Tech Thoughts Net News – Monday – November 23, 2015

Microsoft cuts thousands of movies and games to 10 cents for Windows 10;  How NSA continued to spy on American citizens’ email traffic; Edward Snowden explains how to reclaim your privacy;  Facebook back in hot water after Safety Check ignores Mali;  Shop more safely on Cyber Monday;  Windows 10 Mobile review;  13 Google Chrome Tips That Will Make Your Life Better;  Now reply to individual story snaps in Snapchat;  How to buy a productivity tablet;  Microsoft yanks Windows 10 November upgrade from download site;  The best cooking apps for the holidays;  The PS4 can now emulate PlayStation 2 games;  A deep dive into the security features of a router;  Only 31% of Preteens Can Distinguish Paid Ads from Real Search Results;  How to try Firefox OS preview on your Android device;  Malware caught checking out credit cards in 54 luxury hotels;  Walmart moves Cyber Monday to Sunday;  EFF Launches Website for Reporting Content Takedowns;  11 ways video games can make you a better person;  10 Small Things You Can Do Every Day to Get Smarter;  Sleeping in on weekends linked to health problems.

Tech Thoughts Daily Tech News 2

13 Google Chrome Tips That Will Make Your Life Better – There are many extensions and programs that innovative developers have built to make using Chrome more productive and more fun. With them, you can save articles to read anywhere, learn a new language, save money while shopping, and even improve your writing. And the beauty is that they don’t actually require you to put in any extra work. These 13 extensions and apps can help you both streamline your Chrome browsing and help you do things you didn’t even know were possible. Read on to become a Google Chrome pro:

It’s official—NSA did keep its e-mail metadata program after it “ended” in 2011 – Though it was revealed by Edward Snowden in June 2013, the National Security Agency’s (NSA) infamous secret program to domestically collect Americans’ e-mail metadata in bulk technically ended in December 2011.  Or so we thought. A new document obtained through a lawsuit filed by The New York Times confirms that this program effectively continued under the authority of different government programs with less scrutiny from the Foreign Intelligence Surveillance Court (FISC).

How NSA continued to spy on American citizens’ email traffic – from overseas – Newly revealed documents (not from Snowden this time) show that the NSA has continued to collect Americans’ email traffic en masse using overseas offices to get around curbs introduced domestically. To get around the restrictions on operating in the USA, the NSA simply started using its overseas offices to do the collection. Stations like RAF Menwith Hill in Yorkshire were tasked with collecting the metadata and feeding it back to the NSA headquarters in Maryland.

Microsoft cuts thousands of movies and games to 10 cents for Windows 10 – The software giant is kicking off a huge promotion for its Windows Store, with more than a 1,000 movies, songs, apps, and games discounted down to just 10 cents. There’s a wide range of titles available, but you won’t own movies as they’re available to rent for the 10 cents offer. Movies include Jurassic World, Mad Max: Fury Road, and The Dark Knight Rises. Songs like Justin Bieber’s “What Do You Mean” or John Legend’s “All of Me” are just 10 cents, and Microsoft has a variety of Xbox-enabled Windows 10 games available. Hitman Go, Angry Birds Star Wars, Assassin’s Creed Pirates, and Reckless Racing Ultimate are some of the highlights. There’s even applications at just 10 cents, including IM+ Pro, Sticky Notes Pro, and a variety of unnecessary ZIP extractors. To keep track of each daily deal you just need to open the Windows Store on a Windows 10 PC and the home section will list all of the daily movies, games, and app deals. Microsoft’s “10 days of 10 cents deals” runs until Sunday November 29th.

What’s the catch with off-brand prepaid wireless services? – In this edition of Ask Maggie, CNET’s Marguerite Reardon explores whether prepaid brands, which are owned by the major wireless operators, offer a true bargain over traditional services.

