Companies increasingly looking for hackers to attack their networks

The U.S. Army ventured into unfamiliar territory last week, the first day of its “Hack the Army” bug bounty program that challenges dozens of invited hackers to infiltrate its computer networks and find vulnerabilities in select, public-facing Army websites."We're not agile enough to keep up with a number of things that are happening in the tech world and in other places outside the Department of Defense," explained Army Secretary Eric Fanning in announcing the plan in mid-November. "We're looking for new ways of doing business," which includes a break from the past when government avoided working with the hacker community.To read this article in full or to leave a comment, please click here

Companies increasingly looking for hackers to attack their networks

The U.S. Army ventured into unfamiliar territory last week, the first day of its “Hack the Army” bug bounty program that challenges dozens of invited hackers to infiltrate its computer networks and find vulnerabilities in select, public-facing Army websites."We're not agile enough to keep up with a number of things that are happening in the tech world and in other places outside the Department of Defense," explained Army Secretary Eric Fanning in announcing the plan in mid-November. "We're looking for new ways of doing business," which includes a break from the past when government avoided working with the hacker community.To read this article in full or to leave a comment, please click here

Tell-tale toys open bedroom door to strangers, consumer groups warn

Internet-connected toys subject children to hidden marketing messages and allow strangers to converse with them from a distance, consumer rights groups say.The groups highlighted breaches of security and basic consumer rights in two toys in particular, the i-Que robot and the My Friend Cayla doll.The toys connect via Bluetooth to smartphone apps that record children speaking and transmit the recordings to a voice recognition service provider in the U.S., Nuance Communications, allowing the toys to appear to converse with the children.But, the consumer groups say, there is no authentication or pairing of the Bluetooth connections, allowing strangers within radio range of the toys to detect them and connect with them to carry on a conversation with the children directly. Furthermore, they say, voice recordings that could contain personal information are transmitted to Nuance without explicit consent, and the toys inject messages into their conversations repeatedly endorsing Disney products.To read this article in full or to leave a comment, please click here

Tell-tale toys open bedroom door to strangers, consumer groups warn

Internet-connected toys subject children to hidden marketing messages and allow strangers to converse with them from a distance, consumer rights groups say.The groups highlighted breaches of security and basic consumer rights in two toys in particular, the i-Que robot and the My Friend Cayla doll.The toys connect via Bluetooth to smartphone apps that record children speaking and transmit the recordings to a voice recognition service provider in the U.S., Nuance Communications, allowing the toys to appear to converse with the children.But, the consumer groups say, there is no authentication or pairing of the Bluetooth connections, allowing strangers within radio range of the toys to detect them and connect with them to carry on a conversation with the children directly. Furthermore, they say, voice recordings that could contain personal information are transmitted to Nuance without explicit consent, and the toys inject messages into their conversations repeatedly endorsing Disney products.To read this article in full or to leave a comment, please click here

Common security mistakes in collaboration tools

Working togetherImage by Rebecca SiegelCollaboration tools have become widely used across organizations today, as people come to rely on these handy tools to work more efficiently. They reduce reliance on email, increase conversation between teams and provide an easy way to share information with colleagues. However, with many workplace applications today, there are so many gaps where security settings can fail, and corporate IT is beginning to take notice. Mike McCamon, president at SpiderOak, recommends staying away from these common security and privacy mistakes.To read this article in full or to leave a comment, please click here

Common security mistakes in collaboration tools

Working togetherImage by Rebecca SiegelCollaboration tools have become widely used across organizations today, as people come to rely on these handy tools to work more efficiently. They reduce reliance on email, increase conversation between teams and provide an easy way to share information with colleagues. However, with many workplace applications today, there are so many gaps where security settings can fail, and corporate IT is beginning to take notice. Mike McCamon, president at SpiderOak, recommends staying away from these common security and privacy mistakes.To read this article in full or to leave a comment, please click here

Surface Book i7 vs. MacBook Pro: Fight!

Now that Apple’s introduced the first major update to its MacBook Pro lineup in years, it’s time to square off the best of the best in Mac and PC laptops to see who currently prevails in this age-old rivalry.  It’s benchmarks at dawn between the new MacBooks, the new Surface Book i7, and a posse of other Windows laptops.To read this article in full or to leave a comment, please click here

Using IoT to help protect the U.S. food supply

When you warehouse and ship billions of pounds of food in the U.S.—food that is sold in Walmart, Costco and your local grocery store—food safety is a priority. Product must be protected and in the most energy-efficient way possible. That’s the challenge Lineage Logistics faces daily. A food processing, warehousing and distribution company, Lineage Logistics controls 20 to 25 percent of the U.S. third-party cold food chain, said Elliot Wolf, director of analytics at the San Francisco-based company. “We move an average of 20 billion to 30 billion pounds of food through our warehouses each year,” he said.  To read this article in full or to leave a comment, please click here

Response: On the Death of OpenFlow

On November 7th SDx Central published an article saying “OpenFlow is virtually dead.” There’s a first time for everything, and it’s a real fun reading a marketing blurb on a site sponsored by SDN vendors claiming the shiny SDN parade unicorn is dead.

On a more serious note, Tom Hollingsworth wrote a blog post in which he effectively said “OpenFlow is just a tool. Can we please find the right problem for it?

Read more ...

Privacy groups urge investigation of ‘internet of toys’

Privacy groups in the U.S. and seven European countries will ask consumer protection agencies to investigate the maker of two internet-connected toys for violations of laws designed to protect children's privacy.The complaints are scheduled to be filed Tuesday against Genesis Toys, maker of the My Friend Cayla and I-Que Intelligence Robot toys, and Nuance Communications, the provider of voice-recognition software for the products.The complaints, to be filed in the U.S., France, Sweden, Greece, Belgium, Ireland, the Netherlands, and Norway, may be only the beginning of actions taken by consumer and privacy groups targeting a lucrative slice of the internet of things market, the so-called internet of toys.To read this article in full or to leave a comment, please click here

Privacy groups urge investigation of ‘internet of toys’

Privacy groups in the U.S. and seven European countries will ask consumer protection agencies to investigate the maker of two internet-connected toys for violations of laws designed to protect children's privacy.The complaints are scheduled to be filed Tuesday against Genesis Toys, maker of the My Friend Cayla and I-Que Intelligence Robot toys, and Nuance Communications, the provider of voice-recognition software for the products.The complaints, to be filed in the U.S., France, Sweden, Greece, Belgium, Ireland, the Netherlands, and Norway, may be only the beginning of actions taken by consumer and privacy groups targeting a lucrative slice of the internet of things market, the so-called internet of toys.To read this article in full or to leave a comment, please click here

Facebook, Twitter, Microsoft and YouTube will share terror content info

Facebook, Twitter, Microsoft and Google's YouTube have agreed to share with one another identifying digital information of violent terror content that they find on their platforms.When they remove "violent terrorist imagery or terrorist recruitment videos or images" from their platforms, the companies will include in a shared industry database the hashes, or unique digital fingerprints, of the content.Other participants can use the shared hashes to help identify matching content on their hosted consumer platforms, review against their respective policies and definitions, and remove the content when appropriate, according to a statement by the companies on Monday.To read this article in full or to leave a comment, please click here

Facebook, Twitter, Microsoft and YouTube will share terror content info

Facebook, Twitter, Microsoft and Google's YouTube have agreed to share with one another identifying digital information of violent terror content that they find on their platforms.When they remove "violent terrorist imagery or terrorist recruitment videos or images" from their platforms, the companies will include in a shared industry database the hashes, or unique digital fingerprints, of the content.Other participants can use the shared hashes to help identify matching content on their hosted consumer platforms, review against their respective policies and definitions, and remove the content when appropriate, according to a statement by the companies on Monday.To read this article in full or to leave a comment, please click here

That “Commission on Enhancing Cybersecurity” is absurd

An Obama commission has publish a report on how to "Enhance Cybersecurity". It's promoted as having been written by neutral, bipartisan, technical experts. Instead, it's almost entirely dominated by special interests and the Democrat politics of the outgoing administration.

In this post, I'm going through a random list of some of the 53 "action items" proposed by the documents. I show how they are policy issues, not technical issues. Indeed, much of the time the technical details are warped to conform to special interests.


IoT passwords

The recommendations include such things as Action Item 2.1.4:
Initial best practices should include requirements to mandate that IoT devices be rendered unusable until users first change default usernames and passwords. 
This recommendation for changing default passwords is repeated many times. It comes from the way the Mirai worm exploits devices by using hardcoded/default passwords.

But this is a misunderstanding of how these devices work. Take, for example, the infamous Xiongmai camera. It has user accounts on the web server to control the camera. If the user forgets the password, the camera can be reset to factory defaults by pressing a button on the outside of the camera.

But here's the Continue reading

BrandPost: The WAN Is Dead, Long Live The WAN

The SD-WAN your company is building today will likely be the last you ever use. The race to move applications and services to the cloud, and the availability of high performance broadband is fueling the greatest networking revolution in a generation.Enterprises have long struggled with connecting users to applications, and until recently there were limited options to address these needs. Most businesses turned to carriers and purchased Multiprotocol Label Switching (MPLS) private links for WAN connectivity. While MPLS has been a reliable means to connect, it suffers from high costs, slow speeds and an antiquated design not built for today’s traffic. In layman’s terms it’s rapidly becoming obsolete.To read this article in full or to leave a comment, please click here

1 2,332 2,333 2,334 2,335 2,336 3,696