|
Aug 31, 2000 - MSN overhaul takes many cues from rival AOL news.cnet.com
"The software giant is fine-tuning an overhaul of its MSN Internet service that imitates numerous features from archrival America Online. As previously reported, the company tomorrow will make available the second preview version of the service - dubbed MSN Explorer - that not only integrates all of Microsoft's online offerings under a single interface but also gives the entire World Wide Web a proprietary Microsoft feel." Commentary: "This does not look good at all!! Want to bet that to customize those links, users must store their preferences on MSN servers? And how long will it take for them to "totally integrate" WMP7 into the browser and drop Media Player 6.4 compatibility? The scariest part is Pchelp's findings, coupled with Passport's "cross-domain" capabilities for many of the features that are being incorporated. MS will be able to track just about everything a user does through MSN Explorer using just a couple of cookies with multiple name/value pairs nested inside. This is bad!!" (link & dead-on commentary courtesy of "No Name Given")
Aug 31, 2000 - Microsoft won't fix new Windows security flaw www.theregister.co.uk
"Microsoft says it won't be issuing a patch for a newly discovered security vulnerability in Windows that PGP's COVERT lab classifies as 'high-risk'. The COVERT Lab issued an advisory www.pgp.com/research/covert/advisories/045.asp earlier this week detailing how a local Windows networking configuration can be corrupted by redirecting the user to an arbitrary IP address of the hacker's choosing." (link courtesy of "Tom K.")
Aug 31, 2000 - MSN Cookie Data Crosses Domains And, MSN GUIDs Are Accessible to Anyone www.pc-help.org/privacy/ms_guid.htm
A must-read from pchelp, a GRC newsgroup contributor: "An MSN server and an affiliated website use clever tricks to create and to share between them, a unique numeric identifier (GUID) that is stored on users' machines; sometimes even without the use of cookies. The MSN server readily shares those GUIDs with any web server. The result, perhaps inadvertent, is that anyone with a website can contrive to obtain the GUIDs that are created by the MSN system and carried in users' cookies."
Aug 30, 2000 - Microsoft Word Documents that "Phone Home" www.privacyfoundation.org
Richard M. Smith "smiffs" again, this time showing how Web Bugs can be used in Word, Excel 2000 and PowerPoint 2000 documents. " A "Web bug" could allow an author to track where a document is being read and how often. In addition, the author can watch how a "bugged" document is passed from one person to another or from one organization to another." Includes a demo. A link to his excellent Advanced Web Programming site can be found on the Links page in the Privacy & Security section. (link courtesy of "El Gato Grande")
Aug 29, 2000 - Privacy Furor Over British Cyber-Snooping Law law.about.com
"Britain is poised to become the West's Internet privacy pariah, with the pending Regulation of Investigatory Powers Act, the legal framework for a massive domestic cyber-spying law enforcement agency. On July 26th, a surveillance bill granting the British government broad powers to access e-mail and other electronic communication passed its final vote in the House of Commons and will take effect on October 5th. The Regulation of Investigatory Powers (RIP) bill requires Internet Service Providers in the U.K. to track all data traffic passing through their computers and route it to the Government Technical Assistance Center (GTAC). The GTAC is being established in the London headquarters of the U.K. security service, MI5, which is the British counterpart to the FBI." (link courtesy of "Melony")
Aug 28, 2000 - Press Release: Digital Angel.net subsidiary has signed a preliminary partnership agreement with Axiom Navigation www.digitalangel.net
"Axiom is a leader in the GPS industry, offering OEM services to a variety of recognized industry leaders. Axiom products will be featured in the Digital Angel prototype to be demonstrated in October. Attendees of the event will witness an historical first: the first-ever operational combination of bio-sensor technology and Web-enabled wireless telecommunications linked to GPS location-tracking systems."
Aug 28, 2000 - The Next Big Privacy Brawl May Be over Your Location www.businessweek.com
"Welcome to the newest tech policy battleground: location privacy. So far, the privacy issue has primarly focused on where people travel in cyberspace. But in a few years, technology will exist that will make it dramatically easier for strangers to know where you are in physical space. In addition to cell phones, highly advanced GPS technology is also likely to be added to most models of cars." (link courtesy of Mike at Voice of The Public)
Aug 28, 2000 - Big Brother Is Watching . . . What You Buy www.zdnet.com
"Unlike Orwell's dour Smith, who struggled to conceal his thoughts and feelings from Big Brother, privacy advocates predict our biggest concern in four years' time will be camouflaging ourselves from corporate behemoths devoted to discovering our every purchasing peccadillo - and pandering to it. [...] Companies in the U.S. are already experimenting with the idea that personal information has value as a currency. In other words, you pay for goods and services with bits of your identity." Interesting article. (link courtesy of Mike at Voice of The Public)
Aug 25, 2000 - False alarms spark barrage of Akamai complaints news.cnet.com
"Akamai said it does not scan end-user ports but that a glitch involving common personal firewall software and the latest version of the basic Internet transport protocol, HTTP 1.1, is causing false alarms that make it seem as if Akamai is sniffing around networked computers. "This has nothing to do with Akamai's content delivery services or technology," a company representative said in an email interview." (link courtesy of "Rick S.")