Opera Max Now Also Helps You Save Data While Streaming Music – While Opera is best known for its browsers, the company has recently put quite a bit of effort into its Opera Max data-saving app for Android. Opera Max promises that its latest version will allow users to save about 50 percent of the data they would usually use to stream music from YouTube Music, Pandora, Slacker Radio, Gaana and Saavn. The service that’s obviously missing here is Spotify, but if you’re a heavy user of one of the supported apps — and you don’t have an unlimited plan (or are on T-Mobile’s post-paid network), it’s probably worth a try.

wps_clip_image-23968

You can now reply to individual story snaps in Snapchat – Snapchat quietly dropped an update last night that makes its chat feature a lot more interesting. Now, when viewing a snap in someone’s story, you can swipe upward to send that user a direct chat message. The original poster receives a notification and can hop into a private message thread tied directly to the original snap. The update makes it easier to start a conversation with another user based off something they snap to their story, whereas before users weren’t quite sure which snap any incoming message may be replying to — think of it like quoting someone’s public tweet in a direct message on Twitter.

Facebook At Work Gets Its Own Version Of Messenger With Debut of “Work Chat” – Facebook at Work, the version of Facebook designed for chatting with colleagues on a private social network, now has its own chat client as well. Somewhat like Facebook at Work’s version of Messenger, the new “Work Chat” app, as it’s called, allows coworkers to message each other individually, participate in group chats, share photos and videos, make voice calls, and even use stickers. The application quietly debuted on the Google Play store on Thursday. Facebook tells us the iOS version is in the works, and will arrive soon. However, the company would not provide an exact launch date.

How to try Mozilla’s mobile Firefox OS preview on your Android device, no deep-level tech tricks required – Instead of going through the pain and commitment of re-flashing your phone with Firefox OS, all you have to do is download and install Mozilla’s APK. Then the next time you try to hit the home button on your device you’ll see the option to use Firefox OS as your app launcher. From then on you’ll experience what Firefox OS has to offer without losing your Android apps. If you get tired of Firefox OS as Android launcher you can get rid of it by scrolling downwards to the Android Settings app. Inside Settings, find the “Device” heading, tap Home, and select the standard Android launcher that comes with your device.

Five to Try: Horizon Chase is a rad retro racer, and Dragon Anywhere delivers pro-level dictation – Load up with the latest Android apps and games before Thanksgiving rolls around.

Microsoft yanks Windows 10 November upgrade from download site – Microsoft last week stopped offering Windows 10’s November upgrade as a disk image, shutting down the route many had used to skip the wait as the company slowly rolls out the refresh via Windows Update. The .iso files are still available, but when downloaded using Microsoft’s Media Creation Tool, they now install the original July 29 edition of Windows 10, not the November upgrade as they did earlier.

Five key facts about how Windows 10 search works – You can search for anything and everything from the Windows 10 desktop, but the results may sometimes be confusing. Here is what you should know.

Video: How to buy a productivity tablet – Whether you’re opting for an iPad or a Surface, here are five things to consider before you buy a tablet.

Windows 10 Mobile review: Next-gen Windows Phones focus on unique features to double down on productivity – Microsoft’s Windows 10 Mobile operating system may be a second-tier OS, but it’s not second-rate. With its new smartphone OS, Microsoft has doubled down on the productivity message, crafting a utilitarian OS with occasional flashes of magic—most notably its new PC-like Continuum feature.

Feature phone growth outstrips smartphone sales in India for Q3 – In a bizarre twist, aggressive distribution strategies as well as mistrust of more expensive smartphones have helped feature phones stage an unlikely comeback.

EFF Launches Website for Reporting Content Takedowns  – The website allows visitors to indicate when their content has been removed from various social media sites.

The best cooking apps for the holidays – Whether you’re heading into the kitchen, or are on the hook to bring the drinks to the big meal, these apps will help find the right recipes, cook like a pro and get the right bottle of wine this holiday season.

wps_clip_image-29439

Facebook back in hot water after Safety Check ignores Mali – Facebook activated its Safety Check feature immediately following the attacks in Paris, representing the first time the social network’s tool was used for something other than a natural disaster. The company was heavily criticized for doing so, not because the tool isn’t useful, but because Facebook didn’t activate it for previous similar attacks elsewhere, such as Lebanon. This highlighted a bias in the company, according to critics, which Facebook dismissed. However, as a harrowing attack took place in Mali, Safety Check remained inactive.

