132 posts
To get your personal data, provide more personal data

File another one under the sounds-good-on-paper-but-really-challenging-in-practice. Kashmir Hill, for The New York Times, describes the challenges of new laws that allow users to request the data that companies collect on them: Since then, two groups of researchers have demonstrated that it’s possible to fool the systems created to comply with G.D.P.R. to get someone else’s personal information. One of the researchers, James Pavur, 24, a doctoral student at Oxford University,...

0 0
Dangers of CSV injection

George Mauer highlights how a hacker might access other people’s data by putting an equal sign in a CSV file, so that an import to Microsoft or Google Sheets runs a value as a formula, even if it’s quoted as a string. The attacker starts the cell with their trusty = symbol prefix and then points IMPORTXML to a server they control, appending as a querystring of spreadsheet data. Now...

0 0
Live cyber attack map

Norse monitors cyber attacks in real-time. This is their map of what's going on. (All I hear is pew, pew, pew when I watch it.) [via Boing Boing] Tags: Internet, security

0 0
A surveillance system that watches over an entire city

Technology continues to advance quickly, but the social questions are lagging a bit. Radiolab explores the topic of we-can-but-should-we from the perspective of a surveillance system that watches an entire city twenty-four-seven. On the one hand, the system allows authorities to find criminals more efficiently. On the other hand, everyone is watched. Tags: privacy, security

0 0