Twitter Blocks Intelligence Agencies
May 17, 2016 by admin
Filed under Around The Net
Comments Off on Twitter Blocks Intelligence Agencies
Twitter has prohibited a data-mining firm from providing analytics of real-time tweets to U.S. intelligence agencies, according to a Wall Street Journal report, quoting a person familiar with the matter.
Twitter, which provides Dataminr with real-time access to public tweets, seems to be trying to distance itself from appearing to aid government surveillance, a controversial issue after former National Security Agency contractor Edward Snowden revealed that the government was collecting information on users through Internet and telecommunications companies.
Executives of Dataminr told intelligence agencies recently that Twitter, which holds around 5 percent of the equity in the startup and provides the data feed, did not want the company to continue providing the service to the agencies.
Twitter’s move appears to be in line with its policy on the use of its tweet data by external companies.
“Dataminr uses public Tweets to sell breaking news alerts to companies such as Wall Street Journal parent Dow Jones and government agencies such as the World Health Organization, for non-surveillance purposes,” Twitter said in a statement Sunday. “We have never authorized Dataminr or any third party to sell data to a government or intelligence agency for surveillance purposes.”
U.S. intelligence agencies gained access to Dataminr’s service after In-Q-Tel, aventure capital organization backed by U.S. intelligence agencies, put money in the firm, the WSJ said, quoting a person familiar with the matter. Twitter is said to have conveyed to Dataminr that it didn’t want to continue the relationship with intelligence agencies at the end of a pilot by the data analysis firm arranged by In-Q-Tel. Dataminr does not figure in the list of In-Q-Tel portfolio companies on its website.
Source-http://www.thegurureview.net/uncategorized/twitter-blocks-intelligence-agencies-access-to-tweet-analytics.html
FCC Commits To 600 Mhz Wireless Spectrum Auction
September 21, 2015 by admin
Filed under Uncategorized
Comments Off on FCC Commits To 600 Mhz Wireless Spectrum Auction
LAS VEGAS — Federal Communications Commission Chairman Tom Wheeler has committed to a March 29 start date for an unprecedented auction of 600Mhz wireless spectrum currently under the control of the nation’s broadcasters.
The auction has already been delayed two years, but Wheeler was adamant it will move ahead on a timeline that allows input from broadcasters as well as from wireless providers that would be potential spectrum buyers.
The broadcast spectrum in the 600Mhz band offers the potential to wireless carriers to send data, including video and other multimedia at much faster speeds and with lower latency. Latency refers to the speed required to generate a response to a wireless signal.
“I’m supremely confident [the auction] starts March 29,” he said in keynote comments at CTIA Super Mobility Week 2015 here. Explaining the delays, he said the planned auction is like a “Swiss watch with so many moving parts.”
The FCC plans to issue a new public notice in October that will give further details on the planned schedule. Wheeler said that around Thanksgiving, broadcasters will be able to indicate whether they want to participate in offering up the spectrum they use today.
Once the FCC establishes pricing, the broadcasters can decide whether to move forward or withdraw from the process if the prices don’t meet their needs, Wheeler said. In January, wireless providers — including newcomers, possibly — will be prompted to express interest in joining the auction to buy spectrum.
Wheeler contended that the 600MHz spectrum auction shows the FCC is moving to free up spectrum that the cellular industry says it urgently needs.
Source-http://www.thegurureview.net/mobile-category/fcc-commits-to-600-mhz-wireless-spectrum-auction-in-march.html
FCC Wants Carriers To Alert When IP Switching
July 22, 2015 by admin
Filed under Smartphones
Comments Off on FCC Wants Carriers To Alert When IP Switching
The U.S. Federal Communications Commission is backing a requirement that the country’s telecom carriers warn residential and business customers about plans to retire copper telephone networks for IP-based systems.
A proposal from FCC Chairman Tom Wheeler would also require telecom carriers retiring their copper networks to offer customers the option of purchasing battery backup systems so that they don’t lose voice service during an electrical power outage, officials said Friday. IP-based voice service depends on working Internet service, which, in turn, requires electricity.
The old copper-based phone service works without electrical service available at the customer’s address, and a loss of voice service during power outages is one of the major concerns of consumer groups as major telecom carriers move to retire their decades-old copper networks.
Wheeler’s proposal, likely to be voted on by the commission during its Aug. 6 meeting, would require telecom providers that are retiring copper to make battery backup systems with eight hours of standby power available to affected customers, either through the carriers themselves or for third-party retailers. Voice customers would have to pay for the battery backups, which now cost $40 and up, but they could choose whether or not they want the backup.
Most consumers and consumer groups in contact with the FCC wanted the option to purchase battery backup from sources other than carriers, an FCC official said. Requiring battery backup systems during VoIP installs could have discouraged customers from signing up for the service, he added.
Within three years, carriers would have to offer a battery backup option with 24 hours of standby power, under the rules proposed by Wheeler.
Telecom carriers retiring their copper would also have to alert customers that their old telephone service was going away. Telecom carriers currently aren’t required to notify customers, but under the proposed rules, residential customers would get a three-month warning, and business customers would get a six-month warning, agency officials said during a press briefing.
