Subscribe: CircleID: News Briefs
http://www.circleid.com/rss/rss_news/
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
circleid twittermore  circleid  data  follow circleid  follow  information  internet  new  north korea  service  services  twittermore 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID: News Briefs

CircleID: News Briefs



Latest news postings on CircleID



Updated: 2017-10-17T20:01:00-08:00

 



Google Launcheds Advanced Protection Program for "High-Risk" Users

2017-10-17T13:01:00-08:00

Coninsiding with October Cybersecurity Awareness Month, Google today announced the launch of Advanced Protection Program specifically "designed for those who are at an elevated risk of attack." Google which generally builds products to serve the needs of its massive userbase, has taken an unusual step it says in order to protect overlooked minority of users that are at particularly high risk of targeted online attacks. "[T]hese might be campaign staffers preparing for an upcoming election, journalists who need to protect the confidentiality of their sources, or people in abusive relationships seeking safety." Anyone with a personal Google Account can enroll in the Advanced Protection Program.

Follow CircleID on Twitter

More under: Cybersecurity, Email




Security Flaw in TPM Chips Allows Attacks on RSA Private Keys

2017-10-16T13:41:00-08:00

Details of Infineon’s RSA key generation vulnerability was made public today after several announcements by vendors last week. The bug makes it possible for an attacker to calculate a private key by having a target’s public key. The flaw was detected by Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec and Vashek Matyas at Masaryk University in the Czech Republic. Dan Goodin reporting in Ars Technica: "The five-year-old flaw is also troubling because it's located in code that complies with two internationally recognized security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German chipmaker Infineon and has been generating weak keys since 2012 at the latest."

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity




KRACK Attack Can Affect All Modern WiFi Networks, Researchers Have Disclosed

2017-10-16T12:39:00-08:00

As a proof-of-concept researchers executed a key reinstallation attack against an Android smartphone demostrating how the attacker is able to decrypt all data that the victim transmits. Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. Details of the exploit named KRACK were published today depicting how the weakness can be exploited by attackers to steal sensitive information like passwords or credit card numbers. "We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks," writes Vanhoef. He adds: — "An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. ... Note that if your device supports Wi-Fi, it is most likely affected.” — But don't panic, says Steven Bellovin: "Encryption flaws are sexy and get academics very excited, but they're rarely particularly serious for most people. That's very true here. In fact, at a guess, the most widespread problem, with WiFi, will have fewer serious consequences than the RSA problem." — Further insight from Brian Krebs: "As scary as this attack sounds, there are several mitigating factors at work here. First off, this is not an attack that can be pulled off remotely: An attacker would have to be within range of the wireless signal between your device and a nearby wireless access point." Follow CircleID on TwitterMore under: Cyberattack, Cybersecurity [...]



Civil Society Groups Call for Deletion of Internet Filtering Provision in EU Copyright Proposal

2017-10-16T12:00:00-08:00

The European Digital Rights (EDRi) and 56 other civil society organizations, sent an open letter today to EU decision-makers calling for the deletion of the Article 13 of the Copyright Directive proposal, pointing out that monitoring and filtering of internet content that it proposes breach citizens’ fundamental rights. Joe McNamee, Executive Director of EDRi, says: "The censorship filter proposal would apply to all online platforms hosting any type of user-uploaded content such as YouTube, WordPress, Twitter, Facebook, Dropbox, Pinterest or Wikipedia. It would coerce platforms into installing filters that prevent users from uploading copyrighted materials. Such a filter would require the monitoring of all uploads and would be unable to differentiate between copyright infringements and legitimate uses of content authorized by law. It undermines legal certainty for European businesses, as it creates legal chaos and offers censorship filters as a solution."

