Welcome to the Net Muslims Forums.
Page 5 of 6 FirstFirst 123456 LastLast
Results 81 to 100 of 102

Thread: Tech news

  1. #81
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    China Declares the iPhone a National Security Threat


    Paul Carsten, Reuters Jul 11, 2014




    Chinese state media on Friday branded Apple’s iPhone a threat to national security because of the smartphone’s ability to track and time-stamp owner locations.


    A report by broadcaster CCTV criticized the iPhone’s “Frequent Locations” function for allowing users to be tracked and information about them revealed.


    “This is extremely sensitive data,” said a researcher interviewed by the broadcaster. If the data were accessed, it could reveal an entire country’s economic situation and “even state secrets,” the researcher said.


    Apple was not available for immediate comment.


    Apple has frequently come under fire from Chinese state media, which accused the company of providing data to U.S. intelligence agencies and have called for “severe punishment.” It has also been criticized for poor customer service.


    The California-based company is not the only U.S. firm to suffer from Chinese media ire.


    Google services have been disrupted in China for more than a month while the central government procurement office has banned new government computers from using Microsoft’s Windows 8 operating system.


    Other U.S. hardware firms such as Cisco Systems and IBM have experienced a backlash in China from what analysts and companies have termed the “Snowden Effect,” after U.S. spying revelations released last year by former U.S. National Security Agency contractor Edward Snowden.

    https://www.yahoo.com/tech/china-dec...452345224.html

  2. #82
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Top websites crash as web 'starts to run out of space'


    Major technical problems could become a regular occurrence for website users because the internet is running out of space, experts have warned.

    An online breakdown caused chaos on Tuesday, costing the economy millions of pounds in lost trade and effectively closing access to a number of huge websites.

    Online auctioneer eBay was out of action for most of the day, with buyers and sellers inundating the site with complaints about lost business after being unable to log onto their accounts.


    Hundreds of thousands of users were unable to log on and the auction site was flooded with traders demanding compensation.

    The problem is understood to have been caused by the crucial ‘nuts and bolts’ of the internet – called the Border Gateway Protocol (BGP).

    Internet companies and large networks use this ‘route map’ - consisting of hundreds of thousands of complex paths through the web - to send information to each other.

    When visiting a website, users rely on machines called routers to remember how to navigate trusted routes through the ever-expanding internet.

    But older routers are finding it difficult to manage with newer technology – such as smartphones and tablets which have drastically increased the number of people online and the time spent online.

    They have imposed a huge volume of extra traffic onto the web, leaving some routers struggling with lack of memory and processing power.

    Some machines impose an arbitrary upper limit of 512,000 different routes, a number that experts say is out of date.

    The system is similar to the human brain being unable to cope with remembering ‘all the back streets’ on a long car journey, said Dr Joss Wright, a research fellow at the Oxford Internet Institute.

    In order to deal with the increase in web traffic, routers need to be updated with more memory and processing power.

    But experts said some machines are starting to become badly dated.

    Dr Wright told The Daily Telegraph: ‘It’s really a case of the routers being overloaded due to more and more devices and more and more fragmented Internet landscape of lots of little networks.’

    James Gill, chief executive of Internet traffic monitoring firm GoSquared, said: ‘This is likely to happen more and more the devices there are and the less the infrastructure is going to be able to cope. This definitely won’t be the last we hear of BGP outages.’

    Weekly Internet retail sales averaged £729 million in June - meaning more of these problems could see online retailers losing millions of pounds of trade in the future.

    Richard Perks, from the market analysts Mintel, said: ‘Online firms build up their reputations on trust, on delivering a flawless experience to their customers.

    ‘If such problems become a regular feature, then that is a serious problem both for firms and for the economy in general.’



    http://www.dailymail.co.uk/sciencete...#ixzz3BjvHQWGU



  3. #83

  4. #84
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    CIA 'tried to crack security of Apple devices'

    Agency tried to create dummy version of development software that would allow it to insert surveillance back doors into apps

    3.10.15

    The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed.The newly disclosed documents from the National Security Agency’s internal systems show surveillance methods were presented at its secret annual conference, known as the “jamboree”.The most serious of the various attacks disclosed at the event was the creation of a dummy version of Apple’s development software Xcode, which is used by developers to create apps for iOS devices.The modified version of Xcode would allow the CIA, NSA or other agencies to insert surveillance backdoors into any app created using the compromised development software.

    The revelation has already provoked a strong backlash among security researchers on Twitter and elsewhere, and is likely to prompt security audits among Apple developers.The latest revelations of sustained hacking efforts against Apple devices are set to further strain already difficult relations between the technology company and the US government.Apple had previously been a partner in the Prism programme, in effect a legal backdoor to obtain user information by the NSA and its allies, but in the wake of the Snowden revelations it has stepped up efforts to protect user privacy, including introducing end-to-end encryption on iMessages.Tim Cook, the CEO of Apple, warned Barack Obama in public remarks this month that history had shown “sacrificing our right to privacy can have dire consequences”.Other efforts showcased at the intelligence agency jamboree included a means of introducing keylogger software – which records and transmits every stroke a compromised user types – into systems through Apple’s software update tool on its laptop and desktop computers.

    Analysts were also exploring a sophisticated approach to breaking encryption on individual devices using the activity pattern of its processor while it is encrypting data, known as a “side channel” attack, as part of a bid to gain further access to the core software the devices run.The presentation notes revealed by the Intercept suggested that at the time of the presentation in March 2012 the technique had not yet been successful in extracting the key.

    US academics and security researchers have questioned the legality of the CIA’s efforts to attack Apple’s security.

    “If US products are OK to target, that’s news to me,” Matthew Green of the Information Security Institute at John Hopkins University told the Intercept.“Tearing apart the products of US manufacturers and potentially putting back doors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys’. It may be a means to an end, but it’s a hell of a means.”The exploits revealed by the Intercept are the latest in a long list of stories disclosing intelligence agency activities against Apple and its platforms. In January 2014, the Guardian disclosed a variety of exploits being used by the UK intelligence agency GCHQ and the NSA against mobile phones.These included bids to extract personal information from data transmitted by apps including Angry Birds, as well as a range of capabilities to activate remotely the microphone on iPhones and Android devices – a project codenamed Nosey Smurf.The Guardian also disclosed this year that GCHQ had been engaged in hacking software and hardware widely used in the west, including Cisco routers and Kaspersky antivirus software.


    http://www.theguardian.com/technology/2015/mar/10/cia-tried-to-crack-security-of-apple-devices?

  5. #85
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Apple could track your iPhone, iPad when turned off


    2.28.15

    Apple has been granted a patent that could potentially allow it to track an individual’s iPhone, even when it appears to have been turned off.


    The feature enables phones to enter a sleep-like state that suggests it has been shut down, but instead the phone’s movements can still be traced.


    Although many privacy advocates are likely to be up in arms about the potential development, Apple likely plans to use the feature to make its devices more secure.


    Currently, the Cupertino-based firm provides the Find My iPhone service, which enables users to track their handset when it has been lost or stolen. As it stands, however, phones cannot be traced when turned off.


    The recently granted patent indicates that in the future, users may be asked to enter a passcode before they turn their phone off, and if the incorrect code is entered the device will enter a traceable sleep mode.


    The feature may prove a useful addition in the fight against mobile phone theft. Already, tracking features and other security protocols have reduced smartphone theft by 50 percent, according to the Independent.


    The patent also outlines plans for iPhone owners to operate their device’s camera remotely while in sleep mode, enabling them to potentially take a photograph of the individual who has stolen their phone.


    The document indicates that the iPhone will "periodically exit an unpowered state and [transmit] location data" automatically. It is likely that Apple will need to be wholly transparent with users as to how this feature would be implemented, in order to avoid accusations of surveillance.


    In any case, the sheer number of patents issued to technology giants like Apple means that the iPhone tracking feature may never see the light of day. Earlier this month, it was reported that Google had been granted a patent for a wearable deodorizer, which would be capable of telling users how nearby their friends were so they could avoid them if necessary.

    http://betanews.com/2015/02/25/apple...en-turned-off/



    YOU SHOULD REALLY CONSIDER INSTALLING SIGNAL, AN ENCRYPTED MESSAGING APP FOR IPHONE

    3.2.15

    In the age of ubiquitous government surveillance, the only way citizens can protect their privacy online is through encryption. Historically, this has been extremely difficult for mere mortals; just watch the video Edward Snowden made to teach Glenn Greenwald how to encrypt his emails to see how confusing it gets. But all of this is quickly changing as high-quality, user-friendly encryption software becomes available.


    App maker Open Whisper Systems took an important step in this direction today with the release of a major new version of its Signal encrypted calling app for iPhones and iPads. The new version, Signal 2.0, folds in support for encrypted text messages using a protocol called TextSecure, meaning users can communicate using voice and text while remaining confident nothing can be intercepted in transit over the internet.