Aug 24, 2000 - Privacy group accused of breaking own rules news.cnet.com
"Truste, an advocacy organization that runs a privacy seal-of-approval program for retail Web sites and shows companies how to write effective privacy policies, itself has tracked Web surfers with means not mentioned in its own privacy policy, a security group says." My favorite news story this month! For more on un-Truste, visit my Truste page. (link courtesy of "Curley")
Aug 23, 2000 - AOL, Inktomi lead coalition aimed at Akamai news.cnet.com
"A new consortium of companies led by America Online and Inktomi took aim today at the content distribution business that has been dominated for a year by upstart Akamai Technologies. Guided by the theory that there is strength in numbers, the companies are joining hands - and networks - to offer a Net-speeding service that will draw on each participant's resources to expand each company's reach. The companies, dubbing their consortium "Content Bridge," say what they're doing is more than a simple Akamai-killing effort, however." Hosts file users will grasp the implications of this.
Aug 23, 2000 - Internet 'spyware'
programs worry privacy advocates www.nandotimes.com
"While you're surfing the Internet, the Internet is watching you. And privacy advocates are raising alarms about "spyware" programs that monitor the electronic footprints of every Internet store you visit or stock report you read, then clandestinely report back to advertising firms what you did." Steve Gibson's work mentioned. (link courtesy of "Jay S. Z.")
Aug 23, 2000 - High-Tech Giants Warm to Privacy Legislation www.pcworld.com
"HP and Intel are among those that would prefer one federal privacy law to 50 state laws. "We hear that there are some who are ready to jump into bed with the regulators - who feel they must do something," says the outspoken U.S. Federal Trade Commission member Orson Swindle." You gotta love Orson. (link courtesy of "Jay S. Z.")
Aug 22, 2000 - Akamai caught in Net filtering cross fire news.cnet.com
"Networking firm Akamai has been dragged into the censorware debate, thanks to a hole affecting Web site blocking software that exploits the company's data delivery system. Many consumers and businesses use filters to prevent children and employees from accessing certain sites, such as those with sexual content. But under the workaround, such sites are accessible by tacking the location onto the end of another address."
Aug 20, 2000 - Users to Web sites: Protect my privacy www.zdnet.com
"Like teenagers just discovering sex, Net surfers are afraid of the consequences, but clueless as to how to protect themselves, study suggests. Most Internet users want a guarantee of privacy protections for their personal information and favor a requirement that mandates Internet companies seek their specific permission before disclosing that information to a third party. Those are the findings of a survey released Sunday by the Pew Internet & American Life project." (link courtesy of "Grep")
Aug 20, 2000 - PEW Internet Project Survey - "Trust and Privacy Online: Why Americans Want to Rewrite the Rules" www.pewinternet.org
The latest Internet Privacy Survey makes very interesting reading (56% don't know what cookies are). Sections in the Main Report include: One: Americans Want a Privacy Guarantee; Two: Guerrilla Tactics; Three: A Punishing Mood; Four: Fear vs. Trust; Five: Why Privacy Concerns Could Limit the Net's Potential; Appendix: How to Look for Cookies on Your Computer - And Disable Them. This is also available in downloadable .pdf format. (link courtesy of "Curley")
Aug 18, 2000 - Cable Net Users Feel Squeezed (ComcastAtHome) www.wired.com
"Internet users are objecting to their cable ISP's attempts to limit how they use their connections. Customers of cable Internet service ComcastAtHome are protesting a new clause in the service's subscriber agreement that forbids the use of virtual private networking (VPN) software." (link courtesy of "Dark Horse")
Aug 18, 2000 - Toysmart customer data still in limbo www.zdnet.com
"A federal bankruptcy judge set aside conditions on the proposed sale of failed Internet retailer Toysmart.com, potentially scuttling a deal with U.S. regulators to safeguard the company's prized database of consumer information. U.S. Bankruptcy Judge Carol Kenner's decision leaves the door open for implementing the deal, which would permit the sale of the company's customer list only to a buyer that agrees to honor Toysmart's privacy pledge concerning the data." (link courtesy of "Tamer A.")
