Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
A few days ago, CAUCE published a blog post entitled "Epsilon Interactive breach the Fukushima of the Email Industry" on our site, and the always-excellent CircleID. A small coterie of commenters was upset by the hyperbolic nature of the headline. Fair enough, an analogy usually has a high degree of probability that it will fail, and clearly, no one has died as a result of the release of what appears to be tens of millions of people's names and email addresses. But, the two situations are analogous in many other ways, and here's why. more
The highest court in Germany has ruled against telephone and email data retention used to track criminal networks. Melissa Eddy of the Global and Mail reports: "A law ordering data on calls made from mobile or landline telephones and e-mail exchanges be retained for six months for possible use by criminal authorities violated Germans' constitutional right to private correspondence, the Federal Constitutional Court ruled. In its ruling, the court said the law failed to sufficiently balance the need for personal privacy against that for providing security."
more
I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more
Today I released a report on 'National cyber crime and online threats reporting centres. A study into national and international cooperation'. Mitigating online threats and the subsequent enforcing of violations of laws often involves many different organisations and countries. Many countries are presently engaged in erecting national centres aimed at reporting cyber crime, spam or botnet mitigation. more
In 2012 I wrote a blog on CircleID called State hacking: Do's and don'ts, pros and cons. In this post I give some thoughts to the concept of a government "hacking back" at criminals. The reason for this was an announcement by the Dutch government that it contemplated law along these lines. The proposed law is now here: the Act Computer Criminality III. more
Over 75 consumer groups in U.S. and Europe have asked the US Federal Trade Commission (FTC) to investigate Google for unfairly and deceptively manipulating users of mobile phones with its Android operating system by constantly tracking location. A letter sent to the FTC by the Transatlantic Consumer Dialogue (TACD), a forum of US and EU consumer organizations, says Google manipulates users into constant location tracking. more
Imagine living in a country where it was necessary to register with your community government by providing a copy of one of the following... This may be necessary in perhaps a large number of nations. However, as a United States citizen and resident, I was quite surprised when my local community issued the request. I investigated and found much to my dismay, that my community in fact was required by regulation to survey its residents on a biennial basis. more
A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints." more
The Internet Society (ISOC) will present an INET Regional Conference today June 14 2011 at the Sentry Center in NYC. The theme is "It's your call. What kind Of Internet do you want?". The distinguished line up of speakers will include 'Father of the Internet' Vint Cerf, World Wide Web inventor Sir Tim Berners Lee, and Assistant Secretary for Communications and Information at the U.S. Department of Commerce Lawrence Strickling. more
In case you missed it a few days, a story broke that said that Facebook was caught hiring a PR firm to spread stories about Google about how they invade people's privacy... Even though I work for Microsoft and therefore can hardly be considered unbiased, I think Microsoft would be in a position to call out others for lack of privacy protection. I say this based on the fact that in my division, every new feature that we implement has to go through Privacy reviews... more
The past couple of weeks have been pretty seminal for anyone concerned about the state of Internet security and the bigger picture as to how much we could - do - and should - trust the Web. These two strange words - WikiLeaks and Stuxnet - have suddenly entered our lexicon and there is a lot to be concerned about in the world of smart grid. more
Europe is at the forefront of the global debate about data protection and privacy. Unfortunately that debate is characterised more by hyberbole and scaremongering than real discussion. Europeans deserve better -- and so does the world, who rightly see Europe as a leader on this subject. The new Commission has a chance to truly lead in partnership with governments, like Brazil, that agree with us. more
Digital governance, like all governance, needs to be founded in guiding principles from which all policy making is derived. There are no more fundamental principles to guide our policy making than the Universal Declaration of Human Rights, (UDHR). This article is Part 2 of a series of articles exploring the application of the UDHR to rights issues in the cyberspaces of the Internet ecosystem. The previous article in the series explores the foundations of the UDHR. more
On 8th February, 2015, Internet users celebrated news that the Telecom Regulatory Authority of India had passed regulation prohibiting ISPs from discriminating access to data services based on content". This directive follows similar developments in the U.S, E.U, Chile et al, and is a huge milestone in the fight for Net Neutrality: the principle that ISPs should treat all Internet traffic the same way. Meanwhile, Net Neutrality issues are not unique to India. more
Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
A World-Renowned Source for Internet Developments. Serving Since 2002.