New Tech Observer

New Tech Observer

Yahoo Account Hack Lawsuit

Posted: 09 Aug 2012 07:58 AM PDT

According to Courthouse News Service, a class action lawsuit has been filed against Yahoo for the July hack by the "D33Ds Company" of the Yahoo! contributor service, which allows bloggers to write content for Yahoo! and get paid through advertising. I posted some information on the hack in an article back in July.

New Hampshire resident Jeff Allen is a plaintiff in the case. He found out his information was compromised when the same username and password was used to access his Ebay account. A similar set of circumstances is ongoing with Wired News reporter Mat Honan, when a hacker used social engineering to get Apple support to give him access to Honan's Apple account, and then used that access to pivot and gain access to the rest of Honan's accounts.

Both of these hacks should serve as a reminder to never use the same password on more than one account. One recommendation is to use what is called a "salt" in your passphrase. Pick a phrase that is easy to remember like "I love green hair", change some of the vowels to numbers and add the first three to seven letters of the service you are using. Create a pattern that results in a unique, strong password, and don't store it on your computer.

Obama Mobile App Raises Privacy Concerns

Posted: 09 Aug 2012 07:25 AM PDT

The Obama campaign has a new tool to help campaign volunteers connect with Democrats. According to the Washington Post, the Obama for America Iphone and Android app shows the location of nearby democrats and makes the address, first name, and last initial of registered voters available to volunteers, or anyone who has downloaded the application.

The current location of individuals is only available if the person has downloaded the app and chosen to share their location.

Mark Rotenberg, Executive Director of the Electronic Privacy Information Center told the Post "Party affiliation is public information, available through the state voter registration records. I don't see the problem there."

But just because the information is already publicly available in multiple different databases doesn't mean the "aggregation" (a term used by Daniel Solove to define one aspect of privacy) isn't a problem. Social networking researcher Danah Boyd points out two reasons we should be concerned with the re-use of publicly available personal information in her article "Facebook's Privacy Trainwreck: Exposure, Invasion, and Drama." Boyd writes about the changes to Facebook's privacy policies in 2006 that made it easier to see information that was already publicly available. She points to Exposure; making publicly available information easier to discover, and Invasion; how that access to information changes your relationship with people, as two reasons we should be concerned.

The Obama administration has recently come under fire (a good summary is available here from Politico) for a poor transparency record, making the use of personal information in this app ironic.

While the Obama administration may be the first to make an app like this publicly available, it certainly won't be the last. Article first published as Obama Mobile App Raises Privacy Concerns on Technorati.