Mongodb's plan to limit breaches: "Field Level Encryption"

Many large-scale data-breaches involve attackers gaining access to administrators' database logins; from there, they can clone the whole database and plunder it at will; but leading nosql database vendor Mongodb proposes to add another layer of security it's calling "Field Level Encryption" which encrypts the data in database fields with its own key — possibly a different key for every user or every field. — Read the rest

"We take your privacy and security seriously" is the "thoughts and prayers" of data-breaches

Writing on Techcrunch, Zack Whittaker (previously) calls out the timeworn phrase "we take your privacy and security seriously," pointing out that this phrase appears routinely in company responses to horrific data-breaches, and it generally accompanied by conduct that directly contradicts it, such as stonewalling and minimizing responsibility for breaches and denying their seriousness. — Read the rest

The Snowden Treaty: protecting the world's whistleblowers in the age of privacy breaches

The Treaty on the Right to Privacy, Protection Against
Improper Surveillance and Protection of Whistleblowers
[PDF] (AKA "The Snowden Treaty") was created by David Miranda, Glenn Greenwald's partner, who was detained by UK police under terrorism legislation while transiting through London's Heathrow airport with a encrypted thumbdrive containing some of the Snowden leaks.

Report: SEC's computers were vulnerable to security breaches

U.S. Securities and Exchange Commission employees did not encrypt some computers that contained "highly sensitive information from stock exchanges, leaving the data vulnerable to cyber attacks, according to people familiar with the matter." Reuters has the full story. The SEC spent $200K to confirm that "no hacking or spying on the SEC's computers took place," however, and there is no evidence that any data was actually breached.

Burger King breaches McDonald's

On Monday, the Burger King burst into a McDonald's restaurant in Rome, Georgia, handed out free hamburgers to customers, danced, and posted for photos with children. Managers called the police, but the Burger King escaped in a white Acura before the fuzz arrived. — Read the rest

Alaskans sue TSA over privacy breaches

Bill Scannell sez,

A group of Alaskans filed suit against the Transportation Security Administration in Federal District Court in Anchorage today.

At issue is TSA's refusal to comply with the Privacy Act while testing the Secure Flight air passenger profiling system.

Read the rest