UK "cyber strategy": Stuxnet, censorship, and cyber-specials
On Friday, the UK government released its "Cyber Security Strategy," acknowledging the importance of the Internet to modern life, but also the risks it poses from criminals, terrorists, and nation states. Over the next four years, and at a cost of £650 million ($1 billion), the National Cyber Security Programme (NCSP) has four objectives: "tackle cyber crime," make the UK more resilient to "cyber attacks," create an open and stable "cyberspace," and ensure that the UK has the skills and knowledge to provide all "cyber security" needs.
In a document that unironically uses the word "cyber" more often than a mid-90s AOL chatroom, a wide range of future actions are described. Some are unremarkable common sense—helping educate Internet users about best practices such as keeping anti-malware software up-to-date, allowing crimes to be reported online in 15 minutes or less, working to ensure that critical infrastructure is robust, and so on.
Read the comments on this post
Read More ...
Feature: Private app stores: does your company need its own?
From iOS and Android to BlackBerry and Windows Phone, the app store model has become the main way mobile device users find, download, and update their software. And with employees increasingly begging for access to corporate resources from smartphones and tablets, IT departments are starting to wonder whether they should jump into the app store business themselves.
"The public app store is kind of the wild, wild West," Forrester analyst Jeffrey Hammond tells Ars. Private app stores, hosted for the employees of a single business, are receiving “a lot of interest from the clients I talk to. Folks realize that self-provisioning is the long-term trend."
Read the comments on this post
Read More ...
Aussie ISPs to trial notifying suspected infringers of suspected misdeeds
As US broadband users Facebooked and Tweeted their Thanksgiving whereabouts, Australia's top Internet Service Providers conferred on an industry-wide plan to rein in illegal file sharing. The result is the release of a proposed "Scheme to Address Online Copyright Infringement" that will require ISPs to forward "education and warning" notices to consumers whose broadband accounts "have been detected undertaking activity that might infringe copyright laws."
The deal is the fruit of discussions between the Communications Alliance and five of Australia's biggest ISPs: Telstra Bigpond, iiNet, Optus, iPrimus and Internode. It is already being compared to the United States "six strikes" plan agreed to by content holders and the US's major ISPs about four months ago. But the Australian version is a trial scheme, the participants emphasize, to be reviewed over an 18-month period.
Read the comments on this post
Read More ...
Researchers shrink 3G phones' power needs with proxies in cloud
A team of researchers funded by the Finnish government has developed a technology that could cut the power consumption of 3G smartphones by up to 74 percent—and extend the reach of the wireless Internet to millions of people in developing countries in the process. Developed with funding from Tekes, the FInnish Funding Agency for Technology and Innovation, the system uses an approach similar to the workaround used by Skyfire and others to run Flash sites on iPhones, using network-based proxies to offload the majority of data downloading and processing.
The research team from Finland's Aalto University, which included Professor Jukka Manner, Dr. Edward Mutafungwa, doctoral student Le Wang, and masters student Yeswanth Puvvala, presented their research today at Africomm 2011, a conference on telecommunications infrastructure in Africa. They designed the system with the needs of Africa in mind, basing their tests on data collected from the cellular networks in Tanzania, Uganda, and Kenya.
Manner said in an e-mail interview with Ars Technica that adoption of broadband wireless Internet in East Africa has been slowed by the power consumption of accessing and downloading data; while 90 percent of the population in the region lives within the coverage area of cellular networks, few have access to reliable sources of electricity. By increasing the battery life of low-cost 3G devices, the researchers theorized, Internet access could be extended to a much larger percentage of the population in those countries.
"East Africa was taken as a use case because Edward knew of the challenges and the need," Manner said. "We basically could have used any place on the planet."
Mutafungwa gathered statistical data about cellular networks in Tanzania, Uganda, and Kenya, Manner said, "in terms on availability of the power grid and what are the popular websites [in the region]." Using that information, the team developed different strategies for providing access to those websites from 3G phones, and measured the power consumption profile for each of them.
The prototype system developed by the research team is a combination of what amounts to an enhanced Web proxy server and highly optimized communications between the smartphone and the proxy. The proxies don't have to be part of the cellular network, Manner said—they can run in the cloud, and used by smartphones anywhere in the world. The technology is now being developed for deployment as part of Tekes's Energy and Cost Efficiency for Wireless Access (ECEWA) program in partnership with Ericsson, Efore, ECE, and the Tampere University of Technology.
Read the comments on this post
Read More ...
