Cyber Security
Posted by LS on May 17th, 2012. Category: Blog
Do you ever wonder while you online shop, or travel abroad for summer holidays just HOW safe you are and HOW protected your important private online data is?
According to USAtoday.com, the FBI has just issued a warning for travelers, since recently hackers have tried to hack into their hotel room connections via pop up windows.
“The FBI recommends that all government, private industry and academic personnel who travel abroad take extra caution before updating software products on their hotel Internet connection.”
To read more: http://usat.ly/JBey0C
Cybercrime in Canada is not a quiet issue, the incidents are on the rise, and the attacks are skyrocketing. Canadian servers are being hacked, and at a rapid rate! Canada’s spike in hacker attacks, is part of a worldwide trend, wheras malicious content was typically hosted in Eastern Europe, now criminals focus on Canada, US and France.
To read more: http://bit.ly/K0RiKB
Private Data aside, do you know where your money is going online? Internet crime is costing consumers $500 million dollars due to online scams, according to Inverstors.com.
“There is always some spectacular dollar loss tied to cyberfraud; it is a big problem and it’s happening more frequently than ever,” he said. “It just follows the trends in online digital life — more commerce, financial services, banking is all moving online and the fraud moves with it.”
To read more: http://bit.ly/JBoEyl
A supreme court will hear the case of a teenage girl from Nova Scotia, Canada, who claims she was cyberbullied on Facebook.
A growing problem, in Canada 19% of youth are being cyber bullied. The impacts on victims of cyberbullying tend to be stronger than traditional bullying,” Canada.com,” …and can include depressive symptoms, anxiety, social isolation and substance abuse.”
To read more: http://bit.ly/KNMlBL
CSEC: Communications Security Establishment Canada
Posted by LS on April 26th, 2012. Category: Blog
What do you know about CSEC? Communications Security Establishment Canada: A super secret organization able to intercept any electronic dispatch, from phone calls, to emails, faxes and text messages.
“Made up of a high-tech web of supercomputers, listening posts and genius-level code breakers developed during the intrigue of the Cold War, CSEC has transformed itself into a world-class electronic eavesdropping and cyberwarfare outfit.” – Vancouver Sun
However, the CSEC mandate is not to intercept transmissions on between Canadians on home soil. NDP justice critic Jack Harris said even most MPs are unaware CSEC exists. But given its extraordinary capabilities, he said, there is a risk it could commit massive privacy violations against Canadians.
“It’s such a secretive body, with such broad powers, that Canadians have reason to be concerned,” he said. “The public is susceptible to this type of snooping on their communications without even knowing about it.” Harris said the commissioner’s claim that CSEC has never committed a wrong appears dubious.
True civilian oversight of the organization is needed, he said, just as it is for the RCMP and CSIS. Such an oversight body should also be mandated to process public complaints, he said. The fact that CSEC can intercept Canadians’ communications without a warrant is also very troubling, he said. CSEC should have to obtain warrants before listening in on Canadians, as other agencies must, he argued.
And unlike police or CSIS wiretaps, which require the subject to eventually be informed of the communications monitoring, Harris pointed out CSEC is not obligated to ever inform Canadians they are being watched.
In the end, Harris said, Canadians should be wary of the powerful eye of state spying, now that its view can be directed toward home territory.
“If they’re intercepting some foreigner’s communication that’s one thing, but if they’re intercepting Canadians’ communications, that’s another.”
With CSEC, much like CISPA, with FN, the User will be in control of their data, not some third party (i.e. service provider), making it much, much more difficult for government intercept, which is the way it should be, isn’t it?
After all, it is your data, not theirs – service providers are merely custodians and conduits! * Article seen in Vancouver Sun to read more: http://bit.ly/JBdrQH
CISPA
Posted by LS on April 24th, 2012. Category: Blog
This week, everywhere you tweet..er, look.. CISPA is in the headlines. And rightly so, this bill even has the White House questioning.
What is CISPA? CISPA is intended to improve computer security by allowing companies and government agencies to share sensitive information.
“The White House today expressed concerns about a controversial cybersecurity bill that would authorize Internet companies to divulge confidential customer records and communications.” – CNET
“A recent torrent of criticism prompted the politicians behind the Cyber Intelligence Sharing and Protection Act to circulate a revised version (PDF) of CISPA this evening before an expected floor vote next week. But the authors made only relatively minor tweaks. The legislation remains so broad that the NSA could vacuum up “all sorts of sensitive information like Internet use information and the contents of e-mails,” ACLU legislative counsel Michelle Richardson told CNET.
Next week this Cyber Intelligence Sharing and Protection Act will voted on by the House of Representatives.