Telecom carriers would also have to notify interconnecting carriers of their copper retirement plans, and competitors using the existing copper to provide business voice and Internet services would be eligible to receive similar pricing deals from the large incumbent carriers, the FCC said.
Anthem Gets Hacked
Health insurer Anthem Inc, which has nearly 40 million U.S. customers, has confirmed that hackers had breached one of its IT systems and stolen personal information relating to current and former consumers and employees.
The No. 2 health insurer in the United States said the breach did not appear to involve medical information or financial details such as credit card or bank account numbers.
The information accessed during the “very sophisticated attack” did include names, birthdays, social security numbers, street addresses, email addresses and employment information, including income data, the company said.
Anthem said that it immediately made every effort to close the security vulnerability and reported the attack to the FBI. Cybersecurity firm FireEye Inc FEYE. said it had been hired to help Anthem investigate the attack.
The company did not say how many customers and staff were affected, but the Wall Street Journal earlier reported it was suspected that records of tens of millions of people had been taken, which would likely make it the largest data breach involving a U.S. health insurer.
Anthem had 37.5 million medical members as of the end of December.
“This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information,” U.S. Rep. Michael McCaul, a Republican from Texas and chairman of the Committee on Homeland Security, said in a statement late Wednesday.
Should Encryption Be The Norm?
Encryption should be a matter of priority and used by default. That’s the message from the Internet Architecture Board (IAB), the worldwide body in charge of the internet’s technology infrastructure.
The IAB warned in a statement that “the capabilities and activities of attackers are greater and more pervasive than previously known”.
It goes on to say: “The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default.
“We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic.”
The purpose, the IAB claims, is to instill public trust in the internet after the myriad high-profile cases in which computer traffic has been intercepted, ranging from bank details to email addresses and all points in between.
The news will be unwelcome to the security services, which have repeatedly objected to initiatives such as the default encryption in iOS8 and Android L, claiming that it is in the interest of the population to retain the right to intercept data for the prevention of terrorism.
However, leaked information, mostly from files appropriated by rogue NSA contractor Edward Snowden, suggests that the right of information interception is abused by security services including the UK’s GCHQ.
These allegations include the collection of irrelevant data, the investigation of cold cases not in the public interest, and the passing of pictures of nude ladies to colleagues.
New Data Suggest IT Hiring Increasing
November 21, 2014 by admin
Filed under Around The Net
Comments Off on New Data Suggest IT Hiring Increasing
Whenever IT hiring increases, as it did last month, the default explanation from analysts is this: The economy is improving.
That might be true, and it may well explain the U.S. Department of Labor’s report today that showed the U.S., overall, added 214,000 jobs last month.
Of that total employment gain, IT hiring grew by 7,800 jobs in October, compared with a gain of 6,900 jobs in September, according to TechServe Alliance, an IT industry group.
Another IT labor analyst group, Janco Associates, calculated last month’s IT gains at 9,500 jobs.
Government data can be reported in different ways, depending on which job categories are included in the IT job estimates, and it is why analysts report job numbers differently.
Hiring trends are also affected by Labor Department adjustments, and the government’s adjusted data adds nearly 25,000 telecom jobs over the past two months, according to Janco. Because of this adjustment, Janco termed the recent growth in IT over the past several months “explosive,” while TechServe put last month’s results as “modestly stronger.”
There is no one reason for October’s gain. An improving economy may be at the heart of any answer. Independent of the government numbers, Computer Economics, in a recent report on contingent versus full-time hiring, said it is seeing a drop in the use of contract workers at large companies and more reliance on full-time workers, which is a sign of an improving economy.
Silk Road 2.0 Shutdown
U.S. governmnent authorities said they have shut down the successor website to Silk Road, an underground online drug marketplace, and charged its alleged operator with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes.
Blake Benthall, 26, was arrested last Wednesday in San Francisco and was expected to make an initial court appearance in federal court there later on Thursday.
The charges against Benthall carry a maximum sentence of life in prison.
A lawyer for Benthall could not immediately be identified.
Silk Road 2.0 was launched late last year, weeks after authorities had shuttered the original Silk Road website in October and arrested its alleged owner, Ross Ulbricht, who went by the online alias, Dread Pirate Roberts.
“Let’s be clear – this Silk Road, in whatever form, is the road to prison,” Manhattan U.S. Attorney Preet Bharara, whose office is prosecuting both cases, said in a statement.
Benthall, known as “Defcon” online, became the operator of Silk Road 2.0 in December, one month after an unnamed co-conspirator launched the site, according to prosecutors.
Silk Road 2.0 provided an online bazaar where users across the world could buy and sell drugs, computer hacking tools and other illicit items, using the digital currency Bitcoin as payment, authorities said.
As of September, the site was generating at least $8 million a month in sales, they said.
The government’s investigation included an undercover agent who was able to infiltrate the administrative staff of the website and interact directly with Benthall, prosecutors said.
