US lawmakers question police use of facial recognition tech

Reacting to concerns about the mass collection of photographs in police databases, U.S. lawmakers plan to introduce legislation to limit the use of facial recognition technology by the FBI and other law enforcement organizations.The FBI and police departments across the country can search a group of databases containing more than 400 million photographs, many of them from the drivers' licenses of people who have never committed a crime. The photos of more than half of U.S adults are contained in a series of FBI and state databases, according to one study released in October.To read this article in full or to leave a comment, please click here

Video: Software Secures the World

Martin Casado doesn’t have a proper job since he left VMware. This gives him times to think deeply about the future of IT security as part of his role of wasting investors money at A16Z and considering where the next advances or futures will be. This video makes a lot of sense to me.

Once upon a time, we thought of security measures as being built like a wall around a medieval city. Then, as threats grew in complexity, we began to think of it more like securing a city or nation-state. Finally, security grew alike to aerial warfare — mobile, quick, wide-ranging. Each of these new modes for thinking about security represented a major misalignment between the security threats that had evolved and our strategies/tactics for dealing with them.
Now we are once again at another such major misalignment — thanks largely to the cloud and new complexity — requiring both a shift in how we think about and respond to threats. But we also have security “overload” given the vast size of our systems and scale of notifications.
How do security threats develop? How should CEOs and CSOs think of planning for them? What role will AI and Continue reading

Container Namespaces – How to add networking to a docker container

I've discussed how we can network a docker container directly with the host's networking stack bypassing docker0, the default bridge docker creates for you. That method involves asking docker to create a port on a user defined bridge and from the inside configuring the container to ask for an IP by DHCP. A more advanced way of achieving this is to bring up a docker container without networking and later configure the stack out-of-band of docker. This approach is one of the methods used by Calico for example to network containers and I've spoken about that here.

Today, lets deep dive into adding interfaces to a container manually and in-turn gain some insight into how all of this works. Since this discussion is going to revolve around network namespaces I assume you have some background in that area. If you are new to the concept of namespaces and network namespaces,  I recommend reading this.

Step 1: We will first bring up a docker container without networking. From docker docs, using the --network none when running a docker container leaves out container interface creation for that docker instance. Although docker skips network interface creation it brings up the container with Continue reading

Why Apple dropped iPad’s price to lowest yet

Apple this week is releasing its most affordable iPad to date. The refreshed 9.7-inch iPad, which packs a Retina screen and Apple’s A9 chip in a device that effectively replaces the iPad Air 2, is priced at $329 with 32GB of storage.The $70 price drop makes the entry-level iPad more competitive, particularly among schools that can now snag the tablet for under $300 at educational pricing. Businesses that are motivated by price and don’t require more advanced features in the iPad Pro will also be giving the iPad another look as a result of these changes, according to Avi Greengart, research director at GlobalData.To read this article in full or to leave a comment, please click here

Microsoft hit with second cloud disruption in two weeks

A handful of hosted Microsoft services, including Office 365 SaaS apps, OneDrive cloud storage and xBox Live platforms experienced an outage on Tuesday into Wednesday, according to Microsoft and services that track outages.DownDetector.com found that Office 365 had elevated reported error rates on Tuesday afternoon ET. It’s unclear which Office 365 services or how many users were impacted though.Microsoft confirmed on its @xBoxSupport Twitter account that customers were having trouble signing into the service on Tuesday evening ET. As of Wednesday morning ET, Microsoft reports that its OneDrive cloud storage system is experiencing error rates with some customers not being able to sign into the service.To read this article in full or to leave a comment, please click here

Stop using password manager browser extensions

It's been over a year since I presented on LostPass at ShmooCon, and in that time, many more bugs have been found in password managers. The most severe of which are in browser-based password managers extensions such as LastPass. Tavis Ormandy yesterday demonstrated a remote code execution on the latest LastPass version. This isn't the first extremely severe bug he's found in LastPass, either; there've been so many extremely severe bugs in LastPass it would be tedious to list them out. But LastPass isn't alone: Keeper, Dashlane and even 1Password have had severe vulnerabilities that allowed attackers to steal all of the passwords in a user's account without their knowledge.To read this article in full or to leave a comment, please click here

