FBI: Apple’s iPhone, iPad encryption puts people ‘above the law’; Experts Say ‘Bash’ Bug Is a Major Vulnerability But Not a Major Threat; How to do a “back to basics” security overhaul; Laptop vs. tablets: how they compare for true productivity; Amazon’s giving over $135 in paid Android apps away for free; Switching from iOS to Android: The complete guide; The 6 essential Windows software programs for any PC; What’s the difference between LibreOffice and OpenOffice? Send self-destructing social media posts with Xpire; Latest Firefox and Thunderbird updates plug CRITICAL SSL vuln; What You Need To Know About Shellshock; Final announced ‘Titanfall’ DLC now available for Xbox One, PC; Looking for Work? GameStop Announces Holiday Hiring Surge; Angry Birds Transformers Set for October Launch; Junkware Removal Tool (free).
FBI director blasts Apple and Google for offering encryption – Is it illegal to encrypt the data on your phone? Most would say the answer is a clear no, but Apple’s recent announcement that the company won’t be able to decrypt user data in iOS 8 apparently has a lot of law enforcement figures spooked. Today at FBI headquarters, director James Comey told reporters he was concerned by the move. “I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the content of anyone’s closet or their smart phone,” Comey said. “The notion that someone would market a closet that could never be opened — even if it involves a case involving a child kidnapper and a court order — to me does not make any sense.”
Experts Say ‘Bash’ Bug Is a Major Vulnerability But Not a Major Threat – The threat posed by the Bash bug—it could theoretically remotely command computers and extract private information—is overblown, cybersecurity experts told TIME. Average computer users aren’t likely to be directly targeted by hackers, experts said. And for the vulnerability to be triggered, the attacker would need to deliver content to the user, and then get the user to execute Bash with that content, according to Kindlund. Normal web browsing, emailing or other common activities do not involve calling Bash. What average users should be worried about are more traditional hacking techniques, like phishing emails and links to malicious websites, said John Gunn of VASCO Data Security.
Security begins at home – how to do a “back to basics” security overhaul on your family network – My wife recently went back to work after spending a considerable amount of time away to look after our children. With her work and home IT needs now converging on our family network, this got me thinking about security in a whole new way. For over a decade now I’ve been responsible for maintaining security resources and advising Sophos customers and partners about security best practices. While I practice what I preach, it occurred to me that my family doesn’t get the equivalent level of attention. The old adage about the cobbler’s kids came surging to mind. So here’s a checklist of what I did.
Amazon’s giving over $135 in paid Android apps away for free – From now through Saturday September 27, Amazon’s giving away 27 premium apps away for free as part of a fall deal—a bundle that would normally sell for $135 in total. There are some apps you’ll definitely want to check out in this latest pack, including the OfficeSuite Professional productivity suite (normally $15), Autodesk’s SketchBook Pro, and games like Riptide GP2, Sonic The Hedgehog 4 Episode II, and Threes! (Trese Brothers Software’s Heroes of Steel RPG is there too, and while I haven’t played that game yet, the Trese Brother’s Star Trader Android game utterly rocks.)
The 6 essential Windows software programs for any PC – PCWorld senior editor Brad Chacos wrote an excellent story about the best software for a new PC. But if we’re talking the barest minimum, anyone with a Windows PC really, absolutely must have a program in each of the categories below.
Laptop vs. tablets: how they compare for true productivity – When the Surface Pro 3 launched, Microsoft made a bold claim: This is the tablet that can replace your laptop. Really? We set out to test Microsoft’s assertion for not just the Surface Pro 3, but for all tablets. We looked at more than 700 tablets and 2,000 laptops, digging into the specs that make a difference, like RAM and storage, display size, battery, and connectivity.
Switching from iOS to Android: The complete guide – iPhone die-hards may find flipping to Android a ghastly proposition, but for the less committed — likely with older iPhones — cheaper and larger Android phones with 4G are a tempting option. Here are 13 tips to help make the move.
Create Android keyboard shortcuts for words that you use frequently – If you’re looking for a way to make typing on Android a bit more efficient, Jack Wallen shows you how to take advantage of shortcuts on the built-in keyboard.
‘Today Calendar’ App Gets Updated With Android L Style – As the release of Android L fast approaches, developers are rolling out updated designs that jive with Google’s new design philosophy. The latest app to get prepped is Today Calendar, a popular replacement for the official Google Calendar app that can do everything Google does and more.
