Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Privacy Issues. Show all posts

Drizly Sued by FTC Over Data Breach Which Affected 2.5 Million Customers

According to claims that Drizly's security lapses resulted in a data breach that exposed the personal information of roughly 2.5 million customers, the Federal Trade Commission is taking legal action against the company and its CEO James Cory Rellas.

The FTC claims that the Uber-owned booze delivery business and its CEO, James Cory Rellas, were made aware of security concerns as early as 2018. The digital alcohol retailer Drizly and its CEO James Cory Rellas are being investigated by the Federal Trade Commission over claims that the company's security flaws caused a data breach that exposed the private data of around 2.5 million customers.

Drizly, an Uber subsidiary, runs an online marketplace where local shops can sell alcohol to customers who are of legal drinking age. The complaint alleges that Drizly gathered and stored users' email addresses, passwords, geolocation data, and postal addresses on Amazon Web Services (AWS) cloud computing service while negotiating deals.

According to the FTC, Drizly's lax security procedures, such as not forcing employees to utilize two-factor authentication for GitHub, where it stored login information, allowed those occurrences to occur. The FTC further notes that Drizly has no senior executive in charge of its security practice and did not restrict employees' access to consumers' personal information.

According to Samuel Levine, Director of the FTC's Bureau of Consumer Protection, "our proposed order against Drizly not only limits what the firm can retain and collect going ahead but also ensures the CEO suffers penalties for the company's negligence."

In its lawsuits and rulings, the FTC has been naming firm officials more frequently. As CEO of Drizly, Rellas was accused by the FTC of failing to appoint a senior executive to manage the security procedures. Companies may wish to make sure they hire a senior official in charge of security to help reduce the potential of individual liability for CEOs.

These draft orders will be published by the FTC soon, and the public will have 30 days to comment on them until the commission chooses whether to make them public.



Facebook expecting fine of $5 billion over privacy issues







Facebook said that they are keeping $5 billion aside as it is expected to be fined by the Federal Trade Commission for privacy violations. 

The social media website disclosed the amount in its first quarter earnings for 2019, stating that it is estimating a one-time fine of $3 billion to $5 billion, but the matter is unresolved and the negotiation is ongoing. 

“In the first quarter of 2019, we reasonably estimated a probable loss and recorded an accrual of $3.0 billion in connection with the inquiry of the FTC into our platform and user data practices, which accrual is included in accrued expenses and other current liabilities on our condensed consolidated balance sheet,” the company writes in its earnings statement. 

“We estimate that the range of loss in this matter is $3 billion to $5 billion. The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome.”

Facebook is negotiating with the regulator for months over a violation of 2011 privacy consent decree. 

According to the decree, the company promised a series of measures to protect its users’ privacy after an investigation found that its handling of data had harmed consumers.

However, the company came under fire once again last year, and F.T.C opened the case after the Cambridge Analytica fiasco in which personal information of nearly 50 million users were breached. 


Meanwhile, the F.T.C. declined to comment.

Leaked US Army Cyber Protection Brigade Memorandum appears to show Privacy Solutions compromised




The picture being referred to is a leaked picture of a memorandum on image board 4chan, complete with Department of Defence letterhead, seeming, by all accounts, to be from the United States Army’s Cyber Protection Brigade.

The posted picture displays an official document brought up on a terminal screen, on one side of which is a Common Access Card or CAC, complete with picture, conventional of a Department of Defence employee. It seems, by all accounts, to be a legitimate one, however it reeks of incredulity and skepticism. Be that as it may, it's as yet not clear with respect to why somebody would want this data leaked.

However another sensible theory can be that, there might be some sort of involvement of the cryptocommunity. Nevertheless an extraordinary method to constrain utilization of privacy solutions is to convey into the environment rumours about their being anything but, a sort of scheming way of spreading trepidation, uncertainty and doubt.

 “The success we have had with Tor, I2P, and VPN, cannot be replicated with those currencies that do not rely on nodes. There is a growing trend in the employment of Stealth addresses and ring signatures that will require additional R&D.” reads the document.

the memo's first line uncovers a unit required with the National Security Administration (NSA) and Cyber Protection Team (CPT) encouraging all the more financing for "new contracts and extra subsidizing to meet GWOT and drug interdiction targets aimed in July's Command update brief," Global War On Terror (GWOT) being a go-to pretext for about two decades of obtrusive military and law enforcement action.

“In order to put the CPT back on track, we need to identify and employ additional personnel who are familiar with the Crypto Note code available for use in anonymous currencies,” the memo stressed.
Crypto Note which is likewise the application layer for privacy tokens, for example, Bytecoin (BCN), Monero (XMR), utilizes a memory bound function which is hard to pipeline, that the pertinent agencies entrusted with monitoring and tracking internet solutions, and now coins, needs outside help with Crypto Note may say a lot about where the different government divisions are in terms of their security keenness.

The picture was distributed among Steemit, Veekly, and even Warosu exactly five months back, yet outlets, for example, Deep Dot Web may claim to have broken news. The document but is as yet worth dissecting, assuming its legitimacy.


As far as concerns its, Deep Dot Web claims to have contacted "a Monero developer, who spoke on state of obscurity," and the dev "said that the vast majority of the Monero engineers who have seen the leak trust it to be true. A few sources who were some time ago in the Armed force have additionally said they trust the report to be genuine." Offering ascend to the way that the contents of the document do give off an impression of being totally conceivable.

"Ubuntu Linux is spyware" says Richard Stallman, Free Software Foundation President


Richard Stallman, the President of Free software Foundation, is saying the "Ubuntu Linux is Spyware" because the operating systems sends data to Canonical’s servers.

"Ubuntu, a widely used and influential GNU/Linux distribution, has installed surveillance code. When the user searches her own local files for a string using the Ubuntu desktop, Ubuntu sends that string to one of Canonical’s servers. (Canonical is the company that develops Ubuntu.)" Stallman said in the blog post.

According to his blog post, Ubuntu send the keyword searched in the Dash (the hub for finding stuff in the Unity desktop interface) to the Amazon.  Based one the keyword, it will show ads to buy various things from Amazon. If a user buys something from Amazon as a result, money is sent to Canonical in the form of affiliate payments.

"The main issue is the spying. Canonical says it does not tell Amazon who searched for what. However, it is just as bad for Canonical to collect your personal information as it would have been for Amazon to collect it."

Stallman concluded with a plea that people who recommend or redistribute free operating systems "remove Ubuntu from the distros you recommend or redistribute."

Canonical CEO Mark Shuttleworth claims that they are not putting ads in Ubuntu. The feature is to integrate online scope results into the home lens of the dash.

"This is to enable you to hit 'Super' and then ask for anything you like, and over time, with all of the fantastic search scopes that people are creating, we should be able to give you the right answer."Mark Shuttleworth said.

I am regular user of Ubuntu. I don't think this is biggest issue that makes me to use alternative distributions. What do you think about this issue?!