Despite Apple having championed privacy and encryption, and having its most profitable year yet, the company is apparently not above censoring free speech on its Apple TV platform. The Chaos Computer Club claimed that Apple rejected the CCC’s TV app that would allow viewers to stream the hacking conference because researchers have previously presented talks centered on hacking iOS.To read this article in full or to leave a comment, please click here
Despite Apple having championed privacy and encryption, and having its most profitable year yet, the company is apparently not above censoring free speech on its Apple TV platform. The Chaos Computer Club claimed that Apple rejected the CCC's TV app that would allow viewers to stream the hacking conference because researchers have previously presented talks centered on hacking iOS.To read this article in full or to leave a comment, please click here
If you still believe your snaps will self-destruct, you might want to review Snapchat’s newest policy changes as the company can now potentially keep your photos forever and share them. Oh, and by using the app, you grant Snapchat the rights to your photos.Users who update their Snapchat app must tap “Accept” to signify agreeing with the app’s newly updated Privacy Policy and Terms of Service. “Scary stuff,” is what actor Kal Penn, the former White House Associate Director of Public Engagement, called Snapchat’s new privacy and legal policies. Kal Penn
Snapchat, which became popular because messages were supposed to go poof after 10 seconds, gave rise to other third-party apps meant to capture and keep the messages. If you recall “The Snappening” in Oct. 2014, the third party app Snapsaved was hacked and selfies that were supposed to self-destruct were instead leaked. But it couldn't be considered a “leak” if users agree to Snapchat’s newly revised privacy policy and terms of service that take the company on a radical shift away from the idea upon which it was founded.To read this article in full or to leave a comment, please click here
Just what we don’t need…‘anarchy’ during the holiday shopping season. But a top payment executive at Walmart claimed that is what could happen due to the timing of forcing merchants to have chip-an-pin credit card payment terminals.U.S. banks replaced hundreds of millions of credit and debit cards that rely on magnetic strips, which store data, with new cards that contain a small gold EMV microchip; the new cards are hyped as being much more secure, even though the cards have been hacked through man-in-the-middle attacks. French scientists also discovered how criminals altered stolen credit cards that were supposed to be protected by a security chip and a PIN code the crooks didn’t know.To read this article in full or to leave a comment, please click here
When Apple and the DOJ were back in court Monday, arguing over Apple’s refusal to unlock an iPhone seized by law enforcement during an investigation, Magistrate Judge James Orenstein told government attorneys, “What you're asking them [Apple] to do is do work for you.”But Justice Department attorney Saritha Komatireddy argued that it has compelled Apple to unlock at least 70 devices since 2008. The government believes it has the power to force Apple to comply under the All Writs Act. Just Security explained, “Under the government’s interpretation of the All Writs Act, anyone who makes software could be dragooned into assisting the government in investigating users of the software. If the court adopts this view, it would give investigators immense power.”To read this article in full or to leave a comment, please click here
Potentially as many as 4 million customers were affected by the cyberattack on UK telecoms provider TalkTalk, yet the company's CEO Dido Harding admitted that TalkTalk was "not legally required" to encrypt customer data. Harding told the Sunday Times "[Our data] wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information."While that may be true, such a statement provides little comfort to TalkTalk customers who are targets of high-level social engineering attacks meant to empty their bank accounts.To read this article in full or to leave a comment, please click here
Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here
Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here
Many of the world's top tech companies want to put a stop to the fundamentally flawed Cybersecurity Information Sharing Act (CISA) bill which is on the Senate floor.Put another way on "Decide the future of the Internet," the corporate scorecard lists companies against CISA as "Team Internet," while "Team NSA" is "collaborating with the government to control the Internet." Decide the Future
CISA will automate sharing with the following government agencies:To read this article in full or to leave a comment, please click here
Well that was crazy fast.A browser-based version of Popcorn Time, which is often referred to as a 'Netflix for pirates,' was recently launched and picking up steam. BrowserPopcorn was created by a 15-year-old and didn't require anything to be downloaded or for users to login before streaming movies or TV shows. If you had visited browserpopcorn.xyz this morning to partake in an illegal movie streaming fest, you would have seen this: BrowserPopcorn
But now you see this:To read this article in full or to leave a comment, please click here
Back in September, Brian Krebs reported on a confidential Verizon security assessment of Target’s network done shortly after the company was breached in 2013; Verizon consultants found Target was using weak or default passwords, had failed to deploy critical security patches, were running outdated services and other basic security problems. Target is having trouble again, but this time it’s with pranksters “exploiting holes” in Target’s PA system. It could have been done as an early Halloween prank, except this wasn’t the first time X-rated audio has blasted from a Target store’s PA system.To read this article in full or to leave a comment, please click here
The Computer Emergency Response Team (CERT) at Carnegie Mellon University posted a vulnerability note about multiple vulnerabilities in voice over LTE implementations that could potentially compromise the security and privacy of Android users on LTE networks of major U.S. wireless carriers. All Android versions—reportedly even Marshmallow, Google’s newest Android 6.0 – are vulnerable when being used on Verizon Wireless and AT&T; T-Mobile claimed to have “resolved” the issue.To read this article in full or to leave a comment, please click here
The Computer Emergency Response Team (CERT) at Carnegie Mellon University posted a vulnerability note about multiple vulnerabilities in voice-over-LTE implementations that could potentially compromise the security and privacy of Android users on LTE networks of major U.S. wireless carriers. All Android versions—reportedly even Marshmallow, Google’s newest Android 6.0 – are vulnerable when being used on Verizon Wireless and AT&T; T-Mobile claimed to have “resolved” the issue.To read this article in full or to leave a comment, please click here
If you haven’t kicked Adobe Flash to the curb, and you should, then don’t feel secure even if you are running a fully patched version of Flash Player.Although Adobe released a mega-sized patch yesterday, including security fixes for 69 critical vulnerabilities in Flash, Reader and Acrobat, attackers are armed with a zero-day exploit that leaves fully patched versions of Flash Player vulnerable.To read this article in full or to leave a comment, please click here
For October 2015 Patch Tuesday, Microsoft released only six security bulletins with three being rated as critical.3 rated CriticalThe three bulletins rated critical deal with remote code execution.MS15-106 is a cumulative fix for Internet Explorer, patching multiple memory corruption, scripting engine memory corruption, elevation of privilege, and information disclosure vulnerabilities as well as a security feature bypass involving VBScript and Jscript ASLR, and a scripting engine information disclosure bug. The most severe flaws could allow for remote code execution if an attacker tricks a user into visiting a maliciously crafted site. If successfully exploited, an attacker could gain the same user rights as the current user.To read this article in full or to leave a comment, please click here
Well, well, well…a federal magistrate of the U.S. District Court for the Eastern District of New York has so far refused to order Apple to disable security on a customer’s encrypted mobile device even though the government assured the judge that doing so “is not likely to place any unreasonable burden on Apple.”According to the court document (pdf), available on Cryptome which recently admitted to a leaking users’ IP addresses in a separate tech drama, the government filed a sealed application on Oct. 8; it asked the court “to issue an order pursuant to the All Writs Act,” and thereby force Apple “to assist in the execution of a federal search warrant by disabling the security of an Apple device that the government has lawfully seized pursuant to a warrant issued by this court. Law enforcement agents have discovered the device to be locked, and have tried and failed to bypass the lock.”To read this article in full or to leave a comment, please click here
If you don’t have a DVD or Blu-ray ripper and you want one, then you should consider buying one immediately because tools that assist in the circumvention of DRM could be banned if the Trans-Pacific Partnership (TPP) is ratified. Of course if the finalized TPP text, leaked by WikiLeaks, is ratified, then you could be criminally liable if you circumvent Digital Rights Management. While a worse-case scenario might involve copyright infringement as the TPP sets a copyright term to life plus 70 years, the judicial authorities could also “order the destruction of devices and products found to be involved in the prohibited activity.” The TPP is “all we feared,” according to the EFF.To read this article in full or to leave a comment, please click here
Remember Verizon’s zombie cookies, hidden super-cookie identifiers that tracked users across the Internet? They’re baaaack! moviemaniacsDE
Poltergeist screenshot
Verizon was previously caught manipulating users’ traffic by inserting supercookies. “By attaching a Unique Identifier Header to all traffic that passes through their network, Verizon could effectively build profiles about users habits, the sites they visit, and deliver targeted advertisements based on this tracking,” explained EVDO. “This Unique Identifier Header was then popularly renamed the ‘Zombie Cookie’ since even after being deleted, the tracking cookie would be added back to the network and users would be tracked again.”To read this article in full or to leave a comment, please click here
During the BBC’s Panorama series “Edward Snowden: Spies and the Law,” which is not viewable per say from the US, Snowden discussed how intelligence agencies “want to own your phone instead of you.” The topic of hacking smartphones for surveillance starts about nine minutes into the interview as Snowden revealed the GCHQ’s “Smurf Suite.”“Dreamy Smurf is the power management tool,” explained Snowden, “which means turning your phone on or off without you knowing.” Yes, it can control the power even if your phone is off.“Nosey Smurf is the hot-miccing tool. So, for example, if it’s in your pocket they can turn the microphone on and listen to everything that’s going on around you.” Yes, “even if your phone is switched off because they’ve got the other tools for turning it on.”To read this article in full or to leave a comment, please click here
Rage on, Internet, and the Peeple app may die before it can even be launched.The Washington Post reported:
When the app does launch, probably in late November, you will be able to assign reviews and one- to five-star ratings to everyone you know: your exes, your co-workers, the old guy who lives next door. You can’t opt out — once someone puts your name in the Peeple system, it’s there unless you violate the site’s terms of service. And you can’t delete bad or biased reviews — that would defeat the whole purpose.To read this article in full or to leave a comment, please click here
Ms. Smith