Instagram Lets You #Selfielapse By Adding Front-Facing Camera Option To Hyperlapse – Instagram’s first update to its timelapse app Hyperlapse will let you create mini-travelogues of your face hurtling through the world. Hyperlapse now lets you capture timelapses with the front-facing camera to create what Instagram calls a #Selfielapse.
Hands on with Seek Thermal, the snap-on camera that gives your phone Predator vision – Whether you’re a hunter in the woods or a frequent camper who often gets up in the middle of the pitch black night to go to the bathroom, there are gadgets out there that can help. Not all of them are as affordable as the Seek thermal camera, however. This little apparatus plugs in to your smartphone and turns your regular ol’ phone or tablet into a military-grade thermal camera—and it only costs $200. I got to spend a few days tinkering around with it and was sincerely impressed by its capabilities.
Working with Windows 8.1’s Credential Manager – Whenever you respond to a prompt that essentially asks you if you want Windows or Internet Explorer to remember your password, the operating system will then store your user credentials in an encrypted file scheme know as the Windows Vault. The GUI front end for this vault is called Credential Manager, and it’s designed to allow you to easily view and manage your network-based logon credentials (i.e. usernames and passwords). In this article, I’ll introduce you to the Windows 8.1’s Credential Manager and explain how it works.
Send self-destructing social media posts with Xpire – This free iPhone app lets you schedule posts to Twitter, Facebook and Tumblr that will self destruct after a time period of your choosing.
What’s the difference between LibreOffice and OpenOffice? – If you’ve ever wanted to know the major differences between LibreOffice and Apache OpenOffice, Jack Wallen lays them out to help you make a choice.
Google: Android Devs must respond to customers – If you’ve ever reached out to a Developer of an app and been ignored, you’ll like this update to the Play Store. Now, those Devs who have paid users reaching out to them must respond within three days of receipt of the email. Google is also making it easier for Developers to reach out across the pond and sell their wares in Europe.
Latest Firefox and Thunderbird updates plug CRITICAL SSL vuln – Mozilla Firefox needs patching urgently following the discovery that the open source browser is vulnerable to SSL man-in-the-middle attacks. The critical bug arises because the Network Security Services (NSS) libraries parser built into the browser is capable of being tricked into accepting forged RSA certificate signatures. Man-in-the-middle attacks create a means for attackers to impersonate a bank or webmail provider, tricking surfers into handing over logon credentials that can be relayed to the genuine organisation.
First attacks using ‘shellshock’ Bash bug discovered – Within a day of the Bash bug dubbed ‘shellshock’ being disclosed, it appears that attackers are already looking for ways to use it for their advantage. Security researchers have found proof of concept code that attempts to exploit the serious bug discovered this week in Bourne-Again Shell, also known as Bash, which according to US CERT affects both Linux and Mac OS X.
What You Need To Know About Shellshock – Another week, another massive security vulnerability which is almost a household name. How bad is it? Really bad. According to Matt Harrigan of PacketSled, “It’s really pretty astonishing how bad this bug is and how long it went unchecked. To be clear, the scale of impacted machines includes anything that runs bash. This includes a ton of consumer products, wireless routers, handheld phones, etc.” What do you need to know about Shellshock and what can you do to ensure your machines aren’t compromised? Read on.
Meet Wedg, Another Post-Snowden Personal Cloud Device – As you’d expect for a pro-privacy device, Wedg’s makers are trumpeting the security credentials of their private cloud. They’re using AES and XTS-AES to deliver 512bit encryption, there’s built-in key management, 2-factor authentication on its mobile app, SSL connections, and they’re managing shared content and keys using GPG/OpenPGP. Sensitive user data is also sandboxed away from any third party apps within a secure zone on the device to prevent outside services accessing encrypted content. The project is open source, although the code has not yet been opened up.
Disgruntled employees are increasingly e-sabotaging businesses, FBI says – Employees with an axe to grind are increasingly sticking it to their current or former employers by carrying out “computer network exploitation and disruption”, the FBI says.
Samsung has more employees than Google, Apple, and Microsoft combined – Samsung loves “big.” Its phones are big, its advertising budget is big, and as you’ll see below, its employee headcount is really big, too. Samsung has more employees than Apple, Google, and Microsoft combined. We dug through everyone’s 10-K (or equivalent) SEC filings and came up with this:
Google responds to News Corp, but it settles nothing – Today, Google issued an open response to an open attack laid down by News Corp. In an open letter to the European Commission, News Corp explained why they feel Google has too much power over the Internet as we see it. In their open rebuttal, Google explains all the ways that’s just plain wrong.
