Bpifrance | Servir l'avenir. Les 8 start-up, retenues pour faire partie de la promotion 2015 d'Ubi i/o ont entamé leur programme de de business développement intensif dans la Silicon Valley. Retour sur leur première semaine dans la Valley ! San Francisco est la capitale mondiale de la tech. 8 start-ups françaises viennent d'y poser leurs valises.
Elles prennent part à la seconde édition d’Ubi i/o, le programme d’accélération conçu par Business France en partenariat avec Bpifrance. Pitching, proposition de valeur, et même modèle économique, elles vont tout devoir remettre à plat pour atteindre l’objectif du programme : l’implantation au cœur de la Silicon Valley. Retour sur leur première semaine dans la Valley ! Les 8 start-up sélectionnées Déjà un pied dans la Silicon Valley Big data, rich media, drone, caméra 360°, sécurité des applications, ces start-up font partie des jeunes pousses françaises les plus prometteuses. Une première semaine éprouvante Les premiers jours ont été dédiés à la préparation du pitch. FREAK Out on Mobile « Threat Research | FireEye Inc. Recent disclosure of the FREAK attack [1] raises security concerns on TLS implementations once again after Heartbleed [2].
However, freakattack.com devotes client-side security checks to various browsers only. In this blog, we examine iOS and Android apps for their security status against FREAK attacks as clients. A FREAK attack “allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.”[1] For a FREAK attack to succeed, the server has to accept RSA_EXPORT cipher suites and the client has to allow temporary RSA keys in non-export ciphersuites.
The attacker may therefore reduce the connection’s encryption strength for easier data theft. As of March 4, both of the latest Android and iOS platforms are vulnerable to FREAK [3]. On the iOS side, 771 out of 14,079 (5.5%) popular iOS apps connect to vulnerable HTTPS servers. Vulnerability Stats Table 1. FRANCE CYBERSECURITY. Hexatrust | Cybersecurity & Digital Trust Alliance. 26 milliards d’objets connectés et tout autant de connexions trop peu sécurisées.
Comment protéger les données issues des objets connectés toujours plus nombreux? A travers une étude, HP envisage plusieurs solutions face aux défaillances constatées. Réfrigérateurs, ampoules, alarmes, écouteurs, brosses à dents, bracelets, systèmes de fermeture de porte... de plus en plus d'objets du quotidien se voient connectés à internet. Ces objets inondent tous les domaines: industrie, agriculture, loisirs, etc. C'est l'Internet of Things (IoT), un immense réseau d'appareils connectés. Plus de la moitié des objets connectés les plus populaires négligent la protection des données Si bien que la sécurité de ces appareils est au centre des préoccupations et les fabricants s’y penchent les uns après les autres. Toutes ces informations sont-elles nécessaires ? Face à ces chiffres éloquents, HP recommande notamment d’avoir recours à un outil de diagnostic de risques des différents objets connectés et conçu par la fondation indépendante OWASP (Open Web Association Security Project).
Maximilian Schrems : « Le but est de faire respecter à Facebook la législation européenne » Vingt-cinq mille personnes viennent de se joindre à cet Autrichien de 26 ans pour lancer une action judiciaire afin que le géant américain respecte la législation européenne en vigueur. Entretien. Le Monde.fr | • Mis à jour le | Propos recueillis par Grégor Brandy (Journaliste) A 26 ans, Maximilian Schrems a déjà une longue histoire avec Facebook.
En 2011, le jeune Autrichien avait demandé au réseau social, par simple curiosité, ce qu'il savait à son sujet. Facebook lui avait alors envoyé un CD avec un document PDF de 1 200 pages, contenant notamment des informations qu'il avait supprimées... Quelques mois plus tard, Maximilian Schrems avait déposé vingt-deux réclamations à la commission de protection des données en Irlande, où Facebook est installé. Lire notre article : Max Schrems : "L'important, c'est que Facebook respecte la loi" Pourquoi poursuivez-vous Facebook ? Maximilian Schrems : J'ai étudié aux Etats-Unis pendant un semestre. Sur quelles bases attaquez-vous Facebook ? Boeing and others hacked for military data. Boeing and other companies were the subject of a hacking effort by suspect Su Bin, who is said to have worked with two unnamed Chinese hackers in an effort to nab data on military projects.
Details on the hacking surfaced Friday following a criminal complaint filed in Los Angles that was unsealed this past Thursday. The hack was apparently successful, with the complaint alleging that Su tried to sell some of the data to Chinese companies. The data concerned fighter jets, according to ABC News, including Boeing's C-17 military cargo offerings, the F-22, and the F-35. According to a statement by Justice Department spokesman Marc Raimondi, the hackers also targeted data on weapons systems. Su is said to have been arrested in Canada back on June 28 -- there's no additional information about the other two hackers involved in the breach. SOURCE: ABC News. Code-cracking teens hack into Grant Avenue ATM | Columnists | Opinion | Winnipeg. A couple of 14-year-old computer whizzes have the Bank of Montreal upgrading their security measures after they hacked an ATM machine.
