• “Stalking software”: Surveillance made simpler

    The controversial Snap Map app enables Snapchat users to track their friends. The app makes it possible for users to monitor their friends’ movements, and determine – in real time – exactly where their posts are coming from (down to the address). Many social media users expressed their indignation, referring to the app as “stalking software.” This is the latest in a series of monitoring tools to be built on social media platforms. A new study assesses the benefits and risks associated with their use.

  • The real costs of cheap surveillance

    Surveillance used to be expensive. Even just a few years ago, tailing a person’s movements around the clock required rotating shifts of personnel devoted full-time to the task. Not any more, though. Governments can track the movements of massive numbers of people by positioning cameras to read license plates, or by setting up facial recognition systems. Private companies’ tracking of our lives has also become easy and cheap too. Advertising network systems let data brokers track nearly every page you visit on the web, and associate it with an individual profile. It is worth thinking about all of this more deeply. U.S. firms – unless they’re managed or regulated in socially beneficial ways – have both the incentive and the opportunity to use information about us in undesirable ways. We need to talk about the government’s enacting rules constraining that activity. After all, leaving those decisions to the people who make money selling our data is unlikely to result in our getting the rules we want.

  • Minority Report? Wisc. company replaces ID cards, badges with microchips implants

    River Falls, Wisconsin-based technology company Three Square Market has become one of the first in the world to implant microchips in staff so they can clock-in or enter secure areas by waving their arm instead of using swipe cards or ID badges. The implanted microchip would also allow employees to order food at the cafeteria and open the parking garage doors. They can also log in to their computer without a password.

  • App ensures safe surfing on public Wi-Fi hotspots

    You always need to assume someone’s looking over your shoulder when you’re using public Wi-Fi: a hacker, or the government, or a plain old snoop. New app — SaferVPN — automatically turns on as soon as your device connects to unsecured networks, an begins to direct data through an encrypted “tunnel.”

  • Encryption system hides your travel data from Uber

    The apps created by Uber and its competitors put peers in touch with each other when one of them is looking for a ride. But the online platforms these companies have developed also collect users’ personal data – from passengers and drivers alike. Multiplied by millions of users each day, that comes out to be a goldmine of information, especially in the era of Big Data. Researchers looked at how the same level of service could be achieved without disclosing users’ personal data.

  • Bringing transparency to cell phone surveillance

    Modern cell phones are vulnerable to attacks from rogue cellular transmitters called IMSI-catchers — surveillance devices that can precisely locate mobile phones, eavesdrop on conversations or send spam. Security researchers have developed a new system called SeaGlass to detect anomalies in the cellular landscape that can indicate where and when these surveillance devices are being used.

  • Protecting against online privacy attacks

    When Congress voted in March to reverse rules intended to protect internet users’ privacy, many people began looking for ways to keep their online activity private. One of the most popular and effective is Tor, a software system millions of people use to protect their anonymity online. But even Tor has weaknesses, and in a new paper, researchers recommend steps to combat certain types of Tor’s vulnerabilities.

  • Using Bitcoin to prevent identity theft

    A reaction to the 2008 financial crisis, Bitcoin is a digital-currency scheme designed to wrest control of the monetary system from central banks. With Bitcoin, anyone can mint money, provided he or she can complete a complex computation quickly enough. Through a set of clever protocols, that computational hurdle prevents the system from being coopted by malicious hackers. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory presented a new system that uses Bitcoin’s security machinery to defend against online identity theft. The system piggybacks on the digital currency’s security protocols to thwart hijacked servers.

  • Lawsuits filed about electronic privacy, profiling abuses at borders, airports

    Earlier this week, two lawsuits were filed in federal court to demand that the Department of Homeland Security (DHS) release information about how federal officials have treated travelers who are Muslim or who are perceived to be Muslim at United States borders, including airports. The lawsuits highlight the numerous recent reports of individuals who are or are perceived to be Muslim having their electronic devices searched while traveling or having their trusted traveler status revoked without explanation.

  • Driver privacy can be compromised in Usage-Based Insurance (UBI) systems

    Researchers have demonstrated that it is possible to compromise a driver’s private information stored in the cloud for Usage-Based Insurance (UBI) programs, based on only part of the data collected. UBI programs determine a consumer or fleet insurance premium rate based on several driving parameters that are collected, including total driving time, cornering and average speed. As part of the burgeoning Internet of Things (IoT) connected-device functionality in vehicles, driver data is gradually being stored in the cloud, rather than onboard a vehicle’s computer.

  • New technology helps protect biometric databases

    More and more people are leaving their fingerprints behind – in passports, when logging in to online banking or their mobile phones. Have you thought about where your fingerprint information is stored and who has access to it? Whether we store fingerprints on our mobile phone chip, with our server host or in the cloud, security is always a concern. Scientists are constantly searching for new and better security solutions to protect your information.

  • House kills web privacy protections; ISPs free to collect, sell customers’ information

    The House of Representative on Tuesday voted 215 to 205 kill the privacy rules, formulated by the FCC, which were aimed at preventing internet service providers (ISPs) from selling their customers’ web browsing histories and app usage to advertisers. Without these protections, Comcast, Verizon, AT&T, and other ISPs will have complete freedom to collect information about their customers’ browsing and app-usage behavior, then sell this information to advertisers.

  • Repealing FCC’s privacy rules: A serious blow to privacy, cybersecurity

    In the end, the cybersecurity implications of repealing the FCC’s privacy rules come from simple logic. If the privacy rules are repealed, Internet providers will resume and accelerate these dangerous practices with the aim of monetizing their customers’ browsing history and app usage. But in order to do that, Internet providers will need to record and store even more sensitive data on their customers, which will become a target for hackers. Internet providers will also be incentivized to break their customers’ security, so they can see all the valuable encrypted data their customers send. And when Internet providers break their customers’ security, you can be sure malicious hackers will be right on their heels. The net result is simple: repealing the FCC’s privacy rules won’t just be a disaster for Americans’ privacy. It will be a disaster for America’s cybersecurity, too.

  • Connected dolls, tell-tale teddy bears: Managing the Internet of Toys

    Large numbers of connected toys have been put on the market over the past few years, and the turnover is expected to reach €10 billion by 2020 – up from just €2.6 billion in 2015. Connected toys come in many different forms, from smart watches to teddy bears that interact with their users. They are connected to the internet and together with other connected appliances they form the Internet of Things, which is bringing technology into our daily lives more than ever. However, the toys’ ability to record, store and share information about their young users raises concerns about children’s safety, privacy and social development. Action is thus needed to monitor and control the emerging Internet of Toys.

  • Protecting web users’ privacy

    Most website visits these days entail a database query — to look up airline flights, for example, or to find the fastest driving route between two addresses. But online database queries can reveal a surprising amount of information about the people making them. And some travel sites have been known to jack up the prices on flights whose routes are drawing an unusually high volume of queries. MIT researchers next week will present a new encryption system that disguises users’ database queries so that they reveal no private information.