Web Cache Deception Attacks are Still Around, Says New Research

Web Cache Deception Attacks are Still Around, Says New Research

Web Cache Deception Attacks are Still Around, Says New Research.Web Cache Deception attacks are still impacting many popular websites, says new research.Researchers noticed that 25 of the Alexa Top 5,000 websites were impacted by the Web Cache Deception attack.

Coronavirus: SF businesses decline cash, fearing it could spread the virus

Coronavirus: SF businesses decline cash, fearing it could spread the virus

Ritual Coffee doesn’t observe an outright ban (people can pay with cash if that’s all they have, Rinaldi said) but the emphasis on cashless payments is made clear with notices plastered on the shop’s wall and on its website asking customers to use Apple Pay or a credit or debit card.

GitHub - SadeghHayeri/GreenTunnel: GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.

GitHub - SadeghHayeri/GreenTunnel: GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.

GreenTunnel bypasses DPI (Deep Packet Inspection) systems found in many ISPs (Internet Service Providers) which block access to certain websites.For example, if the administrator chooses to block the hostname youtube using this feature, all Website access attempts over HTTPS that contain youtube like in the SNI would be blocked.

Jordan uses internet throttling instead of internet shutdowns and blocks to censor websites

Jordan uses internet throttling instead of internet shutdowns and blocks to censor websites

In an interview with Netzpolitik, Access Now employee Berhan Taye explained that internet throttling is a new method that governments are using as part of their censorship toolkit – and explained why a government like Jordan might prefer internet throttling to straight up internet blocking:.

Google says it is developing a nationwide coronavirus website

Google says it is developing a nationwide coronavirus website

President Donald Trump had thanked Google on Friday for developing a website that he said would help people determine whether they needed a coronavirus test, saying that 1,700 engineers were working on it.

Australia sues Facebook, alleges breach of user data

Australia sues Facebook, alleges breach of user data

In the Federal Court lawsuit, the Australian Information Commissioner accused Facebook of breaching privacy law by disclosing 311,127 users' information for political profiling via a survey product, 'This Is Your Digital Life', on its website.

Australia could implement mandatory age verification for pornography websites

Australia could implement mandatory age verification for pornography websites

A House of Representatives committee issued a report on Thursday calling for the e-safety commissioner to develop a roadmap for bringing in mandatory age verification for online pornography sites in the next 12 months.

Android users, your WhatsApp chat backup on Google Drive may soon be encrypted

Android users, your WhatsApp chat backup on Google Drive may soon be encrypted

The company itself mentions this on its FAQ website “Media and messages you back up aren’t protected by WhatsApp end-to-end encryption while in Google Drive.”.As mentioned by the WABeta Info account, Google Drive backup of chats might finally be encrypted.

Google rival Brave uncovers mass surveillance of UK citizens

Google rival Brave uncovers mass surveillance of UK citizens

A new report by privacy browser Brave found that over 400 councils in the UK have allowed at least one private company to track visitors to its websites, and mine their browsing activity for profit.

Review: Privacy Badger Browser Extension

Review: Privacy Badger Browser Extension

The algorithmic details may be complex but the basic principle is not: Privacy Badger observes the third party domains that are loaded as you browse the web, and blocks them if it sees them used on multiple websites.

GoodRx Saves Money on Meds—It Also Shares Data With Google, Facebook, and Others

GoodRx Saves Money on Meds—It Also Shares Data With Google, Facebook, and Others

To determine how GoodRx shares data, we monitored traffic using a data packet-capturing tool to observe the company's Android mobile app and website as we searched for deals on a number of prescription medications.

Let's Encrypt Has Issued a Billion Certificates

Let's Encrypt Has Issued a Billion Certificates

Today 81% of page loads use HTTPS globally, and we’re at 91% in the United States!Today we serve nearly 192M websites with 13 full time staff and an annual budget of approximately $3.35M.

Clearview AI's entire client list stolen in data breach

Clearview AI's entire client list stolen in data breach

James Martin / CNET Clearview AI, a facial-recognition software maker that has sparked privacy concerns, said Wednesday it suffered a data breach.The company has a database of 3 billion photos that it collected from the internet, including websites like YouTube, Facebook, Venmo and LinkedIn. New York City-based Clearview said the database of images wasn't hacked.

Can the Government Buy Its Way Around the Fourth Amendment?

Can the Government Buy Its Way Around the Fourth Amendment?

If you’ve been following privacy issues at all in recent years, you know that websites and smartphone apps are sharing your detailed location information with data brokers and advertisers.

AT&T is blocking Tutanota. This shows why we must fight for net neutrality.

AT&T is blocking Tutanota. This shows why we must fight for net neutrality.

A free Internet guarantees that all online services are being treated equally: Right now we can access any website at the same speed.Without net neutrality ISPs could, for instance, offer a 'US bundle', which allows users to use certain US services like Google, Facebook and Twitter without any data limit.