Security:

Shop more safely on Cyber Monday – Black Friday, the day after Thanksgiving, is America’s biggest shopping day, but Cyber Monday is catching up. Why camp outside a store for limited-quantity “door buster” deals when you can get goods online, snug on your couch with a cup of cocoa? However, you don’t want to avoid the mall circus only to get your personal or financial info trampled by an insecure site. Here’s how to shop more safely online.

Malware caught checking out credit cards in 54 luxury hotels – Add Starwood – owner of the Sheraton, Westin, W hotel chains – to the ranks of resorts infiltrated by credit card-stealing malware. The luxury hotel chain said on Friday that 54 of its North American locations had been infected with a software nasty that harvested banking card information from payment terminals and cash registers. Starwood said the 54 compromised hotels [PDF] were scattered throughout the US and Canada, and were infected from as early as November of 2014 to June 30 of this year. Malware was found in payment systems in gift shops, restaurants, and sales registers. Data stolen by the software could include customer names, credit card numbers, card security codes, and expiration dates. Starwood said that customer addresses, reservation data, and reward card information were not exposed in the breach.

Security experts: Every business should have a security and encryption policy – Two experts from security firms explain the basics of why your business needs a security and encryption policy.

TrueCrypt is safer than previously reported, detailed analysis concludes – Despite the vulnerabilities, the analysis concluded that TrueCrypt remains safe when used as a tool for encrypting data at rest as opposed to data stored in computer memory or on a mounted drive. The researchers said the vulnerabilities uncovered by Project Zero and in the Fraunhofer analysis should be fixed but that there’s no indication that they can be exploited to provide attackers access to encrypted data stored on an unmounted hard drive or thumb drive. According to a summary by Eric Bodden, the Technische Universität Darmstadt professor who led the Fraunhofer audit team:

It does not seem apparent to many people that TrueCrypt is inherently not suitable to protect encrypted data against attackers who can repeatedly access the running system. This is because when a TrueCrypt volume is mounted its data is generally accessible through the file system, and with repeated access one can install key loggers etc. to get hold of the key material in many situations. Only when unmounted, and no key is kept in memory, can a TrueCrypt volume really be secure. In result, TrueCrypt provides good protection mostly when storing encrypted data offline. If keeping a backup stored offline on a hard drive, for example, or keeping encrypted data on a USB flash drive to be sent via a human carrier, then this can be considered relatively secure.

A deep dive into the security features of a router – This look at the D-Link DIR-860L router is focused exclusively on security, which probably makes it the first review of its kind. My last blog, How secure can your router get?, described a checklist of router security features on my RouterSecurity.org site. Here I employ that checklist to evaluate the security aspects of a random router.

wps_clip_image-24763

Only 31% of Preteens Can Distinguish Paid Ads from Real Search Results – Well, this is alarming: a new study revealed that only 31 percent of 12 to 15 year-olds could recognize the difference between Google Ads and regular Google search results. In kids ages 8 to 11, the number was much lower, at only 16 percent. The study was conducted by Ofcom, the UK’s regulatory agency in charge of communications, and examined results from several hundred children in each age group. The kids were shown an image of a search for “trainers,” and most either did not identify the paid results or trusted that they were still reflective of the best possible results.

Company News:

Blackphone maker Silent Circle distances itself from criminals – Rampant spying by governments, spates of large scale hackings, and a general atmosphere of vulnerability over the Internet and mobile networks has made many look at heavily encrypted services and devices just to feel safe even while swimming in this digital age. Silent Circle has been one of the loudest voices in that market, putting out not only encrypted communication services but also an encrypted communication device: the Blackphone. Sadly, one of its most recent endorsers is one that the startup could do without, the Islamic State, more notoriously known as ISIS.

