Articles about Security

Jailbreakme.com returns, iPhone 4 finally jailbroken

The iPhone Dev Team has struck again, this time releasing a Web-based jailbreaking solution that is compatible with all iPhone models, including the iPhone 4. The solution requires only an Internet connection and mobile Safari to complete the hack.

It should be noted that this only allows for the installation of unapproved apps to the device, and not the use of the device on unsupported carriers. The Dev Team said in a blog post Sunday that a version of ultrasn0w -- the carrier unlock -- would be compatible with iPhone 4 shortly.

Continue reading

Personal data of 170 million Facebook users exposed, collected, and shared without any hacking

Using publicly available information on Facebook, a researcher has been able to gather personal details of nearly 170 million users of the service, or about a third of all users. The data includes names, addresses, e-mails, phone numbers, and birthdays: essentially anything that was not marked as private is now part of this file.

The file has now ended up on The Pirate Bay, and so far has seen over 10,000 downloads. This could mean hackers would have an easy way to obtain personal information necessary for identity theft and other malicious uses.

Continue reading

Researchers find 80 different Android wallpaper apps skimming sensitive data

While the superstar of the Black Hat USA 2010 security conference in Las Vegas this week was Barnaby Jack from IOActive showing off techniques for "Jackpotting" Windows CE-based ATMs, research from security company Lookout has had a much broader impact on consumers, especially those using Android smartphones.

Lookout's "App Genome Project" is an ongoing study of the millions of mobile applications available, the user data that they collect, and threats they present. During their research for the project, the team found a series of simple Wallpaper apps in the Android Market which were suspiciously collecting more data than they needed to.

Continue reading

Citibank discloses security flaw in iPhone banking application

Citigroup customers using its iPhone app for mobile banking are being urged to apply an update after the company found a security flaw. The program was storing personal data in a file that could have potentially opened the user up to identity theft.

The issue was discovered during a routine security check of the company's products. Citi Mobile was released in March and was updated on July 19 to fix the issue. Customers were notified by mail beginning the following day. The update will erase this file from the phone as well as the computer when applied and synced with iTunes.

Continue reading

Safari AutoFill flaw opens up Mac OS X address book to hackers

WhiteHat Security said Wednesday that it had found an issue in how Safari's AutoFill feature handles personal information, which could open up the personal information of a web surfer simply by visiting a malicious website.

Using a few lines of code, the hacker would be able to obtain the information without the user even knowing it occurred. The "Using info from my Address Book card" option would need to be checked in AutoFill preferences in order for the hack to work.

Continue reading

AT&T: We will prosecute hacker that found iPad security hole

Mobile network operator AT&T sent a message out to all 3G iPad owners yesterday which attempted to explain and apologize for a major security breach which disclosed every 3G iPad owner's email address. The company said no other information was exposed, and the matter has been resolved.

Last week, a group going by the name Goatse Security took credit for discovering the exploit, which exposed an estimated 114,000 subscribers' email addresses, and ICC-IDs. ICC-IDs are "integrated circuit card identifiers" which identify SIM cards and relate them to the subscriber's phone number.

Continue reading

Facebook CEO: 'We are removing the connections privacy model'

In a move that may end up drastically scaling back what Facebook had hoped last month would be a redefinition of the Web itself, the social service will soon begin rolling out simplified privacy controls, according to a blog post today from CEO Mark Zuckerberg. The new controls may make it easier for Facebook users to limit the extent to which the system shares their personal information with others, especially including other Web sites.

Continuing to deflect criticism, the CEO said that Facebook had always offered a multiplicity of privacy controls, but "if you find them too hard to use then you won't feel like you have control. Unless you feel in control, then you won't be comfortable sharing and our service will be less useful for you. We agree we need to improve this.

Continue reading

U-verse down: AT&T's fiberoptic voice customers can't get a dial tone

A nationwide service outage continues to impact customers of AT&T's VoIP-based U-Verse Voice service -- users of its fiber-to-the-home TV and broadband network for phone service as well. Now home-based VoIP phone users are waiting in Internet chat queues numbering hundreds of users long seeking solutions, and at least a few customers are reporting they're waiting on hold from their (working) Verizon Wireless phones.

Users of AT&T's U-talk Peer-to-Peer Forum are being advised to register their complaints with someone named "David" in the company's Tier 2 Technical Support office. This as users in Memphis, Atlanta, Chicago, Houston, and elsewhere continue to report no service, although customers in some metropolitan areas such as Sacramento report service has been restored.

