Security News

An unsecured database has exposed sensitive data for users of Microsoft's Bing search engine mobile application - including their location coordinates, search terms in clear text and more. While no personal information, like names, were exposed, researchers with Wizcase argued that enough data was available that it would be possible to link these search queries and locations to user identities - giving bad actors information ripe for blackmail attacks, phishing scams and more.

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "More than 500 mobile applications." Through that SDK, the company collects location data from users, which it then sells. Anomaly Six is a federal contractor that provides global-location-data products to branches of the U.S. government and private-sector clients.

Thus how do you get meetings when you need them, well using "Lunchtime" as an excuse to go into "Meeting mode" is acceptable to most, but a trend in more recent times has been to put a meeting with yourself in your calander etc so you can get undisturbed time for concentration etc. Always make a note of your purchases in your diary often but not always putting the recipts in as well till the end of the week etc when you more formally write up expenditure as personal finances / expenses then sling most but not all personal recipts "In a shoe box".

The NSA released the advisory this week informing people of the various ways mobile phones, by design, give up location information-which go beyond the well-known Location Services feature that people use on a regular basis. Most people are aware that location services on devices can pinpoint where they are so people can have access to services in the area, as well as share their location with friends via mobile apps such as WhatsApp, among other useful activities.

Uber is poised to file a federal lawsuit over Los Angeles's demands for what the company consider to be the city's privacy-invading demands for real-time location data of its users. This isn't an answer - LADOT hasn't been able to give one - but in general, LA wants the data for a new data standard called the Mobility Data Specification.

US regulators moved to impose fines Friday against the nation's four major wireless carriers for selling location data of customers without their consent. The wireless firms were accused of having disclosed mobile network user location data to a third party without authorization from customers, the FCC said.

The U.S. Federal Communications Commission today proposed fines of more than $200 million against the nation's four largest wireless carriers for selling access to their customers' location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don't go far enough to deter wireless carriers from continuing to sell customer location data.

The Federal Communications Commission Friday proposed fines against the nation's four largest wireless carriers for selling real-time mobile phone location data without taking reasonable measures to protect against unauthorized access to that information. In Friday statement, Paj said: "The FCC has long had clear rules on the books requiring all phone companies to protect their customers' personal information. And since 2007, these companies have been on notice that they must take reasonable precautions to safeguard this data and that the FCC will take strong enforcement action if they don't. Today, we do just that. This FCC will not tolerate phone companies putting Americans' privacy at risk."

Now an app developer called Mysk has discovered pasteboard's dark side - malicious apps could exploit it to work out a user's location even when that user has locked down app location sharing. In the simplest scenario, an iPhone user would take a photo, copy it between apps using the pasteboard, from which a malicious app could extract location metadata while comparing it with timestamps to determine whether it was current or taken in the past.

The chair of the House Energy and Commerce Committee - which oversees the FCC - Frank Pallone issued a statement: "Following our longstanding calls to take action, the FCC finally informed the Committee today that one or more wireless carriers apparently violated federal privacy protections by turning a blind eye to the widespread disclosure of consumers' real-time location data. This is certainly a step in the right direction, but I'll be watching to make sure the FCC doesn't just let these lawbreakers off the hook with a slap on the wrist." For her part, Commissioner Rosenworcel put out a statement saying: "For more than a year, the FCC was silent after news reports alerted us that for just a few hundred dollars, shady middlemen could sell your location within a few hundred meters based on your wireless phone data."