Matthew Hewlett and Caleb Turon, both Grade 9 students, found an old ATM operators manual online that showed how to get into the machine's operator mode. On Wednesday over their lunch hour, they went to the BMO's ATM at the Safeway on Grant Avenue to see if they could get into the system. "We thought it would be fun to try it, but we were not expecting it to work," Hewlett said. "When it did, it asked for a password. " Hewlett and Turon were even more shocked when their first random guess at the six-digit password worked. They used a common default password. The boys then immediately went to the BMO Charleswood Centre branch on Grant Avenue to notify them. When they told staff about a security problem with an ATM, they assumed one of their PIN numbers had been stolen, Hewlett said. "I said: 'No, no, no. "I asked them: 'Is it all right for us to get proof? ' Les objets connectés, future cible des hackers.
L'informatique fait partie de ces secteurs dont le jargon est riche en néologismes et abréviations. Certains ont été intégrés dans le langage courant comme "peer-2-peer", "client-serveur", "virtualisation", et plus récemment "Cloud", d'autres sont en passe de l'être. Les termes "objets connectés" et "Internet des objets" ont ainsi fleuri à travers la toile depuis quelques mois.Concrètement, ce marché recouvre les objets du quotidien qui embarquent la technologie capable de les rendre "intelligents". Appelés objets connectés ou cyber-objets, ils se déclinent sous diverses formes : appareils photos, téléviseurs, réfrigérateurs ou voitures mais nous trouvons également des objets insolites tels que les brosses à dents, les vêtements ou encore les lunettes.
Des cyber-objets dans le monde professionnel Loin du cliché des films de science-fiction, les objets connectés sont parmi nous, comme en témoignent les salons et sujets dans la presse écrite ou télévisée. Un vrai problème de sécurité. Identity Management in Cloud Computing: Top Tips for Secure Identities. The benefits of cloud-based services are manifold. They enable organizations not only to offset costs but also to achieve greater business agility and to reach new markets and customers.
But what about identity management in cloud computing? Cloud services are essential for embracing many of the technology trends being seen today. Today’s businesses must operate in a world without boundaries. A wide variety of constituents, including customers, business partners, vendors and others, need to access enterprise networks to make purchases, find information and use applications. Gartner estimates that, by 2020, 60 percent of all digital identities interacting with enterprises will come from external identity providers, up from less than 10 percent today.
Yet ceding control over internal infrastructure and applications has been cited as a barrier to cloud adoption among 47 percent of firms. Gartner But are there still barriers to adoption? So what are the risks? New Survey of 25,000 US and European Consumers Finds Users of Mobile Payments Spend Nearly Twice as Much Through Digital Channels Overall Than Those Not Buying on Mobile Devices.
LONDON--(BUSINESS WIRE)--While the ubiquity of mobile devices in the U.S., U.K., France, Germany, and Spain has created a widespread platform for using mobile payments, a revolution is being held back because consumers do not yet find mobile payments secure, private or convenient enough to merit rapid adoption; this according to “The Consumer View of Mobile Payments”, a study of 25,000 consumers in five countries released today by Bain & Company.
While more than half of consumers on average, and over 70 percent in Western Europe, are aware of mobile payment options, only a quarter of those surveyed are willing to use their mobile device for in-store payments. But spending by mobile payment users is significant—on average, these users spend roughly twice as much through all digital channels (i.e. including mobile web and Internet shopping) than mobile payment non-users—by more than two-to-one in the US and UK and between 30 to 60 percent more in France, Germany and Spain. Les bolides électriques Tesla, des passoires en sécurité informatique. 01net le 01/04/14 à 18h35 Les magnifiques berlines et roadsters du constructeur américain Tesla permettent aux personnes relativement fortunées de rouler sans émission de carbone.
Malheureusement, elles ne les mettent pas l’abri des pirates informatiques, comme vient de le montrer Nitesh Dhanjani, un chercheur en cybersécurité. Dans un article, il liste tout un ensemble de vulnérabilités liées au système d’information de ces voitures. La plus grosse faille de sécurité est le mot de passe qui n’est que de six caractères et qui permet au propriétaire d’une Tesla de se connecter à son compte en ligne sur www.teslamotors.com. Selon M. Le piège des applis tierces Les applis tierces constituent un autre vecteur d’attaque. L’ingénierie sociale peut également se révéler intéressante. Source : WhatsApp user chats on Android liable to theft due to file system flaw | Technology. A newly discovered security flaw in the Android version of WhatsApp allows another application to upload a user’s entire database of chats to a third-party server, without their consent.
The error stems from the Android operating system’s handling of external storage, as well as lax security standards in the WhatsApp application itself. As detailed by Bas Bosschert, a dutch security consultant, the flaw allows any Android application with access to the device’s SD card to read and upload WhatsApp’s database. “The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card,” Bosschert says. “And, as the majority of people allow everything on their Android device, this is not much of a problem.” Android’s part in the weakness comes from the fact that the operating system only allows all-or-nothing access to the SD card. “Facebook didn’t need to buy WhatsApp to read your chats.”
