Group items tagged

"It's been an unusually tough few months for Big Telecom. The industry, which enjoys a generally friendly regulatory climate, has plenty of influence in Congress and with state and local governments across the country. Featured Resource Presented by Citrix Systems 10 Essential Elements for a Secure Enterprise Mobility Strategy With enhanced mobility and work flexibility comes increased security risk. Explore the security Learn More On three big issues, however, the outlook is fairly grim for America's biggest telecom companies. First, "

"It's been an unusually tough few months for Big Telecom. The industry, which enjoys a generally friendly regulatory climate, has plenty of influence in Congress and with state and local governments across the country. Featured Resource Presented by Citrix Systems 10 Essential Elements for a Secure Enterprise Mobility Strategy With enhanced mobility and work flexibility comes increased security risk. Explore the security Learn More On three big issues, however, the outlook is fairly grim for America's biggest telecom companies. First, "

"Way back in kernel 2.6, a new security system was introduced to provide a mechanism for supporting access control security policies. This system was Security Enhanced Linux (SELinux) and was introduced by the National Security Administration (NSA) to incorporate a strong Mandatory Access Control architecture into the subsystems of the Linux kernel."

"In part two of this series, Xen Project Advisory Board Chairman Lars Kurth discusses the different security vulnerabilities of containers and hypervisors. Read Part 1: A Cloud Security Introduction."

"In part two of this series, Xen Project Advisory Board Chairman Lars Kurth discusses the different security vulnerabilities of containers and hypervisors. Read Part 1: A Cloud Security Introduction."

"Linux distros have has long emphasized security and related matters like firewalls, penetration testing, anonymity, and privacy. These distributions pay special attention to security."

A new resource site for whistle-blowers. somewhat in the tradition of Wikileaks, but designed for encrypted communications between whistleblowers and journalists.  This one has an impressive board of advisors that includes several names I know and tend to trust, among them former whistle-blowers Daniel Ellsberg, Ray McGovern, Thomas Drake, William Binney, and Ann Wright. Leaked records can only be dropped from a web browser running the Tor anonymizer software and uses the SecureDrop system originally developed by Aaron Schwartz. They strongly recommend using the Tails secure operating system that can be installed to a thumb drive and leaves no tracks on the host machine. https://tails.boum.org/index.en.html Curious, I downloaded Tails and installed it to a virtual machine. It's a heavily customized version of Debian. It has a very nice Gnome desktop and blocks any attempt to connect to an external network by means other than installed software that demands encrypted communications. For example, web sites can only be viewed via the Tor anonymizing proxy network. It does take longer for web pages to load because they are moving over a chain of proxies, but even so it's faster than pages loaded in the dial-up modem days, even for web pages that are loaded with graphics, javascript, and other cruft. E.g., about 2 seconds for New York Times pages. All cookies are treated by default as session cookies so disappear when you close the page or the browser. I love my Linux Mint desktop, but I am thinking hard about switching that box to Tails. I've been looking for methods to send a lot more encrypted stuff down the pipe for NSA to store. Tails looks to make that not only easy, but unavoidable. From what I've gathered so far, if you want to install more software on Tails, it takes about an hour to create a customized version and then update your Tails installation from a new ISO file. Tails has a wonderful odor of having been designed for secure computing. Current

