Security Simplified ! - A Kaapagam Technologies IT Security Blog

Snapchat : 4.6 Million Usernames & Phone numbers Exposed

2. January 2014 10:28 by CA in Hack, Privacy Leak, Vulnerability

Mid December 2013, Researchers at Gibson Security published Snapchat code allowing phone numbers matching after the exploit disclosures were ignored as theoretical by SnapChat. It lloks like Hackers took GibSec disclosure more serious than SnapChat

 

On January 1, 2014, an anonymous user announced the release of SnapchatDB and 4.6 million usernames and matched phone numbers in a Hacker News post.

 

The Snapchat accounts - even those marked 'private' - were exposed in a database hack that Snapchat knew about for four months, ignored, then told press last week was only "theoretical."  More...

iSeeYou : Macbook webcams CAN SPY on you WITHOUT LED twinkling

23. December 2013 14:15 by CA in Hack, Privacy Leak

Security researchers have confirmed that MacBook webcams can spy on their users without the warning light being activated.

 

Apple computers have a “hardware interlock” between the camera and the light that is supposed to ensure the camera can't be activated without alerting the user by lighting a tell-tale LED above the screen

 

However Stephen Checkoway, a computer science professor at Johns Hopkins University and graduate student Matthew Brocker were able to circumvent this security feature by reprogramming the micro-controller chip inside the camera.

More...

Facebook Graph Search – An entry to your past & present

2. October 2013 09:27 by CA in Privacy Leak

Stalkers and advertisers will be pleased to know that Facebook is now more searchable than it has ever been, after the social network confirmed that it was in the process of allowing users to dig much deeper into a "friend's" past posts.

 

What’s everyone saying out there? What about just my friends? What do my old photo comments say about me? A trillion posts full of this info start getting unlocked as Facebook begins rolling out Graph Search for posts to a small subset of US English users. It will allow us to see what the world thinks of anything, but could also dredge up the past, defeating ‘privacy by obscurity’.

 

When Facebook launched Graph Search in January, it started with indexing people, photos, places, and interests. It let you find people based on certain characteristics, browse specific sets of photos, find local businesses, and discover media and brands your friends enjoy. Today, almost anything you post is accessible via Graph Search including status updates, comments on anything, photo captions, Notes, and check-ins.

More...

Facebook Android app sends user phone numbers to Facebook servers without user consent

30. June 2013 09:32 by CA in IT Security, Privacy Leak

Norton released Norton Mobile Security for Android devices that contains new Norton Mobile Insight technology. Through automatic and proprietary static and dynamic analysis techniques, Mobile Insight is able to automatically discover malicious applications, privacy risks, and potentially intrusive behaviour. Further, Mobile Insight also advises on what risky behaviour an application performs and provides users with specific, relevant, and actionable information.

 

Mobile Insight flagged the Facebook application for Android because it leaked the device phone number. The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers. You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen. 

More...