pfctdayelise + privacy   18

LINDDUN privacy threat modeling
Linkability, Identifiability, Non-repudiation, Dectectability, information Disclosure, content Unawareness, and policy and consent Non-compliance
privacy  cybersecurity 
october 2019 by pfctdayelise
NISTIR 8228, Considerations for Managing IoT Cybersecurity and Privacy Risks | CSRC
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do. The purpose of this publication is to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their individual IoT devices throughout the devices’ lifecycles. This publication is the introductory document providing the foundation for a planned series of publications on more specific aspects of this topic.
iot  cybersecurity  privacy 
august 2019 by pfctdayelise
Masquerade: A Postgres Proxy to Mask Data in Realtime - Tonic
Redact and Replace in Realtime with no Additional Infrastructure

Many of our customers have multiple databases, complex application logic, and limited time. One of the easiest ways to protect your data is to add a proxy between the consumer (analyst, application, developer, etc) and the data base. Since the proxy doesn’t clone the data, there are no additional infrastructure costs. Most importantly, because the proxy sits between your application the database there is no need to replicate application logic and your application doesn’t need to care whether it’s communicating with the real database or the proxy.

Have you ever:

Wanted to let devs/QA test off production quality data without exposing customer information? Pull this off without setting up a new staging instance.
wanted to grant access to a database for some people to generate reports, but not want them to see sensitive data as they’re creating them? Accomplish this without heavy ETL or data sanitization.
Provide data to sales for demos with minimal effort? Configure complex relationships simply.
postgres  privacy  opensource  gdpr 
may 2019 by pfctdayelise
Princeton IoT Inspector
What is Princeton IoT Inspector?

An open-source desktop tool with a one-click install process

Automatically discovers IoT devices and analyzes their network traffic

Helps you identify security and privacy issues with graphs and tables

Requires minimal technical skills and no special hardware

Use it to quickly inspect devices (e.g., from your computer) or continuously monitor your network (e.g., from a Raspberry Pi)
iot  opensource  privacy 
may 2019 by pfctdayelise
Spyware's role in domestic violence
[trigger warning: domestic violence]

"In a Victorian study last year, 97 per cent of domestic violence workers reported that perpetrators were using mobile technologies to monitor and harass women in domestic situations.

"Two-thirds of the 46 victims interviewed said they were made to feel like they were being watched or tracked, yet less than half told somebody about it.

"One victim's partner was monitoring her emails after hacking her account and another had her Facebook page saturated with graphic information by a former partner. One woman was tracked to a refuge using a GPS-based smartphone application."

The Australian Law Reform Commission is currently running an inquiry into privacy laws in the digital era. [link:]
geekfeminism  domesticviolence  australia  privacy 
march 2014 by pfctdayelise
Think You Can Live Offline Without Being Tracked? Here's What It Takes | Fast Company | Business + Innovation
In order to stop his toll pass from being tracked, Puking Monkey keeps it sealed in the foil bag it came in when he's not driving through a toll.

Puking Monkey avoids license-plate readers by keeping his old, non-reflective license plate, which is more difficult to read than newer, reflective models. Others who share his concerns salt their license plates, add bumper guards or otherwise obscure the writing--say by driving with the hatch down or driving with a trailer hatch attached—in order to avoid being tracked.

To identify tires, which can come in handy if they’re recalled, tire manufacturers insert an RFID tag with a unique code that can be read from about 20 feet away by an RFID reader.

The most intense privacy seekers have a strict cash-only policy--which can mean they need to get paid in cash.

"Every time you upload a photograph to Facebook or put one on Twitter for that matter you are now ratting out anybody in that frame to any police agency in the world that’s looking for them," digital privacy advocate Eben Moglen told BetaBeat last year during a rant against one of its reporters. "Some police agencies in the world are evil. That’s a pretty serious thing you’ve just done."

RFID tags aren’t just in tires, they’re in your clothing, your tap-to-pay credit cards, and your dry cleaning. Ollmann zaps his T-shirts in the microwave. Others carry an RFID-blocking wallet to avoid having their RFID-enabled cards read when they're not making a purchase.

Sell responded by covering all of the cameras in her household electronics with masking tape.
security  privacy  nsa  surveillance 
october 2013 by pfctdayelise
Terms of Service; Didn't Read
We are a user rights initiative to rate and label website terms & privacy policies, from very good class A to very bad class E
privacy  cc-by-sa  data  openaccess  legal 
august 2012 by pfctdayelise

Copy this bookmark: