If you want to know how to protect a data center in 2012 you don’t have to look further than the QTS Richmond Data Center. With what seems like a fortress surrounding it, the data center meets all the Department of Defense anti-terrorism force protection physical requirements. More »
The UK government needs to step up with more aggressive cyber-attack retaliation, a committee established to develop guidelines for how responses to hack attempts should be handled has insisted. The joint Intelligence and Security Committee argues the UK government’s security agencies should push ahead with “interfering with the systems of those trying to hack into UK networks,” with protecting the “interests of UK national security” taking priority over any potential backlash.
Meanwhile, the government’s security services should consider actively disrupting online foes by targeting “accessing the networks or systems of others to hamper their activities or capabilities without detection (or at least without attribution).” The committee cites Stuxnet and its impact on the Iranian nuclear enrichment program as a perfect example of how that could be facilitated.
“While attacks in cyberspace represent a significant threat to the UK, and defending against them must be a priority, we believe that there are also significant opportunities for our intelligence and security Agencies and military which should be exploited in the interests of UK national security” Intelligence and Security Committee
The UK is already undertaking the National Cyber Security Programme, a £650m ($1bn) scheme to explore potential online threats and to beef up Britain’s “weaponry” for such warfare. UK security services estimated in late 2010 that at least 20 foreign intelligence services were “operating to some degree against UK interests” with the internet as the battleground.
“Twenty months into the National Cyber Security Programme, there appears to have been some progress on developing cyber capabilities” the committee concludes. “However, cyber security is a fast-paced field and delays in developing our capabilities give our enemies the advantage. We are therefore concerned that much of the work to protect UK interests in cyberspace is still at an early stage.”
[via eGov monitor]
Step up your cyber warfare experts urge UK government is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
This Master Lock dialSpeed ditches the old combination wheels of yore and flimsy directional joysticks of two years ago for something more techy: an electronic directional interface that’s more like a d-pad than a lock. You can customize the code, create multiple unlock codes and if you’ve forgotten ’em all, use a master code. More »
Android has a long-running history of security issues, but in the latest Android release – 4.1 Jelly Bean – Google has stepped its game up quite a bit. Jelly Bean is the first Android release to fully implement address space layout randomization (ASLR) which, when implemented properly, should randomize the memory location for all data structures like the stack, heap, and library. The technology was only half-present in Android 4.0 Ice Cream Sandwich as it didn’t randomize the location of everything, thus opening up some vulnerabilities that hackers could take advantage of.
In Jelly Bean, not only has Google implemented ASLR fully, but it has also combined ASLR with data execution prevention (DEP), which will help keep users safe from hacks that exploit memory corruption bugs. Google has come a long way in strengthening Android’s security with the release of 4.1 Jelly Bean, but unfortunately, Apple still has it beat with the security measures found in iOS.
NOTE: Check out our in-depth Android 4.1 Jelly Bean review as well!
Not only has Apple made use of ASLR and DEP for over a year now, but Apple has also implemented code signing technology, which requires that applications have a valid digital signature in order to run. Code signing technology still isn’t present in Android (though, to be fair, it’s likely coming soon), so until Google implements that, Apple will still have it beat as far as security is concerned.
Still, this is a great big leap for Android security, and the roll out of these measures should do a lot to please the millions of Android users out there. Android is getting there, so maybe someday soon we can say that Android is just as secure as iOS is.
[via Duo Security]
Jelly Bean gets serious about security is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
The changes in Firefox 14 may not be quite as immediately noticeable as those in the recently released Firefox 13, but they’re still fairly notable nonetheless. One of the biggest is Mozilla delivering on its promise to move to HTTPS for all Google search results and search suggestions, giving users a bit of added security. Mac OS X Lion users will also be glad to know that the full screen mode is now fully supported, and all users can also now expect better mouse performance in web-based games and other applications thanks to Mozilla’s implementation of the Pointer Lock API. As is the norm now, though, you’ll just have to wait another six weeks for the next release if a feature you’ve been waiting for didn’t make it into this one.
Filed under: Internet, Software
Firefox 14 rolls out: Google searches default to HTTPS, OS X Lion users get fullscreen support originally appeared on Engadget on Tue, 17 Jul 2012 13:31:00 EDT. Please see our terms for use of feeds.
Skype is pushing out an updated version of its VoIP app that plugs the glitch potentially sending instant messages to random recipients. The new app is available for Windows, Mac, Linux and Windows Phone, though only certain versions of Skype for those platforms are actually affected by the issue, Skype now says. However, the general recommendation is to upgrade.
“The hotfix addresses an issue that occurs only when a user’s Skype client crashes during a Skype IM session, which may in some cases result in the last IM entered or sent prior to the crash being delivered to a different IM contact after the Skype client is rebooted or logged in as a new user. Although we cannot determine precisely how many users may have been affected by this error, we believe the number is small given the very specific circumstances under which the error occurs” Skype
The four affected clients are as follows:
However, those using Skype 5.9 for Windows, Skype 2.8 for Android and Skype 4.0 for iOS are not affected. The update also includes a minor fix for those running Skype on FAT32 formatted systems, where they could not save received files to their drive.
You can download the new version of Skype here.
Skype patches messaging bug is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Secure messaging outfit TigerText has mixed its sauce with Dropbox’s API to make a private communications goulash that could spell doom for the humble bicycle courier. The technological team-up enables users to share documents with a pre-set lifespan and recall an attachment if you really didn’t mean to send your boss so many cat pictures. Thanks to its HIPAA-compliant encryption, the documents you push around cannot be downloaded, copied or forwarded, making it ideal for law firms, medical agencies and movie studios that currently blow thousands of dollars on using messengers to take secret stuff ’round town.
Filed under: Internet, Software
TigerText adds secure messaging to Dropbox in bid to rid the world of bicycle couriers originally appeared on Engadget on Mon, 16 Jul 2012 18:13:00 EDT. Please see our terms for use of feeds.
Skype has acknowledged a bug that is affecting users in pretty much the most horrifying way possible. Instant messages sent over Skype are being sent to random contacts—even contacts you’ve never connected with before. More »
The strange nature of the relationship between Anonymous and WikiLeaks has been detailed in a report from International Business Times. Members of the group spoke to IBTimes following a Twitter row over the leaked emails from Syria, with one individual saying the relationship between the two entities is “complex.” As it turns out, there’s crossover between both groups, with some individuals working on both sides to gather and expose information.
Anonymous and WikiLeaks are said to have similar aspirations, hence the heavy crossover between the personnel: “Both groups are first and foremost information activists, so there is a common ground between us.” One member of Anonymous went on to detail the work behind the Syria email leaks, saying the group working tirelessly to breach “multiple domains and dozens of servers.” While the information was handed off to WikiLeaks, the organization didn’t reveal its relationship with Anonymous.
The hacktivist group doesn’t seem to mind, however: “Nor would they be expected to reveal their source that is after all what WikiLeaks is all about.” There’s also the fact that WikiLeaks seems to have no qualms about releasing any information. Anonymous is said to have negotiated with Al-Jazeera regarding the release of the email dumps, but “no suitable disclosure agreement could be negotiated.”
Still, Anonymous is looking ahead to the future. Members of the group have recently launched their own version of Wikileaks, dubbed Par:AnoIA. The site is designed is host Anonymous leaks, and is said to have been created to gain better media coverage for highly sensitive dumps and expose information faster than WikiLeaks.
Anonymous and WikiLeaks relationship detailed is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