Follow CircleID on Twitter

More under: Censorship, Intellectual Property, Internet Governance, Policy & Regulation




Cloud Computing Growing Faster Than Expected, Reached $260 Billion in 2017

2017-10-13T11:26:01-08:00

The global public cloud services market revenue is expetec to grow by 18.5 percent in 2017 reaching $260.2 billion, up from $219.6 billion in 2016, according to the latest report from Gartner, Inc. From the report: "Final data for 2016 shows that software as a service (SaaS) revenue was far greater in 2016 than expected, reaching $48.2 billion. SaaS is also growing faster in 2017 than previously forecast, leading to a significant uplift in the entire public cloud revenue forecast. ... SaaS revenue is expected to grow 21 percent in 2017 to reach $58.6 billion… The acceleration in SaaS adoption can be explained by providers delivering nearly all application functional extensions and add-ons as a service. ... The highest revenue growth will come from cloud system infrastructure services (infrastructure as a service, IaaS), which is projected to grow 36.6 percent in 2017 to reach $34.7 billion."

Worldwide Public Cloud Services Revenue Forecast:
(Billions of U.S. Dollars / Source: Gartner – October 2017)

20162017201820192020
Cloud Business Process Services (BPaaS)39.642.245.849.553.6
Cloud Application Infrastructure Services (PaaS)9.011.414.217.320.8
Cloud Application Services (SaaS)48.258.671.284.899.7
Cloud Management and Security Services7.18.710.312.013.9
Cloud System Infrastructure Services (IaaS)25.434.745.858.472.4
Cloud Advertising90.3104.5118.5133.6151.1
Total Market219.6260.2305.8355.6411.4

Follow CircleID on Twitter

More under: Cloud Computing




FCC Approves Google's Project Loon Balloons for Puerto Rico and the Virgin Islands

2017-10-09T11:28:00-08:00

(image) Project Loon balloons travel approximately 20 km above the Earth's surface in the stratosphere, well above airplanes, wildlife, and weather events. (Source: X Development)

The FCC has granted Alphabet's Project Loon an experimental license to operate in Puerto Rico and the US Virgin Islands for the purpose of helping the islands regain Internet connectivity. According to the license, "[t]he purpose of the STA is to support licensed mobile carriers' restoration of limited communications capability in areas of Puerto Rico and the United States Virgin Islands (MTA025) affected by Hurricanes Irma and Maria." The special temporary licence is eligible between October 6, 2017, and April 4, 2018.

(image) Percent Cell Sites Out-of-Service By County
Puerto Rico, 10/8/2017 - FCC
According to the latest FCC report, 81.7% (virtually no change from 81.9% yesterday) of cell sites are out of service in Puerto Rico. "All counties in Puerto Rico, except Bayamon, Catano, Carolina, Guaynabo, San Juan, and Toa Baja, have greater than 75% of their cell sites out of service. 22 (same as yesterday) out of the 78 counties in Puerto Rico have 100% of their cell sites out of service. Wireless communications providers are deploying to Puerto Rico Cell Sites on Wheels and Cell Sites on Light Trucks."

Follow CircleID on Twitter

More under: Access Providers, Mobile Internet, Telecom, Wireless




EU Privacy Case Could Backfire, Turn EU into Data Island, Say Experts

2017-10-09T08:52:00-08:00

Experts fear European Union court case attempting to keep personal data private could backfire and prove damaging to Europe. Joe Uchill reporting in The Hill writes: "Irish courts referred the latest chapter of a longstanding legal challenge between activist Max Schrems and Facebook to the European Union courts. At issue are 'model' contractual clauses Facebook uses that are supposed to replicate the protection EU citizens have within Europe. Without model clauses, it is typically illegal to store EU citizen's data outside of Europe. Schrems argues that U.S. surveillance operations make it impossible for the model clauses..."

Follow CircleID on Twitter

More under: Data Center, Law, Policy & Regulation, Privacy




Virgina Governor Announces Facebook Investing $1 Billion for New Data Center in Henrico County

2017-10-05T11:38:00-08:00

(image) Rendering of the Facebook data center to be build in Henrico County

Virgia governor Terry McAuliffe today announced Facebook will spend $750 million to establish a 970,000-square-foot data center in the White Oak Technology Park in Henrico County. In addition, "hundreds of millions of additional dollars will be invested in the construction of multiple solar facilities in the Commonwealth to service Facebook's Henrico Data Center with 100 percent renewable energy." The compnay is the latest tech giant to use its leverage to increase solar power in Virginia — virtually non-existent a few years ago. Amazon and Microsoft also signed deals in Virginia reliant on new solar construction. Facebook currenlty has data centers in Oregon, North Carolina and Iowa. New centers in Fort Worth, Texas; Los Lunas, New Mexico; and New Albany, Ohio are under construction.