"AN FRANCISCO -- As more employees continue to access consumer cloud accounts at work (regardless of IT rules), the enterprise world is about to reach a breaking point, based on a new report. Quite simply, U.K. cloud collaboration company Huddle described the trend as a "security time-bomb." At least 38 percent of U.S. office workers are said to have admitted to storing work documents on personal cloud tools and services, while a whopping 91 percent of workers added they use personal devices (i.e. USB drives) to store and share sensitive company documents. Huddle argued that this means enterprise and government organizations are at severe risk of losing both data intellectual property forever as this fragmentation continues. The London-headquartered company published its first State of the Enterprise assessment report amid the official opening of its San Francisco offices on Thursday morning as Huddle branches out to attract a U.S. customer base. "Legacy technologies create barriers to how we want to work," said Mitchell. Huddle produces a team-based collaboration platform designed for large teams within enterprises storing content securely and individually. The idea behind Huddle is to replace personal USB drives and "dumb file storage" platforms with open-security models and folder-based content. As the cloud-based storage and collaboration market grows, it looks like Huddle will be aiming to take on the likes of Box, Google Drive, Microsoft SkyDrive, and Dropbox, among others. Huddle is framing itself as different in that it constructs a single network for working and collaborating beyond a firewall, removing VPN complexities with single, company-wide login. Huddle CEO Alastair Mitchell described during an inaugural media presentation that its customers are replacing legacy technologies, calling out SharePoint and Outlook in particular as users move content collaboration out of email. "Legacy technologies create barriers to how we want to work," sai

"Openness by itself does not yield more secure code, but a new dependence on open source by major software players could ensure more rigorous scrutiny"

"Openness by itself does not yield more secure code, but a new dependence on open source by major software players could ensure more rigorous scrutiny"

"Openness by itself does not yield more secure code, but a new dependence on open source by major software players could ensure more rigorous scrutiny"

Watch for massive class action product defect litigation to be filed against the phone companies.and mobile device manufacturers.  In most U.S. jurisdictions, proof that the vendors/manufacturers  knew of the product defect is not required, only proof of the defect. Also, this is a golden opportunity for anyone who wants to get out of a pricey cellphone contract, since providing a compromised cellphone is a material breach of warranty, whether explicit or implied..   

"Apple's iPhone and iPad long ago pushed out the BlackBerry as the corporate standard for mobile devices, in all but the highest-security environments. Google -- whose Android platform reigns outside the corporate world -- is now trying to push out Apple, with a new effort called Android for Work."

"Apple's iPhone and iPad long ago pushed out the BlackBerry as the corporate standard for mobile devices, in all but the highest-security environments. Google -- whose Android platform reigns outside the corporate world -- is now trying to push out Apple, with a new effort called Android for Work."

"Apple's iPhone and iPad long ago pushed out the BlackBerry as the corporate standard for mobile devices, in all but the highest-security environments. Google -- whose Android platform reigns outside the corporate world -- is now trying to push out Apple, with a new effort called Android for Work."

I read the legislation. It's as bad for privacy as described in the aritcle. And its drafting is incredibly sloppy.

" The Linux Foundation Core Infrastructure Initiative's badging program matures, as the first projects to achieve security badges are announced."

" The Linux Foundation Core Infrastructure Initiative's badging program matures, as the first projects to achieve security badges are announced."

"Jul 4, 2016 09:33 GMT · By Marius Nestor · Share: Today, July 4, 2016, Ronald Henderson has announced the release of a new version of the Fedora-based Network Security Toolkit (NST) Linux distribution for network security analysis and monitoring."

[In part one of this four-part series, Xen Project Advisory Board Chairman Lars Kurth takes a look at the theories behind cloud security and how they relate to The Walking Dead -- yes, the TV show. Read on to find out more. ...]

"CNET Editors' review by: CNET staff on August 20, 2012 A VPN is a virtual private network, an isolated subset of the Internet that allows for much greater security and privacy without sacrificing the Internet's ability to connect far-flung PCs and users together. VPNs have lots of uses, such as telecommuting into a corporate network, secure collaboration with others -- even on the other side of the world -- and private browsing. With a VPN, you can surf the Web anonymously and securely, leaving no traces. Free VPN from VPN Master is an easy-to-use VPN tool for Windows. Free VPN comes with more than 1,400 minutes of free access on VPN Master's network. After that, you can opt for an inexpensive monthly plan, if you'd like. We looked around for some sort of limitations or fine print, but it appears that your free minutes start when you start using Free VPN and end when they run out."

NSA as the cause of the next major disruption in the social networking service industry?  Grief ahead for Google? Note the point made that: "It's impossible to do a cloud-based ad supported service" where the encryption/decryption takes place on the client side.