Pointing up   In related news – Toyota has taken the unusual step of distancing itself from bank robbery “get away cars.” Expert experts agree, that virtually all manufacturers of consumer goods are now likely to make similar statements disavowing any connection with the criminal class. Knives, hammers, rope…, will receive special attention.

Expert experts also agree that Blackphone’s  announcement is an example of corporate grade political correctness taken to the “stupid” level.     Crying face

Walmart moves Cyber Monday to Sunday because people now have the internet at home – As if starting Black Friday on Thanksgiving evening wasn’t enough to demonstrate Walmart’s flagrant disregard for the meaning of words that end in “day,” the mammoth retailer has now announced that it is choosing to ignore the temporal boundaries of yet another beloved American institution. Get ready to do your Cyber Monday shopping on, well, Sunday instead. The reason? People have the internet at home now, too. “The customers have changed but Cyber Monday hasn’t changed with them,” Walmart.com CEO Fernando Madeira tells Reuters. “Now everyone has Internet.” In other words, there’s no reason why they should have to wait until Monday morning to use their office internet connection for shopping. What an age we live in.

Report: Google Play’s move into China now scheduled for 2016 – A report from Reuters gives us the latest update on Google’s ongoing effort to get Google Play into China. The report says that Google employees are “working hard in China to lay the ground for the app store’s launch” and the store will go live in 2016, sometime after February. With 1.3 billion people, China is the world’s largest smartphone market, but a Google-blessed version of Android isn’t available there. Google is very active in the second- and third-most-populated countries—India and the US—but the company effectively pulled out of China several years ago due to censorship laws.

Coinbase launches their first Bitcoin debit card – One of the biggest hurdles for Bitcoin adoption is the fact that it’s difficult to actually spend the crytocurrency. While people have dreamed of a time where you can go to any store and spend your Bitcoin, it’s just not taken off in a way that’s made it feasible. However, Coinbase has just secured a deal that will let you do exactly that.

wps_clip_image-16111

Yahoo surrenders all search share gains from Firefox deal – A year after Yahoo struck a deal with Mozilla to make its search engine the default in Firefox in the U.S., Yahoo’s share of search usage share has fallen to levels lower than before the partnership was inked, according to one Web measurement. In the last five months, Yahoo’s U.S. search share as tracked by Irish metrics vendor StatCounter has has been under the 8.9% recorded in November 2014, the month when Yahoo and Mozilla announced the deal. For October, Yahoo’s usage share was 7.6%, a new low. By StatCounter’s tally, Yahoo’s top mark in the past 12 months was the 10.2% in January 2015.

Mobile OS Maker Jolla To Cut Half Its Staff, Restructure Its Debt After Funding Stalls – Finnish alternative mobile OS startup Jolla is facing the situation startups dread the most: running out of financing to keep the business going in the way they’d like. Today the Sailfish OS maker said it is being forced to adjust its operations after failing to close a €10 million ($10.6M) Series C round within the required timeframe to keep up with its outgoings. Negotiations with the unnamed single investor for its Series C have been postponed, according to chairman and co-founder Antii Saaarnio. He tells TechCrunch he hopes the financing negotiations will start up again in December.

Jawbone cuts 15 percent of staff in second round of layoffs this year – A company spokesperson told TechCrunch, “Jawbone’s success over the past 15 years has been rooted in its ability to evolve and grow dynamically in a rapidly scaling marketplace. As part of our strategy to create a more streamlined and successful company, we have made the difficult decision to reorganize the company which has had an impact on our global workforce.” The layoffs will affect every part of Jawbone’s business. No product areas will be closed down as part of the restructuring, though, meaning that the company will still sell Up fitness trackers, Jambox speakers, and Era headsets.

