Controversial Surveillance Firm Blue Coat Was Granted a Powerful Encryption Certificate

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems — whose products have been detected in Iran and Sudan — was recently issued a powerful encryption certificate by Symantec. The c…

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems — whose products have been detected in Iran and Sudan — was recently issued a powerful encryption certificate by Symantec. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec downplayed concern from the security community. Blue Coat, which sells web-monitoring software, was granted the power in September last year, but it was only widely noticed this week. The company’s devices are used by both government and commercial customers for keeping tabs on networks or conducting surveillance. In Syria, the technology has been used to censor web sites and monitor the communications of dissidents, activists and journalists.Blue Coat assures that it is not going to utilize the certificates to snoop on us. The Register reports: We asked Blue Coat how it planned to use its new powers — and we were assured that its intermediate certificate was only used for internal testing and that the certificate is no longer in use. “Symantec has reviewed the intermediate CA issued to Blue Coat and determined it was used appropriately,” the two firms said in a statement. “Consistent with their protocols, Symantec maintained full control of the private key and Blue Coat never had access to it. Blue Coat has confirmed it was used for internal testing and has since been discontinued. Therefore, rumors of misuse are unfounded.”

Read more of this story at Slashdot.

Controversial Surveillance Firm Blue Coat Was Granted a Powerful Encryption Certificate

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems — whose products have been detected in Iran and Sudan — was recently issued a powerful encryption certificate by Symantec. The c…

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems — whose products have been detected in Iran and Sudan — was recently issued a powerful encryption certificate by Symantec. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec downplayed concern from the security community. Blue Coat, which sells web-monitoring software, was granted the power in September last year, but it was only widely noticed this week. The company’s devices are used by both government and commercial customers for keeping tabs on networks or conducting surveillance. In Syria, the technology has been used to censor web sites and monitor the communications of dissidents, activists and journalists.Blue Coat assures that it is not going to utilize the certificates to snoop on us. The Register reports: We asked Blue Coat how it planned to use its new powers — and we were assured that its intermediate certificate was only used for internal testing and that the certificate is no longer in use. “Symantec has reviewed the intermediate CA issued to Blue Coat and determined it was used appropriately,” the two firms said in a statement. “Consistent with their protocols, Symantec maintained full control of the private key and Blue Coat never had access to it. Blue Coat has confirmed it was used for internal testing and has since been discontinued. Therefore, rumors of misuse are unfounded.”

Read more of this story at Slashdot.

Millennials Value Speed Over Security, Says Survey

An anonymous reader quotes a report from The Daily Dot: Millennials stand apart from other Americans in preferring faster Internet access to safer Internet access, according to a new survey. When digital-authentication firm SecureAuth asked people from…

An anonymous reader quotes a report from The Daily Dot: Millennials stand apart from other Americans in preferring faster Internet access to safer Internet access, according to a new survey. When digital-authentication firm SecureAuth asked people from all age groups whether they would rather be safer online or browse faster online, 57 percent of Americans chose security and 43 percent chose speed. But among millennials, the results were almost reversed: 54 percent chose speed over security. Young people are also more willing than the overall population to share sensitive information over public Wi-Fi connections, which are notoriously insecure as they allow anyone on the network to analyze and intercept passing traffic. While a clear majority (57 percent) of Americans told SecureAuth that they transmitted such information over public Wi-Fi, nearly eight in 10 (78 percent) of millennials said they did so. A surprising 44 percent of millennials believe their data is generally safe from hackers, and millennials are more likely than members of other age groups to share account passwords with friends. Americans overall are paying more attention to some aspects of digital security. An October 2015 study by the wireless industry’s trade group found that 61 percent of Americans use passwords on their smartphones and 58 percent use them on their tablets, compared to 50 percent and 48 percent, respectively, in 2012. The recent study lines up with a report published on May 24 that found that the elderly use more secure passwords than millennials.

Read more of this story at Slashdot.

Millennials Value Speed Over Security, Says Survey

An anonymous reader quotes a report from The Daily Dot: Millennials stand apart from other Americans in preferring faster Internet access to safer Internet access, according to a new survey. When digital-authentication firm SecureAuth asked people from…

An anonymous reader quotes a report from The Daily Dot: Millennials stand apart from other Americans in preferring faster Internet access to safer Internet access, according to a new survey. When digital-authentication firm SecureAuth asked people from all age groups whether they would rather be safer online or browse faster online, 57 percent of Americans chose security and 43 percent chose speed. But among millennials, the results were almost reversed: 54 percent chose speed over security. Young people are also more willing than the overall population to share sensitive information over public Wi-Fi connections, which are notoriously insecure as they allow anyone on the network to analyze and intercept passing traffic. While a clear majority (57 percent) of Americans told SecureAuth that they transmitted such information over public Wi-Fi, nearly eight in 10 (78 percent) of millennials said they did so. A surprising 44 percent of millennials believe their data is generally safe from hackers, and millennials are more likely than members of other age groups to share account passwords with friends. Americans overall are paying more attention to some aspects of digital security. An October 2015 study by the wireless industry’s trade group found that 61 percent of Americans use passwords on their smartphones and 58 percent use them on their tablets, compared to 50 percent and 48 percent, respectively, in 2012. The recent study lines up with a report published on May 24 that found that the elderly use more secure passwords than millennials.

Read more of this story at Slashdot.

