The woman was shocked when she received two nude photos of herself by e-mail. The photos had been taken over a period of several months — without her knowledge — by the built-in camera on her laptop.
Fortunately, the FBI was able to identify a suspect: her high school classmate, a man named Jared Abrahams. The FBI says it found software on Abrahams’s computer that allowed him to spy remotely on her and numerous other women.
Abrahams pleaded guilty to extortion in October. The woman, identified in court papers only as C.W., later identified herself on Twitter as Miss Teen USA Cassidy Wolf. While her case was instant fodder for celebrity gossip sites, it left a serious issue unresolved.
Most laptops with built-in cameras have an important privacy feature — a light that is supposed to turn on any time the camera is in use. But Wolf says she never saw the light on her laptop go on. As a result, she had no idea she was under surveillance.
A USA Today and IndyStar investigation found the Indiana State Police purchased a device called a Stringray that captures nearby cell phone data.
State Police Captain Dave Bursten responded to the report Wednesday, saying the agency is operating within the bounds of the law.
The Indiana State Police are responding to lawmakers’ and civil rights organizations’ concerns that it is overstepping its boundaries by using a device that can track cell phone calls, text messages and movements within a set radius.
Indiana State Police Captain Dave Bursten said in a statement the department is working well within the bounds of the law. He says protection of investigation methods is key to the success of building a case.
Bursten won’t say exactly how the technology is used, because he says it would be “like a football team giving up their playbook.”
A joint USA Today and IndyStar investigation found earlier this month that the state police spent $373,995 on a device called a Stingray.
Often installed in a surveillance vehicle, the suitcase-size Stingrays trick all cellphones in a set distance — sometimes exceeding a mile, depending on the terrain and antennas — into connecting to it as if it were a real cellphone tower. That allows police agencies to capture location data and numbers dialed for calls and text messages from thousands of people at a time.
State police officials initially refused to provide any records related to the purchase of the Stingray.
After the IndyStar appealed the denial to the Indiana Public Access Counselor, the Indiana State Police provided a one-page document confirming the purchase of the device but no information about how it is used.
The Android app Brightest Flashlight has been installed between 50 million and 100 million times, averaging a 4.8 rating from more than 1 million reviews. Yet its customers might not be so happy to learn the app has been secretly recording and sharing their location and device ID information.
On Thursday, the app maker GoldenShores Technologies settled Federal Trade Commission charges that it deceived users and is thus prohibited from further \”misrepresenting how consumers’ information is collected and shared and how much control consumers have over the way their information is used.\”
Popular trivia game QuizUp reportedly has numerous security and privacy issues. The app seems to be sending your information to the devices of other users, including your name, email address, and Facebook ID. This information come to us from a blog post by developer Kyle Richter:
In most circumstances, in a breach of privacy situation a company stores sensitive information in plain text on a server somewhere, someone comes along and figures out how to access that data. However in the case of QuizUp they actually send you other users’ personal information via plain-text(un-hashed); right to your iPhone or iPod touch. This information includes but isn’t limited to: full names, Facebook IDs, email addresses, pictures, genders, birthdays, and even location data for where the user currently is. I have been able to access the personal information of hundreds of people who I have never met, and had no interaction with other than we both used QuizUp. These people likewise had access to my personal information. It is important to keep in mind these were not people who added me as friends inside of the app, these were complete strangers in every sense.
Also of note is how QuizUp handles access to your contacts. The game allows you to invite your friends to the game via text message, which you need to grant QuizUp access to your contacts to allow. Once this is done, QuizUp sends your contact\’s emails, in plain text, to their servers, in violation of federal privacy laws. This is the same thing that got social network Path in trouble last year.
At Bowdoin College in Brunswick, Me., admissions officers are still talking about the high school senior who attended a campus information session last year for prospective students. Throughout the presentation, she apparently posted disparaging comments on Twitter about her fellow attendees, repeatedly using a common expletive.
Perhaps she hadn’t realized that colleges keep track of their social media mentions.
We talked in class about child pornography being the H-bomb of all discussions about Internet regulation. Well, the UK government just dropped it…
Paedophiles may escape detection because highly-classified material about Britain’s surveillance capabilities have been published by the Guardian newspaper, the government has claimed.
A senior Whitehall official said data stolen by Edward Snowden, a former contractor to the US National Security Agency, could be exploited by child abusers and other cyber criminals.
It could also put lives at risk by disclosing secrets to terrorists, insurgents and hostile foreign governments, he said.
The claims emerged as lawyers for the Home Office launched a hard-hitting defence against a legal challenge which is seeking to establish the partner of a Guardian journalist was wrongly detained at Heathrow airport in August.
An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.superget.info home page
For some, revelations that the National Security Agency has been collecting vast amounts of personal information on U.S. citizens might seem as far removed as the city of Moscow.
But it’s not just an ultrasecret spy agency that can create a dossier on you.
Many Americans would be surprised by how easily local law enforcement, IRS investigators, the FBI and private attorneys can reach into the vast pool of personal information about their lives with little more than a subpoena, which no judge needs to review.
And it’s not just for selling you more products or services. It can be wielded against you.
In 2005, a National Security Agency employee was given his first day of access to the United States’ SIGINT (signals intelligence) capability. So what did he do with his vast powers?
According to a newly published letter (PDF) by the NSA Office of the Inspector General (OIG), “he queried six e-mail addresses belonging to a former girlfriend, a U.S. person, without authorization.”
An internal NSA audit four days later revealed this violation. His punishment?
“A reduction in grade, 45 days restriction, 45 days of extra duty, and half pay for two months. It was recommended that the subject not be given a security clearance.”