Mall owners pull plug on cellular tracking, for now
You may now shop two malls again without fear of individualized tracking—at least by your cell phone signal. Privacy concerns raised by US Senator Charles Schumer (D-NY) have ended plans by malls in southern California and Virginia to "survey" customers' shopping habits by tracking their cell phone signals.
As Ars Technica reported last Friday, Forest City, the mall developer that owns and operates the Promenade Temecula in Temecula, California and Short Pump Town Center in Richmond, Virginia had announced it would test technology in those two malls from Path Intelligence. Called Footpath, the system uses a series of cellular signal detectors to triangulate the movement of customers' phones—and by extension, the customers themselves—through the mall's stores and other spaces. While the technology doesn't eavesdrop on cell phone users' calls or record information about their phone numbers, it does use their cellular device's digital signature to track individuals.
The collected information is stored on Path Intelligence's servers, and made available through a secure Web portal to mall owners, providing them with a way of profiling which stores customers visit and where foot traffic "hot spots" are for those demographics to optimize display advertising and other marketing.
Forest City had planned to conduct the trial until the end of December. However, just a day after the trial began, Sen. Schumer contacted Forest City to raise his concerns. In a press conference on Sunday, Schumer said that the malls should have allowed customers to opt into the survey, rather than having to "opt out" by turning off their cell phones. "A shopper's personal cell phone should not be used by a third party as a tracking device by retailers," Schumer said in a press conference on Sunday. "Personal cell phones are just that—personal. If retailers want to tap into your phone to see what your shopping patterns are, they can ask you for your permission to do so."
Schumer also sent a letter to Federal Trade Commission chairman Jon Leibowitz asking the FTC to look into whether Path's technology was legal in the US.
Forest City has not abandoned plans for the survey, however. In a statement, a Forest City spokesperson said that the company was suspending the trial until it came up with a way for customers to opt out easily. Path Intelligence CEO Sharon Biggar told CNNMoney that she hopes to discuss her company's technology with Schumer directly, and that it was fundamentally no different from the type of tracking that online retailers do with "cookies" and other behavioral marketing tools. "We are simply seeking to level the playing field for offline retailers," she said.
Read the comments on this post
Read More ...
Hacker releases new batch of climatology e-mails just before climate conference
The release of a series of e-mails apparently stolen from the University of East Anglia's Climatic Research Unit was timed so that they would hit the news immediately before the Copenhagen climate conference. They didn't seem to affect the conference itself (where deals appear to have collapsed under their own weight), but they did spawn over a half-dozen inquiries, all of which cleared the researchers of anything other than a cavalier attitude towards the UK's Freedom of Information Act. Nevertheless, whoever was behind that original release has loosed another batch in advance of this year's Durban climate meeting.
The last time out, only Saudi Arabia seemed to reference the contents of the e-mails at the Copenhagen meeting itself. And this time, indications are that a significant agreement is very unlikely, so it's not obvious that the e-mail release will even register. This is especially true because the e-mails have come from the same stash as the original batch. And, in the mean time, multiple inquiries have concluded that the e-mails didn't raise questions about the validity of climate science, although individual researchers displayed a cavalier attitude towards sharing data and Freedom of Information Act requests.
Read the comments on this post
Read More ...
Technology once protected our privacy, now erodes it
In light of the erosion of privacy online,
we need to be careful to protect our privacy at home, according to
Michael
Birnhack, law professor at Tel Aviv University, speaking at Intelligence Squared's If
conference.
In direct contrast to Martin Blinder's
argument in favor of personal analytics, Birnhack said: "Yes
we can measure stuff, but do we want to measure all that stuff? I
would argue that at least some of us would like to maintain a place
where nothing is measured and nothing should be measured."
We have always used technology to maintain privacy within our
properties, such as locks, curtains, shades, CCTV, and security
systems, and a person's home has always provided a degree of
privacy where you can do what you like. Birnhack contrasted this
with the life of homeless people—who must live their lives out
in public. "Privacy in the home is the management of the boundaries
between me and you," he said. It is not clear who always makes that
decision.
Birnhack was particularly concerned with the impact of
technologies like
Google Street View on privacy in the home. He made a comparison
between having a stranger walk past and look into your home with
Street View.
He said that many London houses have large windows, allowing
people walking up and down the street to peer in. "But it's rare
for someone to stand and stare inside. The person inside would then
feel nervous, close the curtains, call the police and it could even
get violent," he said. He explained that although people can see
inside these houses quite easily, they don't, because there's a
social norm that dictates that you shouldn't.
