security

All too often adverts you see online are your past come back to haunt you. Advertisers use tracking cookies to capture the web history of users and monitor usage of a particular site. That information is used to serve up adverts most likely to influence you.But I discovered earlier this week that some advertising companies let you opt out of that tracking. Read on to find out how to free yourself from tracking.First, though, consider why you may want to. There are two ways of looking at this. Either you believe the advertisers who say well-targetted ads are actually helpful to users, or you think it best that your personal information stay that way.After all, the information ad firms gather can be enough to identify individuals.

Cliche demands that every romantic couple has its own song. A new proposal from security researchers could see that same song be the couple's password too. It was put forward at the recent HotSec conferenceWe all have too many passwords to remember, and most of them are insecure anyway (confess yours here).

EETimes report that a cheap electronic replica of the Olympic torch is the centre of controversy.Originally commissioned by the Beijing Games organisers, the gadgets were to be sold at all Olympic venues. A capacity crowd at any of them waving the torches would be an impressive sight - when the torches are waved, movement sensors coordinate flashing LEDs to spell out "Hello" in English or "China" in Chinese. A phone with a similar feature launched in 2004.But according to EETimes' sources, Chinese officials are concerned the devices could be hacked to display an unapproved message.

Combine rising fuel costs with escalating security concerns in China, and this makes perfect sense -- kind of: ahead of the Olympics, a Chinese anti-terror team has recently been training on specially-outfitted Segways, the electric, gyro-balanced scooters that are more commonly seen zipping across Silicon Valley campuses.

The scooters, which claim a top speed of 12.5 km/hour and which inventor Dean Kamen billed as nearly impossible to tip-over (George W. didn't get that memo) will also be used by officials and sec...

The video below shows some new software in action that hides the identity of people in CCTV footage. The idea is that it protects the identity of anyone innocent that is caught on the tape. US firm 3VR say that only if somebody was acting suspiciously would someone with security clearance unscramble the faces of a person shownIn 2006, we wrote about a similar system developed by a Swiss company, Emitall. Their own video shows it at work blurring out people and cars.The technology has been likened to the scramble suits worn by narcotics officers in Philip K Dick's novel A Scanner Darkly.

Electric shock "non-lethal" weapons have become popular in law enforcement circles, with the most popular - the Taser - leading the way. It's even available in pretty pink as a consumer product bought at house parties.But last Friday the Taser juggernaut hit its first speed bump. A jury in the US District Court for Northern California held Taser International responsible for the 2005 death of Robert Heston who had been repeatedly electric shocked by Taser-wielding police officers in Salinas, California - awarding his family $6.2 million in damages.The family's attorney called it a "landmark decision" as it's the first time in more than 60 cases that Taser has lost such a lawsuit. At issue in this case was the fact that Taser had allegedly not informed the police of the risks of using multiple shocks to subdue somebody.

The Great Firewall of China, also known as Golden Shield, is set for an upgrade.1.3 billion Chinese can expect their mobile phone and Internet activity to be monitored, while a national ID card and intelligent CCTV system will track their movement through the country, The Guardian reports today.Golden Shield might seem a shade too close to an Orwellian dystopia to many in the west, but the Chinese argue that their security measures are inspired by US and European technological developments that emerged in the wake of 9/11.London's 0.5 million surveillance cameras helped to identify those responsible for terrorist attacks on the city in 2005.

The list of the most common passwords below was mined from the accounts of 34,000 MySpace users - I stumbled across it here. It certainly provides some food for thought:1. password2. 1234563. qwerty4. abc1235. letmein6. monkey7. myspace18. password19. blink18210. [your first name]If the list is true, it seems that not only are we too lazy to choose secure passwords, but we're also startlingly unoriginal. Although a split-second's musing about human nature should tell you that's not surprising.We should admit that we all do it, even if we know better. So now is the time to come clean and answer this question: What is the least secure, most guessable password that you use despite knowing better?

A paper at recent security conference gets all worried about web-enabled gadgets like phones and games consoles being a haven for phishing scams. They direct people to a fake version of a site where they have a secure account, like a bank, and harvest the details they type in.The problem is, say researchers at University of California, Davis, that cramming a browser onto a small screen means bits are chopped off.

