Following a code push at 1:54 yesterday afternoon, a serious security issue was spotted at Dropbox and posted on Pastebin. For roughly four hours, the service allowed users to log into other user’s accounts using any password. In other words, they could log into someone else’s account and access their private files simply by typing in the users’ email address. Given that many people entrust Dropbox with important data, the concern is huge. The team at Dropbox is now investigating which accounts were improperly accessed, and says that anyone whoRead More
Facebook has apologised for the way it rolled-out a new system that recognises users’ faces, and says they should have done more to notify members about the global launch. Its “Tag Suggestions” feature scans uploaded photos and automatically picks out existing friends. Although users have the option to switch it off, some complained that they were not explicitly asked if they wanted it activated. Facebook said that the system was intended to speed up the process of assigning a name to a picture, known as tagging. Graham Cluley, senior consultantRead More
With every photo you upload or share from your smartphone, you could be sharing hidden, private information.
Pictures you’ve e-mailed or uploaded from your smartphone could be leaking location information threatening your safety or that of your children. NBC recently combed Twitter and sites like Facebook , Craig’s List, and Photobucket , and found they could easily identify the home addresses and play areas of children whose pictures were posted by their parents. This hidden smartphone location information is saved with every picture you take. Police Officer Mark Chudik was able to use a freely-available browser plugin to click on pictures of a four-year-old test subject. HeRead More
More than 70 sites alleged to be selling counterfeit goods or offering pirated content have been shut down by the US government.
[From BBC.co.uk] More than 70 sites alleged to be selling counterfeit goods or offering pirated content have been shut down by the US government. The action was taken by the Immigration and Customs Enforcement agency, part of the US Department of Homeland Security. Domains seized included a BitTorrent search engine, music download sites and shops selling fake designer clothing. Many of the sites who lost their domains have continued trading via alternative addresses. Anyone trying to visit the seized pages was confronted by a screen saying that the domain hadRead More
A 15 year old boy is being charged with “hacking” their school board’s web site in a “Mickey Mouse” attack.
Credited for the “largest security breach in the [Thames Valley District School] Board’s history”, a 15-year-old boy from London Ontario has been charged after hacking into his school board’s web site and exposing the passwords of 27,000 high school students on October 23. The breach took the teen around an hour to exploit, but has thus far take the school board more than three weeks to fix, which is raising some eyebrows, as in today’s world, it is standard procedure to store passwords in an encrypted format–a practice that weRead More