Stop using password manager browser extensions

It's been over a year since I presented on LostPass at ShmooCon, and in that time, many more bugs have been found in password managers. The most severe of which are in browser-based password managers extensions such as LastPass. Tavis Ormandy yesterday demonstrated a remote code execution on the latest LastPass version. This isn't the first extremely severe bug he's found in LastPass, either; there've been so many extremely severe bugs in LastPass it would be tedious to list them out. But LastPass isn't alone: Keeper, Dashlane and even 1Password have had severe vulnerabilities that allowed attackers to steal all of the passwords in a user's account without their knowledge.To read this article in full or to leave a comment, please click here

Double Agent attack can turn antivirus into malware

A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.Double Agent was discovered by Cybellum researchers and has not been seen in the wild.“The attack was reported to all the major vendors which approved the vulnerability and are currently working on finding a solution and releasing a patch,” according to a Cybellum blog. All the vendors were notified more than 90 days ago, which is the standard length of time for responsibly disclosing vulnerabilities and giving vendors time to fix them.To read this article in full or to leave a comment, please click here

Double Agent attack can turn antivirus into malware

A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.Double Agent was discovered by Cybellum researchers and has not been seen in the wild.“The attack was reported to all the major vendors which approved the vulnerability and are currently working on finding a solution and releasing a patch,” according to a Cybellum blog. All the vendors were notified more than 90 days ago, which is the standard length of time for responsibly disclosing vulnerabilities and giving vendors time to fix them.To read this article in full or to leave a comment, please click here

50% off Watch Dogs 2 by Ubisoft, for Xbox One – Deal Alert

Explore the birthplace of the tech revolution as Marcus Holloway, a brilliant young hacker who has fallen victim to ctOS 2.0's predictive algorithms and accused of a crime he did not commit.

64% off MOTA JETJAT Ultra Mini Drone with One Touch Take-Off & Landing – Deal Alert

Experience first class flight with auto landing, takeoff, and hover with the push of a button, features never before seen in mini drones. ULTRA is smartphone ready – allowing a connection with your phone through Wi-Fi or remote control for crystal-clear video and photos. Use your phone as a display with the remote or complete flight control. The list price on the MOTA JETJAT mini drone has been reduced to just $47.38. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

Is a 4G hot spot still needed in today’s world?

Maybe my experiences are different from those who travel more often, but I’ve been finding that the need for a Wi-Fi personal hot spot that connects to a 3G or 4G wireless network has diminished as more locations are providing their own Wi-Fi with a backhaul to a faster connection. Hotels, coffee shops, even airports seem to offer faster networking options than those provided by some of these devices. Granted, a lot of these places come with a price tag for the access, with some at outrageous prices. If you aren’t being reimbursed by your company for that access, finding less expensive Internet access can be tricky. Even the “free” ones cost in terms of having to watch an ad, or they limit your speed to basic functions such as downloading email or basic web surfing (don’t even think about streaming Netflix or uploading video).To read this article in full or to leave a comment, please click here

Trello connects to HipChat, BitBucket, Jira and Confluence

Trello is getting hooked into the entire Atlassian ecosystem with a series of integrations unveiled Wednesday. The new “power-ups” for the project management software connect it with BitBucket, Jira, HipChat and Confluence, to help customers get their work done more efficiently.Using Trello is supposed to help people keep their projects organized. The service lets people lay out virtual cards in columns on a workspace known as a board. Doing so can help with things like tracking the status of software bugs or tracking contracts through different stages of completion.Each of the connections announced Wednesday is supposed to help with the process of using Trello. Confluence users can now tie cards to new pages in Atlassian’s content management system, Jira users can connect issues from the bug tracker with cards and BitBucket users can better organize their code.To read this article in full or to leave a comment, please click here

Security Sessions: Where is VC security funding going?

In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Jeff Fagnan from Accomplice, a venture capital and private equity firm in Cambridge, Mass. The two discuss the current state of VC funding in security companies and where the money is going (and not going), and why CSOs should "follow the money."

Inventor of new lithium-ion battery responds to skepticism

The inventor of a new lithium-ion (Li-on) technology that is purported to be safer, faster-charging, and longer-lasting than today's rechargeable batteries responded to experts wary of his claim, saying new discoveries invite strong skepticism.John Goodenough, 94, a professor in the Cockrell School of Engineering at the University of Texas at Austin and co-inventor of the original lithium-ion battery, this week said he demonstrated new battery cells that have at least three times as much energy density as today's Li-on batteries. Creative Commons Lic. The lithium-ion battery in a Nissan Leaf.To read this article in full or to leave a comment, please click here

L.A. and NYC still rank behind smaller cities in wireless performance

The two biggest cities in the U.S. -- New York City and Los Angeles -- continue to rank well below many smaller U.S. cities in overall wireless performance, according to millions of field tests performed by RootMetrics in the second half of 2016.The New York metro area, with 18 million people, ranked just 66th in the latest round of tests of the nation's largest 125 metro areas. Meanwhile, L.A., with 12.1 million people, ranked 49th. In testing done by RootMetrics in the first half of last year, New York finished 59th, L.A., 99th.[ Further reading: The votes are in: Which mobile data provider is best? ] L.A. improved in two of six measurements: call and data performance. New York's drop was largely driven by a "steep decline" in network speed and data performance, RootMetrics said.To read this article in full or to leave a comment, please click here

5 ways to speed up Chrome: Tips for power users and newbies

Chrome is already the most popular and powerful browser for your PC, but you may be missing out on more ways to improve your experience. Delve into Chrome’s massive extensions library or tinker with under-the-hood features, and see how you can enjoy smarter, faster browsing.Chrome has a considerable network of extensions, some of which can be found in the Chrome Web Store, while others are available from particular providers. For the most part, extensions, err, extend what your browser can do, connecting to your favorite services so you can do most of your work in Chrome and get it done faster.To read this article in full or to leave a comment, please click here

How to fix five Windows 10 headaches

Microsoft Windows 10 has gone a long way towards fixing the problems that were endemic with earlier versions of Windows -- notably Windows 8. But it's still far from a perfect operating system and has its share of headaches.4. Recover lost storage spaceTo read this article in full or to leave a comment, please click here(Insider Story)

Review: SaltStack shifts devops into high gear

The only sane and efficient way to manage a large numbers of servers—or even a few dozen, if they change often—is through automation. Automation tools have to be learned and mastered, so they exact a significant up-front cost, but they dramatically reduce the administrative burden in the long run. Perhaps most important, they provide a staunch line of defense against the fatal fat-fingered mistake, which even the most sophisticated cloud operators struggle to avoid.Ease of use. Configuration management is simple with SaltStack. Because Salt uses the YAML configuration format, states are can be written quickly and easily. YAML state descriptions are structured well, with solid readability. The support for Mako, JSON, Wempy, and Jinja allows developers to extend Salt’s capabilities. The availability of built-in modules makes it easy to configure and manage states.To read this article in full or to leave a comment, please click here(Insider Story)

Review: SaltStack shifts devops into high gear

The only sane and efficient way to manage a large numbers of servers—or even a few dozen, if they change often—is through automation. Automation tools have to be learned and mastered, so they exact a significant up-front cost, but they dramatically reduce the administrative burden in the long run. Perhaps most important, they provide a staunch line of defense against the fatal fat-fingered mistake, which even the most sophisticated cloud operators struggle to avoid.Ease of use. Configuration management is simple with SaltStack. Because Salt uses the YAML configuration format, states are can be written quickly and easily. YAML state descriptions are structured well, with solid readability. The support for Mako, JSON, Wempy, and Jinja allows developers to extend Salt’s capabilities. The availability of built-in modules makes it easy to configure and manage states.To read this article in full or to leave a comment, please click here(Insider Story)