OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Consumer Advocates Push FCC on Broadband Privacy Rules
January 22, 2016
A coalition of 59 organizations on Wednesday sent a letter to U.S. Federal Communications Commission Chairman Tom Wheeler calling on him to get cracking on privacy protection rules for consumers. The groups include consumer advocates such as Consumer Watchdog and the Chicago Consumer Coalition as well as the Center for Democracy and Technology and the American Association of Law Libraries.
Brave Browser Promises to Defend Users' Privacy
January 21, 2016
Brave Software, helmed by Brendan Eich, who cofounded Mozilla and created the JavaScript programming language, on Tuesday released the 0.7 developer version of its Brave browser. Brave is an open source project that promises to block Internet greed and ugliness, while improving speed and protecting privacy. Basically, it blocks ads containing tracking pixels and cookies.
Chrome Browser to Blaze With Brotli
January 21, 2016
Google Chrome users will get faster Web access soon through the Brotli open source compression algorithm, which has been rolled out to the M49 release of Chrome. That's in Canary -- which is designed for devs -- so it's not clear when Brotli will surface in the browser. It gives 20 to 26 percent higher compression ratios over its Zopfli algorithm and provides faster page loads, the company said.
GM Bug Program Gets Mixed Notices
January 21, 2016
Two white-hat hackers, Charlie Miller and Chris Valasek, made headlines last year when they demonstrated how they could hijack the control systems of a moving motor vehicle over the Internet. The move got the attention of the auto industry, and last week General Motors put in place a program to encourage more digital dabblers to alert the company when they find bugs in GM vehicles.
Zero-Day Flaw Puts Millions of Linux Machines, Android Devices at Risk
January 21, 2016
Tens of millions of Linux PCs and servers, as well as 66 percent of all Android mobile devices, are vulnerable to a zero-day flaw that could allow users with lower-level privileges to gain root access, according to Perception Point, which announced its discovery last week. The local privilege escalation vulnerability, which affects Linux Kernel v3.8 and higher, has existed since 2012, the firm said.
Digital Ad Fraud Could Top $7 Billion in 2016
January 20, 2016
Bot fraud will cost digital advertisers $7.2 billion worldwide this year, according to a report released Tuesday by the Association of National Advertisers. For the "2015 Bot Baseline" report, 49 ANA members deployed detection tags from White Ops on their digital ads to measure bot fraud over 61 days. Bot fraud impacted up to 37 percent of ads, compared to up to 22 percent in a study in 2014.
Ukraine Mounts Investigation of Kiev Airport Cyberattack
January 20, 2016
Ukrainian officials earlier this week said they had launched a probe into the source of a cyberattack that targeted a Kiev Airport. The attack may be related to the BlackEnergy malware attacks that recently targeted Ukrainian infrastructure facilities, apparently from Russia. CERT-UA on Monday warned system administrators to be on the alert for the presence of BlackEnergy malware.
FTC Issues Regulatory Warning on Big Data Use
January 20, 2016
The Federal Trade Commission is extending its regulatory reach to the e-commerce impact of big data. For years, the FTC has asserted vigorously its authority to apply existing consumer protection laws to emerging developments in the IT realm. Now it is signaling that it will apply that same vigor to big data under the regulatory authority it possesses through the FTC Act and other laws.
Cook Slams Door on Backdoor Discussions
January 19, 2016
Privacy advocates from around the globe have taken heart from reports that Apple CEO Tim Cook pushed hard against the Obama administration's efforts to reach a compromise on encryption during a recent Silicon Valley meeting. Cook reportedly lashed out at administration officials who were calling for a way to grant law enforcement officials limited, backdoor access to computer systems.
Phishing Attack Could Net LastPass Credentials
January 19, 2016
LastPass has boosted security for its users after a security researcher alerted the company of a phishing attack he devised to steal users' login and two-factor authentication credentials. Sean Cassidy, CTO of Praesidio, demonstrated the phishing attack, which he calls "LostPass," last week at ShmooCon. "We think this is a very serious problem," said Praesidio CEO Edgardo Nazario.
