Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Submission + - Google is purging third-party cookies (google.com)

An anonymous reader writes: Google started its campaign to phase out of third-party cookies as announced earlier. At the beginning cookies are turned off for 1% of users, and those lucky ones unlock a "tracking protection" in Chrome settings. In agreement with the UK Competitions and Markets Authority, third-party cookies will be completely removed at the end of this year, a move under tight anti-competition scrutiny also in Brussels. Meanwhile, a technology researcher released a privacy audit of third-party cookie replacement, Privacy Sandbox's Protected Audience API, validating its standing against EU data protection, which may even close the ever-present cookie consent popups disliked universally in Europe.

Submission + - Russia proposes international cybersecurity treaty (theregister.com) 1

An anonymous reader writes: Russian Federation has prepared a project of an international treaty "United Nations Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes" (PDF, original in Russian) to be considered by United Nations. It prohibits the creation of malware (unless for lawful purposes) and criminalises other 23 behaviours, including some forms of political expression. "Russia's proposed rule expansion, for example, calls for domestic laws to criminalize changing digital information without permission – "the intentional unauthorized interference with digital information by damaging, deleting, altering, blocking, modifying it, or copying of digital information." The draft also directs members states to formulate domestic laws to disallow unsanctioned malware research – "the intentional creation, including adaptation, use and distribution of malicious software intended for the unauthorized destruction, blocking, modification, copying, dissemination of digital information, or neutralization of its security features, except for lawful research."". The move directly follows the June meeting of Vladimir Putin and Joe Biden. Dr Lukasz Olejnik, a former cyberwarfare advisor at the International Committee of the Red Cross in Geneva said that "with the political process of the UN, who knows what happens in a few months".

Submission + - Web browsing history uniquely identifies users (schneier.com)

An anonymous reader writes: Researchers from Mozilla report in a study that web browsing histories (the lists of user visited websites) are uniquely identifying users. In their study that was the case for 99% users. Treating web browsing histories like fingerprint, the researchers analysed how the users can be reidentified just based on the coarsened list of user-visited websites. .

In doing so they upheld and confirmed a previous study from 2011, prompting the author of the original study to say that web browsing histories are now personal data subject to privacy regulations like the GDPR.

Sensitivity of web browsing history data questions the laws allowing ISPs to sell web browsing histories

Submission + - Apple to deploy European-style tracking popups to all iPhones (bloomberg.com)

An anonymous reader writes: Less prominent news from the WWDc is that Apple will lock the use of the advertisement identifier (IDFA) in iOS14. Applications will need to ask for user's explicit consent which makes tracking an opt-in

This is also a perhaps unexpected win of the long-ridiculed European law requiring websites to ask for tracking cookie permission, now deployed to all iPhones.

Submission + - Israeli Defence Force bombs Hamas cyber warriors (zdnet.com)

An anonymous reader writes: In a first Israeli Air Force used bombed Hamas cyber unit in response to a cyber-attack . IDF said that Hamas cyberattack was targeting civilian Israelis. While the IDF and Shin Bet have not revealed any details about the Hamas cyber-attack, Hamas hackers have been known for years to have the ability to hijack IDF drones

Submission + - UK backs off from banning reidentification research (theguardian.com)

An anonymous reader writes: UK has recently debated banning reidentification in its new data privacy law. This proposal has quickly been identified as dangerous and criticised, as it was argued this is not only ineffective but would also put at risk legitimate security and privacy researchers.

Following public outcry, the UK government amended the Bill to include safe-guards allowing researchers to study anonymisation weaknesses. Researchers will also gain a new channel of disclosure via the Information Commissioner Office.

Submission + - London Tube to use wifi tracking to monetise passenger data (gizmodo.co.uk)

An anonymous reader writes: Transport for London (TfL), the operator of London Subway system is in the process of deplopying a broad wifi tracking system. London is strugglig with the transport network capacity so the ability to learn commuters' travel patterns is compelling. TfL's plans have sparked privacy concerns from the beginning, as users had no practical choice of opt-out. Now it emerged that TfL is planning to use the system to monetize passengers' data, TfL is also not ruling out sharing the data weith third-parties in future. More information shows that the privacy protection could not be as good as TfL maintains, with reversible hashing and options of giving data to law enforcement. A privacy engineering expert points out additional issues in pseudonymisation scheme and communication inconsistencies. Final deployment has been initially scheduled to start in end of 2017.

Submission + - UK wants to ban reidentification (bleepingcomputer.com)

An anonymous reader writes: European countries are currently implementing new data protection laws. Recently, Despite leaving European Union, United Kingdom has expressed intent to implement the law called General Data Protection Regulation. As an extension, the UK wants to to ban reidentification (with a penalty of unlimited fines), the method of reversing anonymisation, or pointing out the weakness of the used anonymisation process. The famous example was research reidentifying Netflix users from published datasets. By banning reidentification, UK follows the lead of Australia which is considering enacting similarly controversial law that can lead to making privacy research difficult or impossible. Privacy researcher express concerns about the effectiveness of the law that could even complicate security, a view shared by privacy advocates.

Submission + - European Parliament working on end-to-end encryption (lukaszolejnik.com)

An anonymous reader writes: European Parliament is currently working on ePrivacy Regulation and is considering to increase the privacy protection in electronic communication. In an unprecedented move, end-to-end encryption and banning of backdoors are being debated as a mandatory solution. This move is in direct contrast to the increasingly loud voices around the world to introduce regulations or weaken encryption. If adopted, it would be troubling for some countries such as United Kingdom that currently requires decryption options. The ePrivacy regulation is not only considering end-to-end encryption, but also backing up Do Not Track standard as a binding consent mechanism.

Submission + - European Privacy Regulators Take Coordinated Action Against Facebook

An anonymous reader writes: European privacy regulators from as number of countries has made a coordinated action against Facebook for violating data protection laws. The French CNIL has sanctioned Facebook wieth a 150,000 EUR fine, and the regulator from Netherlands is considering a similar action. Regulators are concerned with new privacy policies of Facebook, lack of transparency, cookie handling and tracking Facebook users on third party sites — all without user knowledge or control. Such coordinated move is unprecedented in the history of European data protection regulators.

Submission + - Firefox purging functionality citing privacy concerns (theguardian.com)

xogg writes: Battery Status API allows web sites to read the battery level of user's system. The API was found to bring privacy risks and abuse potential and a number of implementation bugs. Now with apparent no legitimate use cases, Mozilla is taking the unprecedented decision to vaporize a browser API due to privacy concerns. And apparently, WebKit, powering Apple's Safari follows. Is that the first time a browser reduces functionality following research reports warning of privacy risks?

Submission + - Web Bluetooth opens new abusive channels (dailydot.com)

An anonymous reader writes: Recently, browsers are starting to ship Web Bluetooth API, soon to become a component of Web of Things. Web Bluetooth will allow to connect local user devices with remote web sites. While offering new development and innovation possibilities, it may also open a number of frightening security and privacy risks such as private data leaks, abuses and complexity. Web Bluetooth as currently defined by W3C may introduce unexpected data leaks such as location, and personally-identifiable data. Is pairing kettles with web sites a good idea?

Slashdot Top Deals

The University of California Statistics Department; where mean is normal, and deviation standard.

Working...