After the Anthem mega-breach, questions abound about possible abuses of medical data. Here is a breakdown that offers some context.
The post Electronic health records and data abuse: it’s about more than medical info appeared first on We Live Security.
The Microsoft Outlook app has been banned from use in the EU Parliament, according to emails from the parliament’s IT department, seen by PC World.
The post Outlook app blocked by EU parliament over ‘serious security issues’ appeared first on We Live Security.
WhatsApp’s privacy settings are “broken” and can be bypassed by downloading a simple bit of software, claims the Dutch developer behind proof-of-concept tool WhatsSpy Public.
The post WhatsApp privacy is ‘broken,’ reveals proof-of-concept hack appeared first on We Live Security.
It seems that companies developing the connected devices that make up the Internet of Things are in a constant race to release new technologies while potentially compromising on privacy.
It emerged this week that certain models of Samsung’s smart TVs are able to record conversations while voice recognition is active.
Samsung’s Terms and Conditions read:
“Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features.”
“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”
So while voice recordings will only be made while the feature is active, the Terms and Conditions do state that:
“If you do not enable Voice Recognition… while Samsung will not collect your spoken word, Samsung may still collect associated texts and other usage data so that we can evaluate the performance of the feature and improve it.”
I have blogged and spoken on privacy and the Internet of Things several times and it is disappointing to find that privacy and security are still not part of the design process for most consumer IoT devices.
First, in 2013 I highlighted the amount of data that is being generated by each and every user of connected devices, often without their knowledge or understanding.
Then, in 2014 I revealed how voice activated technology could be used to manipulate devices into executing unauthorized commands such as sending emails, or controlling a smart TV.
Here we have the two issues combined into one
Users may not understand that while Samsung’s privacy policy contemplates the use of active voice commands, voice activation features can be used both actively and passively, meaning that devices can be constantly recording sound and identifying activation commands.
There is, as such, a potential for privacy issues here.
It’s about time that manufacturers of smart devices started taking the privacy and security of its users seriously. Only a few weeks ago a wireless baby monitor was hijacked and the attacker communicated directly with the nanny through the device.
After CES 2015, I commented that privacy should be at the very heart of the Internet of Things, a sentiment echoed by the FTC and its Chairwoman Edith Ramirez in their report on the Internet of Things.
Hopefully, it will not be too long before the public and electronics producers realize that going online should not mean surrendering your privacy.
On our blog last week, we shared the first 7 easy security measures to protect your Android devices and the data stored there. But we haven’t finished them. Let’s go a little further.
8. Keep an eye in your phone or, if you can, set Geofencing protection
Don’t put your phone down and go somewhere else. And if you’re having fun in a bar and drinking a beer with friends, have a lucid thought before starting: Turn the Avast Geofencing module on. It’s easy. Open Avast Premium Mobile Security > Anti-Theft > Advanced Settings > Geofencing.
Set Avast Geofencing on your phone to protect it from theft while you are occupied.
9. Be aware of what permissions apps require
Why should a flashlight app need access to your contacts? Why would a calculator need access to your photos and videos? Shady apps will try to upload your address book and your location to advertising servers or could send premium SMS that will cost you money. You need to pay attention before installing or, at least, uninstall problematic apps. It’s not easy to find a way (if any) to manage permissions in a non-rooted Android phone.
We have written about this before as apps could abuse the permissions requests not only while installing but also on updating. Read more to learn and be cautious: Google Play Store changes opens door to cybercrooks.
10. Keep your device up-to-date
Google can release security updates using their services running in your devices. Developers can do the same via an app update. Allow updates to prevent vulnerabilities, the same as you do in your computer. But pay attention to any changes. See tip #9.
11. Encryption
You can encrypt your account, settings, apps and their data, media and other files. Android allows this in its Security settings. Without your lockscreen PIN, password or gesture, nobody will be able to decrypt your data. So, don’t forget your PIN! Nevertheless, this won’t encrypt the data sent or received by your phone. Read the next tip for that.
12. In open/public Wi-Fi, use a VPN to protect your communication
Cybercrooks can have access to all your data in a public, open or free Wi-Fi hotspot at the airport or in a cafe. Avast gives you the ability to protect all inbound and outbound data of your devices with a secure, encrypted and easy-to-use VPN called Avast SecureLine. Learn more about it here.
13. Set the extra features of Lollipop (Android 5)
If you’re with Android Lollipop (v5), you can set a user profile to allow multiple users of the same device. You can create a restricted user profile that will keep your apps from being messed with by your kids or your spouse.
You can also pin the screen and allow other users to only see that particular screen and nothing more. It will prevent your friends and coworkers from accidentally (or on purpose) looking into your device.
14. Backup. Backup. Backup.
Well, our last tip is common digital sense. If everything fails, have a Plan B, and C and D… With Avast Mobile Backup you can protect all your data: contacts, call logs, messages, all your media files (photos, musics and videos) and your apps (with their data if you’re rooted) in safe servers. If your device gets broken, lost or stolen, everything will be there, encrypted and safe, for you to restore to your new device.
Have you followed all our tips? Are you feeling safe? Do you have an extra protection or privacy tip? Please, leave a comment below.
The appetite for Twitter user data from governments around the world continues to grow, with the volume of such requests increasing by 40 percent in the second half of 2014. Requests from the United States government alone went up 29 percent, the company said in its latest transparency report. Government requests for Twitter user information […]
The British government has released a document outlining the rules that British spy and law enforcement agencies have to follow in their hacking activities, reports The Guardian.
The post UK Government publishes its guidelines for ‘equipment interference’ appeared first on We Live Security.
Your internet-enabled Samsung Smart TV could be listening to everything you say, and sharing it with third parties.
The post Stop talking in front of Samsung TVs… if you value your privacy appeared first on We Live Security.
Surveillance, privacy and security are serious subjects. So too, for some people, are cat memes and GIFs of screaming goats. And Cheezburger Inc., the premier purveyor of said memes and GIFs, wants its users to know that the company is standing up for their rights. The folks at Cheezburger have built an online empire on […]
Anthem Inc. has suffered an attack on its database which is likely to be the biggest data breach ever disclosed by a health insurance company.
The post Anthem hack could affect 80 million health insurance customers appeared first on We Live Security.
