Welcome Guest | Sign In
LinuxInsider.com
New Safe Harbor Pact Offers Temporary Port in Storm
February 9, 2016
Through an eleventh-hour maneuver, the United States and the European Union last week avoided action that could have choked the movement of data between the regions and caused financial harm to U.S. companies. It may be only a temporary respite, however. The problem stems from a European Court of Justice decision in October that blew up an agreement between the regions.
Rugged Turing Phone to Run on Sailfish OS, Not Android
February 4, 2016
Turing Robotic Industries this week announced that it has uninstalled Google's Android mobile platform in favor of Jolla's Sailfish OS in its yet-to-appear secure smartphone. The Turing Phone, molded from a single unit of the Liquidmorphium liquid-metal alloy, is designed to be more durable to absorb shocks and prevent screen breakage. Preorder pricing starts at $610.
Harvard Researchers Debunk Warnings of Terrorists 'Going Dark'
February 2, 2016
The Berkman Center for Internet & Society at Harvard University on Monday released a report that questions the so-called "going dark" phenomenon. The U.S. government and surveillance and law enforcement agencies have been calling for an end to encryption because they say it lets terrorists communicate with impunity and is responsible for the inability of law enforcement to monitor communications.
Oracle Pulls Plug on Java Browser Plug-In
January 30, 2016
Oracle earlier this week announced its decision to scrap its Java browser plug-in. The plug-in, a frequent target of hackers, won't be included in the next version of JDK 9, which is expected to ship in September. Oracle's action was motivated by browser makers' withdrawal of support for the plug-in. Developers of applications that depend on it need to consider alternatives, the company said.
FDA Guidelines Target IoT Medical Device Security
January 28, 2016
The U.S. Food and Drug Administration last week took a step toward addressing the threat the Internet of Things poses to patients and their data by releasing some proposed guidelines for managing cybersecurity in medical devices. "Networked medical devices, like other networked computer systems, incorporate software that may be vulnerable to cybersecurity threats," the FDA says in its proposal.
Suggestion Glitch Crashes Safari Browser
January 27, 2016
Apple's Safari browser has been crashing on Macs and iOS devices when users launch a search through its address bar, according to reports on Wednesday. OS X and iOS users worldwide have been affected, according to The Verge, which confirmed the problem on several iOS devices and at least one OS X machine. One of the first mentions of the glitch was a tweet by app developer Phillip Caudell.
California Bill Would Ban Encrypted Smartphone Sales
January 25, 2016
California State Assemblyman Jim Cooper last week introduced a bill seeking to ban the sale of smartphones that include unbreakable encryption. It would require smartphones made on or after Jan. 1, 2017, and sold in California to be capable of being decrypted and unlocked by manufacturers or OS providers. Knowingly failing to comply would subject a seller or lessor to a fine of $2,500 per device.
Consumer Advocates Push FCC on Broadband Privacy Rules
January 22, 2016
A coalition of 59 organizations on Wednesday sent a letter to U.S. Federal Communications Commission Chairman Tom Wheeler calling on him to get cracking on privacy protection rules for consumers. The groups include consumer advocates such as Consumer Watchdog and the Chicago Consumer Coalition as well as the Center for Democracy and Technology and the American Association of Law Libraries.
Zero-Day Flaw Puts Millions of Linux Machines, Android Devices at Risk
January 21, 2016
Tens of millions of Linux PCs and servers, as well as 66 percent of all Android mobile devices, are vulnerable to a zero-day flaw that could allow users with lower-level privileges to gain root access, according to Perception Point, which announced its discovery last week. The local privilege escalation vulnerability, which affects Linux Kernel v3.8 and higher, has existed since 2012, the firm said.
Ukraine Mounts Investigation of Kiev Airport Cyberattack
January 20, 2016
Ukrainian officials earlier this week said they had launched a probe into the source of a cyberattack that targeted a Kiev Airport. The attack may be related to the BlackEnergy malware attacks that recently targeted Ukrainian infrastructure facilities, apparently from Russia. CERT-UA on Monday warned system administrators to be on the alert for the presence of BlackEnergy malware.
