Tag: privacy

Ouch! Microsoft Hits Out At Gmail Over Privacy In Latest “Scroogled” Campaign

Microsoft has taken aim at Google before with its ‘Scroogled’ advertising campaign, and now it’s revived the attack tactics, slating Gmail’s policy of reading your emails to target ads.

“Think Google respects your privacy? Think again,” says Microsoft’s advert. It says that nasty Google goes through your every email, reading every word, so it can target ads to you based on what you’re writing about.

[quote]”Emails are personal — and people feel that reading through their emails to sell ads is out of bounds,” said Stefan Weitz, senior director of Online Services at Microsoft in a statement. “We honor the privacy of our Outlook.com users, and we are concerned that Google violates that privacy every time an Outlook.com user exchanges messages with someone on Gmail. This campaign is as much about protecting Outlook.com users from Gmail as it is about making sure Gmail users know what Google’s doing.”[/quote]

To illustrate this, Microsoft has a pair of shifty-looking eyes reading an email. Outlook.com, however, “prioritises privacy”, according to the ad.

In a press release pushed out today, Microsoft said the Scroogled campaign is also an attempt to educate Americans on some of the bad practices used by email providers. A study commissioned by Microsoft reveals that 70% of consumers “don’t know that major email providers routinely engage in the practice of reading through their personal email to sell ads”, while a larger 88% disapprove of the practice.

Previously Microsoft has used the “Scroogled” catch-phrase to warn users against Google Shopping’s practices, but today sees the campaign expanded into a much wider attack on Google and their advertising methods. Gmail has been targeted this time around, but it’s likely more services will be highlighted in future campaigns.

[Tech Radar]

February 7, 2013
Google Tests Showing Gmail Messages in Search Results

Google is creating an information bridge between its influential Internet search engine and its widely used Gmail service in its latest attempt to deliver more personal responses more quickly.

The experimental feature unveiled Wednesday will enable Google’s search engine to mine the correspondence stored within a user’s Gmail account for any data tied to a search request. For example, a query containing the word “Amazon” would pull emails with shipping information sent by the online retailer.

Such Gmail results will typically be shown to the right of the main results, though in some instances, the top of the search page will highlight an answer extracted directly from an email. For example, the request “my flight” will show specific airline information imported from Gmail. Something similar could eventually happen when searching for a restaurant reservation or tickets to a concert.

Although Google has a commanding lead in Internet search, it remains worried about the threat posed by social networking services such as Facebook Inc. As social networks have made it easier to share information online, the Web is starting to revolve more around people than the keywords and links that Google’s search engine.

Google has been trying to adapt by building more personal services and plugging them into its search engine.

Blending email information into general search results could raise privacy worries. Google is trying to mitigate that by showing Gmail results in a collapsed format that users must open to see the details. For now, users must sign up to participate.

Google Inc. ran into trouble over privacy in 2010 when it tapped the personal contact information within Gmail accounts to build a social networking service called Buzz. Google set up Buzz in a way that caused many users to inadvertently expose personal data from Gmail. An uproar culminated in a Federal Trade Commission settlement requiring the company to improve its privacy controls and undergo audits for 20 years.

Google is treading carefully as it hooks Gmail up to its Internet search engine. The new feature initially will be available to 1 million Gmail users who sign up at HTTP://G.CO/SEARCHTRIAL . That’s a small fraction of the more than 425 million Gmail accounts that have been set up since Google launched its free email service eight years ago to compete against the offerings from Yahoo Inc. and Microsoft Corp.

After getting feedback from the test participants, Google hopes to give all Gmail users the option of plugging their accounts into the main search engine, according to Amit Singhal, a senior vice president for the company.

Singhal said Google is also willing to display information from other email service in its main search results. The gesture could avoid spurring additional complaints about Google abusing its position as the Internet’s search leader to favor its other services. That issue is the focal point of an antitrust investigation by antitrust regulators in the U.S. and Europe.

Microsoft said it has no plans to make information in its competing Web mail service available to Google’s search engine. Yahoo, which operates another Gmail rival, had no comment.

August 9, 2012
Google faces $22.5m fine over iPhone, iPad privacy breach

Google faces a $22.5m fine (£14.5m) for breaching the privacy of iPhone and iPad users after bypassing cookie rejection settings on the devices, according to reports.

If confirmed, the fine would be the largest ever imposed by the US Federal Trade Commission (FTC) against a single company – and would be the second time this year that the search giant has fallen foul of regulators in the US.

The Wall Street Journal reports that the FTC and Google are close to agreeing a settlement over the privacy breach, in which Google circumvented Apple’s protections on the iPhone and iPad against the setting of third-party “cookies” – small text files stored on the user’s device – for tracking where users went on the web.

