Stop! Before reading any further, grab yourself a pair of fuzzy mittens or a helmet with a faceguard. The reason? A Canadian audit of systems resold by Staples and performed by the office of Privacy Commissioner Jennifer Stoddart reveals that there's plenty of facepalming to go around. First there's the finding that Staples allegedly ran afoul of Canadian privacy law by not fully wiping customer data from notebooks and storage devices before reselling them. A facepalm is also in order for customers who returned said items without first wiping the data themselves.
A little snafu over at Dropbox HQ has served to remind us how imperfect the cloud still is for storage of all our personal data. Over the weekend, an observant user noticed that following a password change, he was able to log into his cloud storage account with any password at all, even if it was just one letter long. Weird, right? Well it turns out it wasn’t just him. Anyone could log into any Dropbox with any password.
It appears that yet another gaming company has come under online attack resulting in the theft of user data. This time it’s Sega and its Sega Pass system. No one has claimed responsibility for this attack yet, but most observers are pointing the finger at LulzSec.
Lulz Security (or LulzSec if you’re in a hurry) has decided to ask the masses what it should hack next. The group that cracked Sony Pictures, Nintendo, The US Senate, The Escapist, and more have set up a hotline where the community can suggest future targets. The number was posted to the group’s Twitter account yesterday and immediately received thousands of calls.
It wouldn’t be another week without some sort of Facebook privacy snafu. This time it’s all about facial recognition, and Facebook’s apparent assumption that you wanted it turned on. The facial recognition technology was announced last year, but did not roll out to all users. Now the option is turning on for many users around the world, and it defaults to “enabled”.
Mark Zuckerberg, co-founder and chief executive officer of Facebook, feels that kids under the age of 13 should be able to use the social networking service. In all reality, pre-teens already flood Facebook, Zuckerberg just wants to make it official and said he plans to fight current regulation -- and specifically the Children's Online Privacy Protection Act (COPPA) -- that makes it illegal for children under 13 to join an online service which collects user information data.
California is trying to push through legislation that would require social networks to make changes to their privacy policies, and Facebook wants nothing to do with it. Called the Social Networking Privacy Act (SB 242), this new bill would require Facebook and other social networking sites make users set up their privacy settings as part of the registration process rather than after they become members. So what has Facebook all in a tizzy?
Adobe has announced the release of Flash Player 10.3 for Android, Linux, MacOS, and Windows. The latest stable release of Adobe’s ubiquitous plugin packs a bunch of new features and security enhancements. But its most notable user-facing feature is the ability to clear hitherto hard-to-delete Flash cookies, or local shared objects (LSOs) as they are formally known, from the comfort of the web browser’s privacy settings. Hit the jump for more.
According to an investigation by Symantec, innumerable Facebook applications have been leaking your personal data for years. The issue, just discovered by Symantec, has been reported to Zuckerberg and company, but advertising and stat tracking companies may have already had access all this time.
The U.S. Department of Homeland Security sent Mozilla a request to remove a Firefox add-on that redirects web surfers from one domain to another. At issue is the MafiaaFire Redirect add-on, which redirects visitors from one domain to another, making it all too easy to sidestep the government's domain name seizures. Be that as it may, Mozilla is so far refusing to comply.