Language Selection

English French German Italian Portuguese Spanish

Regulating phone companies' security standards

Filed under
Security

A new age crime for new age technology, is about thieves trying to steal identities and the phone companies doing little to protect subscribers' personal data from being revealed. Now according to a privacy watchdog Electronic Privacy Information Center (EPIC), it is getting worse as agents of deception are getting access to even personal phone records from the phone companies, which are actively traded over the Internet, believably by over 40 internet sites.

The EPIC has filed a petition with the Federal Communications Commission (FCC) that states that these identity thieves are "data brokers and private investigators" who are knowledgeable about the "inadequate security" and make the most of it "through pretexting", pretending to have authority to access protected records. The petition also goes forth to suggest the rot within the telephone companies, of staff who use the knowledge of personal information to decipher a subscriber's online telephone account code to access or misuse the account. Precedent to the petition was an EPIC complaint filed against Intelligent e-Commerce Inc. last year, over its illegal trade in telephone subscriber's personal information.

Full Story.

More in Tux Machines

Development News

  • Git for design projects
  • Updating POSIX
    To the first point, many people seem unaware that POSIX is an actual set of standards - IEEE 1003.1 in several variations, plus descendants. These standards cover a lot more than just operations on files, and technically "POSIX" only refers to systems that have passed a set of conformance tests covering all of those. Nonetheless, people often use "POSIX" to mean only the section dealing with file operations, and only in a loose sense of things that implement something like the standard without having been tested against it. Many systems, notably including Linux, pretty explicitly do not claim to comply with the actual standard.
  • Delete Your Dead Code!
    A few days ago, Ned Batchelder's post on deleting code made the rounds on HN, even though it was originally written in 2002. Here I want to echo a few of Ned's points, and take a stronger stance than he did: delete code as soon as you know you don't need it any more, no questions asked. I'll also offer some tips from the trenches for how to identify candidate dead code. This is the first in a series on eating your vegetables in software engineering, on good, healthy practices for a happy and successful codebase. I don't (yet) know how long the series will be, so please stay tuned!

Security Leftovers

  • 66% of USB Flash Drives infected – don’t trust a stray [Ed: Windows]
    The problem is that the OS will automatically run a program that can install malware from a USB stick.
  • Dental Assn Mails Malware to Members
    The domain is used by crooks to infect visitors with malware that lets the attackers gain full control of the infected Windows computer.
  • Slack bot token leakage exposing business critical information
    Developers are leaking access tokens for Slack widely on GitHub, in public repositories, support tickets and public gists. They are extremely easy to find due to their structure. It is clear that the knowledge about what these tokens can be used for with malicious intent is not on top of people’s minds…yet. The Detectify team shows the impact, with examples, and explains how this could be prevented.

Android Leftovers

Debian and Devuan

  • An Open Letter to Linas Vepstas
    The entire essay continues on a similar note. Although the title implies this is a rant about Ubuntu and Debian, he seems to paint the entirety of Linux Land with the same broad brush. And that would be factually wrong. "Factually wrong" doesn't mean he hasn't pointed out some serious problems. He has. I and many other Linux users see the same problems he identifies. What's "factually wrong" is that these problems are built into the combination of kernel, system software, and applications generally called either "Linux" or "GNU/Linux". And his implication that there's no reasonable way for a user to avoid these problems is also factually wrong. The bottom line of my objection to his essay is this: Nobody should use software they don't like, especially if there's a reasonable alternative. And by extension, why is Linas still using Debian and Ubuntu and systemd and Firefox and Chrome and Gnome? There are reasonable alternatives to every single one of them.
  • March and April contributions
  • My work for Debian in April
  • Free software activities in April 2016
  • Devuan Jessie 1.0 Beta Screenshot Tour