Cool but creepy future

Companies understand the delicate balance between collecting detailed information on shoppers — and revealing how much they know or what they do with it. Jon Iwata, an IBM vice president, talks about it as the continuum between privacy and convenience, similar to the government one between security and civil liberty. To understand companies’ reticence, note that few responded to my request for information…

The Trib's great Andy Russell took this photo of Erin Price. Funny back story: He set up the photo because it looks great -- and only realized after talking with Erin how steps play into her exercise routine. That coincidence makes for a great illustration.

The Trib’s great Andy Russell took this photo of Erin Price. Funny back story: He set up the photo because it looks great — and only realized after talking with Erin how steps play into her exercise routine. That coincidence makes for a great illustration.

Giant Eagle won’t say much about the information it collects on people who enroll in its rewards program to earn savings on food and fuel, but it knows who has a weakness for Goldfish crackers.

GNC can see when your New Year’s resolution ended. And Dick’s Sporting Goods has a pretty good idea who will return to its stores this spring to gear up for baseball or softball season.

Consumers willingly — if unwittingly — provide trillions of “data points” to companies about their purchases, intimate habits and even where a computer mouse hovers on a computer screen without clicking. Americans worried about government spying often have themselves to blame when it comes to private-sector monitoring, experts said.

Read more about this story. Check out our entire Cyber Rattling series here.

Advertisements

Hackers aimed at Target through Sharpsburg firm

When I first started covering cybersecurity, I talked with a lot of top computer experts, intelligence officials, lawmakers with high-level security clearances. The people who know about computers and security seemed genuinely freaked out. Their biggest concern: This whole thing is evolving faster than we can plan for it.

All of that research came back to me this week when we found out that criminals seem to have attacked Target by going through one of its contractors in the Pittsburgh suburb of Sharpsburg. Here’s our take on how it most likely went down…

 

$RN5JE9K

David Brumley, a computer security researcher at Carnegie Mellon University.

For computer hackers, it’s like playing the Powerball.

Criminals looking to steal credit card records from a major retailer such as Target will play as many angles as they can, blitzing the company’s contractors to find a way inside its systems, hacking experts told the Tribune-Review Friday.

“Really what attackers are doing is a game of numbers,” said David Brumley, a computer security researcher at Carnegie Mellon University. “If they compromise enough individual computers… one of those will have access to their target computer.” Read more.

 

My ongoing investigative series CyberRattling: The Next Threat has looked at the advantages that hackers have. They only have to find one way in, while companies trying to defend themselves must cover up every possible gap. A single coding mistake, in the wrong hands, can be an opening to be exploited. It’s easy to see why so many people are worried. 

$RMSFVFH

Hackers? Yes. But what color hat?

PBS NewsHour re-aired a short documentary on hackers that draws on the stories from our Cyber Rattling series. Coresondent Rick Karr spent some time with me at the Trib and focused on the work CMU does to train hackers. Whether they go on to wear a white hat or black, well…

PBS

ANDREW CONTE:  It’s often the people who as young high school students they started goofin’ around with– electronics or computers, and they started figuring out, you know, how to do simple attacks, how to get inside of– machines.

RICK KARR: Andrew Conte is an investigative reporter at the Pittsburgh Tribune-Review who’s written dozens of articles about hackers and cybersecurity.

ANDREW CONTE : And at some point they make the decision.  You know, “Am I going to be– a good hacker or a bad hacker? And there’s not that much difference between them in terms of– their abilities.  Huge difference in terms of their motivations.

Watch the entire video here. And check out our Cyber Rattling series by clicking here.