(via Police Unmask Millions of Surveillance Targets Because of Flock Redaction Error)
A handful of police departments that use Flock have unwittingly leaked details of millions of surveillance targets and a large number of active police investigations around the country because they have failed to redact license plates information in public records releases. Flock responded to this revelation by threatening a site that exposed it and by limiting the information the public can get via public records requests.
Completely unredacted Flock audit logs have been released to the public by numerous police departments and in some cases include details on millions Flock license plate searches made by thousands of police departments from around the country. The data has been turned into a searchable tool on a website called HaveIBeenFlocked.com, which says it has data on more than 2.3 million license plates and tens of millions of Flock searches.
Digital Literacy Challenge: How Safe Are Your Online Habits?
Most people use digital technology every day without thinking too much about the risks behind it. We use smartphones, banking apps, email, social media, cloud storage, messaging apps, and online accounts as part of normal life. These tools make life easier, but they also create opportunities for mistakes, scams, data exposure, and social engineering attacks.
The Digital Literacy Challenge was created to help people reflect on how safely they use technology in everyday situations.
It is a short, interactive quiz that tests your digital safety habits and gives you a Digital Safety Score at the end.
Take the challenge here:
https://www.acehub.travel/cyber-quiz/
What Is the Digital Literacy Challenge?
The Digital Literacy Challenge is a web-based quiz designed to assess how people respond to common online safety situations.
It is not a traditional survey where you simply answer abstract questions. Instead, it presents realistic digital scenarios involving:
suspicious links
password habits
app permissions
online banking safety
public Wi-Fi use
cloud storage behaviour
phishing awareness
personal data protection
confidence in identifying online risks
The goal is simple: to help users understand whether their online habits are actually as safe as they believe.
Why Cybersecurity Literacy Matters
Cybersecurity is often treated as a technical issue, but many digital risks begin with ordinary human decisions.
A person may know that passwords should be strong, but still reuse the same password across multiple accounts. Someone may know that suspicious links can be dangerous, but still click one when it appears urgent or familiar. A mobile app may request access to contacts, microphone, or SMS, and many users may allow it without questioning why those permissions are needed.
This is why cybersecurity literacy must go beyond basic awareness.
It should include:
what people know
what people actually do
how confident people feel
whether that confidence matches real behaviour
The Digital Literacy Challenge is built around this idea.
What the Quiz Measures
The challenge looks at several areas of digital safety.
1. Knowledge Accuracy
This checks whether users understand basic cybersecurity and data privacy concepts, such as phishing, OTP safety, suspicious domains, public Wi-Fi risks, and app permissions.
2. Behavioural Habits
This examines how users behave in real life, including password reuse, software updates, multi-factor authentication, app installation habits, and whether they use online services safely.
3. Risk Perception and Confidence
This looks at how users judge their own security awareness. Some users may be cautious but underconfident, while others may be highly confident despite risky behaviour.
4. Behaviour–Perception Alignment
This is one of the most important parts of the challenge. It compares what users believe about their cybersecurity ability with how they actually respond to digital safety situations.
The gap between confidence and behaviour is often where real vulnerability appears.
Who Can Take Part?
The challenge is intended for:
adults aged 18+
people living in Sri Lanka
smartphone, computer, banking app, email, or social media users
anyone interested in testing their digital safety habits
No technical background is required.
In fact, the challenge is especially useful for ordinary technology users, because cybersecurity affects everyone who uses digital devices.
What You Get at the End
After completing the challenge, users receive a Digital Safety Score.
The score gives a general indication of how safely the user responded across the quiz. It can also help identify areas where the user may need to improve, such as:
password management
recognising suspicious links
understanding app permissions
protecting sensitive information
avoiding risky online behaviour
The aim is not to shame users for wrong answers. The aim is to make digital safety easier to understand through practical examples.
Why Ace Webmaster Built This
The Digital Literacy Challenge was originally developed as part of an MSc Cybersecurity research project affiliated with the University of Staffordshire, UK.
The research focused on cybersecurity literacy, data privacy awareness, and safe technology use among the general public in Sri Lanka.
However, the quiz has been kept active beyond the research phase because it can continue to serve as a useful public awareness tool.
Many people enjoy personality quizzes, typology tests, and self-assessment tools because they offer quick insight into personal patterns. This challenge applies a similar format to digital safety.
Instead of asking “what personality type are you?”, it asks:
How safe are your online habits?
Why This Matters for Sri Lanka
Sri Lanka has seen rapid adoption of digital technology. Many people now use smartphones, online banking, mobile payment apps, social media, and cloud services as part of daily life.
However, digital adoption does not automatically create digital safety.
