Group items tagged

"Upcoming cell phone chips from Qualcomm will use artificial intelligence to block malware before it infects your phone. The chip company said on Monday that the next-generation Snapdragon 820 processor used in a variety of Android smartphones will be the first chip that uses machine learning to detect threats and privacy issues thanks to an application called Snapdragon Smart Protect." Qualcomm is trying to use artificial intelligence in a chip for smart phones. The chip will learn to detect any privacy or security issues that would usually be hard to detect.

"Prominent Bahraini activist Nabeel Rajab was sentenced to six months in jail on Tuesday after criticizing the country's security forces on Twitter. Rajab was arrested in October for tweeting that Bahrain's security organizations are "ideological incubators" for those who join terrorist groups."

""In the 2020 general election, secure online voting should be an option for all voters," said the report. In response, the Electoral Commission's chair, Jenny Watson, said: "We will consider carefully the balance between maintaining the security of the system, whilst making it as accessible as possible for voters as part of this.""

""Nothing in this bill ensures the security of that data, either. Instead it turns every business providing telecommunications in or to the United Kingdom into an attack vector. The best way to guarantee the safety of user data is for it to not exist. Our national security will be significantly enhanced if we store less data, not more, and increase the use of strong cryptography, rather than reducing it.""

""Privacy Not Included" is Mozilla's Christmas shopping (anti)-guide to toys and gadgets that spy on you and/or make stupid security blunders, rated by relative "creepiness," from the Nintendo Switch (a little creepy) to the Fredi Baby monitor (very creepy!). Mozilla's reviews include a detailed rationale for each ranking, including whether the product includes encryption, whether it forces a default password change, how easy to understand the documentation is, whether it shares your data for "unexpected reasons," whether it has known security vulnerabilities, whether it has parental controls and more."

"It's an old cliché of security researchers: fingerprints might appear more secure than passwords. But if your password gets stolen, you can change it to a new one; what happens when your fingerprint gets copied?"

"Now they might finally get this thanks to a new $10 million contract the Defense Department's Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking."

"The revelation that encrypted email is vulnerable to a variety of devastating attacks (collectively known as "Efail") has set off a round of soul-searching by internet security researchers and other technical people -- can we save email? One way to think about Efail is that it was caused by a lack of central coordination and control over email-reading programs -- the underlying protocols are strong and robust, but they can be implemented in ways that create real problems. In particular, the ability to show HTML inside a message makes email very hard to secure:"

"A "category one" cyber-attack, the most serious tier possible, will happen "sometime in the next few years", a director of the National Cybersecurity Centre has warned. According to the agency, which reports to GCHQ and has responsibly for ensuring the UK's information security, a category one cybersecurity incident requires a national government response. "

"Now, there's a new concern: malicious apps developed by third parties and hosted by Amazon or Google. The threat isn't just theoretical. Whitehat hackers at Germany's Security Research Labs developed eight apps-four Alexa "skills" and four Google Home "actions"-that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these "smart spies," as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords."

"Oliver also pointed to a Finnish man who once found "one of the most severe security flaws ever discovered in a voting system" in US machines and alerted their manufacturers, who released a patch to fix the problem in 2006. The state of Georgia, however, never installed it, and the Senate report noted their machines hadn't been updated since at least 2005. "They'd essentially been hitting the 'remind me tomorrow' button on a critical security update for over a decade," Oliver explained, "meaning Georgia's election systems operate on the same level of technical proficiency as Every Dad"."

"A Microsoft programme to transcribe and vet audio from Skype and Cortana, its voice assistant, ran for years with "no security measures", according to a former contractor who says he reviewed thousands of potentially sensitive recordings on his personal laptop from his home in Beijing over the two years he worked for the company."

"The hacker who is taking responsibility for breaking into T-Mobile US Inc.'s systems said the wireless company's lax security eased his path into a cache of records with personal details on more than 50 million people and counting."

"If you use the default settings above, it would take millions of years to guess your master password using generally-available password-cracking technology. Your sensitive vault data, such as usernames and passwords, secure notes, attachments, and form-fill fields, remain safely encrypted based on LastPass' Zero Knowledge architecture. There are no recommended actions that you need to take at this time. "

"They aren't limited by human notions of attention; they can watch everyone at the same time. So while it may be true that using encryption is something the NSA takes special note of, not using it doesn't mean you'll be noticed less. The best defense is to use secure services, even if it might be a red flag. Think of it this way: you're providing cover for those who need encryption to stay alive."

Schneier the guy I saw the other night in lecture talking security sense.

Facebook has rushed to fix a security flaw that allowed users to eavesdrop on the live chats of their friends and see their pending friend requests

"In Los Angeles, the theft of computers from a county contractor's office that contained personal data for over 342,000 patients has led to a call for tighter security."

"The NSA's AURORAGOLD program -- revealed in newly released Snowden docs -- used plundered internal emails to compromise nearly every mobile carrier in the world, and show that the agency had planned to introduce vulnerabilities into future improvements into mobile security. "

"This story is getting squrrelier and squrrelier. Yes, security companies love to hype the threat to sell their products and services. But this goes further: single-handedly trying to create a panic, and then profiting off that panic."