Google Street View, on the other hand, is permanent and opens up
the windows of your house to a world beyond the people who walk
down your street. But the main difference is the privacy
implications. "I can't open my window and yell at Google's camera
to get out of here. There's no social norm—they are completely
irrelevant."
Birnhack is particularly concerned about thermal imaging, which
has been used to spot criminals in their home growing cannabis with
energy and heat-intensive hydroponic systems. Similar technology
have been used recently by the Telegraph
to see if protestors at St. Paul's were in their tents at night
during the Occupy LSX protests. He said: "They have a technology
that becomes more ubiquitous and once again it bypasses social
norms but it also bypasses locks, curtains, and windows."
He called for careful consideration of the implications of these
technologies for privacy and perhaps even legislation to control
their use.
Read the comments on this post
Read More ...
Startup hopes to hack the immigration system with a floating incubator
Some of the Silicon Valley's most important companies, including Intel, Google, and Yahoo, were cofounded by immigrants. Yet America's creaky immigration system makes it difficult for talented young people born outside of the United States to come to the Bay Area. There have been various proposals to make it easier for immigrant entrepreneurs to come to the United States, but they've made no progress in Congress.
So a new company called Blueseed is seeking to bypass the political process and solve the problem directly. Blueseed plans to buy a ship and turn it into a floating incubator anchored in international waters off the coast of California.
Read the comments on this post
Read More ...
How California can hit its mid-century emissions reduction goals
If California wants to reach its goals for greenhouse gas emissions—80 percent below 1990 levels by 2050—it must replace most direct fossil fuel use with electricity, according to a new analysis published in Science. In addition, energy efficiency needs to rise steadily and most electricity generation needs to be decarbonized. Since the state is the world’s sixth-largest economy and 12th largest greenhouse gas emitter (its per capita numbers are similar to those of Japan and Europe), strategies developed specifically for California are likely applicable to many large, developed nations.
Read the comments on this post
Read More ...
Security flaw in Apache could allow attackers into internal networks
A newly discovered flaw in Apache web servers could allow attackers to use servers configured as "reverse proxies" to gain access to or attack systems hidden from public view. The bug in Apache's reverse proxy mode only affects servers that have been configured incorrectly, but that error isn't an obvious one, since it doesn't interfere with normal operations. The flaw could be used by attackers to reach Web-enabled resources on other servers connected to the same network as the proxy.
Read the comments on this post
Read More ...
New Jersey DMV workers accused of selling identities for $200 a pop
Prosecutors have charged two New Jersey Motor Vehicle Commission employees with selling names, addresses, birthdates and Social Security numbers of "unsuspecting residents" for as little as $200 per identity. The same investigation conducted by the Mercer County Prosecutor's Economic Crime Unit in Trenton led to charges against two non-government workers who allegedly used their jobs in a tax office and realty company to sell identities as part of a similar scheme.
The prosecutor's office announced the identity theft charges last week. "In April 2011, the prosecutor’s ECU received information regarding allegations of identity theft involving a state government employee," the prosecutor's office said in a statement. "Further investigation uncovered that two employees of the New Jersey Motor Vehicle Commission were providing the names, addresses, dates of birth and social security numbers of unsuspecting residents that they obtained through their employment. They were charging as little as $200 per identity."
The state employees, 28-year-old Sherilyn Rivera and 31-year-old Johnny Semmon, were arrested and charged with official misconduct, bribery and identity theft. They each face up to 10 years in state prison and five years without parole eligibility if found guilty.
Prosecutors also charged 37-year-old Lee Daniel Roberts, a tax preparer in Trenton, and 55-year-old Abdulah Sumo of Willingboro, New Jersey, an employee of a realty company, with identity theft and trafficking in personal identifying information. "Both men were selling the names, addresses, dates of birth, social security numbers and credit history reports of victims obtained through their respective jobs," the prosecutor's office alleged. A search of Sumo's vehicle in June found personal records of more than 60 people. Both Roberts and Sumo are free on bail, but face the same potential sentence as the government workers if convicted.
The prosecutor's office did not say who bought the identities or how they were used, but said the investigation is continuing. Risk of identity theft is becoming a distressingly common aspect of life in the digital age. Sony was forced to offer identity theft protection after its PlayStation Network was hacked earlier this year, and something as simple as a stolen or lost laptop can put personal information at risk as well. The New Jersey charges are troubling because they involve government employees selling data they have access to on a daily basis, and make us wonder how widespread this type of abuse is.
Read the comments on this post
Read More ...
Available Tags:UK , hack , Security ,
No comments:
Post a Comment