Sen. Al Franken this week said he is still "very troubled" by the technology deployed by Carrier IQ despite the fact that the company—as well as AT&T, Sprint, Samsung, and HTC—released details about how they use Carrier IQ software.
"People have a fundamental right to control their private information," Franken, a Minnesota Democrat, said in a statement. "After reading the companies' responses, I'm still concerned that this right is not being respected."
Of particular concern was the fact that Carrier IQ was receiving the contents of users' text messages after say it did not, as well as the software's ability to collect online search data.
"There are still many questions to be answered here and things that need to be fixed," Franken said.
"We appreciate Subcommittee Chairman Franken's continued interest in protecting consumer privacy and look forward to our ongoing dialogue with the Senator to answer his additional questions," Carrier IQ said in a statement.
UPDATE: Microsoft responded to our request for comment with the following statement from a spokesperson, which indicates that the company regards the "xbox dump" user information as a minor phishing incident, not a major network breach:
"We do not have any evidence the Xbox Live service has been compromised. We take the security of our service seriously and work on an ongoing basis to improve it against evolving threats. However, we are aware that phishing attackers will occasionally post small lists of victims on public channels, and we will work directly with the impacted members to resolve any unauthorized changes to their accounts. As always, we highly recommend our members follow the Xbox Live Account Security guidance provided at www.xbox.com/security to protect your account."
Microsoft may be sweating out a possible rehash of Sony's PlayStation Network nightmare from earlier this year if an anonymous posting of dozens of purported Xbox Live Gamertags and passwords is what it claims to be.
We've seen an anonymous Pastebin.com data dump called "xbox dump" posted Monday that contains more than 90 supposed gamertags, most with associated email addresses and passwords.
Microsoft had yet to respond to a request for more information and it couldn't be confirmed Tuesday if the Pastebin document contained real Xbox Live user information. Even if a number of Xbox Live members had their private information compromised somehow, it obviously would remain to be seen if the "xbox dump" document was part of a larger security breach or just a one-off affair.
We've spent some time with the Zomm "wireless leash" and have come away impressed by the simplicity of the device, as it's one of those things that make you wonder why a product like it hasn't been available until now. With that, we thought it would be a good inclusion in our 2011 Holiday Gift Guide. The Zomm can be attached to your keychain, and connects to your smartphone over Bluetooth. Once paired, it becomes your wireless alarm system for your phone. For example, if you walk away from your phone, Zomm will sound a notification alarm and start vibrating, letting you know that you've left your device more than 30 feet away. This way, you don't leave a restaurant without your phone, or spend forever looking for it because you left it in the car (or, that you are in your car driving and left your phone at home!) Cool enough, but it does more.
Zomm also has an integrated speaker and microphone, so it also acts as a hands-free calling device. If your phone rings, Zomm will ring as well, and you just press the Z button to take the call without having to fish around for your phone while driving. Zomm also has a built-in panic alarm. Hold down the Z button and the alarm will go off. Continue holding it, and the Zomm will use the Bluetooth connection to your phone to dial 911, and it will let you speak with the authorities right from the Zomm device. This is seriously a cool piece of technology that is a must-have for those people who constantly leave their smartphones behind in cabs and restaurants, or just anyone who wants an extra layer of security with them at all times. You can get a Zomm from Amazon for $76.
Read More | Zomm Bluetooth Smartphone Leash
Users with the EVO 4G, EVO 3D, EVO Shift 4G, EVO Design 4G, EVO View 4G, and HTC Wildfire S will receive an over-the-air update starting today; users can manually install the update right away.
"Sprint worked closely with HTC after reports emerged of a potential issue that could allow malicious third-party apps to compromise data on Android devices made by HTC," the carrier said in a statement. "We urge all users to install the update promptly."
You know how they say that you shouldn't put all your business out there on the Internet, especially nothing that you wouldn't want to fall into the wrong hands? TakeThisLollipop grabs onto this concept and takes it to the next spooky level by connecting to your Facebook account and creating a short movie based on you. We won't ruin it, but it's definitely a cool trick, and we enjoyed viewing the results when we did it.