Continue reading

Zuckerberg: Facebook will respect the privacy of those who really prefer it

If a user would rather that Facebook not share her personal information with other services unknowingly, then there should be a simple switch that turns off Facebook's ability to do that. This was the message delivered by Facebook CEO Mark Zuckerberg, in an op-ed piece published in Sunday's Washington Post.

"Facebook has been growing quickly. It has become a community of more than 400 million people in just a few years," Zuckerberg wrote. "It's a challenge to keep that many people satisfied over time, so we move quickly to serve that community with new ways to connect with the social Web and each other. Sometimes we move too fast -- and after listening to recent concerns, we're responding."

Continue reading

That's one expensive logo: Symantec gets VeriSign checkmark for $1.28 B

On the surface, it might sound like one of those amateurish conclusions a blogger might reach after having just read the press release: Symantec, a software company now mainly known for security products, acquires some assets from a non-competitor in order to get that company's logo. But in the deal between Symantec and VeriSign announced yesterday, there is no mistaking the fact that the antivirus products maker acquired, among other things, the single asset that just last week VeriSign argued was the ticket to its own future stability: quite literally, its own logo.

Up until yesterday, its name was the VeriSign Trust Seal. A big part of VeriSign's business had been the licensing of that logo to "trusted" Web sites whose security services pass VeriSign's test. So when online shoppers see that pixelated checkmark inside the circle, they conclude the site they're shopping on is safe...and they'll buy more.

Continue reading

MySpace revamps privacy settings to counter Facebook's muddled set of options

Facebook grew more popular than Myspace just about two years ago, and has been been enjoying steady growth while MySpace flounders trying to reinvent itself.

But the recent attention brought to Facebook's privacy issues -specifically the complaint filed with the US Federal Trade Commission by EPIC pointing out that Facebook data isn't as private as it once was- has opened a door for MySpace to jam its foot into.

Continue reading

EU warns Facebook its privacy changes are 'unacceptable'

An assembled group of telecommunications ministers from the European Union's member states, called the Article 29 Working Party, has warned Facebook that changes it recently made to its privacy policy to enable "Instant Personalization" -- also known as "Like" -- may be in violation of what they thought was an agreement made in November 2009.

That warning stops short of directly accusing Facebook of violating laws, though it leaves the door open for such a decision in the future.
According to a statement released yesterday from Brussels (the text of their letter has yet to be released), the ministers did imply that Facebook's public presence at a meeting entitled "Safer Networking Principles for the EU," where its representatives signed a pledge, appears to contradict the changes it made to privacy policy just days later.

Continue reading

Avoiding the next crash: The threat from outsourcing teaching aides

Modern "American dream" stories often start with a romantic phase: A young couple struggles through graduate school, starving on measly stipends covering ramen noodles and cheap wine. Unfortunately, that story is about to disappear, following American manufacturing jobs. College professors are now outsourcing grading, The Chronicle of Higher Education reported in April.

Teaching assistants (TAs) have provided that service for generations, but now it is going overseas. Recession-hit universities get even better deals outsourcing than they did with notoriously underpaid graduate students. Now, this work often ends up in the hands of credentialed Indian stay-at-home moms eager to work part-time.

Continue reading

Twitter resets follow lists to zero because of 'auto-follow' bug

A few quick articles popped up in tech blogs this afternoon which confirmed a serious flaw in the Twitter follow system. Notably, the Gizmodo article entitled "How to Force Anyone to Follow you on Twitter," showed that by simply typing
"accept [username]" into the Twitter Web interface, you could turn anyone into your Twitter follower.

Immediately, users began turning celebrity Twitter users into their followers. Former late night talk show host Conan O'Brien, who makes a point of only following one person, immediately began following hundreds of profiles.

Continue reading

Sen. Schumer suggests FTC take charge of Facebook's, others' privacy policies

Amid news yesterday of a discovery by an independent programmer of what appeared to be another door left open for Web apps to access Facebook users' personal data, Sen. Chuck Schumer (D - N.Y.) called upon the Federal Trade Commission to take the next step in forming the equivalent of a US "privacy commissioner."

It was the first step in a one-two punch, as Sen. Schumer later joined three other Democrat senators in penning a letter to Facebook CEO Mark Zuckerberg, calling upon him to make his site's privacy policy clearer and tighter, in order to give the FTC less to scrutinize.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.