Following The Launch Of Its Ad-Free Tier, Hulu Breaks Into The Top 10 Apps By Revenue – Following a number of big moves to attract subscribers and grow its revenue, including a deal with Epix films and the introduction of a commercial-free paid tier to its service, streaming service Hulu has managed to shoot up the ranks on a number of app store charts this past month. It reached No. 8 on the worldwide iOS Top Revenue chart for October and No. 10 on the worldwide Top Revenue chart for iOS and Android combined. Hulu is also moving up the ranks in terms of monthly active users, according to new data provided by App Annie, though it still has far to go to reach No. 1 Entertainment app Netflix or No. 2 Vine.

Marijuana Startup Incubator “Gateway” Fires Up – Marijuana prohibition is coming to an end, and massive businesses will grow in its place. Gateway wants to seed them. This year Gateway will back two classes of 10 cannabis startups with $30,000 each plus five months of office space in exchange for 6% of their equity. The cash comes from LA’s Marijuana Investment Corporation (now just known as MJIC), and will fund further rounds for top performers after Gateway’s demo days. Applications, in the form of four-minute videos, open today for the first class starting in 2016.

Games and Entertainment:

11 ways video games can make you a better person – Even though video games are one of the most profitable sections of the entertainment industry, they still get a bad rap. Ask most people and they’ll tell you that gaming is a waste of time at best and actively harmful at worst. While that might be true in some cases — nobody is going to argue that playing World of Warcraft until you have to poop in a sock so you don’t stop playing for bathroom breaks is a good idea — there’s a growing body of research that indicates that gaming might actually help you improve yourself. How, though?

wps_clip_image-23369

Make you morally conscious

Star Wars: The Force Awakens is already breaking sales records – Being a huge Star Wars fan, I’ve been itching to see my favorite franchise break new sales records. While we’re still weeks away from seeing if it breaks opening weekend records, it’s already set one. Which is pretty good for a movie that hasn’t premiered yet.

wps_clip_image-6608

Valve will reportedly do away with Steam’s Daily and Flash sales – Steam Sales have historically been big deals. I don’t buy many games these days, mostly because I’ve filled up on them in previous years. I’d wake up early to see what was on sale, and continue to check back throughout the day, as some of those would change throughout the day. But for the upcoming Autumn and Winter sales, that might be changing.

wps_clip_image-14888

Bethesda promises frequent updates to Fallout 4 – “Our process for updating the game will include releasing a beta patch on Steam, followed by full release on PC, then release on the consoles,” said Bethesda in a blog post. “This process has worked well for us in the past and allows us to get more fixes out faster. Expect to see more updates, that are smaller and more frequent, than a few big ones. This allows us to make sure each fix is working right, as any change can have unintentional side effects in a game this huge. We expect the first beta patch to be up next week.”

Pointing up    Let’s hope Bethesda is a little more successful at this than they have been with Skyrim, for example.

Video: Basic kit needed to record YouTube/Twitch gaming “Let’s Plays” – Gaming is as popular as ever, so much so that there are those who now enjoy sharing their gaming experiences on video sharing sites such as YouTube or Twitch. Here’s a tour of some of the basic hardware and software to get you started.

wps_clip_image-16709

The PS4 can now emulate PlayStation 2 games – If you own a PS4, I have good news: It is now capable of playing PS2 games through emulation. Rather unusually, though, Sony hasn’t actually announced anything officially. The PS2 emulator was discovered by Eurogamer when it was sent a new PS4 Star Wars bundle containing three games that originally debuted on the PS2. Eurogamer entered a PSN download key, their PS4 downloaded all of the old games… and then the classic PlayStation 2 logo appeared “in all its upscaled glory.” Following Eurogamer’s exposé, a Sony spokesperson then confirmed with Wired that the PS2 emulator exists: “We are working on utilising PS2 emulation technology to bring PS2 games forward to the current generation. We have nothing further to comment at this point in time.”

Off Topic (Sort of):

10 Small Things You Can Do Every Day to Get Smarter – You might be under the impression that intelligence is a fixed quantity set when you are young and unchanging thereafter. But research shows that you’re wrong. How we approach situations and the things we do to feed our brains can significantly improve our mental horsepower.

