So, the manufacturers send their phones to
“middlemen” who install spyware, then return the phones for
packaging?
Tara Seals reports:
Over 190.3 million people in the US own smartphones, but many do not know exactly what a mobile device can disclose to third parties about its owner. Mobile malware is spiking, and is all too often pre-installed on a user’s device.
Following its findings in 2014 that the Star N9500 smartphone was embedded with extensive espionage functions, G DATA security experts have continued the investigation and found that over 26 models from some well-known manufacturers including Huawei, Lenovo and Xiaomi, have pre-installed spyware in the firmware.
However, unlike the Star devices, the researchers suspect middlemen to be behind this, modifying the device software to steal user data and inject their own advertising to earn money.
Read more on InfoSecurity.
[From
the article:
Further, the G DATA Q2 2015 Mobile Malware Report
shows that there will be over two million new malware apps by the end
of the year.
Like my students, some (most?) parents don't
bother reading the instructions.
IoT baby
monitors STILL revealing live streams of sleeping kids
… Isolated real-world reports of hacking
of baby monitors date back at least two years, so it’s not as
if the problem is new.
Last year privacy watchdogs at the ICO
warned
parents to change the default passwords on webcams to stop
perverts shopping on kids.
The warning followed a security flap created by
the site, hosted in Russia, that streamed live footage ranging from
CCTV networks to built-in cameras from baby monitors. The website
itself – insecam.cc – accesses the cams using the default login
credentials, which are
freely available online for thousands of devices.
Legal doublethink. This poor, helpless minor will
be charges as an adult. (Isn't the legal marrying age in the south
somewhere around 12? Or is that only for first cousins?) The
boyfriend was also charged.
Paul Woolverton reports:
After a 16-year-old Fayetteville girl made a sexually explicit nude photo of herself for her boyfriend last fall, the Cumberland County Sheriff’s Office concluded that she committed two felony sex crimes against herself and arrested her in February.
The girl was listed on a warrant as both the adult perpetrator and the minor victim of two counts of sexual exploitation of minor – second-degree exploitation for making her photo and third-degree exploitation for having her photo in her possession.
Read more on Fay
Observer.
Typical bureaucracy: When in doubt, hire more
underlings, ask for a larger budget,
The Federal Aviation Administration (FAA) on
Wednesday brought on two high-level officials to help lead the
agency’s regulation of drone flights in the United States.
The agency hired Hoot Gibson as senior adviser on
drone integration, a new position that reports to the FAA deputy
administrator. The
position, first announced in May, will focus on outreach to other
areas of the government and airspace stakeholders.
The agency also hired Earl Lawrence to become the
new director of the UAS Integration Office, which has been vacant
since the retirement of Jim Williams in June. The office was created
in 2013 to help create regulations to safely integrate drones into
the nation’s airspace.
Just in case you missed it. Initial reports
always seem to underestimate the damage. Imagine if this had been
something really dangerous, like Donald Trump's hair tonic.
Pentagon
Now Says Army Mistakenly Sent Live Anthrax to All 50 States
Deputy Defense Secretary Bob Work has
repeatedly said the scandal over the military's mistaken shipment
of live anthrax spores around the nation and the world would get
worse -- and he was right.
The number of labs that received live anthrax has
more than doubled to 194 since Work and Frank Kendall, the Pentagon's
top acquisition official, released a report in July on the shipments
of the deadly pathogen from the Army's
Dugway Proving Grounds in Utah.
The number of states receiving live anthrax also
more than doubled to include all 50 states and Washington, D.C., plus
Guam, the U.S. Virgin Islands and Puerto Rico.
The world gets its news from Twits?
… Eighty-six percent of users overall say they
use the platform for news, according to the study,
which was funded by Twitter but developed independently by the
American Press Institute and released Tuesday.
… A Pew Research Center earlier
this year found that use of Twitter and Facebook to consume news
is on the rise, with current users seeing more news on the platforms.
(Related)
Apple Adds
More Publishers for Its News App, Which Will Launch Soon
One thing you won’t hear much about at Apple’s
media event next week: Its News
app, a newsreader
that will work something like Flipboard, that will be included in
Apple’s upcoming iOS 9 software this fall.
That doesn’t mean Apple isn’t interested in
getting the word out about the app, which it has been fixing up since
debuting a rough-around-the-edges beta a few months ago. It has also
signed up more publishers for the launch, which will likely be in the
next few weeks. When it announced News at WWDC in June, Apple had 18
publishers on board; now it says it has more than 50.
Should we consider the source and laugh at this
guidance?
White House
Wants Feedback on IT Contract Security
Cybersecurity is a key component of all contracts
between U.S. government agencies and information technology vendors.