Phishing Attack Could Net LastPass Credentials
January 19, 2016
LastPass has boosted security for its users after a security researcher alerted the company of a phishing attack he devised to steal users' login and two-factor authentication credentials. Sean Cassidy, CTO of Praesidio, demonstrated the phishing attack, which he calls "LostPass," last week at ShmooCon. "We think this is a very serious problem," said Praesidio CEO Edgardo Nazario.
Microsoft Prods Skylake Users to Take the Windows 10 Plunge
January 18, 2016
Microsoft last week announced that within the next 18 months, it will end support for Windows 7 and Windows 8.1 on machines equipped with Intel's 6th generation Core processors, also known as "Skylake." As of mid-July next year, Windows 10 will be the only supported Windows platform on Skylake systems, and only the most critical security fixes will be released for earlier versions of Windows.
Privacy as a Service Advocates Promise Better Data Protection
January 14, 2016
There's been a lot of wailing and gnashing of teeth about the Sisyphean task of protecting privacy in the Digital Age, but that hasn't stopped innovators from searching for ways to preserve it. One of the latest ideas to emerge in the field is Privacy as a Service. As with many emerging technologies, the definition of "PaaS" (not to be confused with Platform as a Service) is in flux.
Microsoft Puts Legacy IE Browsers Out to Pasture
January 12, 2016
Microsoft has ended technical support for the older versions of its legacy Internet Explorer browser, placing at risk millions of users who -- despite extensive warnings -- have not upgraded to the latest version of Internet Explorer or the free install of Windows 10. The support expiration means that customers using IE 8, 9 and 10 no longer will receive technical support and security updates.
ProPublica Launches News Site on Dark Web
January 12, 2016
ProPublica last week reportedly launched what's believed to be the first major news site on the dark Web. The site's purpose reportedly is to maximize the privacy of readers. The Tor hidden service goes beyond SSL in that visits to sites are hidden from eavesdroppers and ISPs. Anyone monitoring Tor nodes can track visitors who use a Tor browser to view ProPublica's regular site.
Major Security Flaw Found in Silent Circle's Blackphone
January 7, 2016
Security researchers at SentinelOne on Wednesday revealed a vulnerability they discovered in the Blackphone. The flaw -- an obscure socket -- lets an attacker take over and control communications on the Blackphone, a highly secure Android smartphone Silent Circle developed and marketed in reaction to news of government surveillance of people's communications.
New Smart Cam Can Distinguish Between Cats, Cat Burglars and Cars
January 6, 2016
Netatmo on Monday announced a smart security camera and floodlight combo at CES 2016. The Presence camera is designed for outdoor use and can identify objects such as people, animals and vehicles. The camera, which connects to a rectangular floodlight, can be customized to send alerts to a smartphone app or desktop browser based on what it sees and where it sees it.
FTC Debates Cybersecurity Injury Standard
January 5, 2016
The U.S. Federal Trade Commission is engaged in an internal struggle over how it should assess the effect on consumers when businesses fail to provide proper e-commerce security. The outcome of the debate will have a significant impact on the FTC's ability to initiate cybersecurity violation cases. The legal issue could spill over to federal courts or even Congress for resolution.
Major Challenge to FTC's Cybersecurity Authority Evaporates
December 28, 2015
The U.S. Federal Trade Commission and Wyndham Worldwide earlier this month reached a settlement over allegations that the company violated federal law regarding the protection of customer records. The settlement could have a significant impact on e-commerce in that it ended a major legal challenge to the FTC's extension of its authority into the realm of cybersecurity.
All Security Pros Want for Christmas: Smarter Users, Decoy Networks
December 24, 2015
People like to see gifts from their wish lists under the Christmas tree, and security pros are no exception. Here are things some cyberwarriors would like old St. Nick to deliver to them. "It's probably never going to happen, but it would be fantastic to get smarter users who are less susceptible to social engineering," said Proofpoint's Ryan Kalember.
