How much of your digital life would you lose if you lost a single password? Without it, you are locked out and the cold reality of using free cloud services like Google is that you don’t have a human arbiter to help you. If you think back to earlier times where, say you lost your bank [&helli…

The NSA leaker's latest project aims to secure your computer—and you—from not just digital but physical attacks.

There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”. Instead they’re supposed to say the…

The WordPress repository recently removed the plugin Captcha over what initially appeared to be a trademark issue with the current author using “WordPress” [Editors note: the original page has been removed, we’re now linking to a screen shot.] in their brand name. Whenever the WordPress repository removes a plugin with a large user base, we check ...Read More

Sources disclosed troubling privacy practices at a Ring office in Ukraine.

With the aim of informing sound policy about data sharing and privacy, we
describe successful re-identification of patients in an Australian
de-identified open health dataset. As in prior studies of similar datasets, a
few mundane facts often suffice to isolate an individual. Some people can be
identified by name based on publicly available information. Decreasing the
precision of the unit-record level data, or perturbing it statistically, makes
re-identification gradually harder at a substantial cost to utility. We also
examine the value of related datasets in improving the accuracy and confidence
of re-identification. Our re-identifications were performed on a 10% sample
dataset, but a related open Australian dataset allows us to infer with high
confidence that some individuals in the sample have been correctly
re-identified. Finally, we examine the combination of the open datasets with
some commercial datasets that are known to exist but are not in our possession.
We show that they would further increase the ease of re-identification.

A political website pulled an article after Google’s AdSense team threatened to withdraw advertising.

Boutique propulsée par PrestaShop

Le règlement européen sur la protection des données personnelles place le consentement de l’individu au cœur de son approche. Le responsable de traitement doit répondre à de nouvelles exigences notamment en matière d’informations. Check-list des mesures à prendre.

In 2016, doctors’ identities were decrypted in Australian medical records. Now, a University of Melbourne team finds patients’ records can also be re-identified

Among storage components, hard disk drives (HDDs) have become the most
commonly-used type of non-volatile storage due to their recent technological
advances, including, enhanced energy efficacy and significantly-improved areal
density. Such advances in HDDs have made them an inevitable part of numerous
computing systems, including, personal computers, closed-circuit television
(CCTV) systems, medical bedside monitors, and automated teller machines (ATMs).
Despite the widespread use of HDDs and their critical role in real-world
systems, there exist only a few research studies on the security of HDDs. In
particular, prior research studies have discussed how HDDs can potentially leak
critical private information through acoustic or electromagnetic emanations.
Borrowing theoretical principles from acoustics and mechanics, we propose a
novel denial-of-service (DoS) attack against HDDs that exploits a physical
phenomenon, known as acoustic resonance. We perform a comprehensive examination
of physical characteristics of several HDDs and create acoustic signals that
cause significant vibrations in HDD's internal components. We demonstrate that
such vibrations can negatively influence the performance of HDDs embedded in
real-world systems. We show the feasibility of the proposed attack in two
real-world case studies, namely, personal computers and CCTVs.