    That may not sound like a particularly big deal, given that other encrypted communication apps are available for iOS, but Signal 2.0 offers something tremendously useful: peace of mind.


    Unlike other text messaging products, Signal’s code is open source, meaning it can be inspected by experts, and the app also supports forward secrecy, so if an attacker steals your encryption key, they cannot go back and decrypt messages they may have collected in the past.


    Signal is also one special place on the iPhone where users can be confident all their communications are always fully scrambled. Other apps with encryption tend to enter insecure modes at unpredictable times — unpredictable for many users, at least. Apple’s iMessage, for example, employs strong encryption, but only when communicating between two Apple devices and only when there is a proper data connection. Otherwise, iMessage falls back on insecure SMS messaging. iMessage also lacks forward secrecy and inspectable source code.


    Signal also offers the ability for power users to verify the identity of the people they’re talking to, confirming that the encryption isn’t under attack. With iMessage, you just have to take Apple’s word for it.


    Strong, reliable, predictably-applied encryption is especially important at a time when the world just found out, via a report by The Intercept, that American and British spies hacked into the world’s largest SIM card manufacturer and stole the encryption keys that are used to protect communication between handsets and cell phone towers. With these keys, spies can eavesdrop on phone calls and texts just by passively listening to the airwaves.


    Signal development is also noteworthy because its makers, Open Whisper Systems and that company’s founder Moxie Marlinspike, are gaining a reputation for combining trustworthy encryption with ease of use and mobile convenience. Open Whisper Systems recently partnered with the makers of the messaging app WhatsApp to add encryption to that popular product (WhatsApp is not yet fully encrypted across all platforms and media types).


    “We want to make private communication simple,” says Marlinspike, who designed the encryption protocols that power his company’s apps. “Our objective is to do new cryptographic research and development that advances the state of the art while simultaneously making it frictionless and accessible for anyone.”


    iPhone users can find Signal here. For Android users, the product is, at the moment, split into two apps: TextSecure for private texting and RedPhone for private voice calls. “We’re working towards a single unified Signal app for Android, iPhone and the desktop,” says Marlinspike.


    It’s important to keep in mind that no technology is 100 percent secure, and an encrypted messaging app can only be as secure as the device you install it on. Intelligence agencies and other hackers can still exploit security bugs that have not been fixed, known as zero day exploits, to take over smartphones and bypass the encryption that privacy apps employ. But apps like Signal go a long way to making mass surveillance of billions of innocent people infeasible.

    https://firstlook.org/theintercept/2...supports-text/

  6. #86
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Upgrade to core HTTP protocol promises speedier, easier web

    February 19 2015

    Hypertext Transfer Protocol, HTTP, is a key component of the world wide web. It is the communications layer through which web browsers request web pages from web servers and with which web servers respond with the contents of the page. Like much of the internet it’s been around for decades, but a recent announcement reveals that HTTP/2, the first major update in 15 years, is about to arrive.

    The original HTTP protocol was the protocol first used by Sir Tim Berners-Lee at CERN where the web was created in 1991. This was improved over many years and finalized as HTTP 1.1 in 1999, the current standard used worldwide. Over the years the web has changed dramatically, introducing images, complex style sheets and JavaScript code, Flash and other embedded elements and more. The original HTTP was a simple protocol for a simple web, it was not designed to handle increasingly media-rich websites.

    For example, Google handles 40,000 web searches per second every day. To handle the pressure of serving billions of internet users, the company’s technicians launched a project in 2009 called SPDY (pronounced “speedy”) to improve HTTP. Originally only for internal use, other sites fielding heavy traffic such as Twitter, Facebook, WordPress and CloudFlare also implemented SPDY having seen its performance improvements.

    This caught the attention of the Internet Engineering Task Force (IETF), which develops and promotes internet standards. IETF decided to use SPDY as the basis for HTTP/2 in 2012 – and the two protocols were developed in parallel. Even though Google spearheaded the protocol’s development, the work is continued by the IETF’s open working groups as it has done for other protocols for more than 30 years.

    Google recently announced it was dropping SPDY in favor of the soon-to-arrive HTTP/2.

    The drawbacks of HTTP 1.1

    Web pages today can generate many requests for images, CSS style sheets, video and other embedded objects, off-site adverts, and so on – perhaps a hundred of these per page. This adds unnecessary strain to the web server and slows the web page loading time because HTTP 1.1 only supports one request per connection.

    HTTP 1.1 is sensitive to high latency connectionsthose with a slow response time. This can be a big problem when working on a mobile device using cellular networks, where even a high-speed connection can feel slow. HTTP pipelining allows the browser to send another request while waiting for the response of a previous request. While this would go some way to tackling high latency, it is susceptible to problems of its own and is disabled by default in most browsers.

    The benefits of HTTP/2

    Rather than using clear text, HTTP/2 is now a binary protocol which is quicker to parse and more compact in transmission. While HTTP 1.1 had four different ways to handle a message, HTTP/2 reduces this to one. To tackle the multiple request issue HTTP/2 allows only one connection per site but using stream multiplexing fits many requests into a single connection. These streams are also bi-directional, which allows both the web server and browser to transmit within a single connection. Each stream can be prioritized, so browsers are able to determine which image is the most important, or priorities a new set of streams when you change between browser tabs.

    HTTP is a stateless protocol – every connection comprises a request-response pair unconnected to any connections before or after. This means every request must also include any relevant data about the connection – this is sent in HTTP headers. As HTTP 1.1 evolved, the headers have grown larger as they incorporate new features. HTTP/2 uses header compression to shrink this overhead and speed up the connection, while improving security.

    A final addition is server push. When a web page is requested, the server sends back the page, but must wait for the web browser to parse the page’s HTML and issue further requests for things it find in the code, such as images. Server push allows the server to send all the resources associated with a page when the page is requested, without waiting. This will cut a lot of the latency associated with web connections.

    Web version 2?

    Once web servers and web browsers start implementing HTTP/2 – which could be as soon as a few weeks from now – the web-browsing experience will feel quicker and more responsive. It will also make developers' lives easier by not having to work around the limitations of HTTP 1.1.

    In fact, some of the latest versions of popular browsers (Firefox v36, Chrome v40 and Internet Explorer v11) already support HTTP/2. For Chrome and Firefox, HTTP/2 will be used only over encrypted connections (SSL) – this, along with the Let’s Encrypt initiative, will probably boost the adoption of encryption more widely.



    http://theconversation.com/upgrade-t...sier-web-37690

  7. #87
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Is Samsung's Galaxy S5 'leaking' YOUR fingerprints? Flaw means hackers can intercept and steal biometric data


    Fingerprint scanners are often touted as the future of security and an alternative to the notoriously flawed password.

    But experts have discovered they may not be as secure as first thought after a number of Android devices, including Samsung's Galaxy S5, were said to be potentially 'leaking' fingerprints.

    The security researchers have found a way to intercept a person's biometric data after it is captured by a built-in scanner, but before it becomes encrypted.

    Tao Wei and Yulong Zhang from security firm FireEye are expected to discuss their findings at this week's RSA conference in San Francisco.

    The pair told Thomas Fox-Brewster from Forbes that the flaw lies in older versions of the Android operating system, up to and including Android 4.4.

    Subsequently, anyone running Android 5.0 or above are not at risk and the security experts are advising people on older models to update as soon as possible.

    The vulnerability means that a hacker can access the kernel, or core, of the Android operating system.

    Once inside they can monitor all data sent to and from the phone, as well as data recorded by the handset's built-in sensors, including the fingerprint scanner.


    Typically, when a fingerprint is scanned it is encrypted and separated from the rest of the device in a secure folder.

    Hackers can't get access to this folder even with access to the kernel, but they can collect scans immediately from the fingerprint sensor before they reach this folder.

    In addition to using these fingerprints to access the phone, for example, they can be used to make payments with PayPal.

    During tests, Mr Wei and Mr Zhang confirmed the flaw was present on Samsung Galaxy S5.

    They have not yet tested it on other Android smartphones with built-in fingerprint scanners, including the Galaxy Note 4, Note Edge and Huawei Ascend Mate 7.

    However, they believe the problem to be 'more widespread' than the Galaxy S5 and are planning to put this to the test.

    Mr Wei and Mr Zhang said they have alerted Samsung to the issue but not received an update.

    Samsung told MailOnline 'it takes consumer privacy and data security very seriously' and is currently investigating FireEye’s claims.

    Security expert Graham Cluely said: 'It's worth remembering that fingerprints are not secrets.

    'Relying on your fingerprints to secure a device may be okay for casual security - but you shouldn't depend upon it if you have sensitive data you wish to protect.'

    This isn't the first time Samsung's S5 scanner has been exposed as vulnerable.

    In April last year a group of German hackers managed to spoof the scanner using a dummy print.