10 Things on an Apple Fan's 2016 Wish List
December 22, 2015
When your favorite consumer tech company is also the best consumer tech company in the world, and said tech company is generally a magnet for hyperbole and blind customer loyalty -- while also producing more products at higher levels of quality than ever before -- what's left to really wish for? Plenty, it turns out. I'm not talking about a new Apple car or even any special new product category.
Apple's Cook Goes to the Barricades on Encryption
December 22, 2015
Apple CEO Tim Cook brought the encryption battle between the high-tech industry and the nation's law enforcement authorities to prime time TV Sunday in an interview on the CBS news program 60 Minutes. During the interview, Charlie Rose asked Cook about the need for law enforcement agencies to access data that has been encrypted on Apple phones. There's all kinds of sensitive information on smartphones today, Cook noted.
MacKeeper Loses Control of User Data
December 17, 2015
Kromtech this week revealed a vulnerability in the data storage system of its MacKeeper software. Security researcher Chris Vickery, who alerted the company to the problem with its server, pegged the number of MacKeeper users affected at about 13 million. Kromtech posted a security alert about the breach on MacKeeper's website. The company fixed the error within hours of its discovery, it said.
UK Police Pinch Suspect in VTech Hack
December 16, 2015
UK police have arrested a 21-year-old man as part of their investigation into last month's hack on VTech's systems. The man was arrested in Bracknell, 30 miles west of London, on suspicion of unauthorized access to a computer to facilitate the commission of an offense and suspicion of causing a computer to perform functions to secure or enable unauthorized access to a program or data, police said.
Hot Hacker Targets in 2016: Fantasy Sports, Professional Services
December 15, 2015
As 2016 approaches, it's time to get the crystal ball out and predict next year's cybersecurity trends. Here are some predictions from security pros TechNewsWorld interviewed. Fantasy sports sites in 2015 caught the attention of states' attorneys general, who wanted to treat the outfits as gambling enterprises. In 2016, the sites will get attention from another quarter: hackers.
The Trouble With Hoverboards and Lithium-Ion Batteries
December 14, 2015
As I'm writing this, a few more hoverboards have caught fire, and they now are banned on most domestic airlines, suggesting that shipping these things fast could be a problem. Australia even has put out a specific warning on hoverboards. The biggest problem is that a lithium ion fire in a large battery pack like this could burn down your house, and that would be an ugly end to holiday festivities.
Apple Tweaks Music, Mail, News in iOS Update
December 10, 2015
Apple on Tuesday released a new version of iOS, and while it was largely a maintenance release of the mobile operating system, the upgrade included some treats for music and news enthusiasts. The release, iOS 9.2, improved Apple Music, the company's streaming music service, in a number of ways. For example, users can create new playlists when adding a song to a playlist.
Gadget Gives Passwords Pocket Protectors
December 9, 2015
Denis Clermont and Jérôme Jadot last month launched a Kickstarter campaign for the OdyOne digital identity manager. As much as many Web travelers and security experts would like usernames and passwords to disappear from use, the pesky credentials aren't going away anytime soon. That's why password managers are seen as a way to make the best of a bad situation.
End of Year Goodies
December 8, 2015
The end of the year brings out some interesting goodies from various workshops competing with Santa for big kids' attention. Some of it is pretty good stuff. Here's a sampling of the best end-of-year product announcements from the cloud community designed to put you in the post-holiday, already-back-at-work spirit. For starters, cloud sales compensation firm Xactly announced Xactly Inspire.
Hello Barbie, Can We Talk About Your Security Issues?
December 8, 2015
New security issues that surfaced last week in connection with Mattel's Hello Barbie doll, which talks back to kids, have heightened fears that hackers could use the toy to steal information about its owners and their families. The Hello Barbie app, which is available for iOS and Android, uses an authentication credential that can be reused by hackers, Bluebox disclosed.
See More Articles in Consumer Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What is your reaction to the rumored
4-inch iPhone?
I'm in -- I'd love to have a smaller iPhone.
I prefer a larger iPhone, but it's good to have more options.
I expect innovation from Apple -- seems it's running out of ideas.
I'm not interested in an iPhone of any size.