Raymond Wang: How germs travel on planes -- and how we can stop them Close Help with subtitles Desktop / laptop users: please make sure you have the most updated versions of your browser and Flash player, and that Flash is enabled when you visit TED.com. iOS users: to access subtitles, start playing the video, then tap the speech bubble icon that appears in the bottom row of video controls. Android users: although Android devices do not support subtitles, you can download the TED app from the Google Play store. Surveillance as a Business Model Google recently announced that it would start including individual users' names and photos in some ads. This means that if you rate some product positively, your friends may see ads for that product with your name and photo attached—without your knowledge or consent. Meanwhile, Facebook is eliminating a feature that allowed people to retain some portions of their anonymity on its website. These changes come on the heels of Google's move to explore replacing tracking cookies with something that users have even less control over. Microsoft is doing something similar by developing its own tracking technology. More generally, lots of companies are evading the "Do Not Track" rules, meant to give users a say in whether companies track them. It shouldn't come as a surprise that big technology companies are tracking us on the Internet even more aggressively than before. If these features don't sound particularly beneficial to you, it's because you're not the customer of any of these companies.
Forums - Kaspersky Support Forum Undocumented iOS Features left Hidden Backdoors Open in 600 Million Apple Devices A well known iPhone hacker and forensic scientist has unearthed a range of undocumented and hidden functions in Apple iOS mobile operating system that make it possible for a hacker to completely bypass the backup encryption on iOS devices and can steal large amounts of users’ personal data without entering passwords or personal identification numbers. Data forensics expert named Jonathan Zdziarski has posted the slides (PDF) titled “Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices” showing his findings, from his talk at the Hackers On Planet Earth (HOPE X) conference held in New York on Friday. Jonathan Zdziarski, better identified as the hacker "NerveGas" in the iPhone development community, worked as dev-team member on many of the early iOS jailbreaks and is also the author of five iOS-related O'Reilly books including "Hacking and Securing iOS Applications." EVERY SET OF INFORMATION OF iOS USERS IS AT RISK
NSA surveillance: how to stay secure | Bruce Schneier | World news Now that we have enough details about how the NSA eavesdrops on the internet, including today's disclosures of the NSA's deliberate weakening of cryptographic systems, we can finally start to figure out how to protect ourselves. For the past two weeks, I have been working with the Guardian on NSA stories, and have read hundreds of top-secret NSA documents provided by whistleblower Edward Snowden. I wasn't part of today's story – it was in process well before I showed up – but everything I read confirms what the Guardian is reporting. At this point, I feel I can provide some advice for keeping secure against such an adversary. The primary way the NSA eavesdrops on internet communications is in the network. Leveraging its secret agreements with telecommunications companies – all the US and UK ones, and many other "partners" around the world – the NSA gets access to the communications trunks that move internet traffic. TAO also hacks into computers to recover long-term keys. Trust the math.
Kaspersky Cyber Security Solutions for Home and Business | Kaspersky Meet KeySweeper, the $10 USB charger that steals MS keyboard strokes It sounds like the stuff of a James Bond flick or something described in documents leaked by former NSA subcontractor Edward Snowden. In fact, the highly stealthy keystroke logger can be built by someone with only slightly above-average technical skills for as little as $10. Called KeySweeper, it's a device disguised as a functioning USB wall charger that sniffs, decrypts, logs, and transmits all input typed into a Microsoft wireless keyboard. KeySweeper is the brainchild of Samy Kamkar, a hacker who has a track record of devising clever exploits that are off the beaten path. The namesake of the Samy worm that inadvertently knocked MySpace out of commission in 2005, Kamkar has concocted drones that seek out and hack other drones and devised exploits that use Google Streetview and Google Wi-Fi location data to stalk targets. KeySweeper follows the same path. The guts of the hardware is an Arduino or Teensy microcontroller and an nRF24L01+ radio frequency chip.
Don’t Listen to Google and Facebook: The Public-Private Surveillance Partnership Is Still Going Strong - Bruce Schneier And real corporate security is still impossible. A surveillance camera outside Google's China headquarters in 2010 (Jason Lee / Reuters) If you’ve been reading the news recently, you might think that corporate America is doing its best to thwart NSA surveillance. Google just announced that it is encrypting Gmail when you access it from your computer or phone, and between data centers. Last week, Mark Zuckerberg personally called President Obama to complain about the NSA using Facebook as a means to hack computers, and Facebook's Chief Security Officer explained to reporters that the attack technique has not worked since last summer. On the government side, last week the NSA's General Counsel Rajesh De seemed to have thrown those companies under a bus by stating that—despite their denials—they knew all about the NSA's collection of data under both the PRISM program and some unnamed "upstream" collections on the communications links. Two Surveillance Regimes, Still in Force It doesn’t.
Dark Reading | Security | Protect The Business - ... Stealthy malware targeting air-gapped PCs leaves no trace of infection Researchers have discovered highly stealthy malware that can infect computers not connected to the Internet and leaves no evidence on the computers it compromises. USB Thief gets its name because it spreads on USB thumb and hard drives and steals huge volumes of data once it has taken hold. Unlike previously discovered USB-born malware, it uses a series of novel techniques to bind itself to its host drive to ensure it can't easily be copied and analyzed. It uses a multi-staged encryption scheme that derives its key from the device ID of the USB drive. "In addition to the interesting concept of self-protecting multi-stage malware, the (relatively simple) data-stealing payload is very powerful, especially since it does not leave any evidence on the affected computer," Tomáš Gardoň, a malware analyst with antivirus provider Eset, wrote in a blog post published Wednesday. Bridging the (air) gap Preventing copycat attacks Gardoň wrote: This post originated on Ars Technica
Bruce Schneier: Prosecuting Snowden -- "I believe that history will hail Snowden as a hero -- his whistle-blowing exposed a surveillance state and a secrecy machine run amok. I'm less optimistic of how the present day will treat him" via reddit.com The World's Leading Cyber Security for Networks, Cloud, Mobile & Endpoints | Check Point Software quora