The second operating system hiding in every mobile phone I've always known this, and I'm sure most of you do too, but we never really talk about it. Every smartphone or other device with mobile communications capability (e.g. 3G or LTE) actually runs not one, but two operating systems. Aside from the operating system that we as end-users see (Android, iOS, PalmOS), it also runs a small operating system that manages everything related to radio. Since this functionality is highly timing-dependent, a real-time operating system is required. This operating system is stored in firmware, and runs on the baseband processor. Internet Toolkit Update Check An online service to help Windows users check installed programs are up to date and do not have known security vulnerabilities. more... Antivirus Malware in email und Internet pages are now everyday occurences. On our antivirus pages you can find tips on how to how to protect your system, links to free and commercial antivirus software, and advice on how to rid your system of these microbes. more...
Facebook privacy and kids: Don’t post photos of your kids online Photo by Hemera/Thinkstock I vividly remember the Facebook post. It was my friend’s 5-year-old daughter “Kate,” (a pseudonym) standing outside of her house in a bright yellow bikini, the street address clearly visible behind her on the front door. A caption read “Leaving for our annual Labor Day weekend at the beach,” and beneath it were more than 50 likes and comments from friends—including many “friends” that Kate’s mom barely knew. The picture had been uploaded to a Facebook album, and there were 114 shots just of Kate: freshly cleaned and swaddled on the day of her birth … giving her Labradoodle a kiss … playing on a swing set. But there were also photos of her in a bathtub and an awkward moment posing in her mother’s lacy pink bra.
Microsoft's Azure Moves into Internet of Things Microsoft’s Azure cloud platform is expanding into the Internet of Things with the IoT Suite, a convergence and expansion of Azure’s existing offerings. Some of its components have already been released, but will all be brought together under the Azure IoT suite name when it is released later this year. These services are designed for businesses transitioning into the digital space, including those incorporating remote monitoring, asset management, and predictive maintenance. The Azure Intelligence Systems Service was previewed in April 2014, but Azure’s IoT Suite will expand on its capabilities. It will also incorporate Azure Stream Analytics, currently in preview, which monitors real time data from devices in order to help businesses predict what trends might be affecting their industry next, as well as to automate services or responses.
Mobile/Janus Overview Janus is a compression and privacy proxy with the goal to provide more secure and efficient mobile browsing. The goals section gives some details on our objectives and the ways we want to achieve them. In surveillance era, clever trick enhances secrecy of iPhone text messages A security researcher has developed a technique that could significantly improve the secrecy of text messages sent in near real time on iPhones. The technique, which will debut in September in an iOS app called TextSecure, will also be folded into a currently available Android app by the same name. The cryptographic property known as perfect forward secrecy has always been considered important by privacy advocates, but it has taken on new urgency following the recent revelations of widespread surveillance of Americans by the National Security Agency. Rather than use the same key to encrypt multiple messages—the way, say PGP- and S/MIME-protected e-mail programs do—applications that offer perfect forward secrecy generate ephemeral keys on the fly. In the case of some apps, including the OTR protocol for encrypting instant messages, each individual message within a session is encrypted with a different key. The use of multiple keys makes eavesdropping much harder.
GNU hackers discover HACIENDA government surveillance and give us a way to fight back — Free Software Foundation — working together for free software According to Heise newspaper, the intelligence agencies of the United States, Canada, United Kingdom, Australia, and New Zealand, have used HACIENDA to map every server in twenty-seven countries, employing a technique known as port scanning. The agencies have shared this map and use it to plan intrusions into the servers. Disturbingly, the HACIENDA system actually hijacks civilian computers to do some of its dirty work, allowing it to leach computing resources and cover its tracks. But this was not enough to stop the team of GNU hackers and their collaborators.
How to foil NSA sabotage: use a dead man's switch The more we learn about the breadth and depth of the NSA and GCHQ's programmes of spying on the general public, the more alarming it all becomes. The most recent stories about the deliberate sabotage of security technology are the full stop at the end of a sentence that started on 8 August, when the founder of Lavabit (the privacy oriented email provider used by whistleblower Edward Snowden) abruptly shut down, with its founder, Ladar Levison, obliquely implying that he'd been ordered to secretly subvert his own system to compromise his users' privacy. It doesn't really matter if you trust the "good" spies of America and the UK not to abuse their powers (though even the NSA now admits to routine abuse), you should still be wary of deliberately weakened security. It is laughable to suppose that the back doors that the NSA has secretly inserted into common technologies will only be exploited by the NSA. One important check against the NSA's war on security is transparency.
Calming Your Biggest Fears About Industrial IoT Fear of the unknown has fueled a tremendous body of innovative works. Examples within the manufacturing realm could range from something as simple as a fuel gauge to complex modeling and software solutions focused on predictive maintenance and inventory management. In both instances, a desire to combat fear with knowledge was embraced as a solution. In contrast, these same fears can create an enterprise-wide state of paralysis that prohibits the integration of potentially game-changing procedures and technologies. Instead of addressing the unknown, it is simply ignored, feeding apprehension and delaying the solution. Sandcat Browser - The Pen Tester's Browser Sandcat Browser 5 brings unique features that are useful for pen-testers and web developers. Sandcat is built on top of Chromium and uses the Lua programming language to provide extensions and scripting support. See what's new in Sandcat 5 Sandcat is targeted at penetration testers - people who test websites for security holes - but could also be useful for developers, or anyone else who would like a little more low-level control over their browsing .. This is a capable security testing and developer-oriented browser.
Data Broker Giants Hacked by ID Theft Service An identity theft service that sells Social Security numbers, birth records, credit and background reports on millions of Americans has infiltrated computers at some of America’s largest consumer and business data aggregators, according to a seven-month investigation by KrebsOnSecurity. The Web site ssndob[dot]ms (hereafter referred to simply as SSNDOB) has for the past two years marketed itself on underground cybercrime forums as a reliable and affordable service that customers can use to look up SSNs, birthdays and other personal data on any U.S. resident. Prices range from 50 cents to $2.50 per record, and from $5 to $15 for credit and background checks.
The Unpatchable Malware That Infects USBs Is Now on the Loose It’s been just two months since researcher Karsten Nohl demonstrated an attack he called BadUSB to a standing-room-only crowd at the Black Hat security conference in Las Vegas, showing that it’s possible to corrupt any USB device with insidious, undetectable malware. Given the severity of that security problem—and the lack of any easy patch—Nohl has held back on releasing the code he used to pull off the attack. But at least two of Nohl’s fellow researchers aren’t waiting any longer. In a talk at the Derbycon hacker conference in Louisville, Kentucky last week, researchers Adam Caudill and Brandon Wilson showed that they’ve reverse engineered the same USB firmware as Nohl’s SR Labs, reproducing some of Nohl’s BadUSB tricks. And unlike Nohl, the hacker pair has also published the code for those attacks on Github, raising the stakes for USB makers to either fix the problem or leave hundreds of millions of users vulnerable. “The belief we have is that all of this should be public.