EFF Submits Consumer Data Privacy Comment to the California Attorney General

EFF Submits Consumer Data Privacy Comment to the California Attorney General

The Electronic Frontier Foundation has filed comments on two issues: first, how to verify consumer requests to companies for access to personal information, and for deletion of that information; and second, how to make the process of opting out of the sale of data easy, using the framework already in place for the Do Not Track (DNT) system.

Login With Facebook, Google or AT&T? Thanks, but No Thanks

Login With Facebook, Google or AT&T? Thanks, but No Thanks

There's more: Project Verify is better than the Facebook and Google SSOs because it's going to be checked against your mobile SIM card, phone number, user credentials, account tenure and phone account type (info only your wireless carrier has).

How much privacy do you have left on the web?

The former requires providing your mobile phone number which is immediately tied to your real-life identity — more on that soon. So it seems that having your accounts linked to your real-life identity via your mobile phone number is usually unavoidable even if it’s not the same number you normally use.

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Nixon said countless companies have essentially built their customer authentication around the phone number, and that a great many sites still let users reset their passwords with nothing more than a one-time code texted to a phone number on the account.

Facebook Data Gathering Reined in by German Facebook Ruling

Facebook Data Gathering Reined in by German Facebook Ruling

Upon completion of its investigation into the business practices of Facebook, the Bundeskartellamt last week found that the social media giant’s practices in relation to data obtained its services means that the platform users may be victims of ‘exploitative’ abuse.

Amazon’s Antitrust Antagonist Has a Breakthrough Idea

Amazon’s Antitrust Antagonist Has a Breakthrough Idea

Once-robust monopoly laws have been marginalized, Ms. Khan wrote, and consequently Amazon is amassing structural power that lets it exert increasing control over many parts of the economy.

Firefox Send — Free Encrypted File Transfer Service Now Available For All

Firefox Send — Free Encrypted File Transfer Service Now Available For All

Mozilla has finally launched its free, end-to-end encrypted file-transfer service, called Mozilla has finally launched its free, end-to-end encrypted file-transfer service, called Firefox Send , to the public, allowing users to securely share large files like video, audio or photo files that can be too big to fit into an email attachment.

Man arrested for selling one million Netflix, Spotify, Hulu passwords

Man arrested for selling one million Netflix, Spotify, Hulu passwords

Police in Australia have arrested a man who allegedly made AU $300,000 (US $211,000) running a website which sold the account passwords of popular online subscription services including Netflix, Spotify, Hulu, PSN, and Origin.

Updates to our Terms of Service and Privacy Policy

FamilyTreeDNA’s Terms of Service and Privacy Statement have been updated to require law enforcement, as well as any authorized representative working on behalf of law enforcement, to register all genetic files through a separate process prior to uploading to the database.

The Ten Commandments of crypto security – By Panama Crypto

The Ten Commandments of crypto security – By Panama Crypto

Two-factor authentication (2FA), keeps hackers, phishing, attempts at bay because once it is enabled on your email account, anybody that tries to break into your email would need to have physical or remote access to the device you have the 2FA app installed (either Google Authenticator or Authy) in order to produce the Time-based One-Time Passcode (TOTP) directly within the app.

GitHub - c-edw/discord-delete: Powerful script to delete full Discord message history.

GitHub - c-edw/discord-delete: Powerful script to delete full Discord message history.

It's also able to do a deeper search for messages than other projects by using data request packages to delete messages from long-forgotten conversations. Discord does anonymise accounts on deletion but message history can usually be used to counteract that.

Facebook Still Wants Your Friends to Engage When You’re Dead

Facebook Still Wants Your Friends to Engage When You’re Dead

The platform offers the option to your family members to either delete or archive your account as a “memorial page.” (Family members will need to provide documentation to Facebook in order to make any changes to your account.) Now, Facebook is adding a new feature that will allow people to continue posting on your memorialized page in tribute.

Facebook plans to turn your profile into ‘virtual grave’ when you die

Facebook plans to turn your profile into ‘virtual grave’ when you die

2 'Legacy contacts' were notified of the new feature today Depending on the privacy settings of a memorialised account, Facebook friends can still write on the wall of its Timeline or comment on any posts the account holder made before they died.

Hijacking WhatsApp without Hacking

Hijacking WhatsApp without Hacking

Not only can curious people like me read these, displaying the full content of messages on your lock screen can lead to your instant messaging accounts being hijacked. Of course, this will only work if the CEO’s phone displays incoming messages on the lock screen.

Uproar Over Facebook 2FA Privacy Violation

Uproar Over Facebook 2FA Privacy Violation

Connor Jones says it’s not for the first time we’ve heard complaints like these: [Facebook] encourages its users to set up 2FA account protection which requires a phone number.

