Jul 312014

Ed Felten writes: Yesterday the Tor Project issued an advisory describing a large-scale identification attack on Tor hidden services. The attack started on January 30 and ended when Tor ejected the attackers on July 4. It appears that this attack was the subject of a Black Hat talk that was canceled abruptly. These attacks raise serious questions about research [...]

Jul 252014

Lisa Hoffman reports: A seemingly simple mailing mixup, in which a required letter was posted to the wrong company, may well doom a proposed class action against Petco Animal Supplies Store, Inc. Massachusetts plaintiffs Jeffrey Scolnick and Leah Crohn filed a class complaint June 17, accusing Petco of violating Massachusetts General Law Chapter 93A, commonly [...]

Jul 252014

An editorial in the Japan Times in the wake of a massive data leak begins: The massive customer data theft from education service provider Benesse Corp. has highlighted the danger of such data — which included the names, dates of birth, gender and parents’ address and telephone numbers of millions of children in this case [...]

Jul 192014

From PRNewswire: Buyers and sellers using the online marketplace eBay may be revealing far more than their interest in vintage furniture or video games. Researchers at the New York University Polytechnic School of Engineering and NYU Shanghai have discovered a privacy flaw that allows site visitors to view a buyer’s complete purchase history—including sensitive items [...]

Jul 162014

Ken Berry writes: As part of its ongoing efforts to deter identity theft, the Internal Revenue Service has issued final regulations on use of truncated Taxpayer Identification Numbers (TINs). The new regulations, which apply to those who furnish and receive payee statements and tax-related documents, generally follow proposed regulations issued last year, albeit with some modifications. Based [...]