OpenSSH Flaw Could Leak Crypto Keys
January 15, 2016
Qualys on Thursday reported a flaw in the OpenSSH client that could let a hacker steal the client's private crypto keys. The bug is the result of an undocumented feature called "roaming" that exists in version 5.4 and above. It's one of two vulnerabilities that a malicious SSH server or a trusted but compromised server can exploit, Qualys said. The other is a heap-based buffer overflow.
Privacy as a Service Advocates Promise Better Data Protection
January 14, 2016
There's been a lot of wailing and gnashing of teeth about the Sisyphean task of protecting privacy in the Digital Age, but that hasn't stopped innovators from searching for ways to preserve it. One of the latest ideas to emerge in the field is Privacy as a Service. As with many emerging technologies, the definition of "PaaS" (not to be confused with Platform as a Service) is in flux.
Periscope's Live Streams Now Pop Up in Tweets
January 13, 2016
Periscope on Tuesday announced integration with Twitter, allowing users to view its live-stream broadcasts directly in the Twitter iOS app. Previously, Periscope broadcasters could share only links to their videocasts in tweets. Now they can embed video directly into tweets, and the content can be set to autoplay. Periscope has more than 20 million user accounts, according to CEO Kayvon Beykpour.
EFF Urges Revival of Human Rights Case Against Cisco
January 13, 2016
The Electronic Frontier Foundation on Monday pressed to revive a lawsuit against Cisco Systems for violating human rights in China, in a brief filed with a U.S. Court of Appeals. Members of Falun Gong, a religious group persecuted in China, originally filed the lawsuit in 2011, but a federal district court in California dismissed it in 2014. The federal appeals court now is considering a challenge to that dismissal.
Black Duck Intros Container Scanning
January 13, 2016
Black Duck Software on Tuesday announced it has added to its Hub software container-scanning capabilities that let users map open source security flaws for applications, Linux distros, and other software in Docker and other Linux containers. Adding a containerized scanner to a Docker host enables automatic identification of known open source vulnerabilities in all layers of containers on the host.
Administration, Silicon Valley Bigs Meet to Strategize on ISIS
January 13, 2016
Obama administration officials last week met with senior executives from several leading Silicon Valley firms in a summit on how to combat the proliferation of terrorist communications on social media networks. Attorney General Loretta Lynch, FBI Director James Comey, and John Carlin, assistant attorney general for national security, represented the DoJ.
US Army Marches to the Cloud
January 13, 2016
The U.S. Army may be in the walking phase of its plan to shift major portions of its information technology resources to the cloud, but a recent contracting initiative could move the service up to a jogging pace by the end of the year. The Army's progress in migrating much of its IT capabilities to the cloud was characterized as a crawl during 2015.
Microsoft Puts Legacy IE Browsers Out to Pasture
January 12, 2016
Microsoft has ended technical support for the older versions of its legacy Internet Explorer browser, placing at risk millions of users who -- despite extensive warnings -- have not upgraded to the latest version of Internet Explorer or the free install of Windows 10. The support expiration means that customers using IE 8, 9 and 10 no longer will receive technical support and security updates.
ProPublica Launches News Site on Dark Web
January 12, 2016
ProPublica last week reportedly launched what's believed to be the first major news site on the dark Web. The site's purpose reportedly is to maximize the privacy of readers. The Tor hidden service goes beyond SSL in that visits to sites are hidden from eavesdroppers and ISPs. Anyone monitoring Tor nodes can track visitors who use a Tor browser to view ProPublica's regular site.
Taxpayer Advocate Blasts IRS' Planned Customer Service Revamp
January 8, 2016
The Taxpayer Advocate Service has released its annual report to Congress. Among other things, it warns that a five-year plan to revamp IRS operations may result in a substantial reduction in telephone and face-to-face interactions with taxpayers. "TAS has been left with the distinct impression that the IRS's ultimate goal is to get out of the business of talking with taxpayers," the report states.
