Tag: privacy-rights

Comcast charged $2,000 for alarm system that didn’t work—for 7 years

Houston resident Lisa Leeson says she paid Comcast nearly $2,000 over seven years for an alarm system, only to find out that it never worked. Comcast, it turns out, installed the alarm system improperly. Even though the alarm made a sound indicating that it was active when Leeson and her family set it each day, “It was unable… to actually call the police and/or Comcast once it was activated,” Leeson told KPRC Local 2 Houston . What did Comcast do after the problem was finally discovered? At first, the company offered only a $20 credit, before eventually agreeing to refund all of the money. “When Davis called Comcast’s corporate office, a spokesman apologized, but not before he pointed to a line in Leeson’s alarm agreement where she agreed to ‘test her system’ on ‘a regular basis,'” the news station reported. “Chances are your alarm company requires the same, putting the onus back on you to make sure your system is functioning properly.” Read 5 remaining paragraphs | Comments

Continue Reading:
Comcast charged $2,000 for alarm system that didn’t work—for 7 years

Bugs in widely used WordPress plug-in leave sites vulnerable to hijacking

Security researchers have discovered vulnerabilities in a widely used WordPress extension that leaves sites susceptible to remote hijacking. WordPress-powered sites that use the All in One SEO Pack should promptly install an update that fixes the privilege escalation vulnerabilities, Marc-Alexandre Montpas, a researcher with security firm Sucuri wrote in a blog post published Saturday . Administrators can upgrade by logging in to the admin panel, selecting plug-ins, and choosing the All in One title. The just-released version that fixes the vulnerabilities is 2.1.6. The worst of the attacks made possible by the bugs can allow attackers to inject malicious code into the admin control panel, Montpas warned. Malicious hackers could then change an admin’s password or insert backdoor code into the underlying websites. People could also remotely tamper with a site’s search engine optimization settings. To exploit the bugs, attackers need only an unprivileged account on the site, such as one for posting reader comments. In some cases, the privilege escalation and cross-site scripting bugs in All in One SEO are combined with another vulnerability that Montpas didn’t elaborate on. Read 2 remaining paragraphs | Comments

View article:
Bugs in widely used WordPress plug-in leave sites vulnerable to hijacking

TrueCrypt security audit presses on, despite developers jumping ship

ZEISS Microscopy TrueCrypt, the whole-disk encryption tool endorsed by National Security Agency leaker Edward Snowden and used by millions of privacy and security enthusiasts around the world, will receive a second round of safety audits despite being declared unsafe and abruptly abandoned by its anonymous developers two days ago. Phase II of the security audit was already scheduled to commence when Wednesday’s bombshell advisory dropped on the TrueCrypt SourceForge page. After 24 hours to reflect on the unexpected move, an organizer with the Open Crypto Audit Project said he saw no reason to scrub those plans. Online fundraisers to bankroll the project have raised about $70,000, well past the $25,000 organizers had initially aimed for . “We have conferred and we are firmly going forward on schedule with the audit regardless of yesterday’s circumstances,” Kenn White, a North Carolina-based computer scientist and audit organizer told Ars Thursday. “We don’t want there to remain all sorts of questions or scenarios or what ifs in people’s minds. TrueCrypt has been around for 10 years and it’s never received a proper formal security analysis. People are going to continue to use it for better or worse, and we feel like we owe the community the proper analysis.” Read 5 remaining paragraphs | Comments

