Security News

Internet users are willing to let trusted online vendors profile their computers if it means increased security and less of a need to share personal information, according to a report by the privacy research group Ponemon Institute and sponsored by ThreatMetrix.

Internet Users Will Exchange Privacy For Security

The report found that 78 percent of users surveyed believe that online merchants, banks and social networks should use technology such as a “cookie” or other invisible software, to protect consumers’ identity while only 21 percent want online vendors to require more personal data from the consumers themselves.

“Given the negative attention to and connotations of cookies and similar types of tracking software, we were surprised to find that an overwhelming majority of consumers surveyed were comfortable with the idea of having their computers profiled in order to be identified by online vendors,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute.

“However, the finding is consistent with the value consumers place on convenience and their desire to have a more secure, trusted transactional experience online.”

The majority (80%) of Internet users are concerned about becoming victims of online fraud and 83 percent believe online vendors should increase efforts to prevent fraudsters from stealing consumers’ personal information.

In addition, nearly 70 percent of respondents said they would be willing to have their computers authenticated by an online merchant before purchases are completed and 75 percent said computer authentication is preferred because it’s more convenient than remembering passwords or answering pre-selected questions.

Other key findings include:

Among survey responders who expressed concern over the use of device
identification, 33% said they are worried that their personal information
would be disclosed to other online businesses and services.
– Another 12% of respondents are concerned about merchants misusing or
abusing the device authentication data themselves.
– A full 55% of those indicating concern noted they’d rather use
passwords to prove their identities.
– Finally, 61% of total users surveyed said they’d expect to be notified
if an online merchant was unable to match their computer’s device
fingerprint to a security system and 83% said they’d expect the online
merchant to provide alternative methods of verification if device
identification proved ineffective.

Two payment processors have developed separate systems to protect credit card transaction data: Format-preserving encryption vs. in-motion encryption and token technology. Which solution is better?

Research In Motion (RIM) is warning that SMS attacks targeting BlackBerry users could take advantage of a certificate handling flaw, tricking users into visiting an attack website.

The average American commits three felonies a day: the title of a new book by Harvey Silverglate. More specifically, the problem is the intersection of vague laws and fast-moving technology: Technology moves so quickly we can barely keep up, and our legal system moves so slowly it can’t keep up with itself. By design, the law is built up over…

A fake email notice from the IRS contains the pernicious Zeus information-stealing trojan.

Sixty-nine percent of respondents in a recent survey said they believe outsourcing negatively impacts network security.

An outbreak leveraging an unpatched vulnerability in Windows Vista and Server 2008 moved one step closer to reality with the release of public exploit code.

The First Data-RSA partnership is pitted against the Heartland-Voltage E3 project in the payment industry race for securing transactions.

The women were part of mammography study at the University of North Carolina’s School of Medicine. The server could have been breached as far back as 2007, officials said.

Turns out “gaydar” can be automated: Using data from the social network Facebook, they made a striking discovery: just by looking at a person’s online friends, they could predict whether the person was gay. They did this with a software program that looked at the gender and sexuality of a person’s friends and, using statistical analysis, made a prediction. The…

The security of online banking is being tested like it’s never been tested before. A number of recent incidents have made the news in which…

The final version of Microsoft Security Essentials is now available for download. According to the company, the software provides real-time protection for PCs against viruses, spyware and other malicious software. The free consumer solution is backed by research from the Microsoft Malware Protection Center (MMPC), enabling it to quickly respond to new threats and placing it in competition alongside offerings from Symantec and McAfee in the anti-virus market. — CAM