Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Over 87GB of email addresses and passwords exposed in Collection 1 dump

ZDNet: “Almost 773 million unique email addresses and just under 22 million unique passwords were found to be hosted on cloud service MEGA. In a blog post, security researcher Troy Hunt said the collection totalled over 12,000 separate files and more than 87GB of data. The data, dubbed Collection #1, is a set of email addresses and passwords totalling 2,692,818,238 rows that has allegedly come from many different sources. “What I can say is that my own personal data is in there and it’s accurate; right email address and a password I used many years ago,” Hunt wrote. “In short, if you’re in this breach, one or more passwords you’ve previously used are floating around for others to see.” Some passwords, including his own, have been “dehashed”, that is converted back to plain text. Hunt said he gained the information after multiple people reached out to him with concerns over the data on MEGA, with the Collection #1 dump also being discussed on a hacking forum…

  • You can use Hunt’s Have I Been Pwned service to see if your information has been exposed.”

The Federal Government Offers a Case Study in Bad Email Tracking

EFF: “The U.S. government sends a lot of emails. Like any large, modern organization, it wants to “optimize” for “user engagement” using “analytics” and “big data.” In practice, that means tracking the people it communicates with—secretly, thoroughly, and often, insecurely. Granicus is a third-party contractor that builds communication tools to help governments engage constituents online.… Continue Reading

(Don’t) Return to Sender: How to Protect Yourself From Email Tracking

EFF: “There are a lot of different ways to track email, and different techniques can lie anywhere on the spectrum from marginally acceptable to atrocious. Responsible tracking should aggregate a minimal amount of anonymous data, similar to page hits: enough to let the sender get a sense of how well their campaign is doing without invading users’… Continue Reading

Shutdown: Dot-gov websites vulnerable to cyberattacks, certificates expiring amid funding pause

Netcraft – .gov security falters during U.S. shutdown: “Dozens of U.S. government websites have been rendered either insecure or inaccessible during the ongoing U.S. federal shutdown. These sites include sensitive government payment portals and remote access services, affecting the likes of NASA, the U.S. Department of Justice, and the Court of Appeals.  With around 400,000… Continue Reading

Our Cellphones Aren’t Safe

Opinion | Our Cellphones Aren’t Safe – The New York Times: “Security flaws threaten our privacy and bank accounts. So why aren’t we fixing them? America’s cellular network is as vital to society as the highway system and power grids. Vulnerabilities in the mobile phone infrastructure threaten not only personal privacy and security, but also… Continue Reading

Measuring the “Filter Bubble”: How Google is influencing what you click

DuckDuckGo Blog: “Over the years, there has been considerable discussion of Google’s “filter bubble” problem. Put simply, it’s the manipulation of your search results based on your personal data. In practice this means links are moved up or down or added to your Google search results, necessitating the filtering of other search results altogether. These… Continue Reading

How to Delete Online Accounts You No Longer Need

Consumer Reports – Having too many digital accounts raises your risk of data being misused or stolen. Here’s how to clean house. By Thomas Germain. December 27, 2018 [h/t Pete Weiss] “Deleting online accounts is one of the best ways to protect your data security and privacy. The less data you have stored on corporate databases… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues December 2018

Before the end of 2018, please take some time to catch-up with the cyber related updates provided by Pete Weiss every week on LLRX. Pete Weiss highlights articles and information that focus on the increasingly complex and wide ranging ways technology is used to compromise and diminish our privacy and security, often without our situational… Continue Reading

Teaching Cybersecurity Law and Policy: Revised 62-Page Syllabus/Primer

Teaching Cybersecurity Law and Policy: My Revised 62-Page Syllabus/Primer (Bobby Chesney,  Charles I. Francis Professor in Law and Associate Dean for Academic Affairs at the University of Texas School of Law) – “Cybersecurity law and policy is a fun subject to teach. There is vast room for creativity in selecting topics, readings and learning objectives.… Continue Reading

The 21 (and Counting) Biggest Facebook Scandals of 2018

Wired: “Every January, Facebook CEO Mark Zuckerberg announces a personal challenge he will undertake in the year ahead. In 2016, he committed to running 365 miles before the year was up. In 2017, he milked cows and rode tractors as part of his resolution to meet more people outside the Silicon Valley bubble. Last January,… Continue Reading

Essay – It’s Time for a Bill of Data Rights

“This essay argues that “data ownership” is a flawed, counterproductive way of thinking about data. It not only does not fix existing problems; it creates new ones. Instead, we need a framework that gives people rights to stipulate how their data is used without requiring them to take ownership of it themselves. The Data Care Act, a bill introduced… Continue Reading

Why the US Needs a National AI Strategy and What It Should Look Like

Joshua New, senior policy analyst at the Center for Data Innovation – “The United States is the global leader in developing and using artificial intelligence (AI), but it may not be for long. Succeeding in AI requires more than just having leading companies make investments. It requires a healthy ecosystem of AI companies, robust AI… Continue Reading