Why would you bother doing that? In a word, security. When you elect to restart your system into Safari, you're effectively placing the Web browser into a sandbox. When it boots, your system will give any users with physical access to your machine the ability to surf the Web. But that's it. Users won't be able to access the system's files or applications.
And thanks to Lion's new auto-save and application restoration capabilities, users that slap their systems in Safari-only mode will be able to restore back to their full desktop exactly as they left it. Since Safari mode runs off of a system's recovery partition, you'll still be able to access the Web and research new methods for fixing your system should your primary partition suffer some catastrophic upset.
The comparison to Chrome OS stems from the fact that Google's operating system runs entirely Web-based: The browser is the primary method for interacting with the system. There's no underlying desktop layer to speak of.
Sony Online Entertainment brought its PlayStation Network back online (after a major security breach took PSN down) in parts of Europe and the U.S. Saturday, but some 12 hours after the announcement many PSN customers were left wondering when it would be their turn.
At about 8:30 p.m. ET Saturday, Sony announced it would begin a "phased" return of PSN services to customers following a three-week outage caused by a hack of the network that forced the company to take it down. But a map of the U.S. that Sony is updating to reflect when its network goes live in individual states was left with numerous states without service in the Midwest, South and Northeast as of about 8 a.m. ET.
Several hours after the initial announcement, readers in Texas, Illinois and other states were complaining that PSN service had not been restored to their areas. Sony had warned that it would "take several hours to restore PSN throughout the entire country."
Meanwhile, PSN customers in Australia and the Caribbean wondered when their areas would go back online. Sony's Saturday announcement only referred to Europe and North America.
The company issued a further notice to PSN customers whose service had been turned on but who still weren't able to access the network:
Sony's devastating security breach is not only a public relations nightmare and now, an identity-theft worry for its customers, but it's also a reminder (yet again) of the vulnerability of computer networks.
Sony's PlayStation Network is comprised of networked servers housing massive amounts of data including valued customer data. The parts making up Sony's network are not much different than the parts making up any other business' network, except most business networks are on a smaller scale.
While Sony is not releasing a lot of detail as to how the breach was carried out or what security mechanisms it had in place that failed, there are some good lessons learned for any business no matter what the size about protecting network infrastructure and the data residing on those networks.
One of the key ways any company owner can protect themselves is to forget the notion of, "Why would anyone want to hack into my network?" Why? Because they can. Whether you run a business making chocolate candies or handle financials for thousands of clients, taking an offensive approach against hackers, network intruders, or script kiddies looking to make a name for themselves, is fundamental to protecting your business network.
It's important to know that in the technology world, there is no such thing as 100 percent secure. You can lessen the chances of network or data compromise though, with a few tips:
Sony confirmed Tuesday that hackers have managed to obtain personal information Sony stored within the PlayStation Network, possibly including credit cards. The service will be down, at most, another week.
In an update posted to the PlayStation Blog, Sony senior director of corporate communications and social media Patrick Seybold noted that the "malicious actions" has caused Sony to send a email to all of its customers.
That email will tell subscribers that Sony has turned off the PlayStation Network and Qriocity cloud-music service; engaged an outside security firm; and "taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information".
Microsoft has confirmed that Windows Phones don't store location history in a manner similar to the iPhone, which records the location data in an unencrypted file. The news that some iOS devices keep location data came to light last week, although
Microsoft told us unequivocally that phones running Windows Phone 7 do not store location history. Like most other phones, the platform offers plenty of location-based apps, and those apps require user consent before they begin tracking. Windows Phones also offer the common feature of a "global switch" that lets the user disable all location services, and Microsoft says its "Find My Phone" service keeps only the phone's most recent location.
We also contacted Nokia, RIM, Google, and HP about how the companies' mobile platforms store location data, and none, save Microsoft, have responded. It's been confirmed independently that Google Android also tracks and stores location data.
© Gear Live Inc. – User-posted content, unless source is quoted, is licensed under a Creative Commons Public Domain License. Gear Live graphics, logos, designs, page headers, button icons, videos, articles, blogs, forums, scripts and other service names are the trademarks of Gear Live Inc.