Aug 18, 2000 - Feds to fight wiretap ruling: FBI, Justice to keep pushing for more access to wiretaps www.usatoday.com
"This week, the U.S. Court of Appeals for the District of Columbia wiped out new wiretap standards that had been established by the Federal Communications Commission. Those standards could have provided the FBI entry to a range of confidential information, including credit-card codes, under court orders that authorize the tracing of telephone communications. FBI and Justice officials vow to try again."
Aug 18, 2000 - Five biggest threats to online privacy: How to beat the hackers, snoops and spammers www.msnbc.com
"Do you ever feel like you're being watched? If you browse the World Wide Web, use a computer that's connected to the Internet or ever buy something online, you're probably right."
Aug 17, 2000 - The Spy Who Bugged Me www.cnet.com
"Spyware typically makes its way into your computer when you download shareware, freeware, or game demos. All you'll probably notice are ads popping up within your new shareware program, even though the spyware is clandestinely tracking your response to the advertisements. Applications as diverse as download manager GoZilla, custom cursor library Comet Cursor, and popular file transfer utility CuteFTP are ad-enabled in this way." (link courtesy of "Bill")
Aug 17, 2000 - FBI Offers Carnivore Data (Slowly) www.pcworld.com
"The FBI plans to release within 45 days the first of 3000 pages of documents about its Carnivore e-mail surveillance system, answering a Freedom of Information Act (FOIA) request by civil liberties and privacy groups. The FBI's promised timetable is still too vague for the privacy and civil liberties organizations that filed the FOIA request."
Aug 17, 2000 - Wireless Web privacy hole still wide open news.cnet.com
"Mobile phone Web surfers from several service providers discovered last March that their wireless Web services were distributing their phone numbers to Web sites without telling them. The disclosure enraged privacy advocates and prompted at least one company - Sprint PCS - to promise quick changes. Five months later, little has changed."
Aug 15, 2000 - Toysrus.com Stops Using Coremetrics Service www.newsbytes.com
"Toys R Us Inc.has stopped using the services of Coremetrics.com, a market data collection company that figured in lawsuits alleging that toysrus.com broke its Internet privacy policy, according to lawyers who filed a lawsuit against the toy retailer. "In the face of continued litigation, Toys R Us terminated its relationship with Coremetrics," said a news release issued by Milberg Weiss, a law firm that filed a federal lawsuit in San Francisco on Aug. 2. (link courtesy of "Mike R.")
Aug 15, 2000 - Firm Tracking Consumers on Web for Drug Companies (Pharmatrak) washingtonpost.com
"A Boston technology firm is surreptitiously tracking computer users across the Internet on behalf of pharmaceutical companies... And the companies web site also suggests it has plans to identify people." If you only read one news article this week, read this one. (link courtesy of "Tamer A.")
Aug 15, 2000 - British Consultant Believes Internet Security "Fatally Flawed" www.antionline.com
"Bruce Schneier, a cryptographer and chief technology officer at consultancy Counterpane Internet Security, says that there are fatal flaws in the way systems operate. And he believes that security breaches such as the recent Barclays bank blunder, where customers could see other accounts, are just the tip of the iceberg." (link courtesy of "thunder.")
Aug 13, 2000 - Privacy advocates attack Postal Service e-mail plan www.govexec.com
"Postal officials say they have backed down from reports that they plan to link electronic and physical mailing addresses by explaining that, "everything we are doing in the realm of e-addressing is conceptual." [...] Says Dave McClure: "The reality is that they haven't altered in any systematic way their plan to develop a database that links all e-mail and physical addresses, and they are planing to offer that to direct marketers." See the Aug 01 story for more info.
Aug 13, 2000 - Web privacy products get noticed: Target users wary about cyberspace tracking www.bostonherald.com
"As the Internet booms, companies are selling products designed to give Web users peace of mind in an uncertain cyber-world. And with the legal situation surrounding on-line privacy still fuzzy, many say it's best to take control of matters yourself."
Aug 11, 2000 - Privacy concerns at Act's website stunt www.nzherald.co.nz
"Internet privacy specialists are alarmed at Act's "naming and shaming" campaign identifying Government staff who have accessed its website." This was done by linking logged IP addresses to user names. This article contains a misquote, mentioning "email addresses" when it should be "IP addresses" but the implications for all Internet users are clear.
Aug 10, 2000 - The spy in your server www.guardianunlimited.co.uk
"There is no hiding place on the net as governments around the world chase
your data." An excellent short overview of international issues with a link to past privacy-related articles. (link courtesy of "Mike" from www.voiceofthepublic.com)
Aug 10, 2000 - FBI refuses to release Carnivore details www.zdnet.com
"The Federal Bureau of Investigation declined to give Congress details of its Carnivore Internet surveillance system, telling a member of a House oversight committee that some of the documents he requested include classified information and others are the subject of a pending lawsuit seeking their release."