    This situation is made worse by the fact that once a password has been initially used to access PayPal and Samsung phones, the fingerprint can be continually used for access without re-entering the password - even if the phone is rebooted.

    Alternatively, on Apple phones a password is required following every reboot.

    That doesn't mean that Apple's TouchID scanner is without flaws.

    It took hackers just two days and a small collection of everyday household items to bypass the fingerprint sensor on an Apple iPhone 5S following its launch in 2013.

    Chaos Computer Club, based in Berlin, took a high-resolution photograph of a fingerprint from the side of a glass.

    They then scanned it, before laser printing it onto a transparent sheet and covering it in woodglue. Once the glue had dried, they peeled off the print copy and pressed it on the scanner.

    Stephen Ebbett, global director of gadget insurer Protect Your Bubble told MailOnline: 'This underpins the importance of security research.

    'There’s no room for flaws in fingerprint ID systems now that mobile payments are becoming commonplace. In a survey we carried out, almost a third (31 per cent) of UK mobile users told us they want to wait until mobile payment technology is more advanced before trying it themselves and, with a step back like this, it may take even more time to assuage consumer fears over security and fraud.'

    Matt White, senior manager in KPMG's cyber security practice added: 'Replacing passwords with biometric alternatives such as fingerprints provides better security, however it doesn't completely eliminate the risk posed by cyber criminals.

    'The largest hurdle with biometrics going forward will be the establishment of consumer trust.

    'Trying to convince the average person to implant a piece of technology to increase security of their perceived already secure account is a battle unlikely to be won.'

    And Andy Kemshall, co-founder and technical director at SecurEnvoy said: 'Biometric authentication is not yet near the level it needs to be for the majority of consumer facing organisations to implement it in their products.

    'Fingerprint scanning, eyeball scanning, voice and face recognition are all at least a decade away from being reliable enough to use as authentication methods.

    'The technology simply isn't sophisticated enough.

    http://www.dailymail.co.uk/sciencete...tric-data.html

  8. #88
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Windows Update is taking an unusually long time to scan and install updates


    This issue occurs because the latest updates for the Windows Update service aren't installed.

    To resolve this issue, follow these steps:


    1. Click Start, type Windows update in the search box, and then click Windows Update in the Programs list.

    2. In the left pane, click Change settings, select Never check for updates, and then select OK.

    3. Restart the computer.

    4. After the computer restarts, manually download and install the following two updates for the Windows Update service. Please download the appropriate 32-bit or 64-bit version for your operating system. Click here to see how to determine whether a computer is running a 32-bit version or 64-bit version of Windows.



    Update Name

    KB3020369 April 2015 servicing stack update for Windows 7 and Windows Server 2008 R2





    KB3172605 July 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1






    1. Install KB3020369 “April 2015 Servicing Stack update for Windows 7 and Windows Server 2008 R2” first.

    2. After KB3020369 completes installation, install KB3172605 “July 2016 Update Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1”. You will be asked to restart the computer during the installation of KB3172605.

    3. Open Windows Update, select Change Settings. Under Important Updates, click the dropdown and select Install updates automatically (recommended). Click OK to save your changes, and then select Check for updates to download and install any remaining updates.




    https://support.microsoft.com/en-us/kb/3200747

  9. #89
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Facebook Finally Says It Will Not Help Build Muslim Registry

    12.14.2016

    At the beginning of December, The Intercept reported on eight major American technology firms unwilling to state on the record that they would not help the Trump administration create a national Muslim registry. Since then, 22 different advocacy groups petitioned those companies to respond —today, Facebook breaks its silence.


    The following statement was issued to The Intercept by a Facebook spokesperson:


    “No one has asked us to build a Muslim registry, and of course we would not do so.”


    The statement comes the day after another Facebook rep accidentally emailed BuzzFeed News, dismissing the question of the Muslim registry as a “straw man.” This now makes Facebook and Twitter the only two companies willing to say they will not help build an unconstitutional, draconian list of Muslims. If any of the rest would like to join, we encourage you to do so.

    https://theintercept.com/2016/12/14/...slim-registry/

  10. #90
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Yahoo Says 1 Billion User Accounts Were Hacked

    DEC. 14, 2016

    You may have heard that Yahoo just disclosed a breach that occurred in August 2013 of more than one billion user accounts. In September it reported a breach of 500 million other user accounts from the same time. While Yahoo has yet to identify the intrusion associated with this theft, the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, encrypted passwords and, in some cases, encrypted or unencrypted security questions and answers, according to Yahoo’s Chief Technology Officer. The forensic investigation is still going on, but it is highly likely that the bad guys initially got in through a spear phishing attack with a spoofed 'From' address. These types of attacks are hard to spot and users tend to fall for them. So be careful when opening emails from an unknown source or something that looks unusual or suspicious.

    It may not help to delete your Yahoo account, it’s possible the hackers could go back in and reinstate your email account, so it might be best to retain the account. But changing your password security questions, moving mails to a more secure account, deleting all email and address book and then deleting account would be safest way to go.

    Tips for Yahoo Account Owners

    If you have a Yahoo email account, consider the following:

    - Change the password and security questions and answers on your account. Use a strong unique password with a combination of upper and lower case letters, numbers and symbols that cannot easily be predicted by a hacker.

    - Be extra vigilant when opening emails in case the hackers continue their hacking efforts.

    - Check your email forwarding settings. Hackers only need to gain access to your email account once, set up a rule to receive copies of all your emails and never log back in again. This also prevents the service from sending you notifications about repeated suspicious log-ins from unrecognized devices or IP addresses.

    - If you choose to the steps above and consider opening a second account with another email provider for your more important emails.


    Tips for All Email Account Owners

    Since it’s anyone’s guess as to whether other email providers will be hacked, it is always best to follow these safety tips:

    - Change your password on any other account that is the same or similar to the password used on your Yahoo account. Hackers will use these passwords to gain access to your other accounts.

    - Make sure to use different security questions for each site to decrease the possibility of compromise if you are hacked.

    - Block access to your credit report so a new account cannot be opened by someone other than yourself. Hackers who have valuable credentials will often try to open a credit card in your name.

    - To alleviate the difficulty of remembering unique passwords for each account, use a password manager to generate secure passwords and store them online.

  11. #91
    Junior Member Array
    Join Date
    Aug 2016
    Location
    Islamabad
    Posts
    26

    Default

    Nice sharing

  12. #92
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    I’ll never bring my phone on an international flight again. Neither should you.

    A few months ago I wrote about how you can encrypt your entire life in less than an hour. Well, all the security in the world can’t save you if someone has physical possession of your phone or laptop, and can intimidate you into giving up your password.

    And a few weeks ago, that’s precisely what happened to a US citizen returning home from abroad.
    On January 30th, Sidd Bikkannavar, a US-born scientist at NASA’s Jet Propulsion Laboratory flew back to Houston, Texas from Santiago, Chile.


    On his way through through the airport, Customs and Border Patrol agents pulled him aside. They searched him, then detained him in a room with a bunch of other people sleeping in cots. They eventually returned and said they’d release him if he told them the password to unlock his phone.


    Bikkannavar explained that the phone belonged to NASA and had sensitive information on it, but his pleas fell on deaf ears. He eventually yielded and unlocked his phone. The agents left with his phone. Half an hour later, they returned, handed him his phone, and released him.


    We’re going to discuss the legality of all of this, and what likely happened during that 30 minutes where Bikkannavar’s phone was unlocked and outside of his possession.


    But before we do, take a moment to think about all the apps you have on your phone. Email? Facebook? Dropbox? Your browser? Signal? The history of everything you’ve ever done — everything you’ve ever searched, and everything you’ve ever said to anyone — is right there in those apps.


    How many potentially incriminating things do you have lying around your home? If you’re like most people, the answer is probably zero. And yet police would need to go before a judge and establish probable cause before they could get a warrant to search your home.


    What we’re seeing now is that anyone can be grabbed on their way through customs and forced to hand over the full contents of their digital life.


    Companies like Elcomsoft make “forensic software” that can suck down all your photos, contacts — even passwords for your email and social media accounts — in a matter of minutes. Their customers include the police forces of various countries, militaries, and private security forces. They can use these tools to permanently archive everything there is to know about you. All they need is your unlocked phone.


    What’s the worst thing that could happen if the Customs and Border Patrol succeed in getting ahold of your unlocked phone? Well…



    • Think of all of the people you’ve ever called or emailed, and all the people you’re connected with on Facebook and LinkedIn. What are the chances that one of them has committed a serious crime, or will do so in the future?
    • Have you ever taken a photo at a protest, bought a controversial book on Amazon, or vented about an encounter with a police officer to a loved one? That information is now part of your permanent record, and could be dragged out as evidence against you if you ever end up in court.
    • There’s a movement within government to make all data from all departments available to all staff at a local, state, and federal level. The more places your data ends up, the larger a hacker’s “attack surface” is — that is, the more vulnerable your data is. A security breach in a single police station in the middle of nowhere could result in your data ending up in the hands of hackers — and potentially used against you from the shadows — for the rest of your life.