Ulbricht, 30, has pleaded not guilty and is scheduled for trial in New York in January.
Will The Drupal Flaw Be Catastrophic?
Comments Off on Will The Drupal Flaw Be Catastrophic?
The Drupal web content management system has been exposed as having backdoor access that could deliver your site to hackers.
The problem is not particularly new. Drupal warned about it earlier this month, but it still needs tackling as millions of websites may be at risk.
Drupal said that sites running version 7 really ought to have upgraded to 7.32 by now, because not doing so leaves them as open as a torn tea bag.
Initially the alert was about the threat, but the firm has updated its earlier advice and is now warning of in-the-wild attacks.
That earlier advice was about a problem in a database API. “A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution,” warned Drupal in a security alert.
“Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks. This vulnerability can be exploited by anonymous users.”
More recent information from the firm points users toward the released upgrade, and informs them that attacks started not long after the initial announcement.
“You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is seven hours after the announcement,” it said, adding that, even when updated, sites will have some cleaning up to do.
“If you have not updated or applied this patch, do so immediately, then continue reading this announcement; updating to version 7.32 or applying the patch fixes the vulnerability but does not fix an already compromised website,” it explains.
“If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised – some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.”
Gavin Millard, EMEA technical director at Tenable Network Security, advised people to follow Drupal’s advice.
“The so-called ‘Drupageddon’ vulnerability could have easily led to exploitation of any systems running the vulnerable code. With such an easy to exploit flaw, the chance of exfiltration of data or further exploitation are high,” he said.
“For those who have good security controls, reviewing of logs and traffic directed at the sites following the vulnerability being announced and the patch applied is common sense and highly advisable, with appropriate action taken if indicators of compromise are found.
“For those who don’t have such a good level of security or visibility into the logs, the advice from the Drupal team should be heeded. If you don’t know if you were exploited you should assume that you have been.”
Microsoft’s Killswitch Incoming
July 1, 2014 by admin
Filed under Smartphones
Comments Off on Microsoft’s Killswitch Incoming
Responding to mounting pressure, Google and Microsoft will follow Apple in adding an anti-theft “kill switch” to their smartphone operating systems.
The commitment comes at a time when new data shows a dramatic drop in theft of Apple iPhones and iPads after the September 2013 introduction of iOS 7, which included a kill-switch function that allows stolen devices to be remotely locked and deleted so they become useless.
In New York, iPhone theft was down 19 percent in the first five months of this year, which is almost double the 10 percent drop in overall robberies seen in the city. Over the same period, thefts of Samsung devices — which did not include a kill switch until one was introduced on Verizon-only models in April — rose by over 40 percent.
In San Francisco, robberies of iPhones were 38 percent lower in the six months after the iOS 7 introduction versus the six months before, while in London thefts over the same period were down by 24 percent. In both cities, robberies of Samsung devices increased.
“These statistics validate what we always knew to be true, that a technological solution has the potential to end the victimization of wireless consumers everywhere,” San Francisco District Attorney George Gascon told IDG News Service.
Gascon and New York State Attorney General Eric Schneiderman have been leading a push to get smartphone vendors and telecom carriers to include kill switches in their products as a way to curb phone theft.
The joint work had early success with Apple but other carriers and phone makers dragged their feet. However, resistance to the idea appears to be dropping as several bills that mandate kill switches make their way through state legislatures and the U.S. Congress.
The bills demand a function that would enable a phone owner to remotely delete and disable a phone if stolen. The function could be disabled by consumers before a theft takes place if desired, but crucially new handsets would be supplied with it switched on by default.
Hackers Going After Traffic Signs
After hackers played several high-profile pranks with traffic signs, including warning San Francisco drivers of a Godzilla attack, the U.S. government advised operators of electronic highway signs to take “defensive measures” to better secure their property.
Last month, signs on San Francisco’s Van Ness Ave were photographed flashing “Godzilla Attack! Turn Back” and highway signs across North Carolina were tampered with last week to read “Hack by Sun Hacker.”
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, this week advised cities, highway operators and other customers of digital-sign maker Daktronics Inc to take “defensive measures” to minimize the possibility of similar attacks.
It said that information had been posted on the Internet advising hackers how to access those systems using default passwords coded into the company’s software. “ICS-CERT recommends entities review sign messaging, update access credentials and harden communication paths to the signs,” the agency said in an alert posted on Thursday.
Jody Huntimer, a representative for Daktronics, declined to say if the recent attacks involved the bug reported by ICS-CERT.
“We are working with the ICS-CERT team to clarify the current alert and will release a statement once we have assessed the situation and developed customer recommendations,” Huntimer said via email.
Krebs on Security, a widely read security blog, posted a confidential report from the Center for Internet Strategy, or CIS, which was sent to state security officials. It warned that the pranks created a public safety risk because drivers often slow or stop to view the signs and take pictures.
CIS also predicated that amateur hackers might attempt to hack into other systems in the coming weeks following the May 27 release of “Watch Dogs,” a video game from Ubisoft focused on hacking critical infrastructure.