Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Krebs On Security: Brilliant Exposé Of US Wireless Carriers

August 14, 2019 by Marc Handelman in Radio Telephony, Feet of Clay, Security Bloggers Network, Mobile Telephony, Mobile Security, Mobile Networks

Fellow member of the Security Bloggers Network - Brian Krebs and his superlative blog Krebs On Security provides a tour de force exposé of the unfortunate current security posture of the wireless carriers in the United States. Read it my friends, and weep for your mobile telephony, and the decidely non-righteous path the Carriers are on.

"If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel. No, a series of recent court cases and unfortunate developments highlight the sad reality that the wireless industry today has all but ceded control over this vital national resource to cybercriminals, scammers, corrupt employees and plain old corporate greed." - via the inimitable Brian Krebs at Krebs On Security

August 14, 2019 /Marc Handelman
Radio Telephony, Feet of Clay, Security Bloggers Network, Mobile Telephony, Mobile Security, Mobile Networks

The Three

January 10, 2019 by Marc Handelman in Feet of Clay, Information Security, CPNI, Demise of Privacy, Mobile Networks, Mobile Telephony, Mobile Security

Three US Based Mobile Providers Still Selling User Location Data

The bad news was delivered to me on Tuesday afternoon by this outstanding post by Jon Brodkin, reporting for Ars Technica. Read it and weep my friends, as they will know you by your location... Think it's time to move to a dumb phone from your current leaky smartphone? Think again Binky, as your location can still be determined and sold (if only from triangulated tower geography when your phone mpves from cell to cell and registers with the tower).

"In June 2018, all four major US wireless carriers pledged to stop selling their mobile customers' location information to third-party data brokers. The carriers were pressured into making the change after a security problem leaked the real-time location of US cell phone users. But an investigation by Motherboard found that "T-Mobile, Sprint, and AT&T are [still] selling access to their customers' location data and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country." - via Jon Brodkin, reporting for Ars Technica*

January 10, 2019 /Marc Handelman
Feet of Clay, Information Security, CPNI, Demise of Privacy, Mobile Networks, Mobile Telephony, Mobile Security

December's Feet of Clay Award : Verizon/AOL Is Selling Our Kid's Personal Data

December 19, 2018 by Marc Handelman in Corporate Evil, Corporate Corruption, Death of Privacy, Information Security, Feet of Clay

Woo Hoo! December's Feet of Clay Award has been summarily bestowed upon those nearly perfect examples of corporate scumbaggery: Verizon/AOL! Congratulations (and a $4.95 Million Fine) are in order targeting the sellers of our children's innocence! Read It And Weep for Our Descendents.

"The Attorney General’s Office found that AOL conducted billions of auctions for ad space on hundreds of websites the company knew were directed to children under the age of 13. Through these auctions, AOL collected, used, and disclosed personal information from the websites’ users in violation of COPPA, enabling advertisers to track and serve targeted ads to young children. The company has agreed to adopt comprehensive reforms to protect children from improper tracking and pay a record $4.95 million in penalties, the largest penalty ever in a COPPA enforcement matter in U.S. history." - via the Office of New York Attorney General Barbara Underwood

December 19, 2018 /Marc Handelman
Corporate Evil, Corporate Corruption, Death of Privacy, Information Security, Feet of Clay

Google's Feet of Clay

October 09, 2018 by Marc Handelman in Feet of Clay, Code Leakage, API Data Exposure, Blatant Incompetence

Graham Cluley has reported (from an original Wall Street Journal source report) a Google, Inc. (Nasdaq: GOOG) security SNAFU... This time, the failure of the so-called non-evil company to report a significant data custody failure within their so-called 'Google Plus' product, where - in fact - you are the product. The company's better-late-than-never blog post covers the issue, in somewhat less than effective detail...

October 09, 2018 /Marc Handelman
Feet of Clay, Code Leakage, API Data Exposure, Blatant Incompetence

Facebook Still Hosting Social Security Numbers, Stolen Identities

June 01, 2018 by Marc Handelman in Facebookery, Feet of Clay

Just astounding these people (i.e. Facebook, Inc. (NASDAQ: FB) remain in business... Read Lorenzo Franceschi-Bicchierai superlative prose detailing the continuance of Facebookery at Facebook... And, then there's this.

June 01, 2018 /Marc Handelman
Facebookery, Feet of Clay

US Congress Sells Out

March 31, 2017 by Marc Handelman in Accountability, All is Information, Governmental Corruption, Feet of Clay, Demise of Privacy, Privacy, Blatant Stupidity

Ladies and Gentlemen, Girls and Boys: Behold the list of both United States Senators and United States House of Representatives that voted to sell out your personal information while online (i.e., your precious online privacy) for monetary gain.

