Privacy

The American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) are asking a federal court to order the US Department of Justice to turn over records about the agency's tracking of mobile phone users.

Mozilla's big plan on Tuesday to set a world record for downloads with the Firefox 3 browser hit a snag when its Web site would not work properly.

A hacker has posted attack code that exploits critical flaws in the Safari and Internet Explorer Web browsers.

Microsoft's Windows XP Service Pack 3 (SP3) ships with an out-of-date version of Adobe's Flash Player that's vulnerable to recently-spotted attacks, according to Microsoft's support documentation.

The US CAN-SPAM law has chewed another alleged spam outfit, this time handing out a world record fine of US$234 million to two individuals.

Communications Minister Stephen Conroy has pushed ahead with the controversial [[artid:420013177|national content filtering scheme|ISP filtering]] with a $125.8 million budget allocation announced today.

Microsoft Tuesday patched six vulnerabilities, most marked "critical," in Windows, Word, Publisher and its anti-virus software.

International experts in Wellington for a conference on identity last week expressed admiration for the New Zealand government's igovt identity information management scheme and the policy behind it.

It used to be easy for US Bank to determine which users and systems could be trusted, and which should be viewed with suspicion. Then along came Web 2.0.

Canadian data breach notification guidelines -- jointly created by the Information and Privacy Commissioners for British Columbia and Ontario -- have made their way to the land down under.

Sweeping reforms will make it easier than ever for law enforcement to intercept communications if amendments to the Telecommunications (Interceptions) Act are agreed upon by a Senate standing committee.

Oracle released 41 security fixes for its flagship database and several other products Tuesday, including 15 patches for vulnerabilities that can be exploited remotely without a username or password.

After experiencing its fair share of virus attacks as well as dealing with the ongoing problem of spam overwhelming the corporate network, luxury car retailer Brisbane BMW, made the decision to upgrade its e-mail management system.

A New Zealand security researcher has published a software tool allowing attackers to quickly gain access to Windows systems via a Firewire port.

A teenager identified by U.S. law enforcement officials only as B.D.H pleaded guilty last week to charges that he used botnets to illegally install adware on hundreds of thousands of computers in the U.S., including those belonging to the military.

A wiry young man with his head shaved and wearing a tank top points a handgun straight at the camera in a disturbing YouTube video. The man wears what appears to be a wedding ring, and he gazes vacantly away from the viewer.

An employee looking to steal confidential information from his employer sneaks into what should be a secure back room after hours. He pulls charts and files from a top-level financial meeting and slides them into his briefcase before heading back out.

Haven't encrypted your laptop fleet yet? There's no excuse for that choice anymore. Check out today's smart strategies for improving laptop security — before the next machine disappears

CSIRO says the preservation of privacy and data integrity will both be critical to the success of efforts to develop a new form of electronic service delivery for the Australian government.

The US is badly lagging the rest of the world on privacy legislation and apparently doesn't care

I'm a CISO who has worked in the US financial services industry both as a regulator and for a large services company. In this column I'm going to let you in on one of the biggest, dirtiest secrets in the industry: The companies that get the least amount of scrutiny from financial regulators actually present some of the greatest risks for systemic financial market manipulation and fraud. I'm talking about financial news and brokerage service companies.

A fierce and prominent opponent of the Hawke government's 1987 plans to introduce a national identity card says nothing has changed technologically in the intervening years that would make a smart card today any more secure than the Australia Card proposed then.

E-mail is mission-critical to your business - and its worst security nightmare

Back in 2001 Peter Piper picked a pack of Privacy Principles, but thus far no one's found themselves in much of a pickle.

As American angst over their government's massive domestic spying program soars, the Victorian Privacy Commissioner has warned responsible handling of personal information will increasingly require deft application of the "best custodian principle".

Organization after organization has disclosed that critical data banks have been compromised by hackers, couriers or consultants. The causes range from lost backup tapes to lost laptops to network hacks. What most of these cases have in common is the lack of strong technical measures to protect data that is by its nature highly sensitive.

State transit authorities in the US have been including surveillance cameras in the design of their newest train stations for security reasons. But as one state discovered, the technology delivers other benefits too . . .

IBM Chief Privacy Officer Harriet Pearson does the right thing.

It's a topic of fierce debate among high-tech cognoscenti: What's more secure -- "open source" code such as Linux and Apache, or proprietary "closed source" operating systems and applications, Microsoft's in particular?

CSOs will very likely live to see the day when human brains are easily augmentable through an array of knowledge implants, apps and Wi-Fi capabilities. If securing an enterprise seems tricky today, imagine installing firewalls in a few thousand employees' prefrontal lobes.

Employment and training firm CVGT has installed a network management toolkit to enforce compliance and protect the financial and personal data of its 40,000-plus apprentices and trainees.

The Convention on Cybercrime is the work of the Council of Europe and is aimed at facilitating international cooperation in the investigation and prosecution of computer crimes. Since the Convention came into being in 2001, the COE has been working to address the growing international concern over the threats posed by hacking and other computer-related crimes.

Howard Schmidt today is the CEO of R&H Security Consulting. However, he's better known around the world for working in the White House for 31 years. A former White House security adviser, he was appointed by President Bush as Special Adviser for Cyberspace Security just three months after the terrorist attacks of September 11, 2001.

Internationally renowned security guru, Bruce Schneier, will be encouraging technologists at linux.conf.au to take a lesson from Luke Skywalker, and "feel the force" a little more when it comes to security.

David Holtsman, former CTO of Network Solutions, discusses September 11, the role of the Chief Privacy Officer and other hot-button privacy issues.

Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year -- not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

Harrison Ford is ticked off again. But not because the bad guys have hijacked Air Force One or kidnapped his wife from a Paris hotel room; this time they've swiped his identity to break into the bank where he works and steal millions of dollars.

Companies are not embracing encryption as a way to protect sensitive data. According to Ponemon Institute's 2005 National Encryption Survey, only 4.2 percent of companies responding to our survey say their organizations have an enterprisewide encryption plan.

Within the next 10 years the convergence of multiple technologies will thrust people into a world where nothing is secret

I spent a very interesting hour with Phil Libin, president of CoreStreet, learning about the company's method for providing "massively scalable validation products for identity management and access control" - that's how CoreStreet describes its business. First, though, we had to get over a couple of semantic hurdles which points up one of the things slowing down the convergence of pure security products with pure identity management tools.