DirecTV Shareholders OK AT&T Deal – DirecTV stockholders today voted almost unanimously to approve the company’s proposed merger with AT&T. The final results indicated more than 99 percent of votes cast were in favor of the deal, which is still subject to government regulatory review and approval. AT&T in May announced plans to acquire DirecTV in a deal worth $48.5 billion. The move, according to AT&T, will provide more customers with mobile, broadband, and pay-TV service bundles.
Tech Firms Desert Powerful Right-Wing Group After Climate Change Spat – After Google Executive Chairman Eric Schmidt said Monday that the company would no longer support the group, which opposes environmental regulations and has said climate change could be “beneficial,” Yahoo, Facebook and Yelp all issued statements indicating that, for unspecified reasons, their memberships in the group would be allowed to expire. Microsoft had already quit the organization in August, according to the liberal group Common Cause which monitors ALEC, after a Boston-based investment group raised questions about the company’s support in light of ALEC’s opposition to federal renewable energy programs.
Games and Entertainment:
Final announced ‘Titanfall’ DLC now available for Xbox One, PC – The third and final announced map pack for “Titanfall” will be released for Xbox One and PC on Thursday, developer Respawn Entertainment has announced. IMC Rising, which consists of the maps Backwater, Sand Trap and Zone 18, will cost $10 when it releases Thursday, though it is also part of the first-person shooter’s $25 “season pass,” which includes two other map packs. The newest map pack was announced just last month, shortly after the second map pack, Frontier’s Edge, was released.
Asphalt Overdrive Revs Up on Android and iOS – Asphalt is one of Gameloft’s flagship franchises, and there’s a new installment in the series out today on iOS and Android. However, Asphalt Overdrive is a startling departure from past Asphalt games. This one isn’t technically a racer, but more of an endless runner that plays like a racer.
Valve adds a music player to Steam, could a Steam Music service be next? – Did you think Steam was all about games? Think again. Valve has just rolled out a new update for the Steam client and it now acts as a music player, too. By integrating a music player directly into Steam, Valve has removed that hassle. Any soundtrack you purchase through Steam, or which automatically gets bundled with a game, is now instantly playable. But Valve didn’t stop there. If you navigate to Steam’s settings page you can add new directories of music, so Steam Music Player can be used to play all your music.
Angry Birds Transformers Set for October Launch – Angry Birds Transformers hits iOS and Android devices next month, giving mobile gamers a chance to step into the explosive shoes of Michael Bay. In the latest iteration of Rovio’s popular video game, everyone’s favorite furious fowl are disguised as robots. But this time you’re on your own—no help from the likes of Shia LaBeouf, Megan Fox, or Josh Duhamel. Just you and your bird-slinging animated friends fighting the evil Deceptihogs (get it?).
Hands-on: New Total War game takes on Attila the Hun – Total War: Attila puts players in the fifth century, attempting to rebuff Attila’s campaign of terror and stave off the Dark Ages. Or not. You can also play as any number of “barbarian” tribes, attempting to hasten the fall of both the Eastern and Western Roman Empires and claim Europe/Western Asia for your own people. I’m not sure whether you can actually play as Attila, though the way Creative Assembly phrased things it sounds like the answer is no—he’s merely a threat looming on the horizon.
Off Topic (Sort of):
FAA approves drone use by Hollywood, sets precedent – The squabble between those who want to use drones for purposes considered commercial and the FAA, which is working diligently to stamp out all such usage until it gets its regulations ironed out, has taken a new turn. As of today, the agency has approved the commercial use of drones by Hollywood, with some limitations.
Seatylock: Stash a foldable bike lock under your butt – Lately, designers have been putting a lot of thought into building a better bike lock. Clunky chains and hefty metal u-shaped locks are starting to look like relics when you compare them to bikes with handlebars that double as locks or bikes with whole frames that double as locks. Now you have the opportunity to pledge for a bike seat that contains a nifty, foldable lock.
The Seatylock in action protecting a bike.
Was Facebook & OKCupid’s research treating users like guinea pigs illegal? – A Maryland law professor says Facebook and OKCupid did not get ‘informed consent’ from users before conducting psychological experiments, making the research both unethical and illegal.
In 2014, who decides to ban a gay website from in-flight Wi-Fi? – If you were gay and a recent passenger on American Airlines, you might have used in-flight Wi-Fi provided by Gogo just like any other customer. In the course of finding somewhere to stay before you land, you might have navigated to misterbnb.com, a version of Airbnb where customers looking for a place to stay can be guaranteed the hosts are gay-friendly. Rather than getting the site’s homepage, however, your browser would have kicked you to an interstitial page telling you the site had been censored by Gogo. The given reason would have been the site had been categorized as “adult-and-pornography.”