More:
TrueCrypt security audit presses on, despite developers jumping ship

Prosecutors: ex-LulzSec hacker “Sabu” helped authorities stop 300+ cyberattacks

The much delayed sentencing of former LulzSec hacker-turned-FBI informant Hector “Sabu” Monsegur is set to take place next week. But before any decisions are made public, new court documents  (PDF) show Monsegur has helped the feds disrupt more than 300 attacks against targets ranging from the US military to NASA, Congress to private companies. “The amount of loss prevented by Monsegur’s actions is difficult to fully quantify, but even a conservative estimate would yield a loss prevention figure in the millions of dollars,” the document stated. The tale of Sabu’s arrest and LulzSec’s fall: FBI still needs Hector “Sabu” Monsegur, sentencing delayed (again) “Literally” the day he was arrested, hacker “Sabu” helped the FBI LulzSec leader “Sabu” worked with FBI since last summer FBI names, arrests Anon who infiltrated its secret conference call Inside the hacking of Stratfor: the FBI’s case against Antisec member Anarchaos All the latest on the unmasking of LulzSec leader “Sabu,” arrests Stakeout: how the FBI tracked and busted a Chicago Anon Doxed: how Sabu was outed by former Anons long before his arrest Anonymous attacks security firm as revenge for LulzSec arrests “Everything incriminating has been burned”: Anons fight panic after Sabu betrayal Monsegur assisted in high-profile hacks of security firm HBGary and others as a member of LulzSec, a sect of Anonymous. He began cooperating with the FBI in June 2011 after his arrest at the Jacob Riis public housing complex in New York City. His work for the feds began immediately . Eventually Monsegur  helped the government build cases  against numerous Anonymous hackers, including Stratfor hacker Jeremy Hammond . He apparently also assisted the government in its  investigation of Wikileaks . According to the  New York Times , prosecutors filed the new documents because they are asking Judge Loretta A. Preska for leniency in light of Monsegur’s “extraordinary cooperation.” Sentencing in Monsegur’s case is currently scheduled for Tuesday in a Federal District Court in Manhattan. But while some of the other hackers in the LulzSec saga have faced steep penalties (for example, Hammond is serving a 10-year sentence), the government has asked for Monsegur to only be sentenced to time served— just seven months . Read 1 remaining paragraphs | Comments

Read this article:
Prosecutors: ex-LulzSec hacker “Sabu” helped authorities stop 300+ cyberattacks

Wireless broadband can reach the moon, and maybe Mars

Prescott Pym Aside from air, water and fresh vegetables, what would need to survive on the moon? One thing that would likely of feature high on the list is a decent, reliable wireless internet. And thanks to a group of researches from MIT and Nasa this kind of connectivity could be within the realms of possibility. Between them, the two organizations have demonstrated for the first time that data communication technology is capable of providing those in space with the same kind of connectivity we enjoy on Earth, and can even facilitate large data transfers and high-definition video streaming. To do this it uses four separate telescopes based at a ground terminal in New Mexico to send the uplink signal to the moon. A laser transmitter that can send information as coded pulses of invisible infrared light feeds into each of the telescopes, which results in 40 watts of transmitter power. Read 7 remaining paragraphs | Comments

More:
Wireless broadband can reach the moon, and maybe Mars

Apple will fix iMessage bug that makes it harder to leave the service

Andrew Cunningham iPhone users (and ex-iPhone users) attempting to sign out of Apple’s iMessage service recently began running into a nasty bug. Signing out of iMessage means that iPhones trying to text your number should seamlessly switch back to using SMS. However, this hasn’t been happening lately—instead, these iMessages continue to be sent as iMessages. They never actually make it to their destination, and neither the sender nor the receiver is given any indication that the message has failed. Apple acknowledged the bug in a statement to Re/code this morning , noting that it has “recently fixed a server-side iMessage bug which was causing an issue for some users,” and that an additional software update was being planned to fix more problems. Signing out of the iMessage service has always been more difficult than enabling it, and I say that as someone who recently disabled iMessage to make jumping between iOS, Android, Windows Phone, and other mobile operating systems easier. In my case, iMessages sent to my newly disconnected number would simply fail to send, and the problem only worked itself out after I changed my Apple ID password (thereby signing all of my devices out of the service), disassociating my phone number from my Apple ID, and then calling Apple support about the problem. This new bug sounds worse, since message senders don’t even know that the texts aren’t arriving at their destination. Read 1 remaining paragraphs | Comments