Is your internet service provider (ISP) spying on you?

We suggested last year that voters in the US election might be targeted by internet-based dirty tricks - it happened last night when visitors to Barack Obama's website were redirected to his competitor Hillary Clinton. Sometimes it's a shame to be right.Security firm Symantec's blog has an explanation of what happened.The attacker used a part of site that allows users to post comments to post code instead.

An Atlas of Radical Cartography, edited by artists Lize Mogel and Alexis Bhagat (Amazon USA and UK)

China's government has blocked access to news aggregator Google News and video-sharing site YouTube to suppress material about the civil unrest in Tibet.

This is no small problem for Google now, and it could develop into a much larger headache. Google wants access to the fast-growing Chinese market. But will it resort to self-censoring its own Chinese sites in order to please the government there?

It would be worse in PR terms but more effective in business terms for Google to engage with Chinese censors in reshaping Google News and YouTube to please them. Since Google already censors chinese search results, perhaps that won't be too long in coming. How the company would square that with its "don't be evil" motto is hard to imagine.

China's government has blocked access to news aggregator Google News and video-sharing site YouTube to suppress material about the civil unrest in Tibet, InfoWorld reports.

This is no small problem for Google now, and it could develop into a much larger headache. Google wants access to the fast-growing Chinese market. But will it resort to self-censoring its own Chinese sites in order to please the government there?

It would be worse in PR terms but more effective in business terms for Google to engage with Chinese censors in reshaping Google News and YouTube to please them. Since Google already censors chinese search results, perhaps that won't be too long in coming. How the company would square that with its "don't be evil" motto is hard to imagine.

Researchers in the US have developed a way to kill people with radio waves - but this is no secret Pentagon project.

They're computer scientists demonstrating that pacemakers and other implants can be hacked. Their latest demonstration showed that using radio signals they could shut down a pacemaker made by US firm Medtronic, or have it deliver jolts of electricity could be fatal.

If you used the instant-messaging system MSN messenger in June 2006, all your chats were being collected and being passed (anonymised, of course) to researchers at Microsoft Research, a paper in the physics pre-print server arXiv reveals.

Riders of Boston's T and London's Tube take note - the prepaid cards you use to pay subway fares have been cracked.

Karsten Nohl, a computer science researcher at the University of Virginia, claims to have broken the encryption used by the RFID (radio frequency identification) chip found in the Charlie Card on the Boston T subway system and in the Oyster Card on the London Underground.

Precise details of the attack have not been revealed, but Nohl and colleagues say they used micro-polishing sandpaper to remove microscopic layers from the surface of the chip while digitally imaging it under a microscope.

A new way to verify your identity online could see you being quizzed about your browsing history every time you try to retrieve a lost password.

"Can a robot commit a war crime?" That question was raised at the conference on The Ethics of Autonomous Military Systems behind yesterday's story on ethical concerns over robotic weapons.

Barrister and Engineer Chris Elliot explained his thoughts on the legality of future "intelligent" weapons, within international, criminal and civil law. He started by suggesting that as systems become more autonomous, they become capable of actions that are not, in legal terms, "foreseeable".

At that point, he suggested, it would be hard to blame a human for its actions. "We're getting very close to the where the law may have to recognise that we can't always identify an individual - perhaps an artificial system can be to blame."

It's a one-time-use, throw-away, fire-and-forget society – so why not make credit card details fit the mould? Mohammed Assora and his colleagues at Anglia Ruskin University have tabled an idea to up the stakes in e-commerce security by doing just that.

As it stands, what security does an e-commerce site offer me? They make sure I am who I say I am, by virtue of my credit card details, but this may then linger on my computer and on their servers, possibly unencrypted.

Whenever a laptop containing lots of private data is lost, there are calls for 'disk encryption' that encodes all of a computer's data to become standard practice. But a dramatic new result by security researchers at Princeton suggests it is no panacea.

They've shown that a computer's RAM - short term memory - can give it away.

RAM needs power to hold data; but the researchers have found that information can persist for up to minutes after the power is cut. That's long enough to extract the key needed to unscramble the encrypted disk, which is always kept in a computer's RAM.

An accessible video (below or here) explains the team's findings in more detail. And you can read more at a website set up to explain the work.