Each surname noted below, possesses a link to that Senator or Representative's contact page, to make it super-easy to let them know what you think. Oh, and for you parents/grandparents, gaurdians this includes all data requests coming from your home, i.e., your children's' data will also be swept up in this nightmare maelstrom example of the surveillance state. Enjoy

Senate of the UNITED STATES of AMERICA

YEA -- 50

U.S. Senate Roll Call Votes 115th Congress - 1st Session

Question: On the Joint Resolution (S.J. Res. 34 )

Alexander (R-TN)
Barrasso (R-WY)
Blunt (R-MO)
Boozman (R-AR)
Burr (R-NC)
Capito (R-WV)
Cassidy (R-LA)
Cochran (R-MS)
Collins (R-ME)
Corker (R-TN)
Cornyn (R-TX)
Cotton (R-AR)
Crapo (R-ID)
Cruz (R-TX)
Daines (R-MT)
Enzi (R-WY)
Ernst (R-IA)
Fischer (R-NE)
Flake (R-AZ)
Gardner (R-CO)
Graham (R-SC)
Grassley (R-IA)
Hatch (R-UT)
Heller (R-NV)
Hoeven (R-ND)
Inhofe (R-OK)
Johnson (R-WI)
Kennedy (R-LA)
Lankford (R-OK)
Lee (R-UT)
McCain (R-AZ)
McConnell (R-KY)
Moran (R-KS)
Murkowski (R-AK)
Perdue (R-GA)
Portman (R-OH)
Risch (R-ID)
Roberts (R-KS)
Rounds (R-SD)
Rubio (R-FL)
Sasse (R-NE)
Scott (R-SC)
Shelby (R-AL)
Strange (R-AL)
Sullivan (R-AK)
Thune (R-SD)
Tillis (R-NC)
Toomey (R-PA)
Wicker (R-MS)
Young (R-IN)

HOUSE OF REPRESENTATIVES of the UNITED STATES OF AMERICA

YEA -- 215

Abraham (R-LA)
Aderholt (R-AL)
Allen (R-GA)
Amodei (R-NV)
Arrington (R-TX)
Babin (R-TX)
Bacon (R-NE)
Banks (R-IN)
Barletta (R-PA)
Barr (R-KY)
Barton (R-TX)
Bergman (R-MI)
Biggs (R-AZ)
Bilirakis (R-FL)
Bishop (R-MI)
Bishop (R-UT)
Black (R-TN)
Blackburn (R-KY)
Blum (R-IA)
Bost (R-IL)
Brady (R-TX)
Brat (R-VA)
Bridenstine (R-OK)
Brooks (R-IN)
Buchanan (R-FL)
Buck (R-CO)
Bucshon (R-IN)
Budd (R-NC)
Burgess (R-TX)
Byrne (R-AL)
Calvert (R-CA)
Carter (R-GA)
Carter (R-TX)
Chabot (R-OH)
Chaffetz (R-UT)
Cheney (R-WY)
Cole (R-OK)
Collins (R-GA)
Collins (R-NY)
Comer (R-KY)
Comstock (R-VA)
Conaway (R-TX)
Cook (R-CA)
Costello (R-PA)
Cramer (R-ND)
Crawford (R-AR)
Culberson (R-TX)
Curbelo (R-FL)
Davis (R-IL)
Denham (R-CA)
Dent (R-PA)
DeSantis (R-FL)
DesJarlais (R-TN)
Diaz-Balart (R-FL)
Donovan (R-NY)
Duncan (R-SC)
Dunn (R-FL)
Emmer (R-MN)
Farenthold (R-TX)
Ferguson (R-GA)
Fitzpatrick (R-PA)
Fleischmann (R-TN)
Flores (R-TX)
Fortenberry (R-NE)
Foxx (R-NC)
Franks (R-AZ)
Frelinghuysen (R-NJ)
Gaetz (R-FL)
Gallagher (R-WI)
Garrett (R-VA)
Gibbs (R-OH)
Gohmert (R-TX)
Goodlatte (R-VA)
Gosar (R-AZ)
Gowdy (R-SC)
Granger (R-TX)
Graves (R-GA)
Graves (R-LA)
Graves (R-MO)
Griffith (R-VA)
Grothman (R-WI)
Guthrie (R-KY)
Harper (R-MS)
Harris (R-MD)
Hartzler (R-MO)
Hensarling (R-TX)
Hice (R-GA)
Higgins (R-LA)
Holding (R-NC)
Hollingsworth (R-IN)
Hudson (R-NC)
Huizenga (R-MI)
Hultgren (R-IL)
Hunter (R-CA)
Hurd (R-TX)
Issa (R-CA)
Jenkins (R-KS)
Jenkins (R-WV)
Johnson (R-LA)
Johnson (R-OH)
Johnson (R-TX)
Jordan (R-OH)
Joyce (R-OH)
Katko (R-NY)
Kelly (R-MS)
Kelly (R-PA)
King (R-IA)
King (R-NY)
Kinzinger (R-IL)
Knight (R-CA)
Kustoff (R-TN)
Labrador (R-ID)
LaHood (R-IL)
LaMalfa (R-CA)
Lamborn (R-CO)
Lance (R-NJ)
Latta (R-OH)
Lewis (R-MN)
LoBiondo (R-NJ)
Long (R-MO)
Loudermilk (R-GA)
Love (R-UT)
Lucas (R-OK)
Luetkemeyer (R-MO)
MacArthur (R-NJ)
Marchant (R-TX)
Marshall (R-KA)
Massie (R-KY)
Mast (R-FL)
McCarthy (R-CA)
McCaul (R-TX)
McHenry (R-NC)
McKinley (R-WV)
McMorris Rodgers (R-WA)
McSally (R-AZ)
Meadows (R-NC)
Meehan (R-PA)
Messer (R-IN)
Mitchell (R-MI)
Moolenaar (R-MI)
Mooney (R-WV)
Mullin (R-OK)
Murphy (R-PA)
Newhouse (R-WA)
Noem (R-SD)
Nunes (R-CA)
Olson (R-TX)
Palazzo (R-MS)
Palmer (R-AL)
Paulsen (R-MN)
Pearce (R-NM)
Perry (R-PA)
Poe (R-TX)
Poliquin (R-ME)
Posey (R-FL)
Ratcliffe (R-TX)
Reed (R-NY)
Renacci (R-OH)
Rice (R-SC)
Roby (R-AL)
Roe (R-TN)
Rogers (R-AL)
Rogers (R-KY)
Rohrabacher (R-CA)
Rokita (R-IN)
Rooney (R-FL)
Roskam (R-IL)
Ross (R-FL)
Rothfus (R-PA)
Rouzer (R-NC)
Royce (R-CA)
Russell (R-OK)
Rutherford (R-FL)
Scalise (R-LA)
Schweikert (R-AZ)
Scott (R-GA)
Sensenbrenner (R-WI)
Sessions (R-TX)
Shimkus (R-IL)
Shuster (PA-IL)
Smith (R-MO)
Smith (R-NE)
Smith (R-NJ)
Smith (R-TX)
Smucker (R-PA)
Stewart (R-UT)
Stivers (R-OH)
Taylor (R-VA)
Tenney (R-NY)
Thompson (R-PA)
Thornberry (R-TX)
Tiberi (R-OH)
Tipton (R-CO)
Trott (R-MI)
Turner (R-OH)
Upton (R-MI)
Valadao (R-CA)
Wagner (R-MO)
Walberg (R-MI)
Walden (R-OR)
Walker (R-NC)
Walorski (R-IN)
Walters (R-CA)
Weber (R-TX)
Webster (R-FL)
Wenstrup (R-OH)
Westerman (R-AR)
Williams (R-TX)
Wilson (R-SC)
Wittman (R-VA)
Womack (R-AR)
Woodall (R-GA)
Yoho (R-FL)
Young (R-AK)
Young (R-IA)

