Apple fixes iOS lock screen bypass that gives access to photos, contacts

Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.The bypass technique was discovered by researchers from German security firm Evolution Security and takes advantage of Siri's integration with apps like Twitter or Facebook and the new 3D Touch feature that's only available on the iPhone 6s and 6s Plus models.On a locked device, attackers can call up Siri and ask to search for items that contain @ tags using Twitter, Facebook or Yahoo. Then they can locate a string like an email address and use the 3D Touch hard push to bring out the context menu for it.To read this article in full or to leave a comment, please click here

The State vs. Andrews—Privacy and secrecy are not the same

Finally, the court took on the third-party doctrine, which says that if you reveal information in order to use a company’s services — say, giving a check to a bank or dialing a phone number — it is as if the information has been revealed to the world, and the police can get the same data from the company without having to get a warrant. In short, the third-party doctrine conflates secrecy and privacy: If you didn’t keep something secret, you didn’t keep it private either. -via Just Security

The post The State vs. Andrews—Privacy and secrecy are not the same appeared first on 'net work.

Frontier Communications continues to take a beating from Verizon castoffs

The transition of 3.7 million Verizon landline customers in California, Florida and Texas to Frontier Communications, as announced on April 1 of all days, continues to be a mess due to a combination of technical and communications issues.Unhappy landline phone, broadband FiOS Internet and video-on-demand customers have vented to Frontier support, including on social media sites, to express their frustration. Some have blamed Verizon as well, for not ensuring its residential, small/medium business and enterprise customers would receive a smooth transition after grabbing its $10.54 billion in the sale and shifting 9,400 of its employees to Frontier. (Though Verizon has blamed uncertainty round federal Internet regulation (i.e., net neutrality) for forcing it to sell the assets in the first place.)To read this article in full or to leave a comment, please click here

Frontier Communications continues to take a beating from Verizon castoffs

The transition of 3.7 million Verizon landline customers in California, Florida and Texas to Frontier Communications, as announced on April 1 of all days, continues to be a mess due to a combination of technical and communications issues.Unhappy landline phone, broadband FiOS Internet and video-on-demand customers have vented to Frontier support, including on social media sites, to express their frustration. Some have blamed Verizon as well, for not ensuring its residential, small/medium business and enterprise customers would receive a smooth transition after grabbing its $10.54 billion in the sale and shifting 9,400 of its employees to Frontier. (Though Verizon has blamed uncertainty round federal Internet regulation (i.e., net neutrality) for forcing it to sell the assets in the first place.)To read this article in full or to leave a comment, please click here

Volkswagen chooses OpenStack for private cloud

The second largest car manufacturer in the world, Volkswagen Group, will use the open-source cloud computing platform OpenStack to build a private cloud that will host websites for its brands VW, Audi and Porsche, and be a platform for innovating automotive technology, the company announced today.+MORE AT NETWORK WORLD: Mirantis beats out Red Hat for big VW OpenStack deal | Jeff Bezos to shareholders: At 10 years old, AWS is bigger than Amazon was and growing faster +To read this article in full or to leave a comment, please click here

PQ Show 76: Understanding Aruba’s Unified Wired And Wireless Roadmap (Sponsored)

On today's Priority Queue show, sponsored by Aruba, we get a detailed update on the integration roadmap between Aruba and HPE Networking product lines.

The post PQ Show 76: Understanding Aruba’s Unified Wired And Wireless Roadmap (Sponsored) appeared first on Packet Pushers.

PQ Show 76: Understanding Aruba’s Unified Wired And Wireless Roadmap (Sponsored)

On today's Priority Queue show, sponsored by Aruba, we get a detailed update on the integration roadmap between Aruba and HPE Networking product lines.

The post PQ Show 76: Understanding Aruba’s Unified Wired And Wireless Roadmap (Sponsored) appeared first on Packet Pushers.

WhatsApp: The FBI’s worst nightmare

If encryption is something to be feared in the hands of terrorists, WhatsApp just delivered them a tool that will give the FBI nightmares much worse than the encryption on iPhones. WhatsApp enlisted the help of Open Whisper Systems to implement the encryption, and according to that company’s blog, “This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.” This will likely drive law enforcement crazy, the FBI in particular, because it makes it impossible for WhatsApp to obey court orders to decrypt specified communications. Even if it wanted to comply, it couldn’t. The encryption is set up between the endpoints in the communication and WhatsApp just moves the traffic.To read this article in full or to leave a comment, please click here

WhatsApp: The FBI’s worst nightmare

If encryption is something to be feared in the hands of terrorists, WhatsApp just delivered them a tool that will give the FBI nightmares much worse than the encryption on iPhones. WhatsApp enlisted the help of Open Whisper Systems to implement the encryption, and according to that company’s blog, “This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.” This will likely drive law enforcement crazy, the FBI in particular, because it makes it impossible for WhatsApp to obey court orders to decrypt specified communications. Even if it wanted to comply, it couldn’t. The encryption is set up between the endpoints in the communication and WhatsApp just moves the traffic.To read this article in full or to leave a comment, please click here

Datanauts 030: Breaking Skill Silos With Matt Simmons

The Datanauts discuss the career path of a technical professional to talk about how and when to update skills. They explore a few of the tools and technologies worth getting comfortable with.

