Security

Just weeks after internet security experts scrambled to patch up vulnerabilities exposed by the Heartbleed bug, a flaw has been found in Microsoft’s Internet Explorer software that is so serious the US department of homeland security is warning people and companies to avoid using the browser.

Should I be worried? Read more

Sarah Mishkin

Concerns about children’s privacy and security have prompted the closure of one education technology start-up backed by $100m from supporters including Bill Gates’ foundation. Read more

The Heartbleed bug, a flaw discovered on encryption software used on about two-thirds of all websites, was created unintentionally, the programmer responsible has said.

Robin Seggelmann, a German programmer, described the flaw as the consequence of a “trivial” error in an update to OpenSSL, the software widely used to enable secure connections, writes Jeevan VasagarRead more

Robert Cookson

A National Security Agency employee who co-chairs an influential cryptography standards group has survived an attempt to oust him following accusations that he promoted a flawed security protocol.

Kevin Igoe, a senior cryptographer at the NSA, is joint chair of the Crypto Forum Research Group. The CFRG plays an important role in online security because it provides guidance on cryptographic techniques to the Internet Engineering Task Force, a standard-setting body that helps shape the internetRead more

Robert Cookson

Tim Berners-Lee, the inventor of the world wide web, has thrown his weight behind a new campaign to encourage people across the world to fight back against online censorship and surveillance.

In a letter to the Financial Times on Thursday, Sir Tim wrote that “now is the time for citizens to mobilise to demand that governments and companies respect and protect our basic freedoms online”. Read more

Getting a new global online payment standard adopted is a tall order, but the involvement of the big three – Visa, Mastercard and American Express – in the latest effort must give it a fighting chance of success. Read more

Federal judges evaluated the privacy and free speech implications of a California law that would create a database of online identities for sex offenders, noting the shift in public sentiment around such data collection since voters passed the law last November and today, as revelations about the US’s monitoring of online communications continue to emerge.

“We’re living in a post-Snowden world,” said Judge Jay Bybee of the Ninth Circuit Court of Appeals on Tuesday, referencing the surveillance practices revealed by former CIA contractor Edward Snowden and questioning whether a database of email addresses and online identities intended to help solve sex crimes could be used to monitor people’s political speech.

Mr Bybee was one of three judges hearing oral arguments in a case about Proposition 35, the California law that requires convicted sex offenders to register their email addresses and user names for online news sites and social networks. The initiative was passed by a majority of voters last November, after receiving financial backing from Chris Kelly, Facebook’s chief privacy officer between 2005 and 2009. Read more

Richard Waters

You’re wearing Google Glass. A stranger walks past in a T-shirt emblazoned with a QR code. Suddenly, your world changes: images you didn’t expect start appearing on the tiny Glass screen above your eye. It quickly becomes clear that someone has taken complete control of your eyewear. Read more

Robert Cookson

As apps go, Ant Smasher sounds simple enough. The free game, which has been downloaded more than 50m times from the Google Play app store, allows mobile phone users to entertain themselves by squishing digital ants as they scurry down the screen. Splat, splat, splat.

But Ant Smasher has a dark side. It is one of a growing wave of apps that contains “adware” – aggressive advertising technology that displays ads in a phone’s notification bar and other places outside of the app itself, without consent. Read more

Tim Bradshaw

The inventor of the world wide web is not happy with the direction his creation is going.

For several years, Sir Tim Berners-Lee has been warning about incursions to the founding principles of the web, from the UK’s Digital Economy Act and SOPA to Facebook’s “walled gardens”.

This week’s reports about the PRISM system, through which the NSA extracts huge amounts of personal information from Google, Facebook, Apple and other internet companies, are “deeply concerning”, he says. Read more

Tim Bradshaw

In trying to reconcile the tech companies’ denials of involvement in the NSA’s PRISM programme and the agency’s presentation that suggests it has “direct access” to their servers, some have looked to private Silicon Valley company Palantir as a possible bridge between the two. Read more

Chris Nuttall

Google’s Gmail is suffering disruption, with many corporate users reporting they are not receiving emails from the webmail service, which has more than 400m users worldwide.

While Google’s Apps Status Dashboard is reporting that Gmail is working normally, it indicates the related Postini Services are suffering from disruption. Read more

Robert Cookson

What does Bitcoin have in common with 3D printing, besides both being technologies loved by geeks? On the face of it, not much: one is a digital currency and the other allows you to reproduce almost any small, solid object in the world.

But as lawmakers are starting to realise, there is a key similarity: both Bitcoin and 3D printing have the potential to reduce the power of the state and put it into the hands of individuals. Read more

Strike one up for the humble firewall, veteran of network security software.

McAfee, the 25-year-old security software maker founded by John McAfee and bought by Intel in 2011, has made a conditional offer for Finland’s Stonesoft, which makes military-grade firewalls for securing networks. Read more

There aren’t many markets where, when the old products have failed, customers flock back for more.

That could explain why the leading lights of computer security – who have converged on San Francisco this week for their industry’s biggest gathering – have been struggling to strike the right tone.

 Read more

Richard Waters

There seems to be a sea-change underway in the willingness of companies to admit when they have been the victims of cyber attacks. More have been coming forward, even when they appear to have no legal obligation. But the timing and nature of the disclosures differs greatly.

Take Microsoft’s apparent admission that it has succumbed to the same attack that has hit several other big tech companies. Compared even with Apple, traditionally the tech industry’s most secretive company, its disclosure was both late and light on detail. Read more

Tim Bradshaw

Apple and the FBI have both denied any involvement in the alleged hacking attack which AntiSec, an offshoot of Anonymous, disclosed on TuesdayRead more

Chris Nuttall

Google has agreed to pay a $22.5m fine to settle Federal Trade Commission charges that it deceived users about tracking “cookies”, which it used to serve them targetted ads in the Safari browser.

The penalty, the same as expected when we reported its likelihood a month ago, represents a record sum for the FTC but a piddling amount for the search giant. Read more

Twitter became the latest internet company to reveal attempts by governments to access user data and remove content, as the micro-blogging service followed in the footsteps of Google and released its first transparency report on Monday.

The report revealed that Twitter received government requests for user details from 1,181 accounts in the first half of 2012.  Twitter complied with just under two-thirds of all government requests for user data. Read more

At a cybersecurity conference in Tel Aviv yesterday, the Russian antivirus expert who discovered the Flame computer virus, a type of malicious software, appealed to the US and Israel to cease deploying cyberweapons. They “are a very bad idea”, he said. “My message is: stop doing this before it’s too late.” How right Eugen Kaspersky was.

Until now, cyberwarfare has been largely confined to Hollywood or to the prophecies of a few Cassandras warning darkly of a “digital Pearl Harbor” or “Cybergeddon”. But two closely linked events last week should give everyone cause for concern. An arms race in cyberspace is a distinct reality.

 Read more