WikiHouse open source project: fast and cheap homes – We’ve seen examples of low-cost 3D printed houses (and an unrelated castle), and while they’re all interesting, they are out of the reach of most prospective home buyers. That could change with WikiHouse, a project that aims to provide the public with plans for cheap homes that can be built in a matter of days.
Looking for Work? GameStop Announces Holiday Hiring Surge – The world’s largest video game retailer on Thursday announced plans to hire approximately 25,000 employees nationwide as it prepares for the holidays. GameStop said that’s about 47 percent more seasonal hires than it took on last year. The company is currently recruiting for in-store “Game Advisors” to help handle the holiday activity, as well as around 250 consumer electronic technicians for its refurbishment operation center, and warehouse personnel for its distribution centers based in Grapevine, Texas and Louisville, Ky. Head over to the career section of GameStop’s website to see the open positions and apply.
Something to think about:
“The Internet poses one of the greatest threats to our existence”
– Australian Senator Glen Lazarus
Today’s Free Downloads:
Junkware Removal Tool – Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This tool will help you remove these types of programs.
Junkware Removal Tool has the ability to remove the following types of programs:
Claro / iSearch
Facemoods / Funmoods
And many more…
Calibre – Calibre is a one stop solution to all your e-book needs. It is free, open source and cross-platform in design and works well on Linux, OS X and Windows.
calibre is meant to be a complete e-library solution and thus includes library management, format conversion, news feeds to ebook conversion, as well as e-book reader sync features and an integrated e-book viewer.
Library Management – calibre manages your e-book collection for you. It is designed around the concept of the logical book, i.e., a single entry in your library that may correspond to actual e-book files in several formats.
E-book conversion – calibre can convert from a huge number of formats to a huge number of formats. It supports all the major e-book formats. The full list of formats can be found here.
The conversion engine has lots of powerful features. It can rescale all font sizes, ensuring the output e-book is readable no matter what font sizes the input document uses. It can automatically detect/create book structure, like chapters and Table of Contents. It can insert the book metadata into a “Book Jacket” at the start of the book.
Syncing to e-book reader devices – calibre has a modular device driver design that makes adding support for different e-reader devices easy. At the moment, it has support for a large number of devices, the complete list of which is here. Syncing supports updating metadata on the device from metadata in the library and creation of collections on the device based on the tags defined in the library. If a book has more than one format available, calibre automatically chooses the best format when uploading to the device. If none of the formats is suitable, calibre will automatically convert the e-book to a format suitable for the device before sending it.
Downloading news from the web and converting it into e-book form – calibre can automatically fetch news from websites or RSS feeds, format the news into a ebook and upload to a connected device. The ebooks include the full versions of the articles, not just the summaries. calibre has over three hundred news sources and the news system is plugin based, allowing users to easily create and contribute new sources to calibre. As a result the collection of news sources keeps on growing!
Comprehensive e-book viewer – calibre has a built-in ebook viewer that can display all the major ebook formats. It has full support for Table of Contents, bookmarks, CSS, a reference mode, printing, searching, copying, customizing the rendering via a user style sheet, embedded fonts, etc.
Content server for online access to your book collection – calibre has a built-in web server that allows you to access your ebook collection using a simple browser from any computer anywhere in the world. It can also email your books and downloaded news to you automatically. It has support for mobile devices, so you can browse your collection and download books from your smartphone, Kindle, etc.
Although I’m not a big user when it comes to downloading audio books from my library, I do so occasionally. This free application has proven to be invaluable in increasing my range of options.
World Of Tanks – World of Tanks is a team-based massively multiplayer online game dedicated to armored warfare in the mid-20th century. Throw yourself into epic tank battles shoulder to shoulder with other steel cowboys to dominate the world with tank supremacy!
You’re about to set foot into a world full of epic tank battles, furious skirmishes, and high-octane excitement. We’re talking, of course, about World of Tanks, the premier multiplayer game for armored warfare.
In Pursuit of Freedom – The Pushback Continues:
FBI: Apple’s iPhone, iPad encryption puts people ‘above the law’ – Presumably doors, locks and windows, too? – FBI Director James Comey has complained that Apple and Google’s use of stronger encryption in smartphones and tablets makes it impossible for cops and g-men to collar criminals.
