Electronic Privacy Information Center (EPIC) a privacy group based in Washington, D.C filed a petition to Federal trade commission to investigate the Google’s cloud computing offerings. They asked FTC to investigate products including Gmail, Google Docs, Google Calendar and Picasa — to determine “the adequacy of the privacy and security safeguards.”

The group cites various security breaches involving Google products including the one happened few weeks back which shared Google hosted documents to other users without permission. It also cites security breaches in Gmail and Google desktop dating back to 2005. The complaint also cites marketing tactics used by Google which offers complete security of customer’s data and TOS which doesn’t guarantee any.

Previous EPIC complaints have led the Commission to order Microsoft to revise the security standards for Passport and to require Choicepoint to change its business practices and pay $15 m in fines.

Find the complaint here

http://epic.org/privacy/cloudcomputing/google/ftc031709.pdf

Explore More

Selection of tools to automate an attack SQL Injection

sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,

Read More

New phishing scam targets high level executives

A new phishing attack has been circulating lately, but instead of trying to dupe millions of computer users into giving up their financial information, this one is aimed at high

Read More

Introducing SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program.

Read More