Uber Settles With New York AG After 'Playing God' With Data
January 8, 2016
New York Attorney General Eric Schneiderman on Thursday announced a deal that would require Uber to encrypt geolocation information about its riders, as well as enhance its data security practices. The AG opened an investigation into Uber in 2014, in response to allegations that the service had tracked riders and displayed their locations in an aerial format, known internally as the "God View."
Hack Lets PS4 Run Linux
January 7, 2016
Hacking team fail0verflow last week demonstrated a hack of Sony's PlayStation 4 game console that allows anyone running the modification to run the Linux OS on the appliance. The demo was part of a lightning talk session at the 32nd Chaos Communication Congress. The hackers used exploits in FreeBSD, PS4's operating system and WebKit, which powers the game console's browser.
Major Security Flaw Found in Silent Circle's Blackphone
January 7, 2016
Security researchers at SentinelOne on Wednesday revealed a vulnerability they discovered in the Blackphone. The flaw -- an obscure socket -- lets an attacker take over and control communications on the Blackphone, a highly secure Android smartphone Silent Circle developed and marketed in reaction to news of government surveillance of people's communications.
Iranian Cyberattack on American Dam Viewed As Rarity
January 7, 2016
Just days before Christmas, a rare event occurred: the report of a successful intrusion into America's infrastructure by overseas hackers. The event -- penetration of the control system of a dam 20 miles from New York City -- happened more than two years ago but wasn't made until last month. Cloaking such incidents in secrecy is standard operating procedure for industries that use control systems.
New Smart Cam Can Distinguish Between Cats, Cat Burglars and Cars
January 6, 2016
Netatmo on Monday announced a smart security camera and floodlight combo at CES 2016. The Presence camera is designed for outdoor use and can identify objects such as people, animals and vehicles. The camera, which connects to a rectangular floodlight, can be customized to send alerts to a smartphone app or desktop browser based on what it sees and where it sees it.
FTC Debates Cybersecurity Injury Standard
January 5, 2016
The U.S. Federal Trade Commission is engaged in an internal struggle over how it should assess the effect on consumers when businesses fail to provide proper e-commerce security. The outcome of the debate will have a significant impact on the FTC's ability to initiate cybersecurity violation cases. The legal issue could spill over to federal courts or even Congress for resolution.
Security Execs Sweat Insider Threats
December 31, 2015
Insider threats are becoming increasingly worrisome to corporate security executives. That is one of the findings in a survey of C-level businesspeople Nuix released last week. "The insider threat seems to be a bigger concern this year than it was in previous years," said Nuix's Keith Lowry. "People are recognizing that it is a significant weakness that has yet to be fully addressed."
China's Internet Tightrope Walk
December 30, 2015
Chinese President Xi Jinping recently told an international delegation of cybersecurity and technology experts that governments must be allowed to exercise sovereign rights and decision making over Internet use within their own countries. Speaking at the second annual World Internet Conference in Wuzhen, China, the president effectively called for a revised order in Internet governance.
Backspace Flaw Enables Linux Zero-Day Attack
December 28, 2015
Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia.
Major Challenge to FTC's Cybersecurity Authority Evaporates
December 28, 2015
The U.S. Federal Trade Commission and Wyndham Worldwide earlier this month reached a settlement over allegations that the company violated federal law regarding the protection of customer records. The settlement could have a significant impact on e-commerce in that it ended a major legal challenge to the FTC's extension of its authority into the realm of cybersecurity.
See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
What is your reaction to the rumored
4-inch iPhone?
I'm in -- I'd love to have a smaller iPhone.
I prefer a larger iPhone, but it's good to have more options.
I expect innovation from Apple -- seems it's running out of ideas.
I'm not interested in an iPhone of any size.