March 31, 2017 /Marc Handelman
Accountability, All is Information, Governmental Corruption, Feet of Clay, Demise of Privacy, Privacy, Blatant Stupidity

Microsoft Begins Selling Windows 10 Telemetry →

December 12, 2016 by Marc Handelman in All is Information, Corporate Evil, Cruft, Data Security, Feet of Clay, Information Security, Marketing Gone Wild, Right to Privacy, Demise of Privacy

News, of Microsoft Corporation (NasdaqGS: MSFT) selling of customer telemetry on Windows 10 has come to light via Martin Kauffman on GHacks. Martin superlatively details the phenomenal audacity of Microsoft in the matter of selling usage information; and, while not surprising, just another indicator of the onerous feet-of-clay syndrome now evident in Redmond. Oh, and by-the-way, the data being shared is with a security firm, simply astounding. As always, you be the judge.

December 12, 2016 /Marc Handelman
All is Information, Corporate Evil, Cruft, Data Security, Feet of Clay, Information Security, Marketing Gone Wild, Right to Privacy, Demise of Privacy

Wasn't Us... →

October 08, 2016 by Marc Handelman in All is Information, Attack Analysis, Espionage, Ethics, Feet of Clay, Information Security, Election Fraud, Election Infosecurity

Wasn't Us, Mr. President...

October 08, 2016 /Marc Handelman
All is Information, Attack Analysis, Espionage, Ethics, Feet of Clay, Information Security, Election Fraud, Election Infosecurity

Feet of Clay, Bitlocker Backdoor →

November 24, 2015 by Marc Handelman in All is Information, Security Flaws, Security Development, Security Architecture, Information Security, Feet of Clay

Lucian Constantin, writing at ComputerWorld UK, tells the tale of Bitlocker, the Feet of Clay edition...

November 24, 2015 /Marc Handelman
All is Information, Security Flaws, Security Development, Security Architecture, Information Security, Feet of Clay