Consumer Campaigners Read T&C Of Their Mobile Phone Apps To Prove a Point

From a BBC report: Norwegians have spent more than 30 hours reading out terms and conditions from smartphone apps in a campaign by the country’s consumer agency. The average Norwegian has 33 apps, the Norwegian Consumer Council says, whose terms and co…

From a BBC report: Norwegians have spent more than 30 hours reading out terms and conditions from smartphone apps in a campaign by the country’s consumer agency. The average Norwegian has 33 apps, the Norwegian Consumer Council says, whose terms and conditions together run longer than the New Testament. To prove the “absurd” length, the council got Norwegians to read each of them out in real time on their website. The reading finished on Wednesday, clocking in at 31:49:11. Some of the world’s most popular apps were chosen, including Netflix, YouTube, Facebook, Skype, Instagram and Angry Birds. Finn Myrstad from the Norwegian Consumer Council, said: “The current state of terms and conditions for digital services is bordering on the absurd.”

Read more of this story at Slashdot.

Consumer Campaigners Read T&C Of Their Mobile Phone Apps To Prove a Point

From a BBC report: Norwegians have spent more than 30 hours reading out terms and conditions from smartphone apps in a campaign by the country’s consumer agency. The average Norwegian has 33 apps, the Norwegian Consumer Council says, whose terms and co…

From a BBC report: Norwegians have spent more than 30 hours reading out terms and conditions from smartphone apps in a campaign by the country’s consumer agency. The average Norwegian has 33 apps, the Norwegian Consumer Council says, whose terms and conditions together run longer than the New Testament. To prove the “absurd” length, the council got Norwegians to read each of them out in real time on their website. The reading finished on Wednesday, clocking in at 31:49:11. Some of the world’s most popular apps were chosen, including Netflix, YouTube, Facebook, Skype, Instagram and Angry Birds. Finn Myrstad from the Norwegian Consumer Council, said: “The current state of terms and conditions for digital services is bordering on the absurd.”

Read more of this story at Slashdot.

Virtual Assistants Such As Amazon’s Echo Break US Child Privacy Law, Experts Say

Mark Harris, reporting for The Guardian: An investigation by the Guardian has found that despite Amazon marketing the Echo to families with young children, the device is likely to contravene the US Children’s Online Privacy Protection Act (COPPA), set …

Mark Harris, reporting for The Guardian: An investigation by the Guardian has found that despite Amazon marketing the Echo to families with young children, the device is likely to contravene the US Children’s Online Privacy Protection Act (COPPA), set up to regulate the collection and use of personal information from anyone younger than 13. Along with Google, Apple and others promoting voice-activated artificial intelligence systems to young children, the company could now face multimillion-dollar fines. “This is part of the initial wave of marketing to children using the internet of things,” says Jeff Chester, executive director of the Center for Digital Democracy, a privacy advocacy group that helped write the law. “It is exactly why the law was enacted in the first place, to protect young people from pervasive data collection.”

Read more of this story at Slashdot.

Virtual Assistants Such As Amazon’s Echo Break US Child Privacy Law, Experts Say

Mark Harris, reporting for The Guardian: An investigation by the Guardian has found that despite Amazon marketing the Echo to families with young children, the device is likely to contravene the US Children’s Online Privacy Protection Act (COPPA), set …

Mark Harris, reporting for The Guardian: An investigation by the Guardian has found that despite Amazon marketing the Echo to families with young children, the device is likely to contravene the US Children’s Online Privacy Protection Act (COPPA), set up to regulate the collection and use of personal information from anyone younger than 13. Along with Google, Apple and others promoting voice-activated artificial intelligence systems to young children, the company could now face multimillion-dollar fines. “This is part of the initial wave of marketing to children using the internet of things,” says Jeff Chester, executive director of the Center for Digital Democracy, a privacy advocacy group that helped write the law. “It is exactly why the law was enacted in the first place, to protect young people from pervasive data collection.”

Read more of this story at Slashdot.

Uber Knows Exactly When You’ll Pay Surge Pricing

An anonymous reader writes: Uber has figured out exactly when you are more likely to pay double or triple the cost of your ride: when your phone battery is low. Uber’s head of economic research, Keith Chen, recently told NPR on an episode of The Hidden…

An anonymous reader writes: Uber has figured out exactly when you are more likely to pay double or triple the cost of your ride: when your phone battery is low. Uber’s head of economic research, Keith Chen, recently told NPR on an episode of The Hidden Brain podcast that people are willing to accept up to 9.9 times surge pricing if their phones are about to go dead. Data about user batteries is collected because the app uses that information to know when to switch into low-power mode. The idea being: If you really need to get where you’re going, you’ll pay just about anything (or at least 9.9 times anything) to ensure you’re getting a ride home and won’t be stranded. A person with a more fully charged device has time to wait and see if the surge pricing goes down.The company insists that it won’t use this information against you.

Read more of this story at Slashdot.

Grindr Promises Privacy, But It Still Leaks Your Exact Location

Researchers in Kyoto demonstrate for WIRED how they can precisely track the locations of people using gay dating apps despite features meant to hide them. The post Grindr Promises Privacy, But It Still Leaks Your Exact Location appeared first on WIRED.

Grindr Promises Privacy, But It Still Leaks Your Exact Location

Researchers in Kyoto demonstrate for WIRED how they can precisely track the locations of people using gay dating apps despite features meant to hide them. The post Grindr Promises Privacy, But It Still Leaks Your Exact Location appeared first on WIRED.