European Union data protection watchdogs said on Monday they were still concerned about the privacy settings of Microsoft's Windows 10 operating system despite the U.S. company announcing changes to the installation process.
The watchdogs, a group made up of the EU's 28 authorities responsible for enforcing data protection law, wrote to Microsoft last year expressing concerns about the default installation settings of Windows 10 and users' apparent lack of control over the company's processing of their data. The group - referred to as the Article 29 Working Party -asked for more explanation of Microsoft's processing of personal data for various purposes, including advertising.Read more
Intel, Uber and IoT company Aeris have joined forces in an effort aimed at fostering industry cooperation when it comes to building safety features into autonomous vehicles and the systems that support them. Today the group, which goes by the name Future of Automotive Security Technology Research, issued a manifesto explaining its intentions.
The manifesto hopes to galvanize the nascent and sometimes balkanized autonomous vehicle industry. It’s call to action is to infuse security into the emerging and diverse autonomous vehicle supply chain comprised of automakers, component manufacturers, software engineers and cloud providers.Read more
A House bill was introduced Tuesday that could accelerate the federal government’s involvement in regulating automobile cybersecurity.
The Security and Privacy in Your Car Study Act of 2017 calls on the National Highway Traffic Safety Administration to lead a study of necessary security standards that could be included in a law governing cars built in the US or imported for sale. A similar SPY Car Act of 2015 introduced by Sen. Edward Markey was much more prescriptive of the NHTSA in securing electronic controls and driving data collected by vehicle systems. This week’s bill calls for the NHTSA to study the issue alongside the Federal Trade Commission.Read more
An alarming number of Android VPNs are providing a decidedly false sense of security to users, especially those living in areas where communication is censored or technology is crucial to the privacy and physical security.
A study published recently identified a number of shortcomings common to high percentages of 238 mobile VPN apps analyzed by a handful of researchers. Users downloading and installing these apps expecting secure communication and connections to private networks are instead using apps that lack encryption, are infected with malware, intercept TLS traffic, track user activity, and manipulate HTTP traffic.Read more
In reality, however, the age of instant messaging, cloud storage and collaboration features means that there isn't really any need for sending attachments by mail in the first place, and given that even with legitimate intent, they create multiple copies which clog up servers, businesses still operating this way need to rethink their approach anyway.Read more
Amid high-profile political cyberattacks, Americans are losing confidence in their own cybersecurity. Just under half of Americans — 49 percent — think their personal information is less secure than it was five years ago, according to a new report from the Pew Research Center.
They're only slightly more optimistic about the government's abilities. Twenty-eight percent of Americans are "not confident at all" that the federal government can keep their personal information safe. And when the Democratic National Committee is hacked by Russia and Yahoo says 1 billion of its users were affected by a hack, who can blame them?Read more
Firefox 51, released today, and Chrome 56, currently due for release next week, have started describing some HTTP connections as insecure as they continue the industry-wide push to promote the use of encrypted HTTPS.
As luck would have it, Chrome 56 was released while I was writing, and is out now. Rollouts are staggered, so systems should see the update over the next few days. The non-secure labelling will occur on pages delivered over HTTP that include forms. Specifically, pages that include password fields, and in Chrome, credit card fields, will put warnings in the address bar to explicitly indicate that the connection is not secure.Read more
President Trump has carried his Twitter habit into his presidency. He has also brought with him another tech habit that is causing concern. Mr. Trump has been using his old, unsecured Android phone to post on Twitter since moving to Washington late last week.
The president’s use of an unsecured personal device raises concerns that his desire to use his old smartphone could be exposing him and the nation to security threats. He is using the Android smartphone mainly to post on Twitter, not to make calls. But it’s unclear what security measures have been put in place on the device and how vulnerable he could be to someone stealing data or breaking into his Twitter account.Read more
A few hours after President-elect Donald Trump was briefed by intelligence officials about Russian meddling in the election, a reporter called his cellphone seeking an interview. The call went to voicemail and the reporter did not leave a message. About an hour later, Trump called back.
It's hard to imagine many politicians — particularly one about to become president of the United States — calling back an unknown number on their cellphone. With Trump, it's simply how business gets done, whether he's fielding calls from real estate partners and longtime friends or foreign leaders and congressional lawmakers in the weeks after the election.Read more
It looks like Internet users never learn from their own mistakes. A research published the past weekend by Keeper Security reveals that the most popular password in 2016 was “123456,” which is arguably the password that can be not hacked, but guessed the easiest.
No less than 17 percent of the users set this particular password for their accounts, the research reveals after the parent company analyzed data from 10 million passwords that went public after breaches. The number two most popular password in 2016 is a bit more complex because these people do care about their security (end of sarcasm note): “123456789” is currently the runner-up password.Read more