Pete Recommends – Weekly highlights on cyber security issues June 24 2018

Subject: Researchers Develop Tech That Lets Surveillance Cameras Text to Say Hello
Source: TechCrunch via Gizmodo
https://gizmodo.com/researchers-develop-tech-that-lets-surveillance-cameras-1826925391

Researchers at Purdue University have found a new way to get surveillance cameras to “talk” to the people they see. The system is called PHADE, which stands for “private human addressing,” and it enables cameras to send messages to people’s devices when they’ve entered a specific area without collecting their personal data. Instead of using an IP or MAC address, cameras equipped with PHADE create an “address code” based on a person’s motion patterns when they’ve entered their field of view. PHADE builds a packet with a customized message linked to that address code, and then broadcasts it out. If a target’s smartphone has the other end of PHADE’s tech, it builds a second address based on a user’s movement, comparing it to those attached to any packets it receives. If the two address codes match, the message is delivered. The researchers claim PHADE protects privacy by “blurring” distinguishing data linked to the address codes and never extracting any data from the phone itself. The researchers posted a video summarizing their findings, testing out the PHADE system by sending messages to different individuals based on where they were standing in a mock museum. They claim a 90 percent correct matching rate.


Subject: 15 more default privacy settings you should change now on your TV, cellphone plan and more
Source: The Washington Post via beSpacific
https://www.bespacific.com/15-more-default-privacy-settings-you-should-change-now-on-your-tv-cellphone-plan-and-more/

“It’s not just Google and Facebook that are spying on you. Your TV, your cellphone provider and even your LinkedIn account have side hustles in your data. But, in many cases, you can opt out — if you know where to look. I dug into a bunch of popular products and services you might not think of as data vacuums or security risks and found their default privacy settings often aren’t very private. So I collected here some common settings you can change to stop giving away so much. The following links will let you skip ahead to clickable instructions for televisions, LinkedIn, Twitter, Yahoo, cellphone carriers and WiFi routers. Two weeks ago, I offered similar suggestions on the worst default settings for Facebook, Google, Amazon, Microsoft and Apple. Thousands of you told me about your experiences trying to protect your privacy and asked about how to go further…”


Subject: Verizon stops sharing cell phone location data to brokers
Source: AP via Business Insider
http://www.businessinsider.com/verizon-cell-phone-location-data-brokers-2018-6

  • Verizon will end the practice of selling cell phone location data to third-party brokers, which has allowed outside companies to pinpoint the location of wireless devices without their owners’ knowledge or consent.
  • Verizon said that about 75 companies have been purchasing its customer data, obtained from two little-known California-based brokers — LocationSmart and Zumigo.
  • Last month, Sen. Ron Wyden has been probing alleged abuses in the lucrative but loosely regulated field of location tracking.

The data has allowed outside companies to pinpoint the location of wireless devices without their owners’ knowledge or consent. Verizon said that about 75 companies have been obtaining its customer data from two little-known California-based brokers that Verizon supplies directly — LocationSmart and Zumigo.

Though Verizon is the first major U.S. wireless carrier to end sales of such data to brokers that then provide it to others, Verizon did not say it was getting out of the business of selling location data.

The cutoff won’t affect users’ ability to share locations directly with apps and other services. Rather, it deals with the practice of selling data to third parties with which users have no direct connection.

“Verizon did the responsible thing and promptly announced it was cutting these companies off,” Wyden said in a statement. “In contrast, AT&T, T-Mobile, and Sprint seem content to keep selling their customers’ private information to these shady middle men, Americans’ privacy be damned.”


Subject: Supreme Court: Warrant generally needed to track cell phone location data
Source: CNN
https://www.cnn.com/2018/06/22/politics/supreme-court-ruling-cell-phone/index.html

The Supreme Court on Friday said the government generally needs a warrant if it wants to track an individual’s location through cell phone records over an extended period of time.

The ruling is a major victory for advocates of increased privacy rights who argued more protections were needed when it comes to the government obtaining information from a third party such as a cell phone company.
The 5-4 opinion in Carpenter v. United States, was written by conservative Chief Justice John Roberts siding with the four most liberal justices.
It is a loss for the Justice Department, which had argued that an individual has diminished privacy rights when it comes to information that has been voluntarily shared with someone else.
The opinion, which was limited to cell-site location data, continues a recent trend at the court to boost privacy rights in the digital era and clarifies court precedent as it applies to data held by a third party.

Subject: Tips on how to avoid fraud when buying a car online
Source: USA Today
https://www.usatoday.com/story/money/cars/2018/06/22/tips-how-avoid-fraud-when-buying-car-online/717105002/

The FBI and sites that are combating the scams, including Autotrader, Escrow.com, eBay Motors and Edmunds, offer these tips to avoid online car-buying fraud…


Subject: FTC Suggests Considering Security Disclosure Rules for Connected-Device Makers
Source: Nextgov
https://www.nextgov.com/cybersecurity/2018/06/ftc-suggests-considering-security-disclosure-rules-connected-device-makers/149063/

If the Consumer Product Safety Commission required IoT makers to outline their security protections, the Federal Trade Commission could go after false claims.The government’s consumer safety advocate should consider requiring internet-connected device manufacturers to advertise which safety standards they’re following and which they aren’t, a Federal Trade Commission division said Friday. If the Consumer Product Safety Commission mandated that disclosure, it would help consumers make smarter decision about the internet-of-things devices they purchase, the Trade Commission’s Bureau of Consumer Protection said in a public comments filing.

Topics:

RSS feed: https://www.nextgov.com/rss/all/


Subject: Sir, you’ve been using Kaspersky Lab antivirus. Please come with us, sir.
Source: The Register
https://www.theregister.co.uk/2018/06/15/us_gov_ban_on_kaspersky_lab/

US government bans agencies from using Russian outfit’s wares. The US government issued an interim rule this morning prohibiting agencies from using products or services that have pretty much anything to do with Kaspersky Lab. The Federal Acquisition Regulation (FAR) comes into effect from 16 July 2018 and is a result of the National Defense Authorization Act (NDAA), which prohibits any part of the US Federal government from using the antivirus vendor’s wares. The prohibition comes into effect from 1 October, and the FAR is a clear signal that, yes, it is really going to happen. Any solicitations issued on or after 16 July will include an anti-Kaspersky clause and anything issued before will need modifications to reflect the US government’s stance.

RSS feed The Register – Security
https://www.theregister.co.uk/security/headlines.atom


Subject: Your new Medicare Card is in the mail! 10 Things to know about your New Medicare Card.
Source: Medicare.gov
https://www.medicare.gov/pubs/pdf/12018-10-Things-to-Know-About-New-Medicare-Card.pdf

The official blog for the Centers for Medicare & Medicaid Services (CMS) – visit www.cms.gov

Medicare blog RSS feed: https://blog.medicare.gov/feed/

Topics / Categories

Keep up with Medicare news

Posted in: Cybercrime, Cybersecurity, E-Government, Government Resources, Healthcare, Privacy, Social Media