The drive to remove the Confederate flag has now reached the virtual world.
Apple announced Thursday that it would be removing apps from its App Store that it deemed offensive.
“We have removed apps from the App Store that use the Confederate flag in offensive or mean-spirited ways, which is in violation of our guidelines,” the company said in a statement. “We are not removing apps that display the Confederate flag for educational or historical uses.”
It’s hard to tell who is more frustrated at this point: Microsoft, which has been trying to simplify the upgrade process to Windows 10 as much as possible; or users, who don’t believe it could be that easy.
On Friday, Microsoft’s Gabe Aul tried to explain that users would need a Microsoft account to upgrade to the latest Windows 10 preview builds, as well as the RTM version, which will be released on July 29. Implicit in that post was the assumption that users would upgrade from a genuine Windows 7 or Windows 8 PC to Windows 10 via the Windows Insider program.
Some users apparently believe they might be able to upgrade a Windows XP or Windows Vista PC to Windows 10, however, simply by upgrading to Windows 10 from a Windows 10 ISO file before the Insider program expires. That is not true, Aul said. “Friday’s post was intended to clarify how the Windows Insider Program will proceed, and in attempting to do so created some unintended confusion,” Aul wrote on Monday, in what was essentially a do-over.
The United States leads the world in hosting malicious servers that are used to remotely command and control infected user machines and systems. And the US is the second-most frequent target of those systems, a new report from Level 3 Communications shows.
Level 3 monitored communications between some 1,000 command-and-control servers (C2) and their victims earlier this year to get a better sense of botnet behavior and to examine the potential causes for an increase in the use of botnets in denial of service attacks, data theft, and other malicious activities.
It found that 60% of C2 servers are being used for malicious communications targeting corporate networks. Left unchecked, such C2s have the potential to disrupt businesses and destroy their data assets, Level 3 said.
Eventually someone in the industry will have a head slapping moment when they realize that the personal computer has to become the home computer, or home server. and that smart home devices need to be plug and play.
The future looks a little rocky for the smart home market.
According to a new report by Argus Insights, consumer demand for connected home devices like smart thermostats and door locks has slowed dramatically in the first half of this year. Argus estimates that demand is actually 15% below where it was in May 2014 thanks in part to reliability issues, consumer confusion and the fact that early adopters have already made their initial purchases and have no need to spend more money right now.
“Consumers are not seeing the value yet from these home automation devices,” said John Feland, CEO and founder of Argus Insights. “There is a lot of confusion about standards with Google introducing Brillo and Apple’s new HomeKit. Add in WiFi, Bluetooth, Zigbee and Z-Wave and there is a lot for any consumer to grapple with during installation. Until things become easier and consumers don’t have to cobble together a total solution, I believe we will continue to see this stagnation continuing for the rest or 2015 unless a new offering addresses these issues and revitalizes the market.”
This is good policy but will Bing and others follow?
Internet giant Google is to block “revenge porn” images from showing up in its search results.
The American firm said it would censor “nude or sexually explicit” content shared without the subject’s consent from results on its search engine if it received requests to do so.
The move comes two months after the law was changed in the UK, making it a criminal offence punishable with up to two years in prison to share sexually-explicit images without consent.
Project Soli is developing a new interaction sensor using radar technology. The sensor can track sub-millimeter motions at high speed and accuracy. It fits onto a chip, can be produced at scale and built into small devices and everyday objects.
THE NATION-STATE MALWARE used to hack the Russian security firm Kaspersky Lab, as well as hotels associated with Iranian nuclear negotiations, used a digital certificate stolen from one of the world’s top electronics makers: Foxconn.
The Taiwanese firm makes hardware for most of the major tech players, including Apple, Dell, Google, and Microsoft, manufacturing the likes of iPhones, iPads and PlayStation 4s. Taiwanese companies have been fruitful for this hacking group, who many believe to be Israeli: This marks at least the fourth time they have used a digital certificate taken from a Taiwan-based firm to get their malware successfully onto systems.
It’s unclear why the attackers focus on digital certificates from Taiwanese companies, but it may be to plant a false flag and misdirect investigators into thinking China is behind the malware attacks, says Costin Raiu, director of Kaspersky’s Global Research and Analysis Team.
“Oh no, not again,” sings Rod Stewart in his 1984 song “Infatuation.” That’s how I felt in reading an early version of a report on medical device hacking from TrapX Labs, a cybersecurity research team within security system maker TrapX, scheduled to be released on 15 June.
The report, “Anatomy of an Attack-Medical Device Hijack (MEDJACK),” describes in detail three situations in which hackers were able to get into supposedly secure hospital networks, collecting valuable information, by targeting medical devices.
Once into the devices, the hackers were able to roam at will through hospital networks. Their goal was the valuable health insurance information in patient records—this, TrapX stated, is worth 20 times the value of a credit card record on the black market. But had they wanted to, they could potentially have taken control of the devices themselves
This month’s Patch Tuesday can be considered lighter than last month’s, with only eight security bulletins released for June. Of the eight, two are considered Critical while the remaining are rated Important.
Just like last month, there is a critical, cumulative update for Internet Explorer. MS015-056 aims to resolve vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. According to the bulletin, the patch addresses the vulnerability by:
Preventing browser histories from being accessed by a malicious site
Adding additional permission validations to Internet Explorer
Modifying how Internet Explorer handles objects in memory
The first bullet point above is worth paying attention to. Previously, it was possible for an attacker who lured a victim to a malicious (or compromised) web site and access the user’s browser history. Obviously, many users would find this disclosure somewhat troubling. This vulnerability has now been patched, and there are no indications it was exploited in the wild.
Big Telecom Event — Despite some rosy researcher forecasts for 4K TV set shipments, the future of Ultra HD still looks pretty cloudy right now.
That was the consensus view of video industry experts at the BTE Video Summit earlier this week. Speaking on a 4K panel here, the three wise cable men agreed that despite its ultimate promise, Ultra HD’s prospects are still unclear because of a lack of content, limited bandwidth capacity video processing challenges, greater caution by content and service providers, content security issues and other major challenges.
In a sign that 4K may well take longer to roll out than some industry analysts have predicted, the 2016 Summer Olympics will not be broadcast in 4K as originally expected. Olympic Broadcast Services executives announced in February that 4K coverage will not be offered because of a lack of demand from TV rights holders throughout the world, including NBC in the US and the BBC in the UK.