Follow CircleID on Twitter

More under: Data Center




Cyberattacks Against Abortion Clinics on the Rise

2017-10-05T10:33:01-08:00

Over the past few years, cyberattacks and internet harassment have escalated against abortion clinics intended to disrupt services, intimidate providers and patients. Rebecca Grant reports on the "The Disturbing Rise of Cyberattacks Against Abortion Clinics," published in the Wired today: "While hate speech and online harassment have long plagued abortion providers — including over 42,500 incidents of hate speech in 2016 alone, according to the National Abortion Federation — actual hacking represents a serious escalation. Even organizations like Planned Parenthood, which have significant resources and manpower, struggle to prevent attacks from a loosely organized but determined group of 'hacktivists' and extremists. ... anti-abortion groups have used tactics like this since the early days of the internet, but the vulnerability landscape has broadened and diversified."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime




Russia Appears to Have Begun Providing an Internet Connection to North Korea

2017-10-03T15:07:00-08:00

(image) A map of the TTK network showing a link running right up to the North Korean border.
(Source: TTK website)

Network experts monitoring North Korea have detected activation of a new internet path out of North Korea. Doug Madory, Director of Internet Analysis at Dyn, along with North Korea expert Martyn Williams, report that at 09:07:51 UTC on 1 October 2017, the country's single internet provider, Star JV (AS131269), gained a new connection to the global internet through Russian fixed-line provider Transtelecom (AS20485), often referred to as TTK.

Madory: "The internet of North Korea is very small (four BGP routes) and reportedly only accessible by a few elites in the country. Since the appearance of AS131279 in the global routing table almost 7 years ago, Star JV has almost exclusively relied on China Unicom for its connectivity to the global internet — the only exception was its partial usage of satellite service from Intelsat between 2012 and 2013. In light of this history, a new internet connection out of North Korea is certainly a notable development."

Williams: "This isn't the first time North Korea has had alternate routes for Internet connectivity. From 2012 for about a year, a second link to Star JV existed via Intelsat, an international satellite telecommunications operator, but in recent years the Chinese link has been the sole connection to Star JV. Relying on one Internet provider has always left North Korea in a precarious situation."

Follow CircleID on Twitter

More under: Access Providers, Networks, Telecom




ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

2017-09-28T07:33:00-08:00

The Internet Corporation for Assigned Names and Numbers (ICANN) has postponed plans to change the cryptographic key — a critical step in updating protection measures for the Domain Name System (DNS). In its report issued Thursday evening, ICANN said an "an estimated one-in-four global Internet users, or 750 million people, could be affected by the KSK rollover. ... The changing or 'rolling' of the KSK Key was originally scheduled to occur on 11 October, but it is being delayed because some recently obtained data shows that a significant number of resolvers used by Internet Service Providers (ISPs) and Network Operators are not yet ready for the Key Rollover. The availability of this new data is due to a very recent DNS protocol feature that adds the ability for a resolver to report back to the root servers which keys it has configured." A new date for the Key Roll has not yet been determined, but the organization says it is aiming at rescheduling the Key Roll for the first quarter of 2018.

Update Oct 4, 2017: ICANN's VP of Research, Matt Larson, posted a blog today regarding the factors behind the KSK rolloever delay – "The Story Behind ICANN’s Decision to Delay the KSK Rollover": "I would like to provide some additional details about what went into our decision to delay the roll. You might say it's the story behind the story. Historically, there has been no way to determine which trust anchors DNS Security Extensions (DNSSEC) validators have been configured, making it difficult to assess the potential impact of the root KSK rollover. But that recently changed and we received some new data that we simply could not ignore."