“There will come a day – well it comes every day in this business – when it will matter a great, great deal to the lives of people of all kinds that we be able to with judicial authorization gain access to a kidnapper’s or a terrorist or a criminal’s device,” he apparently told a press conference.
“I just want to make sure we have a good conversation in this country before that day comes. I’d hate to have people look at me and say, ‘Well how come you can’t save this kid,’ ‘How come you can’t do this thing.'”
Apple has made great play of its tweaked file encryption in iOS 8, which is designed so that Apple doesn’t hold people’s crypto-keys so it can’t be forced to give them up. The device owner’s passcode is used to create the encryption and decryption key in the iThing; decrypting the contents of a person’s iOS 8 phone or slab is no longer Apple’s problem.
Shortly after the change was made public, Google said it too would switch on a similar system by default.
“I am a huge believer in the rule of law, but I am also a believer that no one in this country is above the law,” Comey moaned today.
“What concerns me about this is companies marketing something expressly to allow people to place themselves above the law.”
Comey said the FBI was in discussions with Apple and Google about their crypto implementations, but didn’t give any details as to what Cupertino and Mountain View’s response was. It’s clear he’s not happy that the Feds can no longer get direct access to the handsets via Apple or Google, although data in iCloud is still up for grabs.
Australia: ASIO powers to spy over the entire Internet pass the Senate – The Australian Security Intelligence Organisation (ASIO) will soon be able to monitor every device on the internet, and copy, delete, or modify the data held on those computers with just a single warrant, under massive new powers contained in the anti-terror legislation that passed the Senate overnight.
The amended National Security Legislation Amendment Bill (No. 1) 2014 will now need to return to the House of Representatives in order to pass, but with a government majority in the House, its passage is assured.
The legislation now expands ASIO’s powers to gain access to an unlimited number of computers or networks with a single computer access warrant, disrupt target computers, and use third-party computers not targeted in order to access a target computer.
Legal experts and privacy advocates have warned that the vagueness of the legislation would allow ASIO to effectively monitor the entire internet.
In a marathon Senate debate last night, Greens communications spokesperson Scott Ludlam had attempted to move a number of amendments restricting ASIO’s new powers, however, the government was able to rely on votes from the opposition Labor senators to defeat the amendments.
Ludlam warned that the legislation would give ASIO the power to tap every device.
“These warrants will allow ASIO, or those working for ASIO, to modify these computers, to delete files, to install malware, to seek higher levels of user access and to impersonate people — not only on a particular specified device but, as I think we have well and truly established, on any device that it is connected to or is considered to be in a relationship with,” Ludlam said.
“The physical equivalent is if ASIO served a warrant to enter a particular house for a legitimate reason that also allowed them to enter any other house in the street or any other house in the country, actually, completely arbitrarily.”
Australia: Senators’ ignorance isn’t bliss with new surveillance laws – “The internet poses one of the greatest threats to our existence,” said Senator Glen Lazarus on Thursday night. Hah! A former rugby player says something dumb, that’s always funny, right? No. This mix of ignorance, fear, and sometimes plain laziness infests so many of Australia’s lawmakers — and right now that’s dangerous.
The Senate was debating new national security laws for Australia. Those laws passed. They give the Australian Security and Intelligence Organisation (ASIO) expansive powers to spy on all Australian internet users, and dramatically restrict freedom of the press.
As I read the transcript of the debate, what concerns me is not the passing amusement of Senator Lazarus, but how little effort was put into probing and challenging the government’s proposals more generally.
Greens Senator Scott Ludlam was up for it, of course, as was independent Senator Nick Xenophon and, to a lesser extent, libertarian Senator David Leyonhjelm of the Liberal Democratic Party.
But where was the sustained pressure from Labor, the chief opposition party? Oh that’s right, the “bipartisan approach to national security” meant that they’d already agreed to it.
Where was any technologically literate critique from anyone other than Ludlam?
Where, indeed, were the rest of the senators? “I cannot believe that here on a Thursday night this chamber is virtually empty and yet we have seen already tonight penalties increase from one to 10 years [in jail] for various things,” said Greens Senator Christine Milne.
“Incredibly draconian legislation is being passed, and the minister responsible either cannot or will not answer and is smug because the opposition is going along with it.”
The responsible minister, Australia’s favourite Attorney-General Senator George Brandis QC, was indeed smug.
When asked by Ludlam what kinds of things, specifically, ASIO would be empowered to do under a computer access warrant, Brandis’s reply was dismissive. “What ASIO would be empowered to do would be that which is authorised by the warrant, which is in turn governed by the terms of the act,” he said.