Hacking McDonald’s for Free Food

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. Once…

6 Local Search Marketing DIY Tips for the…

Posted by MiriamEllisThink crafting is kids’ stuff? Think again. The owners of quilting, yarn, bead, fabric, woodworking, art supply, stationers, edible arts, and related shops know that: The crafting industry generated $44 billion in 2016…

Voatz Internet Voting App Is Insecure

This paper describes the flaws in the Voatz Internet voting app: "The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections." Abstract: In…

Friday Squid Blogging: The Pterosaur Ate Squid

New research: "Pterosaurs ate soft-bodied cephalopods (Coleiodea)." News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting…

Customer Tracking at Ralphs Grocery Store

To comply with California's new data privacy law, companies that collect information on consumers and users are forced to be more transparent about it. Sometimes the results are creepy. Here's an article about Ralphs, a…

Loading

A US Data Protection Agency

The United States is one of the few democracies without some formal data protection agency, and we need one. Senator Gillibrand just proposed creating one.Read more: schneier.com

Companies that Scrape Your Email

Motherboard has a long article on apps -- Edison, Slice, and Cleanfox -- that spy on your email by scraping your screen, and then sell that information to others: Some of the companies listed in…