Not many companies could get away with defending controversial data retention practices by saying that the data is needed to “learn from good guys, fight off bad guys, [and] invent the future.” But that’s how Google sees itself and its practices—not surprising from a company that would give itself an unofficial motto like “don’t be evil.” I had the chance recently to sit down with two of Google’s top privacy people: deputy general counsel Nicole Wong and security/privacy engineer Alma Whitten. While the “good guy/bad guy” and “don’t be evil” quotes may seem too cute by half to some, Wong and Whitten made a strong pitch for the truth of both slogans. In their view, Google really is fighting the good fight when it comes to your online privacy.

Full Article (Ars Technica - arstechnica.com)

MOUNTAIN VIEW, CA—Responding to recent public outcries over its handling of private data, search giant Google offered a wide-ranging and eerily well-informed apology to its millions of users Monday. “We would like to extend our deepest apologies to each and every one of you,” announced CEO Eric Schmidt, speaking from the company’s Googleplex headquarters. “Clearly there have been some privacy concerns as of late, and judging by some of the search terms we’ve seen, along with the tens of thousands of personal e-mail exchanges and Google Chat conversations we’ve carefully examined, it looks as though it might be a while before we regain your trust.”

Full Article (The Onion - theonion.com)

I have to say… SET is just plain awesome. The Social Engineering Toolkit (SET) is a set of python scripts created by David Kennedy (aka rel1k) to automate many client side penetration testing vectors. In conjunction with Social-Engineer.org, which is also a top-notch resource, it provides for some of best extensibility in this type testing. A couple of weekends ago Dave released 0.4 of SET at Shmoocon. I’ll be honest, i hadn’t used it much until now but, after a good bit of research I now appreciate its full glory.

Full Article (Security Aegis - securityaegis.com)

In the next two blog posts I’ll attempt to sketch the forces behind what I’m calling, somewhat sensationally, the Data Singularity, and then (in a following post) discuss what I see as its consequences. In a nutshell, the Data Singularity is this: humans are being spliced out of the data-driven processes around us, and frequently we aren’t even at the terminal node of action. International cargo shipments, high-frequency stock trades, and genetic diagnoses are all made without us. Absent humans, these data and decision loops have far less friction; they become constrained only by the costs of bandwidth, computation, and storage– all of which are dropping exponentially.

Full Article (Dataspora Blog - dataspora.com)

Security researchers have found that Vodafone, one of the world’s larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, the HTC Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Security received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet.

Full Article (threatpost - threatpost.com)

In 1933, with his great scientific discoveries behind him, Albert Einstein came to America. He spent the last twenty-two years of his life in Princeton, New Jersey, where he had been recruited as the star member of the Institute for Advanced Study. Einstein was reasonably content with his new milieu, taking its pretensions in stride. “Princeton is a wonderful piece of earth, and at the same time an exceedingly amusing ceremonial backwater of tiny spindle-shanked demigods,” he observed. His daily routine began with a leisurely walk from his house, at 115 Mercer Street, to his office at the institute. He was by then one of the most famous and, with his distinctive appearance—the whirl of pillow-combed hair, the baggy pants held up by suspenders—most recognizable people in the world.

Full Article (The New Yorker - newyorker.com)

Fresh doubts have been raised over the online security of high street retailer Argos, following a PC Pro investigation. Yesterday, we revealed that Argos was sending customers’ unencrypted credit-card numbers and security codes in order confirmation emails, potentially exposing them to online fraud. Now it’s emerged that those very same confirmation emails contain a web link - ironically intended to direct customers to Argos’s security page - which contains the customer’s full name, address and credit-card details in the URL itself.

Full Article (PC Pro - pcpro.co.uk)

Bowing to pressure from activist groups and to the dictates of common sense, the Obama administration has done what the Bush administration wouldn’t and declassified some general information [PDF] about the Comprehensive National Cybersecurity Initiative (CNCI), a sweeping program that the Bush White House launched in early 2008 to protect the government and critical civilian networks from cyberattacks. It turns out that, like at least one other effort launched by the Bush administration in the name of national security, the program was too secret for its own good.

Full Article (Ars Technica - arstechnica.com)

Nearly a year ago, we wrote about how a YouTube presentation done by well known law professor (and strong believer in fair use and fixing copyright law), Larry Lessig, had been taken down, because his video, in explaining copyright and fair use and other such things, used a snippet of a Warner Music song to demonstrate a point. There could be no clearer example of fair use — but the video was still taken down. There was some dispute at the time as to whether or not this was an actual DMCA takedown, or merely YouTube’s audio/video fingerprinting technology (which the entertainment industry insists can understand fair use and not block it). But, in the end, does it really make a difference? A takedown over copyright is a takedown over copyright.

Full Article (Techdirt - techdirt.com)

Earlier today, Apple issued a press release stating that it has filed suit against cell phone manufacturer HTC for patent infringement. No mention of Android or Google was in the press release. But the actual legal complaints, which we’ve obtained and embedded below, make no bones about it. As expected, this lawsuit is about Android. HTC, of course, is one of the largest manufacturers of Android handsets.

Full Article (TechCrunch - techcrunch.com)

In a bold and bizarre attempt to destroy evidence seized during a federal raid, a New York City man grabbed a flash drive and swallowed the data storage device while in the custody of Secret Service agents, records show. Florin Necula ingested the Kingston flash drive shortly after his January 21 arrest outside a bank in Queens, according to U.S. District Court filings. Necula and several codefendants had been transported to a Secret Service office in Brooklyn, where they were to be questioned and processed. While there, and in the view of investigators, Necula “grabbed Subject Flash Drive 2, which had been on his person at the time of his arrest, and swallowed,” Agent Joseph Borger noted in the below February 25 search warrant affidavit.

Full Article (The Smoking Gun - thesmokinggun.com)

On January 19, a team of at least 15 people assassinated Hamas leader Mahmoud al-Mabhouh. Dubai police released video footage of 11 of them. Although it was obviously a very professional operation, the 27 minutes of video is fascinating in its banality. Team members walk through the airport, check into and out of hotels, get into and out of taxis. They make no effort to hide themselves from the cameras, sometimes seeming to stare directly into them. They obviously don’t care that they’re being recorded, and — in fact — the cameras didn’t prevent the assassination, nor as far as we know have they helped as yet in identifying the killers.

Full Article (CNN - cnn.com)

The U.S. military monitored Planned Parenthood and a white supremacist group as part of the government’s security preparations for the 2002 Olympics in Utah, according to new documents released by the Department of Defense. The U.S. Joint Forces Command liaison collected and disseminated information on U.S. citizens who were members of Planned Parenthood and the white supremacist group National Alliance regarding their involvement in protests and distributing literature, according to an intelligence-oversight report released by the Pentagon. The documents indicate that the JFC liaison was working with the FBI’s Olympic Intelligence Center at the time.

Full Article (Threat Level - wired.com)