Mark Zuckerberg Will Take Two Months Off From Facebook For Paternity Leave – Mark Zuckerberg, the face of Facebook since the company’s founding back in 2004, will be taking a few months off for paternity leave. It’s hard to imagine Facebook without Zuck, even temporarily — but it’s also not likely that much will change while he’s gone, at least without his stamp of approval. He does control over half of the company’s voting power, after all.

wps_clip_image-16304

Ford creates a drugged-driving suit to show why you shouldn’t toke behind the wheel – The automaker will use the suit as part of its new-driver education program, in the hopes that motorists will think twice before making a bad decision.

wps_clip_image-25758

Ford’s drugged-driving suit is the follow-up to its drunk-driving suit, which helped teach new drivers the dangers of mixing alcohol and cars.

How cyber insurance actually works – Having worked for a broker for five years and been involved in a number of client-facing presentations, I can promise you that while cost is a factor, the suitability of cover and quality of the claims service are given at least equal prominence. Insurers recognise that their primary product is the claims service and if you make a habit of stiffing your customers it would probably only take a year for your business to dry up. So what does this tell us about the growth of cyber insurance? Well the products have been around longer than you might imagine, but have been getting a lot more media time in the last couple of years. Mostly this reflects an increase in the board level understanding of the potential risks they are running, although this may also reflect an increase in understanding that traditional policies don’t cover cyber events.

Struggling to understand Docker? Let’s start with a Minecraft demo – Explaining containerisation can be tricky, so Docker has turned to a medium it reckons everyone can understand. Minecraft. The vendor used its EU conference this week to demonstrate how to use Minecraft as an interface to its technology, via Cuberite, a scriptable Minecraft server. Thus Docker containers are visualised as … containers, while according to the Docker blog, “To start or stop a container, you go into the container and hit a switch”. Docker commands can be typed in Minecraft itself. Of course, given the nature of Minecraft, everything looks like it’s made from containers anyway. You’ll need a Minecraft account, though we’d suggest things might be easier if you just have a ten year old handy and just use theirs. After all, it’s you that’s probably had to shell out for the game anyway.

wps_clip_image-17140

Sleeping in on weekends linked to health problems – Sleeping late on days-off—and other sleep-time adjustments—are linked to metabolic problems, including insulin resistance and a higher body mass index, according to a new study published in the Journal of Clinical Endocrinology & Metabolism. The finding suggests that regular sleep shifts could rouse long-term health problems such as cardiovascular disease and diabetes, the authors conclude. Such weekly sleep changes may alone cause trouble by throwing off the body’s internal clocks, putting metabolic cycles out of sync with other circadian rhythms, the authors speculate. For instance, fat accumulation in tissues, food absorption in the gut, and insulin secretion in the pancreas and liver all show tissue-specific circadian rhythms, the authors note.

How to Be a Good Kisser – 10 Tips From Scientific Research – Regular readers might be saying “What the hell is this, Cosmo Magazine?” In all fairness, how to be a good kisser is something no one really gets instruction in. Yet, it can be a huge part of one’s personal life and the sources we do get info from are, well, far from scientific. Let’s tackle it.

Something to think about:

wps_clip_image-30592

“So we need Silicon Valley not to view government as its adversary. We need to challenge our best minds in the private sector to work with our best minds in the public sector to develop solutions that will both keep us safe and protect our privacy. Now is the time to solve this problem, not after the next attack.”

–       Hillary Clinton

Downloads:

GIMP: The Free & Open Source Image Editor – GIMP is the Free and Open Source, cross-platform image editor available for GNU/Linux, OS X, Windows and more.

You will find information here about downloading, installing, using, and enhancing it. We try to provide as much information about the GIMP community and related projects as possible.

High Quality Photo Manipulation – GIMP provides the tools needed for high quality image manipulation. From retouching to restoring to creative composites, the only limit is your imagination.

Original Artwork Creation – GIMP gives artists the power and flexibility to transform images into truly unique creations.