    Wait a second. What about my fourth and fifth amendment rights? Isn’t this illegal?

    The fourth amendment protects you against unreasonable search and seizure. The fifth amendment protects you against self-incrimination.


    If a police officer were to stop you on the street of America and ask you to unlock your phone and give it to them, these amendments would give you strong legal ground for refusing to do so.


    But unfortunately, the US border isn’t technically the US, and you don’t have either of these rights at the border.


    It’s totally legal for a US Customs and Border Patrol officer to ask you to unlock your phone and hand it over to them. And they can detain you indefinitely if you don’t. Even if you’re a American citizen.


    The border is technically outside of US jurisdiction, in a sort of legal no-man’s-land. You have very few rights there. Barring the use of “excessive force,” agents can do whatever they want to you.


    So my advice is to just do whatever they tell you, to and get through customs and on into the US as quickly as you can.
    The US isn’t the only country that does this.

    It’s only a matter of time before downloading the contents of people’s phones becomes a standard procedure for entering every country. This already happens in Canada. And you can bet that countries like China and Russia aren’t far behind.


    Since it’s illegal in most countries to profile individual travelers, customs officers will soon require everyone to do this.


    The companies who make the software that downloads data from your phones are about to get a huge infusion of money from governments. Their software will get much faster — maybe requiring only a few seconds to download all of your most pertinent data from your phone.


    If we do nothing to resist, pretty soon everyone will have to unlock their phone and hand it over to a customs agent while they’re getting their passport swiped.


    Over time, this unparalleled intrusion into your personal privacy may come to feel as routine as taking off your shoes and putting them on a conveyer belt.


    And with this single new procedure, all the hard work that Apple and Google have invested in encrypting the data on your phone — and fighting for your privacy in court — will be a completely moot point.


    Governments will have succeeded in utterly circumventing decades of innovation in security and privacy protection. All by demanding you hand them the skeleton key to your life — your unlocked phone.

    You can’t hand over a device that you don’t have.

    When you travel internationally, you should leave your mobile phone and laptop at home. You can rent phones at most international airports that include data plans.


    If you have family overseas, you can buy a second phone and laptop and leave them there at their home.


    If you’re an employer, you can create a policy that your employees are not to bring devices with them during international travel. You can then issue them “loaner” laptops and phones once they enter the country.


    Since most of our private data is stored in the cloud — and not on individual devices — you could also reset your phone to its factory settings before boarding an international flight. This process will also delete the keys necessary to unencrypt any residual data on your phone (iOS and Android fully encrypt your data).


    This way, you could bring your physical phone with you, then reinstall apps and re-authenticate with them once you’ve arrived. If you’re asked to hand over your unlocked phone at the border, there won’t be any personal data on it. All your data will be safe behind the world-class security that Facebook, Google, Apple, Signal, and all these other companies use.


    Is all this inconvenient? Absolutely. But it’s the only sane course of action when you consider the gravity of your data falling into the wrong hands.
    If you bother locking your doors at night, you should bother securing your phone’s data during international travel.


    This may upset Customs and Border Patrol agents, who are probably smart enough to realize that 85% of Americans now have smart phones, and probably 100% of the Americans who travel internationally have smart phones. They may choose to detain you anyway, and force you to give them passwords to various accounts manually. But there’s no easy way for them to know which services you use and which services you don’t use, or whether you have multiple accounts.


    We live in an era of mass surveillance, where governments around the world are passing terrifying new anti-privacy laws every year.



    With a lot of hard work on our part, enlightenment will triumph. Privacy will be restored. And we will beat back the current climate of fear that’s confusing people into unnecessarily giving up their rights.


    In the meantime, follow the Boy Scouts of America Motto: always be prepared. The next time you plan to cross a border, leave your phone at home.
    Thank you for taking the time to reading this. If you liked this, click the 💚 below so other people will see this here on Medium.

    https://medium.freecodecamp.com/ill-...e5f#.6nb3g5pel

  13. #93
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Scientists Have Stored a Movie, a Computer OS, and an Amazon Gift Card in a Single Speck of DNA

    "The highest-density data-storage device ever created."

    by PETER DOCKRILL 7 MAR 2017

    Scientists have developed what they claim is the most efficient data storage technique ever, with a new
    DNA-encoding method that approaches the theoretical maximum for information stored per nucleotide.

    Using an algorithm called DNA Fountain, the researchers squeezed six files into a single speck of DNA – including a short film, an entire computer OS, and an Amazon gift card – but that's just for starters. The team says the same technique could effectively compress all the world's data into a single room.

    Not only is DNA data storage an amazing space saver; the technique could also enable us to preserve knowledge with extreme robustness and longevity – unlike traditional technology media, which is known to succumb to all kinds of faults with time.

    "DNA won't degrade over time
    like cassette tapes and CDs, and it won't become obsolete – if it does, we have bigger problems," says computer scientist Yaniv Erlich from Columbia University.

    DNA storage itself isn't new, with the technique pioneered in 2012 by researchers at Harvard University, who figured out how to compress a 53,400-word book into the genetic code of synthetic DNA molecules, and then read the data back using DNA sequencing.

    Since then various other teams have been trying to optimise the technique, with Microsoft claiming last year that a method it had come up with was 20 times more efficient than the previous record.

    In turn, Erlich and fellow researcher Dina Zielinski from the New York Genome Centre now say their own coding strategy is 100 times more efficient than the 2012 standard, and capable of recording 215 petabytes of data on a single gram of DNA.

    For context, just 1 petabyte is equivalent to 13.3 years' worth of high-definition video, so if you feel like glancing disdainfully at the external hard drive on your computer desk right now, we won't judge.

    At the heart of the researchers' system is an algorithm originally designed to detect and fix errors in streaming video applications.

    According to the researchers, the same kind of mechanism can be used to avoid errors when reading back binary data (made up of 1s and 0s) that's been translated into the four nucleotide bases in DNA: A, G, C, and T.

    "[N]ot all DNA molecules are created equally," Erlich told Dexter Johnson at IEEE Spectrum.

    "If you have DNA molecules that have a long stretch of the same nucleotide, such as AAA, it is not very favourable for the informatics machinery. It's very hard to read this molecule without an error. So you want to avoid stretches like that."

    The researchers' algorithm manages to avoid errors when reading back the DNA data by additionally encoding a series of hints about what the information should look like once decoded.


    This mean that not only can you recreate any DNA fragments that get lost in the processit's also highly optimised.

    "We showed that we can reliably store information on DNA, and that our organising of information approaches 'optimal packing,'", Erlich told Katherine Lindemann at ResearchGate, "meaning it is nearly impossible to fit more information on the same amount of DNA material."

    To test the system, the team compressed six files: a computer OS; an 1895 French short film, Arrival of a train at La Ciotat; a US$50 Amazon gift card; a computer virus; a Pioneer plaque; and an academic paper by information theorist Claude Shannon.

    The overall file size of the complete package was relatively tiny – coming in at just 2MB – but the important thing was testing to see if the DNA Fountain algorithm was able to encode the binary information into genetic data without losing any of the information.

    After the digital data – represented in a list of 72,000 DNA strands – was converted into a speck of DNA molecules carried in a vial, the researchers were able to sequence the DNA and recover the files with zero errors.

    While it's an impressive result, the team says it will be some time before the expense of storing and reading data in DNA makes sense for the rest of us. For their 2MB package, the researchers spent $7,000 to synthesise the DNA, and another $2,000 to sequence it.

    Erlich thinks it could be more than a decade before DNA storage becomes accessible to the general public.

    And even then, the technology might be reserved for things like recording patient data in medical systems, as opposed to being sold to consumers as the latest tech product.

    "This is still the early stages of DNA storage.
    It's basic science," Erlich told Eva Botkin-Kowacki at The Christian Science Monitor.

    "It's not that tomorrow you're going to go to Best Buy and get your DNA hard drive."

    The findings are reported in Science.

    http://www.sciencealert.com/scientis...e-speck-of-dna

  14. #94
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    FBI Used Best Buy's Geek Squad To Increase Secret Public Surveillance

    Recently unsealed records reveal a much more extensive secret relationship than previously known between the FBI and Best Buy's Geek Squad, including evidence the agency trained company technicians on law-enforcement operational tactics, shared lists of targeted citizens and, to covertly increase surveillance of the public, encouraged searches of computers even when unrelated to a customer's request for repairs.