The post Datanauts 030: Breaking Skill Silos With Matt Simmons appeared first on Packet Pushers.

Datanauts 030: Breaking Skill Silos With Matt Simmons

The Datanauts discuss the career path of a technical professional to talk about how and when to update skills. They explore a few of the tools and technologies worth getting comfortable with.

The post Datanauts 030: Breaking Skill Silos With Matt Simmons appeared first on Packet Pushers.

Intel and the Network Arms Race

Networking is undergoing a huge transformation. Software is surely a huge driver for enabling technology to grow by leaps and bounds and increase functionality. But the hardware underneath is growing just as much. We don’t seem to notice as much because the port speeds we deal with on a regular basis haven’t gotten much faster than the specs we read about years go. But the chips behind the ports are where the real action is right now.

Fueling The Engines Of Forwarding

Intel has jumped into networking with both feet and is looking to land on someone. Their work on the Data Plane Development Kit (DPDK) is helping developers write code that is highly portable across CPU architecture. We used to deal with specific microprocessors in unique configurations. A good example is Dynamips.

Most everyone is familiar with this program or the projects that spawned, Dynagen and GNS3. Dynamips worked at first because it emulated the MIPS processor found in Cisco 7200 routers. It just happened that the software used the same code for those routers all the way up to the first releases of the 15.x train. Dynamips allowed for the emulation of Cisco router software but it Continue reading

Review: IBM Watson strikes again

To read this article in full or to leave a comment, please click here(Insider Story)

At MIT, a glimpse into our techno future

In the future, you may use aeroponic systems at home to bring in water mixed with nutrients. You'll use this water to grow vegetables, home-grown food that can cut your produce costs in half.Your commute to work may be on a covered, quasi-bike vehicle that uses battery power to assist the pedaling rider (who gets healthier from the effort).And the era of the large suburban homes will end. Why have multiple rooms for various purposes?"The cost of transformable furniture is much less than a mortgage," said David Rose, a visiting scientist at the MIT Media Lab and author of Enchanted Objects: Innovation, Design and the Future of Technology. Rose was at Tuesday's MIT "Connected Things" Enterprise Forum.To read this article in full or to leave a comment, please click here

Hospitals hacks put patient health at risk

A report that highlights the vulnerabilities in medical devices and the risks they pose to patient health issued by Independent Security Evaluators comes at an opportune time as the past month has shown that hospitals are becoming targets for criminals.Ted Harrington, executive partner at Independent Security Evaluators said, "It’s a scary report in a lot of ways, but our hope is to organize an industry in recognizing these problems. We are trying to make an entire industry start changing, especially one that is very regulated and complex. The conversations need to start happening."To read this article in full or to leave a comment, please click here

Kinder, gentler hacks: A bevy of low-stakes early computer breaches

When the world was newImage by National Security AgencyToday, IT security is a deadly serious business. But in the early days of computing, the stakes were a bit lower. Maybe it's just that we're seeing it through a nostalgic lens, but the computer breaches in the '70s, '80s, and '90s just seemed a bit more ... fun? We spoke to some people who were there, who enjoyed reminiscing about a gentler era, whether they were the ones hacking or the ones being hacked.To read this article in full or to leave a comment, please click here

Are you failing Security Basics 101?

Security tools are getting more sophisticated. DevOps is bringing us automation in operations, and a more holistic way of looking at how we manage infrastructure. But all too often, we’re not doing basic things to improve security and reliability, like protecting against known vulnerabilities.Hewlett Packard Enterprise’s 2016 Cyber Risk Report points out that “29 percent of all exploits samples discovered in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice.” It takes an average of 103 days for companies to patch known network and security vulnerabilities, according to a study vulnerability risk management vendor NopSec ran last year; that goes down to 97 days for healthcare providers and up to 176 days for financial services, banking and education organisations. That’s not taking into account misconfigurations, or lack of communication between different teams.To read this article in full or to leave a comment, please click here

Who’s the boss of workplace culture?

Who really drives culture in your workplace? According to a study from The Workforce Institute at Kronos and the research and consultancy firm WorkplaceTrends.com, HR believes it does. So do managers and executives. So, too, do your employees.There's clearly a disagreement about who's in charge of creating, maintaining and supporting workplace culture, but there's one thing every group agrees on: Workplace culture is incredibly important. The disconnect, though, isn't just comical. Without understanding the who, what and why of workplace culture and how it affects engagement, retention and loyalty, organizations risk destroying it and losing out on top talent.To read this article in full or to leave a comment, please click here

How to build cybersecurity into outsourcing contracts

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.To read this article in full or to leave a comment, please click here(Insider Story)

How to build cybersecurity into outsourcing contracts

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.[ Related: Why CIOs can’t wait to renegotiate their outsourcing contracts ]“Customer data and systems are only as secure as the weakest link in the vendor ecosystem,” says Paul Roy, a partner in the business and technology sourcing practice of Mayer Brown. “The risks for customers are twofold: not only does the customer increase its risk of a data breach, it also increases the risk that it will be in breach of its regulatory or contractual obligations if its vendors fail to comply with such obligations.”To read this article in full or to leave a comment, please click here(Insider Story)