security

The latest and greatest threat to our online security has been dubbed Shellshock. Apparently, it's worse than the Heartbleed bug. Fortunately, Tom Scott, has done a top job of explaining the whole thing in just 4 minutes. 

You've probably heard about it on the news or <insert favourite tech blog here> - but how do you test if it's affecting you?

Four in every five mobile phone owners leave their devices undefended.

That's the stark message from a new report by Voxburner, showing that only 19% of 16-24s use security software.

When I swung by Linkedin yesterday afternoon to be greated by my Linkedin Today headlines (CNET, Mashable, CBS News) showing that 6.5m Linkedin passwords were now in the public domain. Having spent a good deal of time at Chinwag's Careers Day explaining why building connections, maintaining a profile and asking for recommendations, it provides a salutory reminder that it's not just credit card and bank details that are vulnerable.

How would you fare if you're Linkedin connections disappeared? (If you're panicing enough not to read the rest of the post - here's Linkedin's advice on changing passwords) I bet there's a few recruiters out there who will blanch at the thought. The file of stolen passwords was posted on a popular hacking forum with a request for help in cracking them, which according to data security firm, Imperva, indicates this might just be the tip of the iceberg.

Researchers at a K.U.Leuven university in Belgium have identified flaws in AES, the encryption algorithm used by hundreds of millions users worldwide securing everything from ecommerce transactions using SSL to file encyrption tools including the popular BitLocker on PCs and FileVault on Mac OS X.

Researchers Andrey Bogdanov, Dmitry Khovratovich and Christian Rechberger came up with a clever new attack that can recover the secret key four times easier then previously thought.

So Google and Facebook really seem to be going head to head.  Google does not send people to Facebook and vice versa.

I am sure we remember that back in May, Facebook was discovered to be guilty of hiring a PR firm principally to tar Google’s reputation in regards to their privacy policies.  However, Facebook themselves really aren't any better!  They have been caught red-handed using personal data in inappropriate ways.  All you need to do is read their Terms to find out how blasé they are with some of our most personal information. 

Here are some of the more interesting ones I found –

Privacy is at the top of people’s online agenda. As an investor in businesses with specific offerings around people’s online data and digital data, not surprisingly it is at the top of my agenda too. I believe that the industry needs privacy definitions and principles that the average Internet user can understand, not shrouded in legal or technical jargon.

In my recent post on Privacy for a Facebook Generation I proposed that businesses should operate on six easy to understand levels of privacy: