PlaceRaider Builds a Model of Your World With Smartphone Photos
Hugh Pickens writes writes "Neal Ungerleider writes about PlaceRaider, a trojan that can run in the background of any phone running Android 2.3 or above, and is hidden in a photography app that gives PlaceRaider the necessary permissions to access the camera and upload images. Once installed, PlaceRaider quietly takes pictures at random that are tagged with the time, location, and orientation of the phone while muting the phone's shutter sound. Once pictures are taken, PlaceRaider uploads them to a central server where they are knitted together into a 3D model of the indoor location where the pics were taken. A malicious user can then browse this space looking for objects worth stealing and sensitive data such as credit card details, identity data or calender details that reveal when the user might be away. If a user's credit card, bank information, or personal information happen to be out in the open — all the better. — the software can identify financial data, bar codes, and QR codes. ...
android
environment
exploitation
exploration
hugh pickens
identity
indiana university
information
location
neal
office
orientation
pdf
permission
placeraider
random
surveillance
ungerleider
Found more than 1 month ago on channel
Slashdot
Identity Theft May Cost IRS $21 Billion Over Next 5 Years
alphadogg writes "A new audit of the Internal Revenue Service has found the agency paid refunds to criminals who filed false tax returns, in some cases on behalf of people who had died, according to the Treasury Inspector General for Tax Administration (TIGTA), which is part of the U.S. Treasury. The IRS stands to lose as much as $21 billion in revenue over the next five years due to identity theft, according to TIGTA's audit (PDF), dated July 19 but publicized on Thursday. 'While the IRS does not have access to all third-party information documents at the time tax returns are filed, some third-party information is available. However, the IRS has not developed processes to obtain and use this third-party information."
administration
agency
documents
identity
information
irs
pdf
service
tigta
treasury
Found more than 1 month ago on channel
Slashdot
Are teens sharing too much information online?
In recent years, social media has become an integral part of the lives of American teens. But with the increase in crimes of identity theft and concerns over government surveillance of private data, there is definitely cause for concern.
american
government
identity
information
surveillance
Reporters Threatened, Labeled Hackers For Finding Security Hole
colinneagle writes "Scripps News reporters discovered 170,000 records online of customers of Lifeline, a government program offering affordable phone service for low-income citizens, that contained everything needed for identity theft . Last year, the FCC 'tightened' the rules for the program by requiring Lifeline phone carriers to document applicants' eligibility, which led to collecting more sensitive information from citizens. A Scripps News investigative team claims it 'Googled' the phone companies TerraCom Inc. and YourTel America Inc. to discover all of the files. A Scripps reporter asked for an on-camera interview with the COO of TerraCom and YourTel after explaining the files were freely available online. That did not happen, but shortly thereafter the customer records disappeared from the internet. Then, the blame-the-messenger hacker accusations and mudslinging began. Although the Scripps reporters videotaped the process showing how they found the documents, attorney Jonathon Lee ...
accusations
act
america
cfaa
coo
documents
eligibility
fcc
googled
government
identity
information
jonathon
lee
scripps
security
service
terracom
yourtel
Cyber Attack From Inside India Hits Pakistan Government
judgecorp writes "Government institutions are among the targets of an attack on Pakistani bodies, which originates in India, according to reports. The campaign is using vulnerabilities in Microsoft software to install the HangOver malware, according to Norwegian security firm Norman Shark (PDF). From the article: 'In the attacks on Pakistani organizations, spear phishing emails were sent out purporting to contain information on "ongoing conflicts in the region, regional culture and religious matters," according to Norman. Norman could not provide direct attribution to the attacks, but its report did note the following: "The continued targeting of Pakistani interests and origins suggested that the attacker was of Indian origin." Snorre Fagerland, principal security researcher in the Malware Detection Team at Norman, told TechWeekEurope it appeared Pakistani government bodies had been attacked.'"
attribution
detection
fagerland
government institutions
hangover
india
indian
information
microsoft
norman
norwegian
organization
pakistan
pakistani
pdf
region
security
snorre
techweekeurope
vulnerability