The discovery of the circumvention, by Jonathan Mayer of Stanford University, was first revealed in February. Millions of users of Apple’s iOS software on iPhones and iPads could have been affected, said Mayer. Google declined a request from the Guardian to specify when it began the tracking.

However, Google may have escaped further prosecution for breaching an FTC consent decree over privacy that it signed in March 2011 because although the breach seems to have started in or before December 2011, the documentation in which Google explained what it would do dates back to 2009, before the decree, which covered privacy breaches caused by the Google Buzz social network, since closed.

Whether or not the FCC fines Google over the cookie infraction, it will also publish a report which would detail how it reached the decision, probably with documentation from Google about how many people were affected and for how long.

Google insisted at the time that the ad tracking was inadvertent and that the workaround to plant the Google cookie was feasible within Apple’s system. It said then: “The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser [by other advertising companies using the DoubleClick network]. We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.”

Apple said at the time that “We are aware that some third parties are circumventing Safari’s privacy features and we are working to put a stop to it.”

July 11, 2012
After 50 days of Hacking ; LulzSec Retires

On Saturday, the hacking group LulzSec, aka the Lulz Boat, said that it was ceasing operations. In what the group said was its final act, LulzSec also released a fresh set of stolen documents and files.

[quote]For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. said the group in a statement[/quote]

The group made its name after attacking a number of high visability targets recently, including Sony, the CIA’s website, and the U.S. Senate. It’s unclear if the group’s decision was made after its leader and chat logs were exposed, but the group makes a convincing argument that a 50-day hack-fest was planned the entire time.According to security experts, the group was disbanded due to increasing pressure from the law. Authorities in Britain last week arrested 19-year-old Ryan Cleary, who had been linked to LulzSec.

At least some of the group’s six members already appear to be continuing their work elsewhere.

June 28, 2011
360,000 Credit Cards Leaked in Recent Hack-Attack to CitiGroup

In a recent cyber attack by LulzSec, while earlier Citigroup officials claimed that 200,000 creditcards were compromised. This time around they claim that infact 360,000 credit cards have been compromised and the information has been stolen by LulzSec.

[quote]Hackers gained access to a total of “360,083 North America Citi-branded credit cards.Hackers gained access to a total of “360,083 North America Citi-branded credit cards.[/quote]

The bank also claims that more than 70% of the credit cards have already been replaced, and that the maximum Credit Cards were from California.

LulzSec the infamous hacking group behind many recent cyber attacks, including various at Sony, Has not yet mentioned any involvement in the case.

June 17, 2011
Sony Ericsson’s Canadian Online store Hacked, Sony in the Crosshair

Sony has been targeted by Hackers yet again. In the biggest attack against an organization, hackers all over the world are taking revenge for their rights with Sony. After several attacks including PSN, SONY BMG, and even a service all owned by Sony, This time its Sony Ericsson’s Canadian Online store and the intrusion extracted personal data of more than 2,000 Canadian Eshop customers.

According to SE the passwords taken were encrypted and no credit card details were lost. Hopefully SONY will tighten its security post these attack making it one of the most secure Company with online presence.

On Tuesday, security firm Sophos said Sony Music Japan suffered the same fate — with hackers exploiting a system vulnerability and posting such taunts as “stupid Sony, so very stupid” inside the data they made available online.

And while the series of attacks suggest Sony has more work to do securing its networks Phil Lieberman, CEO of online security consulting firm Lieberman Software, said it is also the price Sony is paying for its hard-line approach to the hacking community.

[BBC]

May 25, 2011
CyanogenMod lets you control your App Permissions yourself

The newest nightly builds of the CyanogenMod custom ROM include a clever patch allowing users to grant and revoke permissions individually for apps that request access to features that you wouldn’t necessarily want them to. Check out the video below, that demonstrates how the build lets you control how apps access your information.

[Androinica]

[CyanogenMod]

May 25, 2011
Sony’s Security continues to fail, Subsidiary So-Net Entertainment attacked

According to The Wall Street Journal hackers have accessed the customer accounts of Sony subsidiary So-net Entertainment Corp, an ISP, and have stolen about $1,225 worth of redeemable gift points. This after the massive breach of Sony’s Playstation Network which caused a loss of 12.3 million credit card numbers from the networks database.

Sony said the So-net hacker tried to break into its systems more than 10,000 times before he or she was able to successfully log-in. The intruder was able to access 201 accounts, and he or she stole the redeemable points from 128 customers.

“Although we can’t completely rule out the possibility that there is a connection with the PSN issue, the likelihood is low,” said So-net Entertainment spokesperson Keisuke Watabe, noting that the style of attack was different.

May 21, 2011