A video demonstration explaining how the Attack works can be seen below,
The mobile traffic was captured using the Windows 7 virtual wifi miniport adapter feature. The host computer was connected to the Internet via an Ethernet cable so that the wireless card was not in use. The Ethernet connection was set to share its Internet access with the virtual wifi miniport adapter. researchers were now able to capture the traffic over the network test using various tools such as NetworkMiner, Wireshark, and NetWitness.
Anyone, including the service providers will be able to collect this information – and anyone that sets up a rogue AP, or any man-in-the middle attacks such as ARP poisoning will be able to capture this unencrypted traffic and view the images and videos received as well as the locations being sent or received by a phone. the researchers said in a blog post
The Flaw was reported to the Viber security team, however no response was heard back by the researchers.
The Recent documents obtained by EFF in response to our Freedom of Information Act lawsuit for information on Next Generation Identification (NGI) shows that the FBI’s Next Generation Identification (NGI) database will contain 52 million photos by 2015. which is almost equal to one-third of of the US population.
By the middle of 2013 FBI already had 16 million images to its facial recognition database, report suggests that the database will be capable of processing 55,000 direct photo enrollments daily and of conducting tens of thousands of searches every day.
what came to be more shocking was that in addition to 46 million criminal images NGI will also include 4.3 million civil images to its database. so the images will be from both Criminal and Non-Criminal nature.
NGI already contains over 100 million individual records and has been designed to include multiple forms of biometric data, including palm prints, finger prints and iris scans in addition to face recognition data. with which other personal details is used to create personal files of Individuals. this is then shared by state, tribal, local and other Federal Authorities across the United states.
However the Question which rises now is why FBI needs Images of 4.3 Million peoples who are not involved in any Criminal case.
While this database can be used to help law enforcement agencies and improve the Consumers, business and other Organisations it also can cause a innocent to come into the list of suspect for a criminal case.
it’s unclear how such a big database will be managed and what oversights already exist in the planning.
since the recent NSA mass surveillance leaks people are more concerned about their privacy and now this may upset them more.
Google paid a 1 million euro (£825,890) fine after a regulator found that Google’s street view cars violated citizens rights of privacy, by taking photographs without the person’s permission.
Google’s Street View cars, which it used to record images on Italian streets in 2010, were not clearly recognisable. In addition to the fine, Google had to begin marking its vehicles with signs or stickers, as well as posting its planned locations three days before shooting photos. the law regulator said.
It is not the first time when Google is being fined for its street view, last year the Company was fined 210 million won ($196,000) in south korea for unauthorized data collection through street view.
It looks like Google’s Street View technology may have a long difficult way to travel through in upcoming future without getting tangled with the privacy advocacy groups and regulators across the world.
In a ruling by a Judge of High Court in London, the Judge set aside one of the two applications Google had made. The privacy activists can now now continue in the England with a tort claim, based on the allegation that Google unlawfully misused private information. But the Judge has disallowed any injunction against Google. So as of now Google is free to use the tracking cookies in Safari Browser (tracking trick) but it is liable to be sued any where in UK.
The privacy activists had filed this suit based on a similar class action suit filed in USA in month of October, 2013. The US court had thrown out the case but Google was fined Google $22.5 million for using the tracking trick. Google had put forth its argument that the England’s Court had no jurisdiction claim on the matter as it was based in US. It had requested the Court to quash permission to sue it in any court in UK.
But today the Judge, Mr.Justice Tugendhat of the High Court in London held that :
“I am satisfied that there is a serious issue to be tried in each of the Claimants’ claims for misuse of private information… The Claimants’ application to rely on ground (9) in relation to the DPA [Data Protection Act] claim is allowed… the Claimants have clearly established that this jurisdiction is the appropriate one in which to try each of the above claims.”
Judge Tugendhat also rubbished Googles claim that the relevant data was not private as it was anonymized. The Judge ruled that being Anonymized does not mean private.
“I find this a surprising submission to be made on behalf of Google Inc. It would not collect and collate the information unless doing so enabled it to produce something of value.”
The privacy activists are partly happy with the ruling however Google said it will appeal against the ruling in higher courts.
“We still don’t think that this case meets the standards required in the UK for it to go to trial, and we’ll be appealing today’s ruling.”