    To sidestep the U.S. Constitution's prohibition against warrantless invasions of private property, federal prosecutors and FBI officials have argued that Geek Squad employees accidentally find and report, for example, potential child pornography on customers' computers without any prodding by the government. Assistant United States Attorney M. Anthony Brown last year labeled allegations of a hidden partnership as "wild speculation." But more than a dozen summaries of FBI memoranda filed inside Orange County's Ronald Reagan Federal Courthouse this month in USA v. Mark Rettenmaier contradict the official line.


    One agency communication about Geek Squad supervisor Justin Meade noted, "Agent assignments have been reviewed and are appropriate for operation of this source," that the paid informant "continues to provide valuable information on [child pornography] matters" and has "value due to his unique or potential access to FBI priority targets or intelligence responsive to FBI national and/or local collection."


    Other records show how Meade's job gave him "excellent and frequent" access for "several years" to computers belonging to unwitting Best Buy customers, though agents considered him "underutilized" and wanted him "tasked" to search devices "on a more consistent basis."


    To enhance the Geek Squad role as a "tripwire" for the agency, another FBI record voiced the opinion that agents should "schedule regular meetings" with Meade "to ensure he is reporting."


    A Feb. 27, 2008, agency document memorialized plans "seeking the training of the Geek Squad Facility technicians designed to help them identify what type of files and/or images would necessitate a call to the FBI."


    Jeff Haydock, a Best Buy vice president, told OC Weekly in January there has been no arrangement with the FBI. "If we discover child pornography in the normal course of serving a computer, phone or tablet, we have an obligation to contact law enforcement," he said, calling such policy "the right thing to do."


    But evidence demonstrates company employees routinely snooped for the agency, contemplated "writing a software program" specifically to aid the FBI in rifling through its customers' computers without probable cause for any crime that had been committed, and were "under the direction and control of the FBI."


    Multiple agency memoranda underscore the coziness with Best Buy, including one that stated, "The Louisville Division has maintained [a] close liaison with the Greek Squad management in an effort to glean case initiations and to support the division's Computer Intrusion and Cyber Crime programs."


    These latest revelations are the result of the work of James D. Riddet, the San Clemente-based defense attorney representing Rettenmaier. The doctor, who specializes in obstetrics and gynecology, is fighting allegations he knowingly possessed child pornography after the Geek Squad claimed it found an illicit image on a Hewlett Packard computer he left with the company for repair in 2011. U.S. Department of Justice officials filed criminal charges the following year. But the case has been in legal limbo while U.S. District Court Judge Cormac J. Carney considers Riddet's contentions of outrageous government conduct.


    In 2016, the defense lawyer claimed the FBI made Best Buy an unofficial wing of the agency by incentivizing Geek Squad employees to dig through customers' computers, paying $500 each time they found evidence that could launch criminal cases.


    There are also technical weaknesses in the agency's pursuit of Rettenmaier. Just weeks before his arrest, federal judges ruled in a notable separate matter that child porn found on a computer's unallocated space couldn't be used to win a possession conviction because there is almost no way to learn who placed it there, who viewed it, or when or why it was deleted. Cynthia Kayle, a lead agent working against Rettenmaier, knew Geek Squad informants had found the image in unallocated space, which is only accessible via highly specialized computer-intrusion tools the doctor didn't possess. Agents won a magistrate judge's permission to advance the case by failing to advise him of those facts and falsified an official time line to hide warrantless searches, according to the defense lawyer. Brown disputes any law-enforcement wrongdoing.


    But the government's case took more blows in January. During a pretrial hearing with obnoxious FBI agents visibly angered that I'd alerted the public about their heavy-handed tactics, Riddet asked Carney to take his first look at the image found on his client's device, pointing out the picture does not depict sex or show genitals. The lawyer then questioned agent Tracey L. Riley, who retreated from her original, case-launching stance that the image—known as "9yoJenny"—was definitely child pornography to "not exactly" child porn. Under questioning, experts for both the defense and the government testified that it's not only possible for files from the internet to land on a computer without the owner's knowledge, but that it also frequently happens.


    Riddet wants Carney to suppress the evidence and dismiss the case. "The FBI's internal documentation of its relationship with its informants and the correspondence between the FBI and its informants suggest a joint venture to ferret out child porn," he told the judge on March 1. "Accordingly, Geek Squad City (GSC) is a government entity and its employees' searches are warrantless government searches in violation of the Fourth Amendment. . . . There was a total of eight FBI informants in GSC's data-recovery department at various times."


    Carney faces what could be a monumental ruling with nationwide implications. This Republican judge and former UCLA football player has been known to ridicule law-enforcement tactics when he considers them unethical. If he doesn't accept Riddet's stance and tolerates the government's already documented abuses, a trial is tentatively scheduled to begin on June 6 in Santa Ana.

    http://www.ocweekly.com/news/fbi-use...llance-7950030

  15. #95
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Laptop ban: UK, US ban electronics in carry-on luggage from Middle East airports amid terrorist bomb fears

    3/22/2017

    Britain has joined the United States in temporarily banning carry-on electronic devices on planes coming from certain airports in Muslim-majority countries in the Middle East and North Africa in response to unspecified security threats.

    The US Department of Homeland Security said passengers traveling from those airports could not bring devices such as tablets, portable DVD players, laptops and cameras into the main cabin that are larger than a mobile phone.

    Instead, such items must be in checked baggage, it said on Tuesday, local time.

    At this stage, the Australian Government says it has no plans to enact a similar ban.

    The bulk of Australian passengers should escape the confusion, as the new rules do not apply to flights from Australia to London or Europe that transit through Dubai or Abu Dhabi.

    Britain took similar steps to the US, with a spokesman for Prime Minister Theresa May saying that there would be curbs on electronic items in the main cabin on flights from six countries in the Middle East.

    The moves were prompted by reports that militant groups want to smuggle explosive devices inside electronic gadgets, US officials told reporters on a conference call on Monday.

    "Our information indicates that terrorist groups' efforts to execute an attack against the aviation sector are intensifying."

    10 airports under microscope, long delays expected

    A US government source said that while the restrictions arose from multiple reports of security threats, some very recent intelligence had arrived which helped to trigger the timing of the current alert.

    The airports covered by the US restrictions are in Cairo; Istanbul; Kuwait City; Doha, Qatar; Casablanca, Morocco; Amman, Jordan; Riyadh and Jeddah, Saudi Arabia; and Dubai and Abu Dhabi in United Arab Emirates.

    Those at affected airports are likely to experience long delays as airports adjust to the new security measures.

    Officials said the decision had nothing to do with President Donald Trump's efforts to impose a travel ban on citizens of six majority-Muslim nations.

    DHS spokeswoman Gillian Christensen said the government "did not target specific nations. We relied upon evaluated intelligence to determine which airports were affected."

    On March 6, Trump signed a revised executive order barring citizens from Iran, Libya, Syria, Somalia, Sudan and Yemen from traveling to the United States for 90 days. Two federal judges have halted parts of the ban although Trump has vowed to appeal.

    The airports affected by the US electronics rules are served by nine airlines that fly directly from those cities to the United States about 50 times a day
    , senior government officials said.

    Measures likely to come to Australia eventually

    A former Qantas senior executive responsible for security and risk management, who is now the airline's aviation security consultant, says it is "reasonably likely" the measures could eventually be introduced in Australia.

    "It will depend on the substance of the intelligence that the agencies have," Geoff Aksew told ABC Radio Melbourne.

    "It will certainly be frustrating for passengers. I think those travelling to Australia normally would have checked baggage so they would do a secondary screening I would imagine in the aero bridge of carry-on bags and if there's a laptop found then they will be required to put it in the hold.

    Dr John Coyne, head of Border Security with the Australian Strategic Policy Institute, says Australian passengers may have to check in electronics once they get to an affected airport, before continuing their journey.

    "I suspect that Qantas, for instance — as people are boarding in Sydney or Melbourne — will have to make its customers aware that while they can carry their electronic devices from the leg of Sydney to Dubai, if they're taking a connecting flight from there to … the UK, that they'll have to check-in those laptops and those iPads, etc," he told ABC News 24.

    "I suspect that we'll now see a change in the screening requirements where either there'll be new screening machines developed or, alternatively, staff will be trained to look for the key indicators that a laptop or an iPad or some other type of device does or does not have an IED inside it.

    "They're countermeasures that [make] the likelihood that an explosive device is going to go off inside the cabin less likely. I think that's a real bonus."

    Airlines have until Friday to comply

    The carriers — Royal Jordanian Airlines, Egypt Air, Turkish Airlines, Saudi Arabian Airlines, Kuwait Airways, Royal Air Maroc, Qatar Airways, Emirates and Etihad Airways — have until Friday to heed the new policy, which took effect early on Tuesday and will be in place indefinitely.

    Several of the carriers, including Turkish Airlines, Etihad and Qatar, said early on Tuesday that they were quickly moving to comply.

    Royal Jordanian and Saudi Airlines said on Monday that they were immediately putting the directive into place.