Facebook won’t let you opt-out of its phone number ‘look up’ setting

Facebook won’t let you opt-out of its phone number ‘look up’ setting

Facebook gives users the option of allowing users to “look up” their profile using their phone number to “everyone” by default, or to “friends of friends” or just the user’s “friends.” But there’s no way to hide it completely.

How to Secure Your Identity & Become Anonymous Online in 2019

How to Secure Your Identity & Become Anonymous Online in 2019

Readers who want to transition from Gmail entirely can start by going through primary online accounts and updating them to use their new ProtonMail email address.

How to Delete Google Search History

How to Delete Google Search History

Why is it not enough to know how to erase Google search history to delete all traces of your activity? This information about searches and queries is saved in the ‘ My activity ’ section on the Google website, where you have the possibility to check your google history and manage them.

How Do I Know If My Email Has Been Leaked in a Data Breach?

How Do I Know If My Email Has Been Leaked in a Data Breach?

Since most people still recycle versions of their passwords, once one of them is released in a data leak, it could mean that all of your online accounts are compromised thanks to bad password hygiene .

Open Letter to EU Lawmakers Against Fingerprints in ID Cards

Open Letter to EU Lawmakers Against Fingerprints in ID Cards

The proposal relies entirely on the ICAO standard but fails to investigate its security and to take into account some key differences (although they are mentioned in the impact assessment): a citizen doesn’t carry their passport all the time, and are not obliged by law to do so, which is not true for ID cards in some Member States.

Firefox 67 to display breach alerts

Firefox 67 to display breach alerts

Mozilla plans to extend the functionality of Firefox Monitor by displaying breach alerts to users of the browser. The feature was passive at that time; users could check whether an account -- email address -- was found on hacked passwords lists, and they could sign up to receive alerts when a particular account was discovered on new leaked lists.

Coffee Meets Bagel announces a data breach on Valentine’s Day

Coffee Meets Bagel announces a data breach on Valentine’s Day

The company sent out an email to users today telling them that some of their personal information may have been breached. Luckily, the company said that the hackers didn’t make off with any sensitive information like credit card numbers or passwords.

Those Twitter DM’s From the Account You Deleted? They Could Still be Around

Those Twitter DM’s From the Account You Deleted? They Could Still be Around

Twitter claims accounts that have been deactivated and deleted are removed from the service along with all the rest of the account’s data after 30 days.

Even years later, Twitter doesn’t delete your direct messages

Even years later, Twitter doesn’t delete your direct messages

Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini.

Robinson+Cole Data Privacy + Security Insider - JDSupra

Robinson+Cole Data Privacy + Security Insider - JDSupra

This Privacy Policy describes how JD Supra, LLC ("JD Supra" or "we," "us," or "our") collects, uses and shares personal data collected from visitors to our website (located at www.jdsupra.com ) (our "Website") who view only publicly-available content as well as subscribers to our services (such as our email digests or author tools)(our "Services").

McDonalds app users hatin’ it after being hacked by hungry hamburglars

McDonalds app users hatin’ it after being hacked by hungry hamburglars

Lauren Taylor of Halifax, Nova Scotia was shocked to find her bank account almost empty after someone used the McDonald’s mobile app to buy $500 of fast food over 1200 kilometres away in Montreal, Quebec.

Blue Monday in infosec: 620 million accounts across 16 hacked websites now for sale on dark web, seller boasts

Blue Monday in infosec: 620 million accounts across 16 hacked websites now for sale on dark web, seller boasts

Exclusive Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according the data trove's seller.

Users complain of account hacks, but OkCupid denies a data breach

Users complain of account hacks, but OkCupid denies a data breach

When asked how OkCupid plans to prevent account hacks in the future, the spokesperson said the company had “no further comment.” In fact, when we checked, OkCupid was just one of many major dating sites — like Match, PlentyOfFish, Zoosk, Badoo, JDate, and eHarmony — that didn’t use two-factor authentication at all.

Parenting site Mumsnet hit by data breach

Parenting site Mumsnet hit by data breach

These are external links and will open in a new window These are external links and will open in a new window Image copyright Mumsnet Image caption Mumsnet founder Justine Roberts posted a lengthy explanation about the breach Parenting site Mumsnet has reported itself to the UK's data protection watchdog after an upgrade let some people see details of other accounts.

Best Privacy Tools for a Private 2019

Best Privacy Tools for a Private 2019

Most of the responses can be divided into separate categories: Search Engines Mail Clients Browsers Browser Plugins Password Managers Virtual Private Networks (VPN) Messaging Cloud Storage 2 Factor login Android OS Other Here is a list of those that where mentioned most often as the preferred software/tool in each category.

More