Endpoint // Privacy
News & Commentary
FBI Director Urges New Encryption Legislation
Sara Peters, Senior Editor at Dark ReadingNews
Encryption algorithms do not acknowledge "lawful access."
By Sara Peters Senior Editor at Dark Reading, 10/16/2014
Comment5 comments  |  Read  |  Post a Comment
Berners-Lee Behind New Private Communications Network For Ultra-Privacy Conscious
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
MeWe offers free, secure, and private communications.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/16/2014
Comment1 Comment  |  Read  |  Post a Comment
'POODLE' Attacks, Kills Off SSL 3.0
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
A newly discovered design flaw in an older version of SSL encryption protocol could be used for man-in-the-middle attacks -- leading some browser vendors to remove SSL 3.0 for good.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/15/2014
Comment9 comments  |  Read  |  Post a Comment
Stolen Medical Data Is Now A Hot Commodity
Lysa Myers, Security Researcher, ESETCommentary
While credit cards are selling for a dollar or less on the black market, personal health credentials are commanding as much as $10 per patient. Heres why.
By Lysa Myers Security Researcher, ESET, 10/14/2014
Comment5 comments  |  Read  |  Post a Comment
2 Tech Challenges Preventing Online Voting In US
Sara Peters, Senior Editor at Dark ReadingNews
A new report explains that online voting in the US is a matter of "if, not when," but problems of anonymity and verifiability must be solved first.
By Sara Peters Senior Editor at Dark Reading, 10/9/2014
Comment7 comments  |  Read  |  Post a Comment
Twitter Sues US Government Over Surveillance
Jai Vijayan, Freelance writerCommentary
Twitter claims the government is restricting its free speech by limiting what it can disclose about requests for customer data.
By Jai Vijayan Freelance writer, 10/9/2014
Comment4 comments  |  Read  |  Post a Comment
Good Job, Facebook: The Intersection Of Privacy, Identity & Security
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Birth names and legal names arent always the names people are best known by, concedes Facebook in the wake of a real-name policy usage flap.
By Dave Kearns Analyst, Kuppinger-Cole, 10/8/2014
Comment4 comments  |  Read  |  Post a Comment
To Combat Government Snooping, Encrypt Data Before Putting It In Cloud, Says Interop Speaker
Sara Peters, Senior Editor at Dark ReadingQuick Hits
If Uncle Sam wants your data, make him come directly to you.
By Sara Peters Senior Editor at Dark Reading, 10/3/2014
Comment9 comments  |  Read  |  Post a Comment
Hacking Hackers: Taking Matters Into Private Hands
Becca Lipman, Senior EditorNews
Private groups are fighting back against foreign sources of malware and credit fraud. But methodologies put these digital crusaders and their employers at serious legal risk.
By Becca Lipman Senior Editor, 9/23/2014
Comment0 comments  |  Read  |  Post a Comment
Apple CEO: We Don't Covet Your Data
Thomas Claburn, Editor-at-LargeCommentary
Apple CEO Tim Cook highlights the company's commitment to privacy in an open letter.
By Thomas Claburn Editor-at-Large, 9/18/2014
Comment13 comments  |  Read  |  Post a Comment
Facebook Explains iOS 8 App Privacy Changes
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Despite tweaks to a privacy setting in iOS 8, Facebook says it's not tracking you any more than it already has been.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/18/2014
Comment1 Comment  |  Read  |  Post a Comment
Facebook Developing App For Private Sharing
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook's in-development "Moments" app could make sharing with small groups easier. Here's what we know, plus tips to manage friend lists now.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/17/2014
Comment6 comments  |  Read  |  Post a Comment
Data Privacy Etiquette: It's Not Just For Kids
Lysa Myers, Security Researcher, ESETCommentary
Children are the innocent victims of the worst effects of social media. Thats why its vital for adults to establish privacy values that are safe for them -- and the rest of us.
By Lysa Myers Security Researcher, ESET, 9/17/2014
Comment10 comments  |  Read  |  Post a Comment
Mining WiFi Data: Retail Privacy Pitfalls
Doug Henschen, Executive Editor, InformationWeekCommentary
WiFi data mining starts with anonymous tracking, but it can lead to personal details in social profiles. Interop New York session explores opportunities and limits for retailers.
By Doug Henschen Executive Editor, InformationWeek, 9/15/2014
Comment13 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Celeb Hack: Is Apple Telling All It Knows?
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? Youre darn tootin'!
By Dave Kearns Analyst, Kuppinger-Cole, 9/3/2014
Comment14 comments  |  Read  |  Post a Comment
NSA Collected More Records Than Court Allowed
Sara Peters, Senior Editor at Dark ReadingNews
New documents show the Foreign Intelligence Surveillance Court is stumped by the NSA's "systemic overcollection."
By Sara Peters Senior Editor at Dark Reading, 8/13/2014
Comment5 comments  |  Read  |  Post a Comment
UK Reconsidering Biometrics
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Parliament is looking for answers about biometrics' privacy, security, future uses, and whether or not legislation is ready for what comes next.
By Sara Peters Senior Editor at Dark Reading, 8/12/2014
Comment4 comments  |  Read  |  Post a Comment
6 Biometric Factors That Are Working Today
Marilyn Cohodas, Community Editor, Dark Reading
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
By Marilyn Cohodas Community Editor, Dark Reading, 8/12/2014
Comment23 comments  |  Read  |  Post a Comment
Internet of Things: Security For A World Of Ubiquitous Computing
Candace Worley, SVP & GM, Endpoint Security, McAfeeCommentary
Endpoint security is hardly dead, and claiming that it is oversimplifies the challenges corporations face now and in the not-very-distant future.
By Candace Worley SVP & GM, Endpoint Security, McAfee, 7/21/2014
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the security connected approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4594
Published: 2014-10-25
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.

CVE-2014-0476
Published: 2014-10-25
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

CVE-2014-1927
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928....

CVE-2014-1928
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-command sequences, a different vulner...

CVE-2014-1929
Published: 2014-10-25
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.