Yet cyberbreaches continue to occur – some of them with alarming
scope and depth.
The White House is seeking input from private
sector vendors and others on how to improve the cybersecurity
elements involved in federal government purchases of IT equipment and
services. The Office
of Management and Budget recently released draft guidance
dealing with that issue, and it will accept input on the proposal
until Sept. 10.
Someone has to fall on his sword! Will that be
the job of the staffers who will testify? What could they say? “We
did it, Hillary was ignorant?”
Ex-Hillary
Clinton Staffer Who Set Up Email Server Plans to Plead the Fifth
A former Hillary Clinton staffer who helped set up
the former secretary of state's private email server has vowed to
invoke the Fifth Amendment and refuse to answer questions after a
congressional committee subpoenaed him, MSNBC
confirmed late Wednesday.
Bryan Pagliano, who worked for Clinton during her
2008 presidential campaign and at the State Department, has been
identified in digital records as the person who set up her email
server in 2009.
… A Clinton campaign aide said in a statement
to NBC News Wednesday the candidate has encouraged aides to answer
any questions.
(Related) It's easy to teach Best Practices if
you have plenty of really, really bad examples. It does raise yet
another question: Did Hillary's server block all known security
issues? Did she ever receive emails from unknown sources and open
them?
The
"Executive" IT Security Problem - Lessons Learned from
Hillary Clinton
… Not
every executive wants to dedicate space in their bathroom to an email
server. But there are companies without a BYOD policy where
executives insist on using personal tablets. Yahoo’s CEO famously
refused to put a passcode on her personal phone. Some execs
retain access to sensitive information following retirement. They
insist on downloading software from any Internet site they want to.
With authority and resources, convenience is easily prioritized over
policy.
Further,
the risks presented by privileged users, including executives,
continues evolving. No longer limited to the malicious or careless
user, we now are confronted with outsiders
obtaining and abusing insider credentials. Spear phishing
executives, or “whaling”
is a rising
attack vector to take advantage of the broad access attackers
possess, while self-inflicted vulnerabilities make them a softer
target as well.
Not analysis of bits and bytes. Using tech to
record artifacts before some fanatic destroys them.
Institute
for Digital Archaeology
by Sabrina
I. Pacifici on Sep 2, 2015
“Digital archaeology represents the natural
evolution of classical archaeology, permitting researchers to look at
ancient objects in a whole new way, to uncover hidden inscriptions,
invisible paint lines, the faintest palimpsests... and to share these
discoveries with the world.”
The
Million Image Database Project – “In collaboration with
UNESCO World Heritage and the epigraphical database project at NYU’s
Institute for the Study of the Ancient World and engineering
specialists at Oxford University, we hope to capture one million 3D
images of at-risk objects by the end of 2016. To that end, we have
created a heavily modified version of an inexpensive consumer 3D
camera that will permit inexperienced users to capture
archival-quality scans. The camera has the facility to upload these
images automatically to database servers where they can be used for
study or, if required, 3D replication. It is our intention to deploy
up to five-thousand of these low-cost 3D cameras in conflict zones
throughout the world by the end of 2015. Each camera contains an
automated tutorial package that will help field users – local
museum affiliates, imbedded military, NGO employees and volunteers –
both to identify appropriate subject matters and to capture useable
images. This project is the first of its kind in both purpose and
scale. However, it is our hope that it will become a model for
future similar endeavors. All of the associated technology and
software will be open-source to facilitate that goal.” This
project is especially timely in light of the seemingly unstoppable
destruction of antiquities, including in Palmyra,
Syria.
If you thought “old stuff” disappeared you
haven't tried to buy anything for your horse recently. Weak and poor
quality companies are forced out of the market, but the survivors
always command a premium.
This
Company Is Still Making Audio Cassettes and Sales Are Better Than
Ever
The audiocassette tape is not dead. In fact, one
Springfield, Mo., cassette maker says it has had its best year since
it opened in 1969.
“You can characterize our operating model as
stubbornness and stupidity. We were too stubborn to quit,” said
National Audio Company President Steve Stepp.
NAC is the largest and one of the few remaining
manufacturers of audiocassettes in the U.S. The profitable company
produced more than 10 million tapes in 2014 and sales are up 20
percent this year.
I do want to collect articles like this. I think
they would benefit my students.
Leaving
Voicemails, and Other Prickish Phone Habits
… With all the focus on what smartphones
can do and how
they’re affecting us, many people have lost sight of how to use
our phones like an actual, original, dial-a-number phone
without behaving like an ass. This isn’t an argument against
buying a smartphone, but just a sad fact of life.
No comments:
Post a Comment