As more people use online services, cybersecurity awareness becomes increasingly important. Even simple habits can make a major difference, such as:
not sharing OTPs
using unique passwords
checking app permissions
avoiding suspicious links
updating devices
using official websites and apps
thinking before trusting urgent messages
The Digital Literacy Challenge helps users reflect on these habits in a direct and practical way.
Take the Challenge
The quiz takes around 5 minutes.
It is voluntary, simple to complete, and designed to help users think more clearly about digital risks.
Start here:
Test your digital security awareness in this 5-minute challenge. Contribute to academic research on cybersecurity literacy.
Test your digital safety habits.
Get your Digital Safety Score.
Learn where you can improve.
India-Australia Forge Critical Mineral Corridor for Tech and Energy Security
India is stepping up efforts to secure critical minerals by partnering with Australia, marking a major shift in how it sources raw materials for its fast-growing industries. With rising global competition and geopolitical risks surrounding mineral supplies, New Delhi and Canberra are moving closer to a long-term mineral agreement that could reshape trade ties and industrial strategy.
El degenerado fiscal Milei desvía plata del Banco Nación a la familia Menem. Un contrato de seguridad exorbitante a una empresa de Martín Menem y testaferros.
Empresa de la familia Menem estará a cargo de la seguridad del Banco Nación por $4.000 millones
Se trata de Tech Security, una reconocida empresa que brinda servicios de seguridad para eventos masivos. El titular de Diputados, Martín Menem,…
This signal bs is extra strange to me bc I used to know people who worked in the government dealing with secure information, and they weren’t allowed to have social media like Facebook -granted this was 10-15 years ago. And I mean, not allowed at all. At the time I thought that was a bit much, but know? I get it, I think that was the correct policy actually.
At the very minimum random apps and emails should not be used to discuss sensitive information the government handles not just state secrets but other information as well imho. I think a 12 year old would be able to figure out, and probably some smarter kids of younger ages.
(This column is posted at www.StevenSavage.com, Steve's Tumblr, and Pillowfort. Find out more at my newsletter, and all my social media at my linktr.ee)
It sure seems there’s a lot of IT security breaches lately. In fact, it’s to the point where I can’t remember which one inspired this column. It’s probably just as well, since you can map whatever horrific violation of privacy you heard of this week onto this column. There, I’ve sort of written something relatively timeless because people are dumb.
One of the things I wonder about is why more CTOs, CIOs, and so forth aren’t being taken to court, followed by reporters, and in general held freaking responsible for their companies having lousy security. Yes there’s all sorts of shielding from accountability, but you think we’d see some effort, but I think one thing protecting them is that the company is seen mostly as a victim.
I’d argue that’s technically right, the companies were attacked by some external force. But treating companies as equivalent of people ignores their responsibilities. People, individual moral agents, can be victims, but corporations are not people and not moral agents, and treating them as victims like people lets them out of responsibilities. Sorry, Mitt Romney.
Think about a person who is a victim of a crime. Though people often try to blame victims, those blamers are usually both wrong and assholes (and sometimes justifying their own crimes). A person who is victim of a crime is a victim in that someone else chose to behave criminally.. Even if said victim enhanced their own danger it doesn’t remove the culpability of the criminal, who violated social and legal norms that people are expected to follow.
When I watch people shrug as corporation after corporation has customer records placed on the dark web, I see comments about how crappy their security is, but it doesn’t seem particularly judgmental. This impresses me as an echo of the don’t-blame-the-victim mentality.
But corporations are groups of people – organizations. That organization makes certain agreements and promises in order to exist. Security of data is, obviously, part of them. If one’s data is breached, despite the criminals actions, you also take responsibility as you are responsible. If you’re leadership, you should be on the line because you made a promise that this probably won’t happen.
Organizations are about promises and responsibility. Screw that up, and no matter why, someone has to pay as your failure hurt the organization and the people involved. You don’t have to restrain yourself on going after the people who did the actual crime, but corporations have made promises. If you can’t keep them, you’ve got a problem.
In fact, I’d say a corporation that suffers a data breach or similar failure must be investigated to see if it violated social norms. If the corporation made guarantees it could not and did not keep, if good faith effort was not made, the corporation was responsible. There is a failure of the company that echoes the action of the criminal, it too violated norms.
Of course we all know that if we at all ask this we’ll find a lot of corporations have done terrible at security. It’s all cost cutting, half-assed integration, and big bonuses. A lot of companies, if they were really investigated for security problems, would be locked down and sold off for being terrible.
(And yes, I work in Healthcare, which has insanely strict rules, but everyone should for everything, and we remember that these rules protect people.)
We don’t need to act like corporations are victims like people. If they can’t keep their promises, if security violations reveal they’ve done a poor job of protecting people, they’re part of the problem. Some of them should pay. Some shouldn’t exist.
