Shamrock Information Security

Privacy

by

The niner noteworthy and the 12 recaps of 2016 (day 10)

Except for one article, all others deal with data protection and privacy laws related to the European Union. Not too surprising as the general data protection regulation and the EU/US privacyshield have been dominating the privacy news over the last year.
Apart from those major topics I will be looking at how Florida is handling data from citizens with a drivers license as well as what the Donald may have in store for cross-atlantic data transfers.
besides this, there are already some pointers to the semi-final instalment of this series which will focus on online surveillance.

In chronological order:

Click here to continue reading

by

The niner noteworthy stories of 2016 (week 52)

These are the noteworthy stories, in no particular order, that peaked my interest last week.

Click here to find out why

by

The niner noteworthy and the 12 recaps of 2016 (day 9)

Privacy professionals

are all lawyers

, at least that is a one-liner I have heard often enough from people within the International Association of Privacy Professionals. And yes I’m somewhat irritated about that statement.
Data protection has, if lawyers like it or not, a very large technical aspect that if not taken care of will mean that their legal work means absolutely nothing for the privacy protection of our society.
In this instalment I will be looking at data protection from a technology point of view including: the privacy aware usage of drones, biometric voice prints and how a piece of software can render them useless, health data in the hands of one of the biggest privacy violators on the web, fitness bands and their privacy impact, issues with Apple iMessage and iCloud syncing of call data.
But the legal site has it’s place too in this 12 recaps series.
Check out day 10: Legal privacy, here.

In chronological order:

Click here to continue reading

by

The niner noteworthy and the 12 recaps of 2016 (day 8)

Data breaches are getting common place, but are the companies responsible for keeping their data and our identities secure actually better off doing nothing to achieve that or do we need to punish them harder if they fail to do so in the first place?
Who trusts companies and government to actually keep that data secure and not misuse it for marketing purposes? And what about our own willingness to provide sensitive and unchangeable data in security questions and for biometric authentication?
Or is the ever growing ability for 2-factor authentication the silver bullet we were looking for?
And how about our seemingly online vs. offline live, or is that myth slowly but surely disappearing, converging, as well?
Read today’s instalment and you may be surprised at the answers to these questions.

In chronological order:

Click here to continue reading

by

The niner noteworthy and the 12 recaps of 2016 (day 7)

According to Mikko from F-Secure all security issues are software security issues and to some extend I have to agree with his statement.
In today’s instalment I will be looking at several software security problems from backdoors to industrial software and from regular vulnerabilities to improving software in such a way we may be able to reduce the number of errors per lines of code significantly. That last number is typically 25 errors per 1000 lines of code in case you were wondering.

In chronological order:

Click here to continue reading

by

The niner noteworthy and the 12 recaps of 2016 (day 6)

Social media and European privacy laws have been at odds for some time now. With the general data protection regulation (GDPR) being adopted in May this year and the ever growing concerns on data protection, specifically on data transfers to the US, it is no wonder that there is enough news to write about.
Specifically when companies like Whatsapp and Facebook decide to do some data sharing without the consent of their user’s (ehm. products).
Whilst that privacy story takes up one-third of this listing, there are enough other stories around on the new upcoming E-Privacy directive revision, Google’s new attempt at a social media chat service, Uber’s data hunger on GPS location data and backdoors left in Skype clients.

In chronological order:

Click here to continue reading