The niner noteworthy and the 12 recaps of 2016 (day 12) The predictions for 2017: different or more of the same?

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 12) The predictions for 2017: different or more of the same?
Jan 062017
 

Today I am ending the 12 recaps series by looking ahead to the new year.
What will 2017 bring us in the fields of information security and privacy, will it be more of the same or will different topics dominate the news this year?
Another possibility is that the themes will roughly be similar but the impact and scope will change.
I will discuss a range of topics and my nine predictions for 2017 in the video below.



Topics

In the above video, the following topics are discussed:.

  • Security and data breaches
  • Ransomware
  • The interNOT of things (IOT)
  • EU privacy laws
  • cryptography and cryptowars
  • Online surveillance

Other articles in this series

The niner noteworthy and the 12 recaps of 2016 (day 11) EU PNR database, NSA hacked, EU surveillance laws, Snowden’s legacy, France it’s biometrics database, UK’s agencies sharing regime and snoopers charter

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 11) EU PNR database, NSA hacked, EU surveillance laws, Snowden’s legacy, France it’s biometrics database, UK’s agencies sharing regime and snoopers charter
Jan 052017
 

In a day and age that everything has a digital side to it, intelligence agencies want a piece of that pie too. However, more and more of us are, because it is done for us, using encrypted devices and communication making the job of law enforcement and intelligence agencies more difficult or so they claim.
And then there is world wide terrorism too which politicians are gladly using to reduce privacy and data protection in exchange for security and safety, at least that is what they constantly are promising us yet at the same time scaring society in to agreement.
With all that going on it is no surprise that online surveillance is on the rise, either because we finally found out about it as in the Snowden case or by the virtue of new laws like the UK’s investigatory powers act or snoopers charter.
Today in the final instalment of this series that looks back at 2016, I will be focusing on surveillance from the NSA getting hacked itself, to France and the UK’s attempt at surveillance laws and databases, intelligence agencies who kept too much data and EU politicians wanting a piece of the surveillance pie as well.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 10) General data protection regulation, independent DPO’s, EU/US privacyshield, data protection policemen of the world and sunshine state drivers license data

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 10) General data protection regulation, independent DPO’s, EU/US privacyshield, data protection policemen of the world and sunshine state drivers license data
Jan 042017
 

Except for one article, all others deal with data protection and privacy laws related to the European Union. Not too surprising as the general data protection regulation and the EU/US privacyshield have been dominating the privacy news over the last year.
Apart from those major topics I will be looking at how Florida is handling data from citizens with a drivers license as well as what the Donald may have in store for cross-atlantic data transfers.
besides this, there are already some pointers to the semi-final instalment of this series which will focus on online surveillance.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 9) Drones, ad-blockers, fitness bands, biometric voice prints, mac-address tracking, DNS, health data, Apple iMessage, iCloud call data syncing

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 9) Drones, ad-blockers, fitness bands, biometric voice prints, mac-address tracking, DNS, health data, Apple iMessage, iCloud call data syncing
Jan 032017
 

Privacy professionals

are all lawyers

, at least that is a one-liner I have heard often enough from people within the International Association of Privacy Professionals. And yes I’m somewhat irritated about that statement.
Data protection has, if lawyers like it or not, a very large technical aspect that if not taken care of will mean that their legal work means absolutely nothing for the privacy protection of our society.
In this instalment I will be looking at data protection from a technology point of view including: the privacy aware usage of drones, biometric voice prints and how a piece of software can render them useless, health data in the hands of one of the biggest privacy violators on the web, fitness bands and their privacy impact, issues with Apple iMessage and iCloud syncing of call data.
But the legal site has it’s place too in this 12 recaps series.

Check out day 10: Legal privacy, here.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 8) Information security, biometrics, 2-factor authentication, costs of breaches and accountability, offline vs. online live, security questions, data protection

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 8) Information security, biometrics, 2-factor authentication, costs of breaches and accountability, offline vs. online live, security questions, data protection
Jan 022017
 

Data breaches are getting common place, but are the companies responsible for keeping their data and our identities secure actually better off doing nothing to achieve that or do we need to punish them harder if they fail to do so in the first place?
Who trusts companies and government to actually keep that data secure and not misuse it for marketing purposes? And what about our own willingness to provide sensitive and unchangeable data in security questions and for biometric authentication?
Or is the ever growing ability for 2-factor authentication the silver bullet we were looking for?
And how about our seemingly online vs. offline live, or is that myth slowly but surely disappearing, converging, as well?
Read today’s instalment and you may be surprised at the answers to these questions.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 7) software security, backdoors, vulnerabilities, programming mistakes and improving development

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 7) software security, backdoors, vulnerabilities, programming mistakes and improving development
Jan 012017
 

According to Mikko from F-Secure all security issues are software security issues and to some extend I have to agree with his statement.
In today’s instalment I will be looking at several software security problems from backdoors to industrial software and from regular vulnerabilities to improving software in such a way we may be able to reduce the number of errors per lines of code significantly. That last number is typically 25 errors per 1000 lines of code in case you were wondering.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 6) Social media privacy and security issues

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 6) Social media privacy and security issues
Dec 312016
 

Social media and European privacy laws have been at odds for some time now. With the general data protection regulation (GDPR) being adopted in May this year and the ever growing concerns on data protection, specifically on data transfers to the US, it is no wonder that there is enough news to write about.
Specifically when companies like Whatsapp and Facebook decide to do some data sharing without the consent of their user’s (ehm. products).
Whilst that privacy story takes up one-third of this listing, there are enough other stories around on the new upcoming E-Privacy directive revision, Google’s new attempt at a social media chat service, Uber’s data hunger on GPS location data and backdoors left in Skype clients.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 5) Easy lounge access, physical security of drones, device hacking and radio frequency security

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 5) Easy lounge access, physical security of drones, device hacking and radio frequency security
Dec 302016
 

Ever wondered how you can gain access to an airport lounge even though your ticket doesn’t allow it? Wonder what you find if you audit radio frequency networks? Why nuclear installations still seem to use pagers? And what happens if you hack your own devices, including your car?
These and some other uncommon stories are part of today’s instalment of the 12 recaps series.

In chronological order:

Click here to continue reading

The niner noteworthy and the 12 recaps of 2016 (day 4) Cryptography, certificates, quantum crypto, crypto wars and privacy protecting encryption

 Noteworthy Recaps  Comments Off on The niner noteworthy and the 12 recaps of 2016 (day 4) Cryptography, certificates, quantum crypto, crypto wars and privacy protecting encryption
Dec 292016
 

Cryptography is a difficult subject, not least because of it’s mathematical properties. It is also difficult to implement correctly and sometimes we find out that the rules governing it’s usage are lacking behind or not even there to begin with.
Another issue that is of all times, but came to the surface again this year in the Apple vs. FBI court case, is the constant fight between encrypting stuff and law enforcement as well as intelligence agencies wanting backdoors in those systems to be able to access them when necessary.
Today’s instalment touches briefly on all these aspects.

In chronological order:

Click here to continue reading