Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Latest Posts

US report prompts fresh Google Street View UK scrutiny

The Information Commissioner's Office is to look into a report by US regulators that found Google could have been aware that its Street View cars were collecting personal data for three years.The US Federal Communications Commission (FCC) report claimed a Google engineer, named by the New York Times as Marius Milner, told colleagues and a senior manager about collecting unencrypted Wi-Fi data.

May 1, 2012 by Tom Espiner

Comments

Oracle scrambles workarounds for database zero-day

Oracle has recommended workarounds for a zero-day Oracle Database flaw that was not fixed in the company's April critical patch update.The flaw in the Transport Network Substrate (TNS) Listener database component, which Oracle has known about for at least four years, could allow a hacker to break into a database without a username or password, Oracle said in a security advisory on Monday.

May 1, 2012 by Tom Espiner

Comments

ICO to spend £3m on IT services

The Information Commissioner's Office is to spend around £3m on upcoming IT services and security procurement, or around 20 percent of its data protection budget, according to information commissioner Christopher Graham.The procurement would be announced in the Official Journal of the European Union in late May, the data protection regulator told the Infosec Conference on Wednesday.

April 27, 2012 by Tom Espiner

Comments

Slapdash Facebook settings lead to arrests

Police forces are monitoring social networks to harvest evidence on crimes, and use undercover officers to interact with people on Facebook, according to a senior police officer.Police have gathered evidence on murder, theft, burglary, fraud, arson, and sex crimes through people not applying privacy settings on Facebook, ACPO e-crime prevention lead and deputy chief constable Stuart Hyde told the Counter Terror Expo on Thursday.

April 26, 2012 by Tom Espiner

1 Comment

ICO to spot company data breaches through analysis

Data watchdog the Information Commissioner's Office is to begin aggregating complaints about private sector organisations in an effort to bring more fines against companies for breaches of UK data law.The ICO has imposed 14 civil monetary penalties against organisations since November 2010, with 12 being against public sector organisations, and one against a public sector service provider.

April 26, 2012 by Tom Espiner

Comments

GlobalSign breach was down to unpatched system

A hacker managed to get into a GlobalSign server and compromise the company's digital certificate due to a piece of unpatched open source software on the server, according to a C-Level member of GlobalSign staff.The code had not been updated as it was not included on lists of proprietary software to be patched, the senior GlobalSign staff member told ZDNet UK on Wednesday.

April 25, 2012 by Tom Espiner

Comments

Risky websites to be named and shamed

A new online tool aims to draw attention to websites with insecure implementations of SSL, the encryption protocol that is widely used for online authentication.The 'Pulse' tool, part of the Trustworthy Internet Movement (TIM), allows the public to type in web addresses to find out whether the organisation has good SSL security.

April 25, 2012 by Tom Espiner

Comments

One in 10 secondhand hard drives hold residual data

More than one in 10 secondhand hard drives sold online may contain recoverable personal information, making people a 'soft touch for online fraudsters', an investigation by the Information Commissioner's Office has found.Organisations and individuals may be disposing of hard drives without fully wiping data, due to a lack of technical knowledge, the data watchdog said in a report on Wednesday.

April 25, 2012 by Tom Espiner

1 Comment

Security breaches cost UK billions, says PwC

UK information security incidents are at an all-time high, and are costing UK businesses billions per year, according to auditing house PricewaterhouseCoopers.Hacks, attacks, and insider data mistakes cost the UK between £5bn and £10bn last year, according to PwC One Security partner Chris Potter — who added the proviso that the figure needed to be taken with a pinch of salt due to difficulties in quantifying that kind of loss.

April 24, 2012 by Tom Espiner

Comments