    An Emirates spokeswoman said the new security directive would last until October 14.

    However, Ms Christensen termed that date "a placeholder for review" of the rule.

    The policy does not affect any American carriers because none fly directly to the United States from the airports affected, officials said.

    New intelligence behind electronics ban

    On Monday it emerged the US government had been considering the move since it learned of a threat several weeks ago.

    US authorities believe there is a threat from plots similar to an incident a year ago in Somalia, where a bomb hidden in a laptop blew a hole in the side of a plane although failed to down it, another source said.

    Officials did not explain why the restrictions only apply to travelers arriving in the United States and not for those same flights when they leave from there.

    The rules do apply to US citizens traveling on those flights, but not to crew members on those foreign carriers.

    Homeland Security will allow passengers to use larger approved medical devices.

    Britain said its restrictions would apply to direct flights from Turkey, Lebanon, Jordan, Egypt, Tunisia and Saudi Arabia, and that devices larger than a normal-sized smartphone would have to be placed in the hold.

    The British regulations affect British Airways, easyJet, Jet2, Monarch, Thomas Cook, Thomson , Atlas-Global, Pegasus, EgyptAir, Royal Jordanian, Middle East Airlines, Saudia, Turkish Airlines and Tunisair.

    http://www.abc.net.au/news/2017-03-2...lights/8375238

    readers' comments:

    The United States Government has "bomb-fear issues." The US Government fears that a bomb may enter American via a laptop inbound a flight from Muslim-majority countries. Meanwhile, America has actually dropped 26,171 bombs into Muslim-majority counties in 2016 alone. That's nearly three bombs every hour. Who are the nations who should be having the ongoing real and valid fears of bombs being dropped into their country?

  16. #96
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    The 265 members of Congress who sold you out to ISPs, and how much it cost to buy them

    They betrayed you for chump change

    by T.C. Sottek - Mar 29, 2017

    Republicans in Congress just voted to reverse a landmark FCC privacy rule that opens the door for ISPs to sell customer data. Lawmakers provided no credible reason for this being in the interest of Americans, except for vague platitudes about "consumer choice" and "free markets," as if consumers at the mercy of their local internet monopoly are craving to have their web history quietly sold to marketers and any other third party willing to pay.

    The only people who seem to want this are the people who are going to make lots of money from it. (Hint: they work for companies like Comcast, Verizon, and AT&T.) Incidentally, these people and their companies routinely give lots of money to members of Congress.

    So here is a list of the lawmakers who voted to betray you, and how much money they received from the telecom industry in their most recent election cycle.

    visit the link below for names and the bribe amount


    http://www.theverge.com/2017/3/29/15...vacy-fire-sale

    comments:

    These are bribes, in the west they are called "donations".

    Those wanting to protect their browsing history can look into these three options.

    1. VPN service (one that doesn't keep a history)
    2. Whonix, Linus OS run on Tor
    3. Tor browser - https://www.torproject.org/

  17. #97
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Boy hacks cyber-security audience to give lesson on 'weaponisation' of toys

    Reuben Paul, 11, tells conference that smart cars, fridges, lights and even teddy bears can be used to spy on or harm people


    An 11-year-old “cyber ninja” has stunned an audience of security experts by hacking into their Bluetooth devices to manipulate a robotic teddy bear, showing in the process how interconnected smart toys “can be weaponised”.

    Reuben Paul, who is in sixth grade at school in Austin, Texas, and his teddy bear Bob wowed hundreds at a cyber-security conference in the Netherlands.

    “From airplanes to automobiles, from smartphones to smart homes, anything or any toy can be part of the Internet of Things (IOT),” said the small figure pacing the huge stage at the World Forum in The Hague.

    “From terminators to teddy bears, anything or any toy can be weaponised.”

    To demonstrate he deployed his cuddly bear, which connects to the cloud via wifi and Bluetooth to receive and transmit messages.

    Plugging into his laptop a device known as a “Raspberry Pi” – a small credit-card size computer – Reuben scanned the hall for available Bluetooth devices, and to everyone’s amazement including his own, suddenly downloaded dozens of numbers, including some of top officials.

    Then using a computer language called Python he hacked into his bear via one of the numbers to turn on one of its lights and record a message from the audience.

    “Most internet-connected things have a Bluetooth functionality ... I basically showed how I could connect to it, and send commands to it, by recording audio and playing the light,” he told AFP later.

    “IOT home appliances, things that can be used in our everyday lives, our cars, lights refrigerators, everything like this that is connected can be used and weaponised to spy on us or harm us.”


    They could be used to steal private information such as passwords, as remote surveillance to spy on kids, or employ GPS to find out where a person is
    , he said. More chillingly, a toy could say “meet me at this location and I will pick you up”, Reuben said.

    His father, information technology expert Mano Paul, told how aged about six Reuben had revealed early IT skills.

    Using a simple explanation from dad on how one smartphone game worked, Reuben then figured out it was the same kind of algorithm behind the popular video game Angry Birds.

    “He has always surprised us. Every moment when we teach him something he’s usually the one who ends up teaching us,” Mano Paul told AFP.

    But Paul said he been “shocked” by the vulnerabilities discovered in kids’ toys, after Reuben first hacked a toy car, before moving on to more complicated things.

    “It means that my kids are playing with timebombs, that over time somebody who is bad or malicious can exploit.”

    Now the family has helped Reuben, who is also the youngest American to have become a Shaolin Kung Fu black belt, to set up his CyberShaolin non-profit organisation.

    Its aim is “to inform kids and adults about the dangers of cyber-insecurity”, Reuben said, adding he also wants to press home the message that manufacturers, security researchers and the government have to work together.

    Reuben also has ambitious plans for the future, aiming to study cyber-security at either CalTech or MIT universities and then use his skills for good.

    https://www.theguardian.com/world/20...sation-of-toys

  18. #98
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Google Search Is Doing Irreparable Harm To Muslims

    A Dallas imam and his organization are taking on the world’s largest search engine to stop it from spreading hate.

    24/06/2017

    Google asks its employees to “Do the right thing.” At least, that’s what its revised 2015 motto states in an upgrade from the original company maxim, “Don’t be evil.”



    But when a user searches Google for information on Islam, the results often link to propaganda, anti-Muslim hate and outright lies.
    The algorithm for the world’s largest search engine is definitely not doing the right thing ― especially when it comes to the first page of results, where most users stop their searches.

    Basic searches for words like “Muslim” and “Islam” return reasonable results with links to reputable sites. But more specific terms, like “sharia,” “jihad” or “taqiyya” ― often co-opted by white supremacists ― return links to Islamophobic sites filled with misinformation.

    The same thing happens with the autofill function. If a user types in “does islam,” the first suggestion that pops up to complete the query is “does islam permit terrorism.” Another egregious example occurs when a user inputs “do muslim.” The autofill results include “do muslim women need saving.”


    There are endless possibilities for misinformation, and the consequences are disturbing.





    “Ninety percent of people don’t make it past the first page,”
    Heidi Beirich, a project director for the Southern Poverty Law Center, told HuffPost. “It’s miseducating millions, if not billions of people on many subjects.”


    Indeed, there is a distinct correlation between anti-Muslim searches and anti-Muslim hate crimes, according to researchers.

    The result? At the extreme end of the spectrum, white supremacists commit heinous acts of violence, like in Portland, Oregon and Tulsa, Oklahoma. But more commonly and perhaps more nefariously, such searches normalize a culture of fear, leading to the harassment of hijab-wearing teenagers and 7-Eleven store clerks.




    Google More autofill results from Google. But Omar Suleiman, a Muslim American imam from Dallas and founder of the Yaqeen Institute for Islamic Research, has a plan to take on Google.


    Suleiman and his team have been publishing reports on controversial topics in Islam ― like jihad ― in the hopes of influencing the search algorithm. His goal is to flood the search results with accurate information on Islam.

    Suleiman, 30, realized a few years ago that there was a dire need for factual information during the rise of the self-described Islamic State, when he noticed how right-wing groups were equating ISIS’s language with the beliefs of the world’s entire Muslim population.

    One of Suleiman’s most popular reports is on the Islamic idea of taqiyya, a term Islamophobes and white supremacists have appropriated and exploited to accuse Muslims of lying to non-Muslims for a sinister objective like taking over the world.

    Suleiman explains in the report that taqiyya is actually a centuries-old concept that permits a Muslim to conceal his or her faith when under the threat of persecution. Applied more commonly by the minority Shia sect of Islam, taqiyya is rarely, if not ever, applicable to modern-day Muslims.

    Because it is an Arabic word, Islamophobes use the word “taqiyya” solely to instill fear, Suleiman told HuffPost. It’s a foreign-sounding word from a religion that’s perceived as foreign, and it sends “chills down the spines of well-meaning but woefully misinformed patriotic Americans wary of those turban-wearing bearded foreigners, right? What could possibly go wrong?” Suleiman wrote in the report.