Graphic Design Elements – GIMP is a high quality application for producing icons, graphical design elements, and art for user interface components and mockups.

Programming Algorithms – GIMP is a high quality framework for scripted image manipulation, with multi-language support such as C, C++, Perl, Python, Scheme, and more!

Key Component in a Desktop Publishing Workflow – GIMP provides top-notch color management features to ensure high-fidelity color reproduction across digital and printed media. It is best used in workflows involving other free software such as Scribus,

Extensibility & Flexibility – GIMP provides extensibility through integration with many programming languages including Scheme, Python, Perl, and more. The result is a high level of customization as demonstrated by the large number of scripts and plug-ins created by the community.

wps_clip_image-1636

Initial pass with the Crop Tool. Crop Tool options (left), cropping on the canvas (right).

In Pursuit of Freedom – The Pushback Continues:

Edward Snowden explains how to reclaim your privacy – [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy.

The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.]

You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.]

Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]

The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]

Metadata Surveillance Didn’t Stop the Paris Attacks – Since terrorists struck Paris last Friday night, the debate over whether encryption prevents intelligence services from stopping attacks has reignited. The New York Times and Yahoo reported on vague claims that the terrorists’ use of encryption stymied investigators who might have thwarted their plans. CIA Director John Brennan made equally vague comments Monday morning, warning that thanks to the privacy protections of the post-Snowden era, it is now “much more challenging” for intelligence agencies to find terrorists. Jeb Bush piled on, saying that the United States needs to restore its program collecting metadata on U.S. phone calls, even though that program won’t be shut down until the end of this month.

Following a terrorism incident as shocking as the Paris attacks, it is no surprise that politicians and the intelligence establishment would want to widen American spying capabilities. But their arguments are conflating the forest—bulk metadata collection—and the trees: access to individual communications about the attack. To understand why that’s the case, start with this tweet from former NSA and DHS official Stewart Baker: “NSA’s 215 program”—and by association the far larger metadata dragnet of which the domestically focused phone-metadata program is just a small part—“was designed to detect a Mumbai/Paris-style attack.”

Only it didn’t.

Judge: Stingrays are “simply too powerful” without adequate oversight – A federal judge in Illinois has recently taken the unusual step of issuing three new stringent requirements for the government when it wants to deploy cell-site simulators. The move aims to protect the Fourth Amendment rights of innocent bystanders against unreasonable search and seizure.

Of course, for now, this order only applies to this one judge in the Northern District of Illinois.

These new stingray requirements come just about a month after the Department of Homeland Security imposed its own warrant requirement, following a similar move by the Department of Justice.

Not only can stingrays be used to determine location by spoofing a cell tower, but they can also be used to intercept calls and text messages. Once deployed, the devices intercept data from a target phone as well as information from other phones within the vicinity.

Who’s running dozens of top-secret unpatched databases? The Dept of Homeland Security – The US Department of Homeland Security is running dozens of unpatched databases, some of which are rated “secret” and even “top secret,” according to an audit.

An inspection [PDF] of the department’s IT infrastructure found huge security gaps, including the fact that 136 systems had expired “authorities to operate” – meaning that no one was in charge of keeping them updated. Of the 136, 17 were classified as “secret” or “top secret.”

Unsurprisingly, with so many systems not undergoing active maintenance, the audit found that many did not have up-to-date security patches, leaving them open to hacking efforts. The problems extended from browsers to PCs to databases. It also found a large number of weak passwords.

“We found additional vulnerabilities regarding Adobe Acrobat, Adobe Reader, and Oracle Java software on the Windows 7 workstations,” the department’s inspector general noted in a 66-page report. “If exploited, these vulnerabilities could allow unauthorized access to DHS data.”

The report details a year-long effort to get the DHS to address its security issues, and a seemingly bureaucratic effort to delay a report announcing the flaws in its systems.

Advertisements

Comments Off on Tech Thoughts Net News – Monday – November 23, 2015

Filed under Free Software Downloads, Internet Security Alerts, Latest Tech News

Comments are closed.