Aug 07, 2000 - Netscape flaw worse than 'Back Orifice'? (Brown Orifice) www.the-times.co.uk
"'Brown Orifice' bug lets Web page author see a PC's contents, but one security expert thinks it could be worse than its near-namesake." For more info, read this Internet Security Systems alert: xforce.iss.net/alerts/advise58.php. (links courtesy of "Tim & Tami" and "The WebFairy")
Aug 06, 2000 - Spies behind your screen www.the-times.co.uk
"Big Brother is watching your every move, not actually through closed-circuit television cameras, but the 21st-century equivalent: software that registers every website you visit and every program you run, to create a complex map of your every mouse click." Steve Gibson and the GRC website mentioned. (link courtesy of "Alan F.")
Aug 04, 2000 - They know where you're shopping www.zdnet.com
"Did you know that your credit card information for almost every online purchase is sent through a separate third party -- and stored there?" (link courtesy of "Bruce C.")
Aug 04, 2000 - AOL to remove feature in versions of SmartDownload www.digitalmass.com
"The feature at issue is on Netscape's SmartDownload product, which is used to download files. A class-action lawsuit filed by a New Jersey photographer in July alleged the feature could be used for the surveillance of file transfers between Web sites and Internet users. The suit sought at least $10,000 in damage per person." (link courtesy of "Mike M.")
Aug 04, 2000 - PC World: Make Your PC Hacker Proof www.pcworld.com
PC World finished testing six firewalls and Network ICE's BlackICE Defender 1.9 and Zone Labs' ZoneAlarm 2.1 came out on top. Others tested: ESafe Desktop 2.2, McAfee.com's Personal Firewall, Sybergen Networks' Secure Desktop 2.1, and Symantec's Norton Personal Firewall 2000 version 2. Which came in last? Let's just say that a Sybergen Secure Desktop user might as well be shaking a dead chicken over his or her computer. (link courtesy of "Steve Gibson")
Aug 03, 2000 - Toys R Us Privacy Policy Questioned www.pcworld.com
"A lawsuit filed Wednesday in federal court in New Jersey by a California resident claims breach of contract, invasion of privacy, and violation of federal electronic transmission laws by the toy retailer. It accuses the company of disclosing names, addresses, and other personal data about people who made purchases at the Toys R Us Web site from August 5, 1998, to the present." Toys R Us and 3 other companies were found passing info to Coremetrics - see July 31 article. (link courtesy of "Jay Z.")
Aug 03, 2000 - Symantec Purges Its List www.pcworld.com
"...both Norton Personal Firewall and Norton Internet Security 2000 originally included entries for the Aureate and TSAdbot programs - meaning those programs were automatically approved - ad-fetching and information transmission functions and all." That only leaves 698 other "Norton-trusted" programs rules that are automatically configured to run on *your* computer without setting off alerts. Don't you wonder which ones? (link courtesy of "Stan B.")
Aug 02, 2000 - Judge orders emergency hearing on FBI's Carnivore www.cnn.com
"A federal judge ordered an emergency hearing Wednesday on a privacy rights group's request for the immediate release of details on Carnivore, the Federal Bureau of Investigation's e-mail surveillance tool. The Electronic Privacy Information Center (EPIC), in its application to the judge, accused the FBI and the Justice Department of breaching the law by failing to act on a request for fast-track processing of a Freedom of Information Act query about the snooping system." (link courtesy of "Mark S.")
Aug 02, 2000 - EPIC Files Suit for Carnivore Information www.epic.org
"In an application filed in U.S. District Court in Washington, EPIC charges that the Department of Justice and the FBI have violated the law by failing to act on a request to expedite the processing of a Freedom of Information Act request EPIC submitted to the FBI on July 12."
Aug 01, 2000 - E-Mail Alert: Uncle 'Spam' Wants You www.zdnet.com
"The U.S. Postal Service has privacy advocates screaming foul with its national e-mail plan. Uncle Sam could become "Uncle Spam" if the government follows through with plans for creating an "official U.S. e-mail box" for every address in America [...]. The government would use the e-mail addresses to send driver's license renewal forms, tax documents and other materials that would normally be sent by snail mail. How does the USPS make money off this? They make it available to mass mailers..."
Unobfuscated links to news stories have been shortened for page sanity. Please send links to world-wide news stories & related privacy articles to [email protected]. Credit appreciatively given.
^ Top Earlier >
| 