    The Yaqeen Institute has also published reports on honor killings, stoning and jihad, all topics Islamophobes constantly twist to degrade Islam and Muslims.


    But taking on the internet is not easy, and may not even be possible.


    Suleiman’s report on taqiyya doesn’t come up until the second page of Google search. The first link that appears on the first page, an article from meforum.org, may appear legitimate, but the Middle East Forum is actually an Islamophobic “think tank” and website that “promotes American interests in the Middle East and protects Western values from Middle Eastern threats.” TheReligionOfPeace.com and Billionbibles.org are other anti-Muslim websites whose articles appear on the first page.


    The Southern Poverty Law Center has documented a similar ― and arguably worse ― problem when users search for the term “sharia.”


    Factual content about Islam “in basic searches often gets choked off by anti-Muslim propaganda,” writes Alex Amend, digital media director at the Southern Poverty Law Center.


    However, there is precedent for Google to make a change. The company removed the “are Jews evil” autofill suggestion late last year, and apologized for mistakenly tagging African-Americans as “gorillas” in the search feature of the Google photos app.


    “We’re appalled and genuinely sorry that this happened,” a company spokeswoman said at the time. “There is still clearly a lot of work to do with automatic image labeling, and we’re looking at how we can prevent these types of mistakes from happening in the future.”


    Earlier this year, YouTube, which is owned by Google, announced a new set of policies that target offensive content that doesn’t necessarily violate the company’s guidelines. The policy includes burying the videos and not attaching them to any advertising. Videos that promote the subjugation of religions or races without outright inciting violence, such as by targeting Islam, would be covered by this policy.
    Beirich says Google’s actions so far are not enough.


    “Google’s algorithm is seriously flawed and it’s a scary thing
    , because millions of people around the world are using it,” she said. “It’s a fundamental problem with how search works.”

    Beirich points to the case of white supremacist Dylann Roof, who went “from being someone who was not raised in a racist home to someone so steeped in white supremacist propaganda that he murdered nine African-Americans during a Bible study.”

    “We are teaching [people] reasons to hate black people, Jews, Muslims and [other] minorities,” Beirich said.

    The SPLC has brought its concerns to Google, but says it has yet to see substantial action.

    A Google spokeswoman told HuffPost she had “nothing to add” when asked about the harmful search results.

    Despite the odds stacked against Suleiman, he is hopeful. He is also aware that Yaqeen has nothing close to the $57 million network fueling Islamophobia, both online and offline, in the United States.


    “The prize of Islamophobes is the hearts and minds of people,” Suleiman said. “What we need to continue to do is to discredit these people and their agendas.”

    http://www.huffingtonpost.com.au/ent...b0d31854867de8


    Comments:

    Google pushes the results of whoever pays them the most money. Islamophobia being a multi million dollar fear industry is funding these search results and Google is gladly doing it for the money. It’s the same with their youtube website and it’s the same with Facebook posting. Not only they readily accept money and promote this islamphobia but they also actively ban any videos on youtube or facebook that speaks the truth and let all the hate and anti-islam bigotry on there, even after being reported.

  19. #99
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    CEOs Try to Ban Artificial Intelligence from War,

    Elon Musk is back at it again, warning the world about the dangers of AI, but this time he is trying to get it banned from weapons. Musk is not alone, according to the LA Times. Dozens of other CEOs have signed an open letter to the United Nations, asking them to ban the use of AI in weaponry before the technology becomes too powerful.

    “As companies building the technologies in Artificial Intelligence and Robotics that may be repurposed to develop autonomous weapons, we feel especially responsible in raising this alarm,” the group wrote in an open letter to the United Nations’ Convention on Certain Conventional Weapons (CCW). “Lethal autonomous weapons threaten to become the third revolution in warfare.”

    While some aspects of Musk’s warning seem a little too far-fetched to believe, the idea of autonomous weapons is very frightening, especially when you think of computer vision and facial recognition technology. While banning AI from war will be a massive challenge, I do believe that certain regulations should be placed upon intelligent weapons. Otherwise, every country will be using laptop guns from James Bond GoldenEye on Nintendo 64.
    This originally appeared in G2 Crowd's AI Digest. Subscribe to receive the same weekly AI news directly to your inbox.

    Amazon Brings AI to Cloud Storage

    This week Amazon announced that it has brought AI to its cloud storage services to better protect customer data. This new AI offering is called Amazon Macie, and, according to Forbes, “relies on Machine Learning to automatically discover, classify, and protect sensitive data stored in AWS.”

    The main product impacted will be Amazon S3, an Infrastructure as a Service offering that is popular among businesses for cloud-based storage. Amazon is also the first of the major players in the cloud storage services space to bring AI to its offerings, per Investopedia. When competing in such a lucrative market, enterprise companies will do anything they can to get an edge; for Amazon, AI may just be that edge. Frankly, it might not need it as it is the distinguished market leader, but it definitely doesn’t hurt. For a deep dive into Amazon’s AI offerings, check out Amazon AI: The Smart Person’s Guide from TechRepublic.

    TWITTER FOLLOW OF THE WEEK


    @MIT_CSAIL
    MIT's largest research lab, the Computer Science and Artificial Intelligence Lab (CSAIL). RT≠endorsements.


    QUICK HITS


    • Machines Taught by Photos Learn a Sexist View of Women (WIRED)
    • AI Learns Sexism Just by Studying Photographs (MIT Technology Review)
    • AI-Powered Filter App Prisma Wants to Sell Its Tech to Other Companies (The Verge)
    • Microsoft Teaches Autonomous Gliders to Make Decisions on the Fly (New York Times)
    • Popular YouTube Artist Uses AI to Record New Album (CNNMoney)
    • I Was Worried About Artificial Intelligence – Until It Saved My Life (Quartz)
    • This Biotech Startup Is Using AI to Help Researchers Develop Cures Quicker (Forbes)
    • NarrativeDx: The AI Platform Aiming to Be the Yelp for Patient Hospital Reviews (Forbes)
    • How AI Is Changing the Face of Retail Industry (Customer Think)
    • The Man Behind Android Says AI Is the Next Major Operating System (CNBC)
    • AI Creates Fictional Scenes out of Real-Life Photos (Engadget)
    • Databricks Raises $140M From Top VCs in Mission to Bring AI to “The 99 Percent” (Forbes)
    • Salesforce’s Marc Benioff Details Cloud Giant’s Push Into AI, Dishes on Secret Client (CNBC)
    • Microsoft Announces Project Brainwave to Take on Google’s AI Hardware Lead (Forbes)
    • This AI Tries to Figure out if You’re a Real Person (Forbes)
    • Samsung’s AI Assistant Bixby Is Finally Launching in the UK and Around the World (Business Insider)
    • Intel, Qualcomm, Google and NVIDIA Race to Develop AI Chips and Platforms (All About Circuits)




    https://www.linkedin.com/pulse/ceos-...n-brings-light

  20. #100
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,291

    Default

    Equifax hacked

    A huge security breach at credit reporting company Equifax has exposed sensitive information, such as Social Security numbers and addresses, of up to 143 million Americans.

    Unlike other data breaches, those affected by the breach may not even know they're customers of the company.

    Equifax (EFX) is one of three nationwide credit-reporting agencies that track and rate the financial history of consumers. The company gets its data from credit card companies, banks, retailers and lenders -- sometimes without you knowing.

    The data breach is among the worst ever because of the amount of people affected and the sensitive type of information exposed.

    How many people were affected?

    The company says as many as 143 million people in the United States were hit. Others in the U.K. and Canada were also impacted, but Equifax hasn't said how many. Credit card numbers for about 209,000 U.S. customers were compromised, in addition to "personal identifying information" on about 182,000 U.S. customers.

    Who was impacted?

    Equifax said it will send notices in the mail to people whose credit card numbers or dispute records were breached. The company said it found no evidence that consumers in other countries were affected beyond the U.S., U.K. and Canada.

    What information was accessed?

    The hackers accessed personal information such as names, Social Security numbers, birth dates, addresses, credit card numbers and the numbers of some driver's licenses.

    When did this happen?

    Equifax said the breach happened between mid-May and July. It discovered the hack on July 29. It informed the public on September 7.

    How did this happen?

    Equifax said criminals "exploited a U.S. website application vulnerability to gain access to certain files." A company spokesperson did not immediately respond to a request for further comment.

    Who was behind the breach?

    The company hasn't clarified but noted an investigation is ongoing.

    Am I at risk, and what is Equifax doing to help?

    Equifax is proposing that customers sign up for credit file monitoring and identity theft protection. It is giving free service for one year through its TrustedID Premier business, regardless of whether you've been impacted by the hack.

    To enroll and/or check whether you were affected, visit www.equifaxsecurity2017.com and click on the Check Potential Impact tab. You'll need to provide your last name and the last six digits of your social security number. Once submitted, you will receive a message indicating whether you've been affected.

