Week in review: NSA spying scandal, EU net neutrality, and vulnerable smart TVs
Here’s an overview of some of last week’s most interesting news, reviews, articles and interviews:
Google won’t allow facial recognition on Glass
Whether Google Glass ships out to regular users later this year or the next, one things is sure: it won’t make use of facial recognition software – for now.
LinkedIn unveils optional 2-step verification
“Professional” social networking website LinkedIn is the latest in a string of popular online services and communities that have introduced optional 2-step verification for their users.
U.S. judge orders Google to share user info with the FBI
Google has been ordered to comply with FBI requests for user information that came in the form of National Security Letters (NSLs) by U.S. District Court Judge Susan Illston.
E-voting system used in French election is flawed
A recent electronic election in France has proved electronic some voting systems still cannot be trusted not to include fraudulent votes.
Changes to the Java security model
The upcoming security changes in Oracle Java address three long-standing issues with the Java security model.
Cyberespionage campaign targeting government-affiliated organizations
Kaspersky Lab experts published a new research report about NetTraveler, which is a family of malicious programs used by APT actors to successfully compromise more than 350 high-profile victims in 40 countries.
Bad Data Handbook
The Bad Data Handbook is a collection of experiences of 19 different data scientists and experts, who share their methods of making data work for and not against them.
Net neutrality soon to be on EU’s agenda
Lack of regulation has contributed much to the success of the Internet, and made it a hotbed for new ideas. But there are some things that should be regulated and enforced in order for it to remain just that, and net neutrality is one of them, says the European Commissioner for Digital Agenda Neelie Kroes.
Internet-savvy Turkish protesters turn to anti-censorship apps
After having successfully censored the majority of the television channels that can be seen in Turkey, the government is aiming its sights agains social networks again. The escalating protests have spurred the country’s Prime Minister Recep Tayyip Erdogan to demonize Twitter and social media in general as a “menace to society.”
Windows 8.1 will allow locking folders with a finger
Windows 8.1 is scheduled to be released at the end of 2013, and among the various changes that Microsoft aims to implement in it is native support for fingerprint readers, so that fingerprint-based authentication becomes an integral part of the users’ experience.
Spyware sold to foreign governments aimed at U.S. woman critical of Turkish movement
A failed phishing attempt aimed at an unnamed woman openly critical of the G??len Movement has revealed that spyware created for lawful intercept purposes is being used for illegal spying.
Brown University CISO on education, BYOD and emerging threats
David Sherry is the CISO at Brown University. He leads the Information Security Group, charged with the development and maintenance of Brown’s information security strategy, information security policies and best practices, security training and awareness programs, as well as ongoing risk assessment and compliance tasks. In this interview, David talks about the lessons he learned as CISO of Brown University, he discusses unique BYOD challenges, the value of education for the modern IT security professional, and much more.
Microsoft and FBI disrupt global cybercrime ring
Microsoft, the FBI, Agari, financial services industry leaders FS-ISAC, NACHA, and other industry partners, managed to break up a massive cybercrime ring which was stealing people’s online banking information and personal identities.
Most small businesses can’t restore all data after a cyber attack
Almost one-third of U.S. small businesses surveyed by the Ponemon Institute had a cyber attack in the previous year, and nearly three-quarters of those businesses were not able to fully restore their company’s computer data.
NSA legally forces Verizon to hand over all phone records on a daily basis
According to the order issued on April 25, one of the biggest telecommunication providers in the U.S. is ordered to hand over – on a daily basis – an electronic copy of all call detail records (“telephony metadata”) for calls made by their users both within the U.S. and between the U.S. and abroad.
Smart TVs vulnerable to a host of attacks
Research in this field is still in its infancy, and as a proud new owner of a Samsung ES7000 TV with HbbTV capabilities, n.runs AG researcher Martin Herfurt has decided to poke around a bit and see just what kind of attacks he can throw at it.
U.S. Veterans Affairs Dept. repeatedly targeted by foreign hackers
Conflicting claims were heard at Tuesday’s hearing of the House Veterans’ Affairs oversight and investigations subcommittee, leaving open the question on whether the Veterans Affairs Department has been repeatedly breached and information from its networks stolen.
Fake Mt. Gox pages aim to infect Bitcoin users
This fake pages were set up on domains that resembled Mt. Gox’ legitimate one (mtgox.com), such as mtgox.org, mtgox.co.uk, mtgox.net, and others.
New Android Trojan is complex as Windows malware
This newly discovered Trojan has obviously been constructed by someone who knows quite a bit about the Android platform, as the creator has taken advantage of multiple known and previously unknown errors and vulnerabilities in the OS to make the analysis of the file difficult.
NSA has direct access to Google, Facebook, Apple servers
After Thursday’s news that Verizon is compelled to share all phone call metadata with the NSA on a daily basis comes the incendiary revelation that the spy agency has direct access to the servers – and the data contained on them – of a host of big U.S. Internet companies, including Microsoft, Facebook, Google, Yahoo, Apple, AOL, YouTube, Skype and PalTalk.
Pirate Bay founder suspected of hacking police databases
Along with an unnamed 20-year-old Danish citizen, Svartholm is thought to have breached and downloaded a large number of files from mainframe systems of CSC, a company tasked with keeping and handling sensitive information belonging to the Danish police, as well as the Danish Tax Authority and the Modernisation Agency.
Proposed bill will deny foreign hackers entry into the U.S.
A day before U.S. President’s scheduled meeting with Chinese President Xi Jinping, a new act that aims to punish criminals engaging in cyber spying and theft on behalf of foreign governments has been presented to U.S. legislators.