“What sparked the privacy worries is the section of CISPA that says ‘notwithstanding any other provision of law,’ companies may share information ‘with any other entity, including the federal government.’ That would trump state and federal wiretap and other privacy laws. (CISPA doesn’t, however, require companies to turn over that data.)” – CNET
Either way, with FN, the User will be in control of their data, not some third party (i.e. service provider), which is the way it should be, isn’t it? After all, it is your data, no theirs – service providers are merely custodians and conduits!
Read more: :http://cnet.co/HSkfZA
Obama Administration states that the bill MUST preserve and protect the privacy and civil liberties of American citizens.
Week in Review
Posted by LS on April 9th, 2012. Category: Blog
Hello all, hope you had a lovely and cyber safe long weekend. As we approach this lovely short work week, we bring you our latest finds for news pieces you should keep top of mind while surfing the net and working about.
Hackers are busy down at Anonymous breaking into UK government sites and planning their attacks on more Chinese sites.
This time, the hackers announced in advance that they would be hacking into UK government sites, leaving UK officials time for preperation. Sunday evening,
“The resulting distributed denial of service (DDoS) attacks disrupted the target websites for a time. Tweets apparently from Anonymous described this as a “digital protest” rather than hacking and threatened further similar actions every Saturday against U.K. government sites” – Wall Street Journal
To read more: http://on.wsj.com/HnLJCC
“The activist hacker group Anonymous plans to launch further attacks on Chinese government websites in a bid to uncover corruption and lobby for human rights, a member of the group said on Monday.”
Currently, China blocks Twitter, Facebook, YouTube and many other websites citing a need to maintain social stability.
To read more: http://bit.ly/HnMiwd
Is CISPA the new enemy? We saw the backlash of SOPA and PIPA and watched the drama unfold. Now, a new legislation that has “wide-ranging privacy implications”, enter: CISPA.
“The Cyber Intelligence Sharing and Protection Act, or CISPA, focuses on defending companies from cyber-attacks and theft… CISPA addresses how information would be shared between private companies and the government to catch malicious actors breaching networks to steal information or sabotaging systems.”
To read more: http://bit.ly/HnMlIq
UK teachers have recently reported widespread cyber bullying by pupils and… wait for it.. parents! These teachers have been issued with death threats, accused of serious crimes against children and sexist/racial abuse.
“Almost half (49%) of teachers who were subjected to abusive comments from parents said they did not feel supported or had no action taken as a result, with just 29% feeling that appropriate action was taken.”
To read more: http://bit.ly/HS0CxU
And that is just the beginning folks, stay tuned to all of our regular cyber related updates @fednetworks on twitter!
Privacy by Design
Posted by LS on March 28th, 2012. Category: Blog
Privacy by Design is a concept coined by Ann Cavoukian in the late 1990’s, the addresses systematic effects of the Information and Communication Technologies, and of large-scale networked data systems.
Below we have provided a brief overview of the 7 Foundational Privacy Prinicples set out by Ann Cavoukian to ensure online protection. To read more www.ipc.on.ca
We at FN are both emphatic endorsers of the principles outlined by these principles, all of which we have and in fact have incorporated into our entire product suite, but we are also strong advocates of the general tone, direction and global leadership role that both the Ontario (Ann Cavoukian) and Federal (Jennifer Stoddart) have played in establishing Canada as a leading light in the need for more informed privacy policy and initiatives.
“The objectives of Privacy by Design — ensuring privacy and gaining personal control over one’s information and, for organizations, gaining a sustainable competitive advantage — may be accomplished by practicing the following 7 Foundational Principles”
1. Proactive not Reactive; Preventative not Remedial
Privacy by Design anticipates and prevents privacy invasive events before they happen.
2. Privacy as the Default Setting
Privacy by Design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice.
3. Privacy Embedded into Design
Privacy by Design is embedded into the design and architecture of IT systems and business practices.
4. Full Functionality — Positive-Sum, not Zero-Sum
Privacy by Design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made.
5. End-to-End Security — Full Lifecycle Protection
Privacy by Design extends securely throughout the entire lifecycle of the data involved — strong security measures are essential to privacy, from start to finish
As a small albeit admittedly self-serving aside, we always chuckle to ourselves when we read this principle, for its the holy grail of cyber security and clearly is not even remotely achievable with current technologies, but just might be in the very near future…. hint hint
6. Visibility and Transparency — Keep it Open
Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification.
7. Respect for User Privacy — Keep it User-Centric
Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. Keep it user-centric.
So there you have it – 7 simple but profound principles. Gotta luv’em!