are connecting to Apple’s iCloud website in what appears to be a surveillance push to steal users’ login credentials, according to a Chinese censorship monitoring group.

In the attack, which was first reported on Saturday, less than 24 hours after the new iPhone 6 went on sale in China, connections to were hijacked and stripped of the usual encryption that prevents hackers and government spies from intercepting the username and password typed by someone connecting to the site.

This is another example of what is technically known as a “man-in-the-middle” (MITM) attack, in which an attacker intercepts a connection between a user and a website in order to steal or tamper the data being exchanged. In the past year alone, China has been accused of intercepting connections with a MITM attack against Github, Google, and, more recently, Yahoo, in what was seen as an attempt to censor information on the Hong Kong protests Read more…

More about Microsoft, China, Apple, Privacy, and Surveillance

Secure Messaging App Wickr Adds 22 Languages To Give More People A Private Voice

1117583140_4b7b1fa0ec_b Wickr, one of the wave of secure messaging apps that have risen to prominence in the last year as people question how private their data and communications really are these days (even among “private” apps), is expanding its sights globally. From today, the app — which has had “well over 3 million downloads” says CEO and co-founder Nico Sell — is… Read More

#Gamergate Shows Tech Needs Far Better Algorithms

pipes If Gamergate teaches us anything — beyond, of course, vastly obvious observations about the toxicity of certain Internet demographics (which is hardly new news) — it’s that algorithms and formulaic behaviour can and are being gamed. Read More

How Whisper Tracks Users Who Don’t Share Their Location

blottsie (3618811) writes “On Thursday, the Guardian reported that secret-sharing app Whisper was tracking users’ locations even when they opt-out of sharing their location. [See also this earlier, related story.] Whisper has denied the accusations—but this may be a matter of semantics. Whisper allegedly uses an outdated version of GeoIP by MaxMind, which uses your IP address to estimate your location on a map. Whisper’s Chad DePue said in a comment on Hacker News that the tool is “so inaccurate as to be laughable,” suggesting that determining something as broad as your country or state won’t bother the basic user (and he could be right, but what is and isn’t an upsetting degree of user information is another argument entirely).”

Read more of this story at Slashdot.

Popular Kickstarter Project Anonabox Suspended After Scam Accusations



Kickstarter has frozen donations for Anonabox, an Internet router designed to make your online activity anonymous, amid growing backlash

The suspension comes on the heels of the privacy tool’s massively successful crowd-funding campaign earlier this week.

The gadget was originally priced at $45 and runs on Tor, software that accesses Internet connections anonymously. Anonabox’s pledges, at one point, surpassed $600,000. Then Redditors targeted the device with accusations that the developers had misled customers and lied about the origins of Anonabox.

More about Security, Privacy, Online Security, Kickstarter, and Tech

The Guardian Reveals That Whisper App Tracks "Anonymous" Users

New submitter qqod writes this story at The Guardian that raises privacy concerns over the Whisper app. “The company behind Whisper, the social media app that promises users anonymity and claims to be the “the safest place on the internet”, is tracking the location of its users, including some who have specifically asked not to be followed. The practice of monitoring the whereabouts of Whisper users – including those who have expressly opted out of geolocation services – will alarm users, who are encouraged to disclose intimate details about their private and professional lives. Whisper is also sharing information with the US Department of Defense gleaned from smartphones it knows are used from military bases, and developing a version of its app to conform with Chinese censorship laws.”

Read more of this story at Slashdot.

FBI Director Continues His Campaign Against Encryption

apexcp writes Following the announcements that Apple and Google would make full disk encryption the default option on their smartphones, FBI director James Comey has made encryption a key issue of his tenure. His blitz continues today with a speech that says encryption will hurt public safety.

Read more of this story at Slashdot.

Whisper Vows It Doesn’t Track Users, Says ‘Guardian’ Report Is All Lies



Whisper, the anonymous secret-sharing app that bills itself as the “safest place on the Internet,” is reportedly tracking its users’ locations, according to an investigation published in The Guardian on Thursday.

The report claims that Whisper tracks users even when the app’s geolocation features are turned off with a tool that plots users on a map, achieving an accuracy of about 1,600 feet — while Whisper says that users must opt for that information to be collected.

The Guardian also states that its reporters saw the tool in action at Whisper’s headquarters in Los Angeles during a recent three-day visit to explore a potential partnership. Read more…

More about Tracking, Privacy, Media, Apps Software, and Us World

Anonabox Accused of Lying About Its Product Being Open-Source On Kickstarter

blottsie writes The “anonabox” has raised more than $550,000 on Kickstarter in only three days. But some believe the company’s claims that the router-like device, which is said to automatically route users’ Internet traffic through Tor, is entirely open-source are false. Anonabox developer August Germar tells the Daily Dot, however, that the device was commissioned specifically to run their code.

Read more of this story at Slashdot.

Technology Heats Up the Adultery Arms Race writes: Michelle Cottle reports in The Atlantic that today, spouses have easy access to an array of sophisticated spy software that record every keystroke; compile detailed logs of calls, texts, and video chats; that track a phone’s location in real time; recover deleted messages from all manner of devices (without having to touch said devices); and that turn phones into wiretapping equipment. One might assume that the proliferation of such spyware would have a chilling effect on extramarital activities. But according to Cottle, aspiring cheaters need not despair: software developers are also rolling out ever stealthier technology to help people conceal their affairs. Right or wrong, cheating apps tap into a potentially lucrative market and researchers regard the Internet as fertile ground for female infidelity in particular. “Men tend to cheat for physical reasons and women for emotional reasons,” says Katherine Hertlein. “The Internet facilitates a lot of emotional disclosure and connections with someone else.” But virtual surveillance has its risks. Stumbling across an incriminating email your partner left open is one thing; premeditated spying can land you in court. A Minnesota man named Danny Lee Hormann, suspecting his wife of infidelity, installed a GPS tracker on her car and allegedly downloaded spyware onto her phone and the family computer. In March 2010, Hormann’s wife had a mechanic search her car and found the tracker. She called the police, and Hormann spent a month in jail on stalking charges. “I always tell people two things: (1) do it legally, and (2) do it right,” says John Paul Lucich, a computer-forensics expert and the author of Cyber Lies, a do-it-yourself guide for spouses looking to become virtual sleuths. Lucich has worked his share of ugly divorces, and he stresses that even the most damning digital evidence of infidelity will prove worthless in court — and potentially land you in trouble — if improperly gathered. His blanket advice: Get a really good lawyer.

Read more of this story at Slashdot.