    Then, you have the option to enroll in the program, but you can't actually sign up for the service until next week. Each customer is provided an enrollment date starting earliest on Monday.

    Can I sue Equifax?

    If you sign up for Equifax's offer of free identity theft protection and credit file monitoring, you may be limiting your rights to sue and be forced to take disputes to arbitration.
    But you can opt out of that provision if you notify the company in writing within 30 days. In addition, some attorneys argue that even if you don't opt out, the arbitration provision does not cover suits related to this breach.

    Is anyone investigating the breach?

    New York Attorney General Eric Schneiderman launched a formal investigation into the hack on Friday.

    Meanwhile, Congressman Ted Lieu, a Democrat from California, sent a letter to House Judiciary Committee Chairman Bob Goodlatte and ranking member John Conyers calling for a hearing to investigate the data breach.

    The House Financial Services Committee Chairman Jeb Hensarling, a Republican from Texas, also said his committee will hold a hearing on the breach.

    Consumer Financial Protection Bureau is looking into the breach as well

    "The CFPB is authorized to take enforcement action against institutions engaged in unfair, deceptive, or abusive acts or practices, or that otherwise violate federal consumer financial laws. We are looking into the data breach and Equifax's response, but cannot comment further at this time," a spokesperson told CNNMoney.

    http://money.cnn.com/2017/09/08/tech...-qa/index.html




    After the Equifax breach, here’s how to freeze your credit to protect your identity

    Consumers affected by the Equifax data breach are scrambling for ways to protect their financial lives. Some are considering Equifax's own credit-monitoring service. Others suggest freezing your credit as a better option to such services. But what does freezing your credit entail, and how easy is it to do (and undo)?

    In basic terms, freezing your credit means placing restrictions on who can view your credit report. Why is this important? Well, applying for housing, checking accounts or new credit cards can all involve a credit pull by potential landlords, mortgage lenders or banks. If you prevent them from pulling your credit, it'll frustrate the fraudsters who need these organizations' approval to open fake accounts using your stolen identity

    Freezing your credit comes with a $5 to $10 charge for each credit bureau
    . The amount of the charge depends on where you live; here's a PDF from Equifax that shows how much it might cost you. Often, victims of identity theft can freeze their credit at no charge. To get the ball rolling, visit the relevant websites of Experian, Equifax and TransUnion. You can also call Equifax (1-800-349-9960), Experian (1‑888‑397‑3742) or TransUnion (1-888-909-8872).

    The credit agencies will ask for your personal information, including your name, address, date of birth and Social Security number. Once you've supplied those and frozen your credit report, nobody except your existing lenders, or their debt collectors, will be able to see it, according to federal regulators. The only other entities that are allowed to see your credit report at this point are government agencies carrying out a search warrant or subpoena, and yourself, if you're trying to access the free credit report that is entitled to you once per year per credit bureau. (You can thank a 2003 law known as FACTA for this right. Annualcreditreport.com is the only website you'll ever see government officials recommend for this purpose.)

    But what do you do once your report is frozen and you need, say, a credit card company to look at it?

    In that case, you can contact the credit bureaus again and ask them to lift or “thaw” the freeze. To do so, you'll need a PIN that your credit bureau gave you when you enabled the freeze. The reporting agencies are required to put the thaw into effect no later than three business days after you submit the request. You can also choose to lift the freeze only for a specific amount of time, to limit your exposure. Lifting the freeze can also come with a small fee.

    If you lose your PIN, you can reset it, but that will typically require you to provide proof of your identity.
    This poses a different type of security risk; if a criminal manages to get a copy of the required identifying documents — say, through a corporate data breach or by persuading you to give up the information voluntarily through an email phishing attack — then there isn't much standing between a determined thief and an unfrozen credit report.

    Still, many Americans become identity theft victims every year simply because they represent the easiest targets. Making it even a little bit harder for criminals to put your stolen identity to use could save you an enormous headache.

    https://www.washingtonpost.com/news/...=.dd2893f6b43f




    The Equifax Data Breach: What to Do


    If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.
    Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.

    They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.
    There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com.


    • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
    • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until November 21, 2017 to enroll.
    • You also can access frequently asked questions at the site.


    Here are some other steps to take to help protect yourself after a data breach:


    • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
    • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
    • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
    • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.


    • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.


    Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

    video: https://www.consumer.ftc.gov/blog/20...breach-what-do


    https://www.consumer.ftc.gov/blog/20...breach-what-do

    -------------------------------------

    Tweets:

    Freeze your credit reports now. (check if they charge, how much)

    – Equifax: https://www.freeze.equifax.com/
    – Experian: https://www.experian.com/consumer/ca...e=FREEZECENTER
    – TransUnion: https://freeze.transunion.com/

    Freezing your credit takes minutes. As long as you save your PIN, also takes minutes to temporarily ‘thaw’ when you need to apply for credit

    Bonus: when someone runs your *frozen* credit without telling you (looking at you Comcast) they awkwardly say “uh, it says you don't exist?”

    Also, opt-out of prescreened credit offers to stop sale of your credit info to data brokers and sites doxxers use

    https://t.co/70y2cL9zNt


    -------------------------------------

    How credit freezes work, what they cost


    For a cost of up to around $30, you can prevent identity thieves from opening accounts in your name by freezing your credit report.

    Credit freezesCredit freezes, also known as security freezes, place a lock on access to a borrower's credit report. With a credit freeze in place, lenders and other companies cannot view the borrower's credit. As a result, freezes prevent the consumer from gaining access to new loans, such as credit cards and mortgages, but they also keep fraudsters from opening new accounts in that person's name.

    These freezes can subsequently be lifted temporarily or permanently by consumers, sometimes also for a price.

    Credit freezes can be a great tool for protecting yourself against identity theft, but they're not for everyone. If, for example, you suspect that you might be an ID theft target because of a data breach at a company where you use your card, setting a temporary fraud alert with the credit bureaus is a simpler and no-cost alternative.


    In place of credit freezes, the credit reporting industry typically promotes credit monitoring services, which bureaus and banks sell to their customers, or fraud alerts, which are available for free from the credit bureaus and do not block access to credit reports

    More on all this at: http://www.creditcards.com/credit-ca...reeze-1282.php


    Below you’ll find directions and links to assist you in obtaining your credit freeze or thaw from each major bureau:


    EQUIFAX CREDIT FREEZE
    [Equifax Website]

    • Credit freezes may be done online or by certified mail – return receipt requested.
    • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
    • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
    • If your PIN is late arriving, call 1-888-298-0045. They will ask you for some ID and arrange for your PIN to be sent to you in 4-7 days.
    • Unfreeze: Do a temporary thaw of your Equifax credit freeze by snail mail, online or by calling 1-800-685-1111 (N.Y. residents dial 1-800-349-9960).
    • Info on freezing a child’s credit with Equifax can be found here.
    • If requesting a freeze by mail, use the following address:
      • Equifax Security Freeze
        P.O. Box 105788
        Atlanta, GA. 30348



    EXPERIAN CREDIT FREEZE
    [Experian Website]

    • Credit freezes may be done online; by certified mail – return receipt requested; or by calling 1-888-EXPERIAN (1-888-397-3742). When calling, press 2 then follow prompts for security freeze.
    • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
    • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
    • You can also freeze a child’s credit report. The information contained at this link is applicable for all three credit bureaus. You must first write a letter to each bureau to learn if your minor child has a credit report and if so, then you can proceed to freeze it.
    • Unfreeze: Do a temporary thaw of your Experian credit freeze online or by calling 1-888-397-3742.
    • Info on freezing a child’s credit with Experian can be found here.
    • If requesting a freeze by mail, use the following address:
      • Experian
        P.O. Box 9554
        Allen, TX. 75013



    TRANSUNION CREDIT FREEZE
    [TransUnion website]

    • Credit freezes may be done online, by phone (1-888-909-8872) or by certified mail – return receipt requested. (Some users have reported difficulty with the online method. Please try one of the other options if you too experience difficulty.)
    • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
    • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
    • Unfreeze: Do a temporary thaw of your TransUnion credit freeze online or by calling 1-888-909-8872.
    • Info on freezing a child’s credit with TransUnion can be found here.
    • If requesting a freeze by mail, use the following address:
      • TransUnion Protected Consumer Freeze
        P.O. Box 380
        Woodlyn, PA. 19094



    *YOU CAN ALSO FREEZE YOUR CHEXSYSTEM REPORT*


    Visit ChexSystems.com and to submit your request online.


    Cost per state:

    Equifax
    - https://help.equifax.com/servlet/fil...hment__body__s

    TransUnion -
    https://www.transunion.com/credit-fr...ation-by-state

    Experian - https://www.experian.com/ncaconline/freeze#fees



 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •