John Ribeiro
Author Archives: John Ribeiro
- Home → Author's archive:
John Ribeiro
0
Obama wants help from tech firms to fight terrorism
U.S. President Barack Obama is seeking the help of tech companies to combat terror threats, which he described as entering a new phase. Obama's remarks could put into sharp focus again the demand by law enforcement agencies for tech companies to provide ways for the government to be able to access encrypted communications. In an address late Sunday from the Oval Office, Obama said he "would urge hi-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice."To read this article in full or to leave a comment, please click here
0
New legislation aims at stalling NSA reform
A new bill introduced in the Senate aims to let the U.S. National Security Agency hold on for five years to phone records collected by the agency, while also making permanent some anti-terrorist provisions that have been criticized by civil rights groups.Senator Tom Cotton, a Republican from Arkansas, said Wednesday he would introduce the "Liberty Through Strength Act II" to require the federal government to hold on to the legacy phone metadata of Americans for five years and authorize its use for queries.INSIDER: Traditional anti-virus is dead: Long live the new and improved AV The Senator introduced last month legislation, also called the Liberty Through Strength Act, that would delay the end of the bulk collection of phone metadata of Americans by the NSA to Jan. 31, 2017, in the wake of security concerns after the terror attacks in Paris. The bill was introduced a little before the Thanksgiving break.To read this article in full or to leave a comment, please click here
0
IRS says it will get a warrant before using cell-site simulators
The U.S. Internal Revenue Service is drafting a policy to restrict the use without a warrant of cell-site simulator technology to snoop on the location and other information from mobile phones.The head of the IRS, John Koskinen, wrote in a letter that the agency was drafting a policy that would mirror an earlier Department of Justice rule, which requires a search warrant supported by probable cause before using the technology, except in exigent or exceptional circumstances.INSIDER: 5 ways to prepare for Internet of Things security threats Cell-site simulators, also referred to as stingrays or 'IMSI catchers,' track the location and other information from mobile phones by mimicking cellphone towers. The use of the technology without a warrant by law enforcement has been criticized by civil rights groups.To read this article in full or to leave a comment, please click here
0
BlackBerry quits Pakistan over government surveillance demands
BlackBerry has decided not operate in Pakistan after Nov. 30, rather than let the local government intercept communications on its enterprise services, the company said Monday.The Pakistani government wanted the ability to monitor all BlackBerry Enterprise Service traffic in the country, including every BES e-mail and BES BBM (BlackBerry Messenger) message, BlackBerry's Chief Operating Officer Marty Beard wrote in a blog post on Monday. BlackBerry has been under pressure in many countries including neighboring India to provide access to data on its enterprise services to law enforcement.To read this article in full or to leave a comment, please click here
0
In wake of Paris attacks, legislation aims to extend NSA program
A U.S. senator plans to introduce legislation that would delay the end of the bulk collection of phone metadata by the National Security Agency to Jan. 31, 2017, in the wake of security concerns after the terror attacks last Friday in Paris.Senator Tom Cotton, a Republican from Arkansas, believes that the termination of the program, scheduled for month-end under the USA Freedom Act, "takes us from a constitutional, legal, and proven NSA collection architecture to an untested, hypothetical one that will be less effective."The transition will happen in less than two weeks, at a time when the threat level for the U.S. is "incredibly high," he said Tuesday.To read this article in full or to leave a comment, please click here
0
Microsoft sets up data centers in Germany amid US surveillance concerns
Microsoft is delivering its cloud services, including Azure, Office 365 and Dynamics CRM Online from two new datacenter regions in Germany, in a move that aims to deflect customer concerns about access to their data by U.S. surveillance.The data centers, located in Magdeburg and Frankfurt am Main, will be unusual in that control over the data will not be with Microsoft but with Deutsche Telekom subsidiary T-Systems, which will be acting as a data trustee for Microsoft's customers' data.Access to customer data stored in these new datacenters will be under the control of T-Systems and Microsoft will not be able to access the data without the permission of customers or the data trustee, Microsoft said in a statement Wednesday. If permission is granted by the data trustee, Microsoft will access the data only under its supervision.To read this article in full or to leave a comment, please click here
0
Microsoft sets up data centers in Germany amid US surveillance concerns
Microsoft is delivering its cloud services, including Azure, Office 365 and Dynamics CRM Online from two new datacenter regions in Germany, in a move that aims to deflect customer concerns about access to their data by U.S. surveillance.The data centers, located in Magdeburg and Frankfurt am Main, will be unusual in that control over the data will not be with Microsoft but with Deutsche Telekom subsidiary T-Systems, which will be acting as a data trustee for Microsoft's customers' data.Access to customer data stored in these new datacenters will be under the control of T-Systems and Microsoft will not be able to access the data without the permission of customers or the data trustee, Microsoft said in a statement Wednesday. If permission is granted by the data trustee, Microsoft will access the data only under its supervision.To read this article in full or to leave a comment, please click here
0
Hack to cost UK’s TalkTalk up to $53 million
TalkTalk Telecom Group in the U.K. expects the one-off cost of a recent cyberattack to be up to £35 million (US$53 million) but said the number of customers affected may have been far less than had been earlier expected.The company said, while presenting its half-year results Wednesday, that forensic analysis had found that 4 percent of its customers have any personal data at risk.Giving a breakdown, TalkTalk disclosed that the total number of customers whose personal details were accessed were 156,959, and of these customers 15,656 bank account numbers and sort codes were accessed. 28,000 obscured credit and debit card numbers were also accessed by the hackers but cannot be used for financial transactions, as they were were 'orphaned', and cannot be identified by the stolen data, the company said.To read this article in full or to leave a comment, please click here
0
EMC, hospital to pay $90,000 over stolen laptop with medical data
EMC and Hartford Hospital have agreed to pay US$90,000 to Connecticut in connection with the loss in 2012 of an unencrypted laptop containing patient information of 8,883 residents of the state, according to the state's attorney general.The laptop was stolen from the home of an employee of EMC and was never later recovered, according to an "Assurance of Voluntary Compliance" signed by EMC and the hospital with Attorney General George Jepsen.EMC had been hired as a contractor to the hospital to assist it on a quality improvement project relating to analyzing patient data. The employee had been employed by a company that was acquired by EMC and received the laptop that was stolen from that company.To read this article in full or to leave a comment, please click here
0
Microsoft follows Mozilla in considering early ban on SHA-1 certificates
Microsoft is considering advancing the blocking of the SHA-1 hashing algorithm on Windows to as early as June next year, taking a cue from a similar decision by Mozilla. The Redmond-based software maker had earlier said that Windows would block SHA-1 signed TLS (Transport Layer Security) certificates from Jan. 1, 2017, but is now mulling moving up the date in view of recent advances in attacks on the SHA-1 algorithm, a cryptographic hash function designed by the U.S. National Security Agency. There have been concerns about the security of the algorithm, which led Microsoft, Google and Mozilla to announce that their browsers would stop accepting SHA-1 SSL (Secure Sockets Layer) certificates.To read this article in full or to leave a comment, please click here
0
Man whose iPhone passcode DOJ wanted Apple to bypass enters guilty plea
Jun Feng, a defendant in a criminal case, has entered a guilty plea, removing pressure from a New York court to decide quickly whether Apple is required to aid investigators by bypassing his iPhone 5s passcode.Feng had been indicted on three counts related to the possession and distribution of methamphetamine. The U.S. Department of Justice had asked the U.S. District Court for the Eastern District of New York for an expedited decision so as to secure evidence in a trial scheduled to begin on Nov. 16.But on Thursday, DOJ informed the court that Feng has entered a guilty plea. "The government persists in the application pending before the Court, but in view of the guilty plea, no longer requests expedited treatment," U.S. Attorney Robert L. Capers wrote in a letter to Magistrate Judge James Orenstein.To read this article in full or to leave a comment, please click here
0
Senate to battle Tuesday on controversial CISA cybersecurity bill
The U.S. Senate is scheduled to consider early Tuesday the Cybersecurity Information Sharing Act of 2015, a controversial bill that is intended to encourage businesses to share information about cyberthreats with the government by providing them immunity from customer lawsuits.The CISA bill has been criticized by civil rights groups and some companies in the technology industry, which claim the proposed legislation, dubbed a surveillance bill in disguise, provides loopholes for government intelligence agencies like the National Security Agency to get access to personal information of users.The bill has powerful backers though, including industry groups, many lawmakers and the White House, which believe the legislation is necessary in the wake of a large number of recent cyberattacks on companies and government agencies.To read this article in full or to leave a comment, please click here
0
US proposal aims to regulate car privacy, make hacks illegal
A subcommittee of the U.S. House of Representatives has proposed requiring vehicle manufacturers to state their privacy policies, besides providing for civil penalties of up to US$100,000 for the hacking of vehicles.The lawmakers have also proposed that the National Highway Traffic Safety Administration set up an Automotive Cybersecurity Advisory Council to develop cybersecurity best-practices for manufacturers of cars sold in the U.S.The move comes in the wake of the increasing automation of cars, which has raised privacy concerns, and the high-profile hack of a Jeep Cherokee.The House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade has released the staff draft ahead of a hearing next week on “Examining Ways to Improve Vehicle and Roadway Safety."To read this article in full or to leave a comment, please click here
0
Google, Facebook and peers criticize CISA bill ahead of Senate consideration
A trade group representing Facebook, Google, Yahoo and other tech and communications companies has come down heavily against the Cybersecurity Information Sharing Act of 2015, a controversial bill in the U.S. that is intended to encourage businesses to share information about cyberthreats with the government.The Computer & Communications Industry Association claims that the mechanism CISA prescribes for the sharing of cyberthreat information does not adequately protect users’ privacy or put an appropriate limit on the permissible uses of information shared with the government.The bill, in addition, "authorizes entities to employ network defense measures that might cause collateral harm to the systems of innocent third parties," the CCIA said in a blog post Thursday.To read this article in full or to leave a comment, please click here
0
US won’t seek legislation against encryption
The U.S. administration will not seek legislation at this point to counter the encryption of communications by many technology services and product vendors, but will work on a compromise with industry, a senior U.S. official said Thursday. "The administration is not seeking legislation at this time," Federal Bureau of Investigation Director James Comey said in a statement before a Senate Committee on Homeland Security and Governmental Affairs. Comey had previously asked for a "robust debate" on encryption of communications, saying that the technology could come in the way of his doing his job to keep people safe.To read this article in full or to leave a comment, please click here
0
Alibaba sets up second data center in the US in $1B cloud expansion
Continuing the expansion of its AliCloud cloud computing business, Alibaba Group is setting up a second data center in Silicon Valley.The Chinese company said customers could apply from Monday for services from the data center, which will span over 10 cloud services including Elastic Compute Service, offering scalable computing services, an Analytic Database Service that provides real-time, high-concurrency online analytical processing, and a Cloud Monitor System using an open platform for the real-time monitoring of sites and servers.Alibaba did not respond to a request for more information on the new data center.The company said earlier this year that it was investing US$1 billion in its cloud computing business. It launched its first data center in Silicon Valley in March, confirming its ambitions to enter the U.S. market.To read this article in full or to leave a comment, please click here
0
Apple lists 25 apps impacted by XcodeGhost
Apple has identified 25 apps on its stores that had used a rogue version of its Xcode development tool, and advised users to update the affected apps to fix the issue on their devices.Figuring in the list are the WeChat app from Tencent and the Didi ride-hailing app, which had been identified earlier as affected. Other apps included in the list released by Apple on its China website include local chatting tool Encounter, the app for Baidu Music and China Unicorn's customer service app.To read this article in full or to leave a comment, please click here
0
Cisco said to plan China partnership to boost market access
Following in the footsteps of some other U.S. companies like Hewlett-Packard and Intel, Cisco Systems is planning to tie up with a Chinese partner for joint development and better access to the local market, according to a newspaper report.The networking equipment company is planning to announce a partnership with server maker Inspur Group during Chinese President Xi Jinping's visit to Seattle on Wednesday, The Wall Street Journal reported on Tuesday.Cisco said Tuesday it declined to comment on rumors related to any specific announcements or companies. Company spokesman Nigel Glennie said the company is optimistic about the opportunities for its China team, and is open to local partnerships playing a role in its future strategy. The company has done business in China for over 20 years and learned the importance of having the right relationships, he added.To read this article in full or to leave a comment, please click here
0
Cisco said to plan China partnership to boost market access
Following in the footsteps of some other U.S. companies like Hewlett-Packard and Intel, Cisco Systems is planning to tie up with a Chinese partner for joint development and better access to the local market, according to a newspaper report.The networking equipment company is planning to announce a partnership with server maker Inspur Group during Chinese President Xi Jinping's visit to Seattle on Wednesday, The Wall Street Journal reported on Tuesday.Cisco said Tuesday it declined to comment on rumors related to any specific announcements or companies. Company spokesman Nigel Glennie said the company is optimistic about the opportunities for its China team, and is open to local partnerships playing a role in its future strategy. The company has done business in China for over 20 years and learned the importance of having the right relationships, he added.To read this article in full or to leave a comment, please click here
0
India withdraws draft encryption policy following controversy
The Indian government has withdrawn a controversial draft encryption policy, with a minister stating that the document was not the final view of the government.Under the policy, consumers would have been required to store the plain texts of encrypted information for 90 days from the date of a transaction and provide the text to law enforcement agencies when required under the laws of the country. The government would have also specified the algorithms and the length of the encryption keys used by different categories of people.The policy was largely seen as meeting the need for access to information by law enforcement agencies, and included similar restrictions on business users as well. It also called for Internet services providers to enter into unspecified agreements with the government.To read this article in full or to leave a comment, please click here