The FCC this morning voted 3-0 to give carriers new regulatory cover to combat annoying and oftentimes fraudulent robocalls. The decision backs an ongoing effort begun last year with the establishment of a special government/industry task force.FCC Chairman Ajit Pai called today’s Notice of Proposed Rulemaking “an important first step in ending the scourge of robocalls.”Specifically, the new rules would assure carriers that they are allowed to block calls originating from unassigned numbers and other obvious attempts at fraud such as numbers using 411 or 911 as an area code.In October the FCC reported that a trial of one such anti-spoofing measure cut IRS scam robocalls by 90 percent.To read this article in full or to leave a comment, please click here
Earlier this month, the notorious info leaker WikiLeaks published a batch of documents from the CIA detailing how the CIA has developed several tools to crack, break into or infect all kinds of devices—from PCs to Smart TVs—even if they are not connected to the internet. At the time, WikiLeaks leader Julian Assange promised that the site would work with the affected tech companies to give them exclusive access to the technical details of those exploits and would not go public with the exploits and back doors. However, it wasn't until this week that WikiLeaks got in contact with the listed tech companies, such as Microsoft, Apple and Google, according to Motherboard, the tech site run by Vice. Citing unnamed sources familiar with the matter, Motherboard said WikiLeaks has made demands on the initial contact with firms but didn't share any of the alleged CIA codes. To read this article in full or to leave a comment, please click here
The Federal Trade Commission this week issued a warning about the irritating and illegal “Can you hear me now?” robocall scam making the rounds on phones across the country.
The FTC says it has received hundreds of complaints on the calls which could end up being part of a scam to get your money.
+More on Network World: U.S. Marshals warn against dual phone scams+
The Better Business Bureau described the scam earlier this year: “By replying ‘yes,’ ‘sure,’ or other agreeable response, the scammer records the call and uses that sound bite to authorize unwanted charges to the scammers benefit. “It seems like an innocent question, but it can cause undue financial burdens and stress. The scam caller may already have your financial information, which is how they authorize a payment and, if you dispute a charge, the scammer has doctored the recording to make it seems as though you agreed to it.”To read this article in full or to leave a comment, please click here
Cisco Senior Security Researcher Brad Antoniewicz often gets asked whether those who take people’s computers hostage with ransomware actually hold up their end of the bargain and decrypt files when victims pay by bitcoin.
“They’re in it to make money…Good customer service is important to these people,” he said, and not at all tongue in cheek, during his lunchtime address on the opening day of SecureWorld Boston this week.
Antoniewicz, sporting a RUN DNS t-shirt reflecting his position with the Cisco Umbrella (formerly OpenDNS) team, dove into the topic of ransomware variants like Cerber as part of a broader talk on “An Anatomy of an Attack” and the elaborate ecosystem behind cyberattacks. To read this article in full or to leave a comment, please click here
Not every computer owner would be as pleased as Andrew Wheeler that their new machine could run "all weekend" without crashing.But not everyone's machine is "The Machine," an attempt to redefine a relationship between memory and processor that has held since the earliest days of parallel computing.Wheeler is a vice president and deputy labs director at Hewlett Packard Enterprise. He's at the Cebit trade show in Hanover, Germany, to tell people about The Machine, a key part of which is on display in HPE's booth.Rather than have processors, surrounded by tiered RAM, flash and disks, communicating with one another to identify which of their neighbors has the freshest copy of the information they need, HPE's goal with The Machine is to build a large pool of persistent memory that application processors can just access.To read this article in full or to leave a comment, please click here
802.11ac wave 2 is the splashy new kid in the wireless technology pool, but some experts caution that you might not want to let it play without lifeguards present just yet.Wave 2 access points are now available from major wireless vendors, and have started to make inroads into the enterprise. The technology has been gaining ground in sales statistics recently, to the point where it’s starting to undercut sales of first-gen 802.11ac gear.+ALSO ON NETWORK WORLD: Study shows 802.11ac wave 2 APs gaining sales ground + US lawmakers question police use of facial recognition techTo read this article in full or to leave a comment, please click here
The truth is that we really don't need more of a reason to get excited for Apple's iPhone 8. After all, Apple's next-gen iPhone will likely feature an OLED edgeless display, ushering in the first change to the iPhone form factor since 2014's iPhone 6. New display technologies aside, it's widely believed that the iPhone 8 will also feature facial recognition functionality, improved camera technology, improved internals and much more.That said, a new report via Bloomberg relays that Augmented Reality may very well be one of the iPhone 8's defining features. Apple is said to have assembled an incredibly strong and diverse team with expertise across all facets of the AR user experience. What's more, Apple may eventually be planning to complement the iPhone 8 with a pair of Augmented Reality based eyeglasses, echoing a number of previous rumors we've seen over the past few months.To read this article in full or to leave a comment, please click here
Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.The vulnerability was discovered by Google security researcher Tavis Ormandy and was reported to LastPass on Monday. It affected the browser extensions installed by the service's users for Google Chrome, Mozilla Firefox and Microsoft Edge.According to a description in the Google Project Zero bug tracker, the vulnerability could have given attackers access to internal commands inside the LastPass extension. Those are the commands used by the extension to copy passwords or fill in web forms using information stored in the user's secure vault.To read this article in full or to leave a comment, please click here
When he was growing up, a dream of Linux pioneer Linus Torvalds was to acquire the Acorn Archimedes, a groundbreaking personal computer with the first ARM RISC chips.But in 1987, Archimedes wasn't available to Torvalds in Finland, so he settled for the Sinclair QL. In the meanwhile, the Archimedes failed and disappeared from the scene, killing any chance for ARM chips to dominate PCs.Since then, multiple attempts to put ARM chips in PCs have failed. Outside of a few Chromebooks, most PCs have x86 chips from Intel or AMD.The domination of x86 is a problem for Linaro, an industry organization that advocates ARM hardware and software. Many of its developers use x86 PCs to compile programs for ARM hardware. That's much like trying to write Windows programs on a Mac.To read this article in full or to leave a comment, please click here
Thursday morning's FCC meeting promises to be dramatic: It will feature testimony by an ex-prison guard who survived after being shot six times at his South Carolina home as the result of a hit ordered on him hit by an inmate using a contraband cellphone.Capt. Robert Johnson (ret.) of the South Carolina Department of Corrections has become an advocate for putting the clamps on contraband cellphones since that 2010 incident, and he has an ally in new FCC Commissioner Ajit Pai. A year ago Pai and then South Carolina Gov. Nikki Haley co-authored an op-ed piece in USA Today titled "Cellphones are too dangerous for prison."To read this article in full or to leave a comment, please click here
Artificial intelligence (AI) is rising in prominence with the proliferation of chatbots, virtual assistants and other conversational tools that companies are using to improve customer service, productivity and operational efficiency. But AI is also helping to automate and streamline tasks in data-intensive industries traditionally ruled by rigorous science and good old-fashioned human analysis.Seed retailers, for example, are using AI products to churn through terabytes of precision agricultural data to create the best corn crops, while pest control companies are using AI-based image-recognition technology to identify and treat various types of bugs and vermin. Such markedly different scenarios underscore how AI has evolved from science fiction to practical solutions that can potentially help companies get a leg up on their competition.To read this article in full or to leave a comment, please click here
Hackers claiming to have hundreds of millions of iCloud credentials have threatened to wipe date from iPhones, iPads and Macs if Apple does not fork over $150,000 within two weeks."This group is known for getting accounts and credentials, they have gotten credentials in the past," said Lamar Bailey, director of security research and development at Tripwire, of the purported hackers. "But whether they have that many ... who knows?"There's another reason for not panicking, Bailey said: People can quickly make their accounts more secure, assuming the criminals have only collected, not actually compromised the iCloud accounts by changing millions of passwords.To read this article in full or to leave a comment, please click here
Cisco is warning IOS and IOS EXE users of five security vulnerabilities it rates as “High” that could lead to denial of service attacks or allow an invader to execute arbitrary code on an particular system.The warnings – which include Cisco’s DHCP client, L2TP, Zero Touch Provisioning, HTTP server and Web user interface -- are part of what Cisco says are a twice-yearly bundle of IOS security advisories it issues to keep those users up-to-date on current IOS security issues.To read this article in full or to leave a comment, please click here
The chances of you encountering malware on your Android phone is incredibly small, according to Google.By the end of last year, less than 0.71 percent of Android devices had installed a "potentially harmful application," such as spyware, a Trojan, or other malicious software.That figure was even lower, at 0.05 percent, for Android phones that downloaded apps exclusively from the Google Play store.The internet giant revealed the figures in a new report detailing its efforts to making the Android OS secure. Thanks to better app review systems, the company is detecting and cracking down on more malware.To read this article in full or to leave a comment, please click here
Augmented reality, virtual reality and mixed reality are three realities that exist on the reality-virtuality continuum—and they are probably the three terms you have heard again and again. However, there is a fourth reality you probably haven’t heard of—diminished reality.Diminished reality can be thought of as the opposite of augmented reality. Augmented reality (AR) enhances our reality by overlaying digital elements like 3D models on the physical world. Contrary to that, diminished reality (DR) diminishes parts of the physical world. It removes unwanted objects in our view.To read this article in full or to leave a comment, please click here
As The 21st Century Encryption Wars continue with no end in sight, security experts Bruce Schneier and Orin Kerr have collaborated on a paper that seeks to establish a common understanding of one aspect of the clash: encryption workarounds. The authors consciously avoid policy recommendations, but rather hope to better the understanding of those who will do so in our political and law enforcement arenas.From the paper’s abstract:
The widespread use of encryption has triggered a new step in many criminal investigations: the encryption workaround. We define an encryption workaround as any lawful government effort to reveal an unencrypted version of a target's data that has been concealed by encryption. This essay provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use.To read this article in full or to leave a comment, please click here
You may feel confident going into an interview armed with your technical background and education but when it comes to tech jobs -- especially positions for engineers, developers and coders -- technical knowledge won’t be enough to get you through the interview process.To read this article in full or to leave a comment, please click here(Insider Story)
A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them US$150,000.
The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years.
Even though the Turkish Crime Family hasn't been in the media spotlight before, its members claim that they've been involved in selling stolen online databases in private circles for the past few years.
The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.To read this article in full or to leave a comment, please click here
Cisco today closed its approximately $3.7 billion deal for application analytics specialist AppDynamics giving the networking giant a nice revenue stream and bolstering its software strategy.The nine-year-old company – which Cisco bought Jan. 24, days before it was to go IPO -- and its almost 1,250 employees become part of Cisco as the 17th acquisition since Chuck Robbins took the CEO reins in 2015.+More on Cisco software from Network World: Has Cisco broken out of the network hardware box?+To read this article in full or to leave a comment, please click here
When you gotta go, you gotta go, but there may be a line in public restrooms. Usually those lines don’t have anything to do with surveillance. Let’s hope a new biometric authentication trial in China doesn’t roll out here, or else you would have to stop in public bathrooms in front of a device that uses facial recognition and wait for your allotted amount of toilet paper to be dispensed.
Too bad, so sad if the 24-inch strip of toilet paper isn’t enough. The dispenser will not spit out more paper to the same person until after nine minutes have passed.
Why would this creepy type of surveillance be deployed in public restrooms? To combat toilet paper theft.To read this article in full or to leave a comment, please click here