Assaf Regev: Of the 2.3 billion smartphones around the globe, Kindsight Security estimates that 40 percent of them contain spyware used to monitor the phone's owner by tracking the device's location, incoming and outgoing calls, text messages, email, Web browsing and history.
Natasha Singer: Verizon is now at the forefront of telecommunications companies selling intelligence about their customers to advertisers. The ad-targeting experiments by Verizon and AT&T are striking examples of the data-mining opportunities open to phone carriers now that they have become the nexus of the information universe, providing a connection to the Internet for people anywhere they go, at any time.
Jonathan Mayer: There are widespread collateral consequences from Turn's zombie cookie.
EFF: Eighteen pages of amendments to the Counter-Terrorism and Security Bill would grant the UK government sweeping new powers to compel telecommunications companies to harvest and store data collected on their users, and for police and intelligence companies to obtain and analyze that data without warrants or effective oversight.
Qualys: The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. During our testing, we developed a proof-of-concept in which we send a specially created e-mail to a mail server and can get a remote shell to the Linux machine. This bypasses all existing protections (like ASLR, PIE and NX) on both 32-bit and 64-bit systems. The first vulnerable version of the GNU C Library affected by this is glibc-2.2, released on November 10, 2000.
Jen Ellis: We are frequently more comfortable pointing out weakness and failures than recommending solutions. We must move beyond this if our industry is to survive, and if we ever hope to create a more secure ecosystem.
Zuo Xiaodong, vice president of the China Information Security Research Institute: We're under the yoke of others. ... We're breaking away from these types of circumstances.
|