More:
Apple will fix iMessage bug that makes it harder to leave the service

Airbnb gives up customer data to NY attorney general

Airbnb Home renting company Airbnb announced Wednesday that under pressure from the New York attorney general’s office, it will hand over the anonymized personal data of its New York hosts to the state. New York Attorney General Eric Schneiderman subpoenaed three years’ worth of data in 2013 in an effort to suss out whether Airbnb users are running “illegal hotels” and to determine if Airbnb’s business model and platform comply with the law. Schneiderman stated his suspicions in April that Airbnb hosts in New York operate residences or parts of their homes like hotels—but without the fire, safety, and tax regulations normally applied to hotels. Airbnb hosts could also be in violation of a 2010 law that prohibits New Yorkers from renting entire apartments for less than 29 consecutive days. Schneiderman claimed that Airbnb sells itself to investors as a hotel network, but it attempts to keep that pitch out of the public sphere for fear of incurring legal hotel status. The New York Supreme Court rejected Schneiderman’s subpoena request on May 13, “but the judge’s ruling also made it clear that he would accept a new, narrower subpoena and require Airbnb to turn over personal information about hosts if the Attorney General’s Office made some changes to their demands,” wrote Airbnb in its blog post Wednesday. Read 1 remaining paragraphs | Comments

More:
Airbnb gives up customer data to NY attorney general

Wi-Fi networks are wasting a gigabit—but multi-user beamforming will save the day

Aurich Lawson Wi-Fi equipment based on the new 802.11ac standard—often called Gigabit Wi-Fi —has been on the market for nearly two years. These products offer greater bandwidth and other improvements over gear based on the older 802.11n specification, but they don’t implement one of the most impressive features of 11ac. It was simply too complicated to deploy all the upgrades at once, hardware makers say. As a result, 11ac networks actually waste a lot of capacity when serving devices like smartphones and tablets. This shortcoming should be fixed over the next year with new networking equipment and upgrades to end-user devices. Once everything is in place, Wi-Fi networks will be better able to serve lots of devices at once, particularly the mobile devices that every single person in the US seemingly has in his or her hands every minute of the day.The soon-to-be-deployed technology is called MU-MIMO (multi-user, multiple-input and multiple-output), which is like a wireless “switch” that sends different data to different receivers at the same time. It’s powered by multi-user beamforming, an improvement over the single-user beamforming found in first-generation 11ac products. MU-MIMO will let wireless access points send data streams of up to 433Mbps to at least three users simultaneously, for a total of 1.3Gbps or more. First-generation 11ac equipment without MU-MIMO could send those streams of data simultaneously, but only to one device—and only if that device was capable of receiving multiple streams. Many computers could handle the influx of data, but smartphones and tablets generally couldn’t. That meant they could only receive one stream (occasionally two) because of power limitations. Read 37 remaining paragraphs | Comments

Continued here:
Wi-Fi networks are wasting a gigabit—but multi-user beamforming will save the day

For Do Not Call violations, Sprint will pay FCC $7.5M in largest ever settlement

Hunter Edwards On Monday, Sprint agreed to pay the Federal Communications Commission $7.5 million to resolve violations of the Do Not Call registry—the largest settlement payout ever. The program first began in 2003 as a way to allow Americans to opt out of unsolicited sales calls. According to the FCC, Sprint will also put into effect a “robust compliance plan,” designate a new senior manager to deal with compliance, retrain its employees, and report any further noncompliance to the agency, among other necessary actions. “We expect companies to respect the privacy of consumers who have opted out of marketing calls,” said Travis LeBlanc, acting chief of the Enforcement Bureau, in a statement . “When a consumer tells a company to stop calling or texting with promotional pitches, that request must be honored. Today’s settlement leaves no question that protecting consumer privacy is a top enforcement priority.” Read 3 remaining paragraphs | Comments

Read more here:
For Do Not Call violations, Sprint will pay FCC $7.5M in largest ever settlement

Shocker: Cable TV prices went up four times the rate of inflation

The Federal Communications Commission today issued a report on average cable TV prices in the US , and to the surprise of no one, it turns out they went up a lot. “Basic cable service prices increased by 6.5 percent [to $22.63] for the 12 months ending January 1, 2013. Expanded basic cable prices increased by 5.1 percent [to $64.41] for those 12 months, and at a compound average annual rate of 6.1 percent over the 18-year period from 1995-2013,” the FCC said. The basic cable increase was four times the rate of inflation as measured by the Consumer Price Index (CPI) for the 12-month period, and substantially above inflation for the 1995-2013 measurement. Read 10 remaining paragraphs | Comments

See more here:
Shocker: Cable TV prices went up four times the rate of inflation