Russia's security service tells internet firms to hand over user data: The Bell

Russia's security service tells internet firms to hand over user data: The Bell

MOSCOW (Reuters) - Russia’s Federal Security Service (FSB) has ordered some of the country’s major internet companies to give it continuous access to their systems, The Bell investigative website reported late on Tuesday, citing three sources at the firms.

Every Click You Make: Data Tracking, Consumer Privacy In The Age Of Surveillance Capitalism

Every Click You Make: Data Tracking, Consumer Privacy In The Age Of Surveillance Capitalism

In the age of the Internet-of-things, every digital device you own collects information about you, while websites, corporations and social media platforms use different techniques to surveil and track your personal data.

Almost Every Website You Visit Records Exactly How Your Mouse Moves

Almost Every Website You Visit Records Exactly How Your Mouse Moves

While a site itself always has access to raw behavior data — and could hypothetically look in on any individual user session — using a service like FullStory brings a third party into the mix.

Mental health websites don't have to sell your data. Most still do.

Mental health websites don't have to sell your data. Most still do.

For example, the page dedicated to treatments for depression on French health website Eurekasante contacts an astounding 71 third parties (compared to 36 in our first research) as soon as you open the page.

Clearview AI - super crime fighter or the death of privacy as we know it?

Clearview AI - super crime fighter or the death of privacy as we know it?

In a nutshell, the New York Times published an article on Ton-That (and others’ as you will see) tiny company Clearview AI on January 18, 2020 that revealed, among many other serious things, that the company claims to have quietly scraped Facebook, YouTube, Venmo and millions of other websites to assemble a database of 3 billion faces.

Weather.com Has Become the Pawn of A Huge Data Theft Scheme

Weather.com Has Become the Pawn of A Huge Data Theft Scheme

Don’t visit to find out, especially if you’re on a mobile device: the website has been compromised by a malicious advertising (malvertising) attack that is scraping personal information from its mobile users.

I freaked out when I saw what sites were telling Facebook about me

I freaked out when I saw what sites were telling Facebook about me

Located in the service’s privacy settings, it lets you see all the websites and apps that reported data back to Facebook about your visits and activities.Facebook says that sites are required to inform me that they intend to report back to Facebook on my visits, purchases, and other activities.

Clearview’s Face Surveillance Shows Why We Need a Strong Federal Consumer Privacy Law

Clearview’s Face Surveillance Shows Why We Need a Strong Federal Consumer Privacy Law

Since the New York Times Clearview story was published, there has been some discussion online about using the federal Computer Fraud and Abuse Act (CFAA)—a notoriously vague pre-Internet law intended to punish those who break into private computer systems—to go after scraping of publicly available websites.

The National Cyber Security Alliance’s Data Privacy Day Honeypot on StaySafeOnline.org

The National Cyber Security Alliance’s Data Privacy Day Honeypot on StaySafeOnline.org

Someone using this tool on the Stay Safe Online website to “update their privacy settings”, would actually be helping Hotjar build a profile of information about themselves, including the sites they shop on, the email service they use, the type of mobile device they have, how they listen to music, share photos and videos, the ride share services they use, their favorite search engines, social networks, web browsers and more.

AmIUnique

AmIUnique

This website aims at studying the diversity of browser fingerprints and providing developers with data to help them design good defenses.Contribute to the efforts by viewing your own browser fingerprint or consult the current statistics of data provided by users around the world!.

Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

Besides Cardplanet, Burkov also masterminded a separate invite-only forum website for elite cybercriminals where they advertised stolen personal identity information, malicious software, and other illegal services, like money laundering and hacking services.

Porn site exposes credit cards, passports and more in major data leak

Porn site exposes credit cards, passports and more in major data leak

According to research conducted by VPNMentor, an adult affiliate website supporting more than 66 million registered members, appears to have left a database containing 20GB of visible data unsecured.This incident goes to underscore both the severity of data breaches and the risks of visiting adult websites.

Law enforcement is using a facial recognition app with huge privacy issues

Law enforcement is using a facial recognition app with huge privacy issues

Read – Emotion-Detecting Technology Should be Banned, Says AI Now. In fact, the software is already noted to be violating the policies of a lot of the websites that it collects the images from.

#EthicalWebDev – guide for ethical website development and maintenance

#EthicalWebDev – guide for ethical website development and maintenance

For example, it has become more and more common for web developers to take “free” resources, such as fonts and scripts and use them on the websites that they design.Ethical Web Dev – Guide for ethical website development and maintenance.

YouTube decides it’s easier to treat all watchers of kids’ content as kids

YouTube decides it’s easier to treat all watchers of kids’ content as kids

According to the FTC complaint, while Google said internally that it had no "child-directed" content and didn't need to worry about COPPA, it was at the same time telling companies such as Mattel and Hasbro that "YouTube was unanimously voted as the favorite website for kids 2-12" and "93 percent of tweens visit YouTube to watch videos.".

More