Applied Intelligence - The Snake Campaign. Uniquely Me! How much information does it take to single out one person among billions? Brian Hayes Suppose you fill out a survey online, with the assurance that your answers will remain anonymous. The questionnaire doesn’t record your name and address, but it does ask for some demographic information: your date of birth, your zip code, and your gender. What are the chances you could be identified from those three facts alone? Ideas about identity, privacy, and anonymity are changing fast in this era of big data and social networks. In the online world we have still more identities, most of them unknown even to ourselves.
When I first heard about Latanya Sweeney’s demonstration that gender, zip code, and birth date are enough to identify many Americans, I found the result surprising, but the arithmetic is straightforward. The foregoing calculation is only a crude approximation. Sweeney began her work on “re-identification” in the 1990s, when she was a graduate student at MIT. Acar, G., et al. 2013. The Sticking Points Of Security And Privacy - CloudTweaks. “No matter how many times a privileged straight white male technology executive pronounces the death of privacy, Privacy Is Not Dead.
People of all ages care deeply about privacy and they care just as much about privacy online as they do offline” (Danah Boyd) Security and Privacy are the two sticking points when it comes to moving business systems into the cloud. Out of the two, security is obviously the most important. After all, you can securely store data in a way that doesn’t ensure privacy, but you can’t maintain privacy if your supporting systems aren’t secured.
As we’ve seen with recent controversies such as the NSA scandal, this is still a relatively new area of concern and the courts are struggling to catch up with new developments. 1. 2. 3. 4. 5. So how do you make sure that you are protected in the cloud? Cloud Providers are frequently audited by governments, stakeholders or larger customers in order to ensure that the proper security procedures are being strictly followed. Paiements mobiles : 707 milliards de dollars en 2018 et 30% de l’E-commerce. Selon l’institut d’étude Juniper research, les paiements réalisés en m-commerce, s’éléveront à 707 milliards de dollars en 2018 contre 182 millions de dollars cette année en 2013. A cette date, ils représenteront 30% des paiements en ligne réalisés sur les sites d’E-commerce contre 15% l’année dernière.
Domination du T-Commerce Juniper constate également une tendance chez les acheteurs à utiliser les sites web mobiles pour la recherche et la sélection de produits sur Smartphones pour, au final, compléter les achats sur Tablettes. Ainsi, fin décembre 2013, les dépenses de m-commerce sur tablettes ont éclipsé les achats réalisés sur Smartphones. La lutte contre le Showrooming s’organise Pour lutter contre le Showrooming dominé par Amazon, Juniper évoque le retour croissant chez les distributeurs à des solutions de MPOS (mobile point of Sales) en magasin ainsi qu’à des options de Matching de prix. Smart Card Market Focusing on Services to Sustain Growth, finds Frost & Sullivan -- LONDON, April 11. LONDON, April 11, 2013 /PRNewswire/ -- Smart card vendors continue to move from provisioning of physical cards to the delivery of smart card-related software and services. The commoditisation of physical smart cards and the progressive digitalisation of services have forced smart card vendors to re-think their strategies and focus on the services side of their business.
New analysis from Frost & Sullivan ( Global Smart Card Forecaster – Core Industry Shipment/ Revenue Outlook, finds that the smart card market covering SIM, banking, government and transportation verticals across Asia-Pacific, Africa, the Middle East, Europe, Latin America and North America, earned approximately $6,907.2 million in 2012. The market revenue is estimated to reach $9,551.6 million in 2018. Unit shipments are anticipated to expand from 7,119.8 million to 10,906.8 million units over the same time period. The hitherto dominant SIM card market is approaching maturity. ANZ teste la biométrie vocale sur mobile. Security Breaches. 4 Mobile Security Predictions to Help CIOs Plan for the Future. Mobile Biometric Security Products And Services To Generate Over $8.3. Attackers Ramp Up Threats to the Energy Sector. Cyber Threats: An Evolving and Pernicious Global Menace.
U2F: Universal 2nd Factor: (formerly known as Gnubby) - Google's Internet Identity Research. Public Safety In The Cloud. Evolution of Card Fraud in Europe. PUBLIC DRAFT: Stronger Consumer Authentication - 5 year report. Futurium. 33 millions de smartphones Android infectés en 2012. Celticplus Seed4c - Home. Analysts sound data security alarm over cloud and BYOD. Gartner: Long hard climb to high level of cloud computing security. The CIO: A Closer Look at IT security trends | Just ask Gemalto. Mobility and Security. Google Declares War on the Password | Wired Enterprise. Why Online Credit Card Fraud is Falling | Transaction Age | Payments Industry Events Listings | Payments Industry News, Articles and Insights | Payments Industry | AIB Merchant Services. La signature électronique franchira-t-elle un nouveau cap avec Cryptolog ?
Top 9 Security Threats of 2011.