Pete Recommends – Weekly highlights on cyber security issues June 5 2018

Subject: Warning: New European Privacy Law Has Become a Jackpot for Internet Crooks
Source: Lauren Weinstein’s Blog

A quick but important warning. As you may know, a new misguided European Union privacy-related regulation — the GDPR (General Data Protection Regulation) — is coming into force. This has triggered many websites sending out confusing notices about new GDPR rules, demands that users click-through URLs to accept the new regulations, and a range of other complicated and confusing notifications. I’m now receiving reports of highly deceptive scam phishing emails that falsely purport to be these kinds of notifications, often including URLs “requiring” you to “accept” these regulations or make other changes on your accounts to supposedly avoid disruption of services.

RSS feed for Lauren Weinstein’s Blog:

Subject: US cell carriers are selling access to your real-time phone location data
Source: ZDNet

Kevin Bankston, director of New America’s Open Technology Institute, explained in a phone call that the Electronic Communications Privacy Act only restricts telecom companies from disclosing data to the government. It doesn’t restrict disclosure to other companies, who then may disclose that same data to the government.

He called that loophole “one of the biggest gaps in US privacy law.”

LocationSmart, a California-based technology company, is one of a handful of so-called data aggregators. It to cell carrier networks to obtain real-time cell phone location data from nearby cell towers. It’s less accurate than using GPS, but cell tower data won’t drain a phone battery and doesn’t require a user to install an app. Verizon, one of many cell carriers that sells access to its vast amounts of customer location data, counts LocationSmart as a close partner.

ZDNet Security RSS feed:

A related article:

Subject: Latest Privacy Badger removes Facebook’s link tracking
Source: gHacks Tech News

Facebook runs a script on its site that manipulates skimmed links when users interact with those links. When you hover over an external link on Facebook, a script ensures that you see the right link target and not Facebook’s link monstrosity.

The new version of Privacy Badger blocks some of Facebook’s tracking of third-party links. It should be clear that you cannot prevent all forms of tracking on Facebook if you use the site but that you can limit your exposure.

Privacy Badger blocks some tracking already, from Facebook but also other companies, and the EFF promised to keep on releasing updates for the extension to improve tracking protections further.

Subject: Amazon Echo eavesdropping incident is causing trust issues
Source: Business Insider

This inadvertent eavesdropping episode could undermine consumer confidence in smart speakers.The always-listening nature of a device like the Amazon Echo is what makes it useful as a hands-free voice assistant platform. But this also means users must trust the device isn’t listening when they don’t want it to, or regularly monitor and observe the speaker visually, which defeats the purpose of an audio-first device.

Even before this incident, public discourse around smart speakers, and the Echo especially, had warned about the security and privacy implications of the devices. Increased exposure to these issues as they actually impact consumers will only reinforce the notion that these devices require trust in the tech companies that develop and maintain them.

Read more:

More: iot Internet of Things BI Intelligence BI Intelligence Content Marketing

Subject: China’s ZTE was built to spy and bribe, court documents allege
Source: The Sydney Morning Herald

“China’s Ministry of Aerospace founded ZTE as a front to send officers abroad under non-diplomatic covers such as scientists, businessmen and executives for the purpose of collecting intelligence,” the documents filed in the 191st District Court of Dallas reveal.

The claims go much further than a 2012 report on ZTE by the US House Intelligence Committee and have not been refuted as part of the court proceedings by the company. The allegations feed into long-held security concerns around ZTE, which is partly state-owned, and is banned from selling products to US government departments or the military.


Posted in: Legal Research, Privacy, Social Media, Technology Trends