Ed Felten writes: Yesterday the Tor Project issued an advisory describing a large-scale identification attack on Tor hidden services. The attack started on January 30 and ended when Tor ejected the attackers on July 4. It appears that this attack was the subject of a Black Hat talk that was canceled abruptly. These attacks raise serious questions about research [...]
From the Tor blog: On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. The attacking relays joined the network on [...]
Lisa Hoffman reports: A seemingly simple mailing mixup, in which a required letter was posted to the wrong company, may well doom a proposed class action against Petco Animal Supplies Store, Inc. Massachusetts plaintiffs Jeffrey Scolnick and Leah Crohn filed a class complaint June 17, accusing Petco of violating Massachusetts General Law Chapter 93A, commonly [...]
An editorial in the Japan Times in the wake of a massive data leak begins: The massive customer data theft from education service provider Benesse Corp. has highlighted the danger of such data — which included the names, dates of birth, gender and parents’ address and telephone numbers of millions of children in this case [...]
Karissa Bell reports: For the second time in less than two weeks, Apple is defending itself against claims that call into question the security of iOS. The company has denied a security researcher’s claims that iOS has a “backdoor” that enables third parties to potentially gain access to users’ personal data. Read more on Mashable.
From PRNewswire: Buyers and sellers using the online marketplace eBay may be revealing far more than their interest in vintage furniture or video games. Researchers at the New York University Polytechnic School of Engineering and NYU Shanghai have discovered a privacy flaw that allows site visitors to view a buyer’s complete purchase history—including sensitive items [...]
Ken Berry writes: As part of its ongoing efforts to deter identity theft, the Internal Revenue Service has issued final regulations on use of truncated Taxpayer Identification Numbers (TINs). The new regulations, which apply to those who furnish and receive payee statements and tax-related documents, generally follow proposed regulations issued last year, albeit with some modifications. Based [...]