Google is offering a way for web users to opt out of being tracked around the web by its popular Google Analytics tool used by publishers to track traffic and trends on their websites. Publishers like Wired.com insert a simple line of Google Analytics Javascript on their site and then can see on a dashboard which pages are popular and what search terms lead users to their site. But Google also gets much of that user information in aggregate,... 

Google users can now run encrypted searches using the company’s flagship search site simply by navigating to https://www.google.com . UPDATE: Many users are being redirected to the non-encrypted main site — a function of Google rolling this out to all its servers. Also it is necessary to include WWW. Don’t assume your searches are encyrpted, unless the url starts with HTTPS and you see the lock icon. The…  Read More →

Last month Adrian Lamo, a man once hunted by the FBI, did something contrary to his nature. He picked up a payphone outside a Northern California supermarket and called the cops. Someone had grabbed Lamo’s backpack containing the prescription anti-depressants he’d been on since 2004, the year he pleaded guilty to hacking The New York Times . He wanted his medication back. But when the police arrived at the Safeway parking lot it... 

Federal lawmakers are using the purse strings to coax more states into adopting rules that require suspects who are arrested for various crimes — but not charged — to submit to DNA sampling for inclusion into a nationwide database. It doesn’t matter if the suspect was charged or even acquitted. Sponsored by Harry Teague (D-New Mexico), the measure provides $75 million to the nation’s financially broken states —... 

A German cybercrime forum was hacked by attackers who have exposed the underground dealings of the criminal denizens. The hackers snagged the database containing what appears to be all the private correspondence of the forum members, and posted it to the web. The hackers also posted information on the IP addresses forum members used when they signed up for membership, noting that most of the administrators and moderators on the site didn’t... 

A federal judge has granted the FBI access to evidence linked to a webcam scandal at a Philadelphia suburban school district. Federal prosecutors in Pennsylvania said they were investigating “ possible criminal conduct ” (.pdf) in the 6,900-student Lower Merion School District. U.S. District Judge Jan DuBois is presiding over a federal civil lawsuit alleging the  district secretly snapped tens of thousands of webcam images (.pdf)... 

Sweden’s Supreme Court said Wednesday that two of the three judges set to preside over The Pirate Bay’s copyright conviction appeal are not biased, despite their membership in pro-copyright groups. The decision clears the way for expected oral arguments sometime this fall before a three-judge appellate panel weighing last year’s criminal and civil convictions of The Pirate Bay’s four co-founders, Swedish radio reports... 

This will be the last post for the Security Fix blog. Dec. 31 marks my final day at The Washington Post Company. Over the last 15 years, I’ve reported hundreds of stories for washingtonpost.com and the paper edition. I have authored more than 1,300 blog posts since we launched Security Fix back in March 2005. Dozens of investigative reports that first appeared online later were “reverse published” in the newspaper, including... 

Hackers broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat, Security Fix has learned. On Monday, Adobe Systems Inc. said it was investigating reports that criminals were attacking Internet users via a previously unknown security flaw in its Adobe Reader and Acrobat software. Experts warned that the flaw could be used to foist... 

Hackers hijacked the Web site of micro-blogging community Twitter.com early Friday, briefly redirecting users to a Web page for a group calling itself the “Iranian Cyber Army.” The attackers apparently were able to redirect Twitter users by stealing the credentials needed to administer the domain name system (DNS) records for Twitter.com. DNS servers act as a kind of phone book for Internet traffic, translating human-friendly Web... 

Internet service providers in Russia and Ukraine are home to some of the highest concentrations of customers whose machines are infected with the Conficker worm, new data suggests. The report comes from the Shadowserver Foundation, a nonprofit that tracks global botnet infections. Shadowserver tracks networks and nations most impacted by Conficker, a computer worm that has infected more than 7 million Microsoft Windows PCs since it first surfaced... 

Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers. The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said... 

If you use Facebook and care about your privacy, take a moment to read this blog entry. Facebook has made some major changes that allow a great deal more people to see your personal photos and videos, date of birth, family relationships, and other sensitive information. While logged in to Facebook, click the “Settings” link and you should see a box that looks like the one pictured below. You may see that Facebook has reset your privacy... 

More than one quarter of data breaches so far this year involved consumer records that were jeopardized when organizations lost control over sensitive paper documents. Experts say those incidents came to light in large part due to a proliferation of state data breach notification laws, yet current federal proposals to preempt those state measures would allow paper-based breaches to go unreported. According …  Read More →

Microsoft released six software updates on Tuesday to fix at least a dozen security vulnerabilities in Windows, Internet Explorer, Windows Server and Microsoft Office. More than half of the flaws earned a “critical” rating, meaning criminals could exploit them to break into vulnerable systems without any help from users. Separately, Adobe Systems Inc. issued critical security updates to its Flash Player and AIR Web-browser …  Read More →