US man stole 130m credit card numbers

18/08/2009

US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards. Officials say it is the biggest case of identity theft in American history.

They say Albert Gonzales, 28, and two unnamed Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain.

Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzales faces up to 20 years in jail for wire fraud and five years for conspiracy. He would also have to pay a fine of $250,000 (£150,000) for each of the two charges.

Gonzales used a complicated technique known as an “SQL injection attack” to penetrate networks’ firewalls and steal information, the US Department of Justice said.

According to the indictment, the group researched the credit and debit card systems used by their victims, attacked their networks and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine. The data could then be sold on, enabling others to make fraudulent purchases, it said.

Read the full story on the BBC News website.

Advertisements

Palm Pre snoops on users by phoning data home

14/08/2009

Palm Pre users watch out. Palm may know a lot more about you than you would like to share.

Programmer Joey Hess found that Palm Pre’s operating system webOS sends his GPS location back to Palm every day. Hess also found code that sends Palm data on which webOS apps he has used each day, and for how long he used each one.

“I was surprised by this,” Hess, who bought the Pre about a month ago, told Wired.com. “I had location services turned off though I had GPS still on because I wanted it to geotag photos. Still I didn’t expect Palm to collect this level of information.”

In its defense, Palm says the data is used to offer better results to users. For instance, when location-based services are used, the Pre collects information to give users relevant local results in Google Maps, says Palm.

“Palm takes privacy very seriously and offers users ways to turn data collecting services on and off,” says Palm in a statement. “Our privacy policy is like many policies in the industry and includes very detailed language about potential scenarios in which we might use a customer’s information, all toward a goal of offering a great user experience.”

Palm’s actions trigger questions about consumer privacy and the extent to which handset makers and developers are gathering and using data about buyers’ behavior.

Read the full story on the Wired website.


Agency denies internet spy plans

05/05/2009

The UK’s electronic intelligence agency has taken the unusual step of issuing a statement to deny it will track all UK internet and online phone use.

Government Communications Headquarters (GCHQ) said it was developing tracking technology but “only acts when it is necessary” and “does not spy at will”.

The denial follows the home secretary scrapping plans for a single government database for all communications. Jacqui Smith said instead firms should record all people’s internet contacts.

In the statement, GCHQ said one of its “greatest challenges is maintaining our capability in the face of the growth in internet-based communications. We must reinvest continuously to keep up with the methods that are used by those who threaten the UK and its interests.”

But the agency added: “GCHQ is not developing technology to enable the monitoring of all internet use and phone calls in Britain, or to target everyone in the UK. Similarly, GCHQ has no ambitions, expectations or plans for a database or databases to store centrally all communications data in Britain.”

Read the full story on the BBC News website.


Google Begins to Make Public Data Searchable

30/04/2009

Google just announced its first foray into making public data searchable and viewable in graph form. The company is starting with population and unemployment data from around the US but promises to make far more data sets searchable in the future.

The potential significance of making aggregate data about our world easy to visualize, cross reference and compare can’t be overstated. The visualization technology is called Trendalyzer, which Google acquired from a company called Gapminder two years ago.

Most of us understand the world based on stories we’ve put together from our own lived experience. Another way to understand things is by finding patterns drawn from everyone’s experience in aggregate.

Journalists often find big patterns and then zoom in to particular life stories that exemplify those general trends but make them easier for us to relate to as individuals. Those stories then help move public opinion in favor of policies that aim to change the general trends.

Read the full story on the ReadWriteWeb website.


Social sites dent privacy efforts

31/03/2009

Greater use of social network sites is making it harder to maintain true anonymity, suggests research. By analysing links between users of social sites, researchers were able to identify many people in supposedly anonymous data sets.

The data is produced by sites who sell it to marketing firms to generate cash.

The results suggest web firms should do more to protect users’ privacy, said the researchers.

Computer scientists Arvind Narayanan and Dr Vitaly Shmatikov, from the University of Texas at Austin, developed the algorithm which turned the anonymous data back into names and addresses.

The data sets are usually stripped of personally identifiable information, such as names, before it is sold to marketing companies or researchers keen to plumb it for useful information.

Read the full story on the BBC News website.