FCC Votes To Tighten Broadband Providers Privacy Rules
April 19, 2016 by admin
Filed under Around The Net
Comments Off on FCC Votes To Tighten Broadband Providers Privacy Rules
The U.S. Federal Communications Commission is moving toward major new regulations requiring ISPs to get customer permission before using or sharing their Web-surfing history and other personal information.
The FCC voted 3-2 last week to approve a notice of proposed rule-making, or NPRM, the first step toward passing new regulations, over the objections of the commission’s two Republicans.
The rules, which will now be released for public comment, require ISPs to get opt-in permission from customers if they want to use their personal information for most reasons besides marketing their own products.
Republican Commissioners Ajit Pai and Michael O’Rielly complained that the regulations target Internet service providers but not social networks, video providers and other online services.
“Ironically, selectively burdening ISPs, who are nascent competitors in online advertising, confers a windfall on those who are already winning,” Pai said. “The FCC targets ISPs, and only ISPs, for regulation.”
The proposed rules could prohibit some existing practices, including offering premium services in exchange for targeted advertising, that consumers have already agreed to, O’Rielly added. “The agency knows best and must save consumers from their poor privacy choices,” he said.
But the commission’s three Democrats argued that regulations are important because ISPs have an incredible window into their customers’ lives.
ISPs can collect a “treasure trove” of information about a customer, including location, websites visited, and shopping habits, said Commissioner Mignon Clyburn. “I want the ability to determine when and how my ISP uses my personal information.”
Broadband customers would be able to opt out of data collection for marketing and other communications-related services. For all other purposes, including most sharing of personal data with third parties, broadband providers would be required to get customers’ explicit opt-in permission.
The proposal would also require ISPs to notify customers about data breaches, and to notify those directly affected by a breach within 10 days of its discovery.
Courtesy- http://www.thegurureview.net/aroundnet-category/fcc-votes-to-tighten-broadband-providers-privacy-rules.html
Symantec Has Some Flaws With SEP
Symantec has warned of three serious vulnerabilities in its Endpoint Protection (SEP) software, and is advising users to update their systems.
The bugs affect all builds of the 12.1 version of the SEP software, with the first two flaws allowing authorised but low privilege users of the software to gain elevated and administrative access to the management console, which can be accessed either locally or through a web-based portal.
The third bug is in the sysplant driver and enables users to bypass the SEP’s security controls and run malware and other malicious code on a targeted client machines.
“Exploitation attempts of this type generally use known methods of trust exploitation requiring enticing a currently authenticated user to access a malicious link or open a malicious document in a context such as a website or in an email,” said the security firm.
There have been no recorded exploits of the flaws, so it would appear that Symantec has squashed the bugs before they became a real-world problem for its customers.
The first two bugs were discovered by security researcher Anatoly Katyushin from rival firm Kaspersky Labs, which is a little embarrassing. Discovery of the third bug was credited to the enSilo Research Team.
Symantec advises SEP users to update their software to the 12.1 RU6 MP4 version. It also recommends that users should take precautions and restrict remote access to the management console in order to prevent hackers from attacking client systems through the web portal.
While hackers can direct sophisticated malware at even the most robustly secured systems, exploiting flaws in software offers an easier route into machines and networks, providing hackers get in before the bugs are discovered and patched.
Recent examples can be seen with the discovery of iOS malware which threatens iPhones through an Apple DRM flaw, and an error on Code.org’s website which saw the emails of its volunteers exposed.
Courtesy-TheInq
Net Neutrality Vote Coming Next Month
January 14, 2015 by admin
Filed under Around The Net
Comments Off on Net Neutrality Vote Coming Next Month
The U.S. Federal Communications Commission will finally vote on new net neutrality rules in their February meeting.
FCC Chairman Tom Wheeler will bring a proposal to a vote during the commission’s Feb. 26 meeting, FCC spokeswoman Kim Hart said Friday, following a report in the Washington Post.
It’s unclear, however, what form those rules will take. Hart declined to comment further on the net neutrality order Wheeler plans to circulate in February.
Many telecom policy experts had expected the FCC to take action on net neutrality early this year after a year-long fight over the issue.
Nearly a year ago, a U.S. appeals court threw out a large portion of net neutrality rules the FCC approved in late 2010. The court ruled that the FCC’s rules came too close to common carrier regulations when the commission didn’t take the step of reclassifying broadband providers as regulated utilities. The court, however, pointed to a couple if sections of the Telecommunications Act that the FCC could use to pass net neutrality regulations.
After launching a net neutrality proceeding in early 2014, the FCC has received nearly 4 million public comments about proposed regulations. Wheeler originally proposed that the FCC adopt rules that would allow broadband providers to engage in “commercially reasonable” traffic management, and in limited cases, charge Web content providers and services for prioritized traffic.
But many people filing comments, and groups like Free Press and Public Knowledge, called on the FCC to pass stronger rules prohibiting traffic prioritization deals. Many advocates of strong net neutrality rules want the FCC to reclassify broadband as a regulated public utility, while exempting them from some common carrier rules, like price regulation.
Recent news reports have suggested Wheeler is leaning toward so-called hybrid net neutrality rules that would classify a part of broadband service as a regulated public utility.
Symantec Uncovers Advanced Spying Malware
Comments Off on Symantec Uncovers Advanced Spying Malware
An advanced malicious software application has been discovered that since 2008 was used to spy on private companies, governments, research institutes and individuals in 10 countries, anti virus software maker Symantec Corp said in a report on Sunday.
The Mountain View, California-based maker of Norton anti virus products said its research showed that a “nation state” was likely the developer of the malware called Regin, or Backdoor. Regin, but Symantec did not identify any countries or victims.
Symantec said Regin’s design “makes it highly suited for persistent, long-term surveillance operations against targets,” and was withdrawn in 2011 but resurfaced from 2013 onward.
The malware uses several “stealth” features “and even when its presence is detected, it is very difficult to ascertain what it is doing,” according to Symantec. It said “many components of Regin remain undiscovered and additional functionality and versions may exist.”
Almost half of all infections occurred at addresses of Internet service providers, the report said. It said the targets were customers of the companies rather than the companies themselves. About 28 percent of targets were in telecoms while other victims were in the energy, airline, hospitality and research sectors, Symantec said.
Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage.” It said “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.”
Regin also uses what is called a modular approach that allows it to load custom features tailored to targets, the same method applied in other malware, such as Flamer and Weevil (The Mask), the anti virus company said. Some of its features were also similar to Duqu malware, uncovered in September 2011 and related to a computer worm called Stuxnet, discovered the previous year.
Symantec said Russia and Saudi Arabia accounted for about half of the confirmed infections of the Regin malware and the other countries were Mexico, Ireland, India, Iran,Afghanistan, Belgium, Austria and Pakistan.
HTTP2 Procotol Nears Completion
When it comes to amping up traffic over the Internet, sometimes too much of a good thing may not be such a good thing at all.
The Internet Engineering Task Force is putting the final touches on HTTP/2, the second version of the Hypertext Transport Protocol (HTTP). The working group has issued a last call draft, urging interested parties to voice concerns before it becomes a full Internet specification.
Not everyone is completely satisfied with the protocol however.
“There is a lot of good in this proposed standard, but I have some deep reservations about some bad and ugly aspects of the protocol,” wrote Greg Wilkins, lead developer of the open source Jetty server software, noting his concerns in a blog item posted Monday.
Others, however, praise HTTP/2 and say it is long overdue.
“A lot of our users are experimenting with the protocol,” said Owen Garrett, head of products for server software provider NGINX. “The feedback is that generally, they have seen big performance benefits.”
First created by Web originator Tim Berners-Lee and associates, HTTP quite literally powers today’s Web, providing the language for a browser to request a Web page from a server.
Version 2.0 of HTTP, based largely on the SPDY protocol developed by Google, promises to be a better fit for how people use the Web.
“The challenge with HTTP is that it is a fairly simple protocol, and it can be quite laborious to download all the resources required to render a Web page. SPDY addresses this issue,” Garrett said.
While the first generation of Web sites were largely simple and relatively small, static documents, the Web today is used as a platform for delivering applications and bandwidth intensive real-time multimedia content.
HTTP/2 speeds basic HTTP in a number of ways. HTTP/2 allows servers to send all the different elements of a requested Web page at once, eliminating the serial sets of messages that have to be sent back and forth under plain HTTP.
HTTP/2 also allows the server and the browser to compress HTTP, which cuts the amount of data that needs to be communicated between the two.
As a result, HTTP/2 “is really useful for organization with sophisticated Web sites, particularly when its users are distributed globally or using slower networks — mobile users for instance,” Garrett said.
Is The US & UK Lacking In Broadband?
December 11, 2013 by admin
Filed under Around The Net
Comments Off on Is The US & UK Lacking In Broadband?
The US and UK are stragglers when it comes to consumer broadband download speeds and appear far down in table rankings.
This puts the countries, swaggering authoritarian surveillance monsters that they are, rather low down on the satisfaction scale.
The ranking produced by Ookla is based on results from Speedtest servers, and is called the Net Index.
“Based on millions of recent test results from Speedtest.net, this index compares and ranks consumer download speeds around the globe,” is the explanation.
“The value is the rolling mean throughput in Mbps over the past 30 days where the mean distance between the client and the server is less than 300 miles.”
Hong Kong takes pole position and it is credited as having download speeds in the area of 71.03 Mbps. There is a big drop of around 20 Mbps down to Singapore in second place with 52.85 Mbps and third is Romania, where speeds are 50.82 Mbps.
You have to look a long way down the list before arriving at the UK, which is in 25th place. Here, or there depending on where you live, consumers get a rather meagre sounding 23.55 Mbps.
The United States weighs in at 31st place and has download speeds of 20.77 Mbps. This puts it below the UK, Germany, Estonia, Hungary, Greece and 25 others.
Closer to home the European Commission has published its report on Broadband Coverage in Europe (2012) and reveals progress on broadband coverage targets. It found that while broadband has improved, it could be faster.
Malware Infections On Android Rising
July 8, 2013 by admin
Filed under Around The Net
Comments Off on Malware Infections On Android Rising
An increasing number of Android phones are infected with mobile malware programs that are capable of turning the handsets into spying devices, according to a report from Kindsight Security Labs, a subsidiary of telecommunications equipment vendor Alcatel-Lucent.
The vast majority of mobile devices infected with malware are running the Android operating system and a third of the top 20 malware threats for Android by infection rate fall into the spyware category, Kindsight said in a report released Tuesday that covers the second quarter of 2013.
The Alcatel-Lucent subsidiary sells security appliances to ISPs (Internet service providers) and mobile network operators that can identify known malware threats and infected devices by analyzing the network traffic.
Data collected from its product deployments allows the company to compile statistics about how many devices connected to mobile or broadband networks are infected with malware and determine what are the most commonly detected threats.
The malware infection rate for devices connected to mobile networks is fairly low, averaging at 0.52%, Kindsight said in its report. These infected devices include mobile phones as well as Windows laptops that use a mobile connection through a phone, a 3G USB modem or a mobile hotspot device.
In January the number of infected mobile phones accounted for slightly more than 30% of all infected devices connected to mobile networks, but by June they grew to more than 50%.
The vast majority of infected mobile phones run Android. Those running BlackBerry, iOS and other operating systems represent less than 1% of infected mobile devices, Kindsight said.
When calculated separately, on average more than 1% of Android devices on mobile networks are infected with malware, Kindsight said in its report.
The malware threat most commonly seen on Android devices was an adware Trojan program called Uapush.A that sends SMS messages and steals information, Kindsight said. Uapush.A was responsible for around 53% of the total number of infections detected on Android devices.
Comcast Starts IPv6 Network Rollout
Comcast has begun the production rollout of its new IPv6 service, with 100 customers upgraded in San Francisco’s East Bay in one week.
IPv6 is an upgrade to the Internet’s main communications protocol, which is called IPv4. IPv6 features an expanded addressing scheme that can support billions of devices connected directly to the Internet at faster speeds and lower cost than IPv4, which is running out of addresses.
Comcast began an IPv6 trial 18 months ago and is a leader in the deployment of IPv6-based services among U.S. ISPs.
The production rollout began on Oct. 31. It offers customers “native dual-stack service,” which means Comcast is supporting both IPv6 and IPv4 services.
The initial subscribers of Comcast’s production-quality IPv6 service have stand-alone computers running Microsoft Windows 7, Windows Vista or Apple Mac OS X that are connected directly to a Comcast cable modem. Comcast plans to support IPv6 for customers with home routers at a later date.
ISPs Close Internet Gap
Broadband speeds on average are within 80 percent of what major Internet service providers advertise, an appreciable increase from two years ago, according to a government study.
The Federal Communications Commission studied cable, DSL and fiber-to-the-home services at 13 top U.S. broadband providers.
The FCC found Verizon Communications Inc’s fiber network was best at meeting or exceeding advertised maximum download speeds, while Cablevision Systems Corp came in last place.
Overall, the numbers were a big boost from 2009, when data indicated download speeds were often about half of Internet service providers’ (ISP) maximum advertised speeds.
“Most major ISPs are providing service close to what they’re advertising. This represents a significant improvement over the findings from two years ago when we first shined a light on this issue,” FCC Chairman Julius Genachowski said, unveiling the study’s findings at a Best Buy Co store in the District of Columbia.
During peak consumer usage hours when networks are busiest, actual download speeds varied from 114 percent to 54 percent of advertised speed among the different ISPs, the FCC said.
The complete findings of the report, its raw data and an FCC-prepared guide for consumers will be made available online. The FCC says the data will help consumers decide which Internet speed, service and provider best meet their needs.
“This report pretty well dispels the myth … that there’s a huge gap between advertised and actual speeds, and in fact we do pretty well here in the United States,” said Richard Bennett, a senior fellow at the Information Technology and Innovation Foundation.
Not everyone was impressed with the study’s findings.