Cookieless Web Tracking Using HTTP's ETag
Vodafone makes tracking of users possible which does not require access to the user's equipment. The HTTP request is enriched with a piece of identifying information. This involves an HTTP header called X-VF-ACR: 'Vodafone Anonymous Customer Recognition.'
See also: http://referaat.cs.utwente.nl/conference/16/paper/7306/using-browser-properties-for-fingerprinting-purposes.pdf (pdf)
UK ISP Filter Will Censor More Than Porn
The net filtering system praised by David Cameron is controlled by the controversial Chinese company Huawei, the BBC has learned.
UK-based employees at the firm are able to decide which sites TalkTalk's net filtering service blocks.
Initially, TalkTalk told the BBC that it was US security firm Symantec that was responsible for maintaining its blacklist, and that Huawei only provided the hardware, as previously reported.
However, Symantec said that while it had been in a joint venture with Huawei to run Homesafe in its early stages, it had not been involved for over a year.
TalkTalk later confirmed it is Huawei that monitors activity, checking requests against its blacklist of over 65 million web addresses, and denying access if there is a match.
The contents of this list are largely determined by an automated process, but both Huawei and TalkTalk employees are able to add or remove sites independently.
Researcher Evan Booth: How To Weaponize Tax-Free Airport Goods
Once again, the Israelis have led the way.
Much of Tel Aviv’s Ben Gurion airport’s security protocol is achieved through a combination of comprehensive due diligence, common sense, and consistency – which, one would think would be the objective of airport authorities throughout the world. If more airport authorities were to adopt Ben Gurion’s approach, surely it would be more difficult for those intending to do harm to succeed.
Dutch Gov't Offers Guidance For Responsible Disclosure Practices
The problem is that the definition for hacking is overly broad. If you enter an URL in the address bar, and change just a serial number in the URL, it is considered hacking. Like finding Queen Beatrix's Christmas speech before it was officially published http://www.nrc.nl/nieuws/2012/12/25/hacker-kersttoespraak-van-geen-kwaad-bewust-tijdens-strafbare-actie/ (in Dutch). Or proving access to medical files by MP Henk Krol http://nos.nl/artikel/447718-krol-vervolgd-om-hacken-dossiers.html (in Dutch).
IT journalist Brenno de Winter calls the guidance useless. "If hackers first have to report the vulnerability, they lose their anonymity without having a guarantee that they will not be prosecuted. And even if a company promises that it will not press charges, the Public Prosecutions Department can start a case." Link here: http://www.trouw.nl/tr/nl/5133/Media-technologie/article/detail/3372108/2013/01/04/Richtlijn-ethisch-hacken-lost-niets-op.dhtml (in Dutch).
Ask Slashdot: Do You Find Self Tracking Useful Like Stephen Wolfram Does?
Self Tracking could, and thus will be influenced by the observer. With targeted ads I guess.
Ask Slashdot: Dividing Digital Assets In Divorce?
You get all the 1's - she gets all the 0's
How do you divide the qubits?