Follow CircleID on Twitter

More under: DNS, DNS Security, ICANN




China Blocks WhatsApp, Says Messaging Service Should Stop Spread of "Illegal Information"

2017-09-27T09:32:00-08:00

WhatsApp is now broadly disrupted in China including text messages which were going through despite China's censorship of the app beginning mid-July which only effected photographs and video chats. The move comes as Beijing prepares for the Communist Party's congress, which starts Oct. 18. Keith Bradsher reporting in the New York Times says: "WhatsApp was the last of Facebook products to still be available in mainland China; the company's main social media service has been blocked in China since 2009, and its Instagram image-sharing app is also unavailable. ... The blocking of WhatsApp text messages suggests that China's censors may have developed specialized software to interfere with such messages, which rely on an encryption technology..." According to Bloomberg News, China has accused Facebook's WhatsApp service of spreading "illegal information". "WhatsApp should take proactive measures to intercept information to do with violence and terror, the Cyberspace Administration of China said in a statement… China has the authority to tell institutions to take these measures without specifying details of content it considered illegal."

Follow CircleID on Twitter

More under: Censorship, Mobile Internet, Policy & Regulation




DHS Planning to Monitor, Collect Social Media Information on All Immigrants to US

2017-09-27T08:47:00-08:00

The U.S. Department of Homeland Security (DHS) published a new rule under the Privacy Act of 1974 in the Federal Register last week, detailing how it intends to expand the information it collects when determining a person's immigration status to include social media handles and potentially even search histories. Newsweek reports: "[New requirement] is due to take effect on October 18 — the same day that immigration restrictions pronounced on Sunday by President Donald Trump on citizens of eight countries come into force. ... The move is the latest in what appears to be heightened levels of social media surveillance under the Trump administration. In May, the administration approved a new questionnaire that required visa applicants to input their social media handles for the past five years." The move has alarmed lawyers and privacy groups worried about how the information will be used. Adam Schwartz, an attorney with the Electronic Frontier Foundation, told BuzzFeed, "[w]e see this as part of a larger process of high-tech surveillance of immigrants and more and more people being subjected to social media screening… This would also affect all US citizens who communicate with immigrants who could self-censor out of fear that information they exchange with someone overseas could be misconstrued and used against them."

Follow CircleID on Twitter

More under: Policy & Regulation, Privacy, Web




Russia Demands Facebook to Store Citizens' Data on Russian Servers or Be Blocked

2017-09-27T08:10:00-08:00

Russia threatens to block access to Facebook next year unless the company complies with a law that requires websites which store the personal data of Russian citizens to do so on Russian servers. Reuters reports: "The threat was made by Russia's communications watchdog Roskomnadzor, agencies said, the organization which blocked access to LinkedIn's website last November in order to comply with a court ruling that found the social networking firm guilty of violating the same data storage law. ... Twitter Inc had already notified Roskomnadzor that it would aim to localize the personal data of its users by the middle of 2018."

Follow CircleID on Twitter

More under: Data Center, Law, Policy & Regulation




The Impacts of Hurricanes Harvey, Irma, and Maria on the Internet

2017-09-26T11:17:00-08:00

(image)

The devastation caused by several storms during the 2017 Atlantic hurricane season has destroyed neighborhoods and taken lives across a number of Caribbean island nations including Texas and Florida in the United States. David Belson, Senior Director of Internet Research & Analysis at Oracle Dyn Global Business Unit has posted a blog that takes a look at the impacts that the storms have had on the Internet in the affected regions. He writes:

"The monitoring and measurement performed by Oracle Dyn allow us to see network availability issues in near-real time. By analyzing BGP data shared by network peers in over 700 locations around the world, as well as traceroutes performed from over 300 locations across the global Internet, we can identify network outages as they occur, and use our geolocation tools to understand where they have the most significant impact. Based on this data, as well as the analysis of data from our authoritative/secondary and open recursive DNS services, we were able to see the impact of Hurricanes Harvey, Irma, Jose, and Maria on Internet connectivity in affected areas. ... Admittedly, graphs showing Internet volatility resulting from hurricane damage in no way compare to the actual physical devastation caused by the storms. However, social media sites and applications, as well as the broader Internet, have come to play a greater role in preparedness, communications, and global dissemination of information, photos, and videos about the impacts of these natural disasters."

Follow CircleID on Twitter

More under: Access Providers, DNS, Networks, Telecom




Spanish Police Raid the Offices of .cat gTLD Registry

2017-09-20T07:29:00-08:00

Photo posted by Fundació puntCAT‏ during the raid.The offices of the .cat gTLD registry Fundació puntCAT were raided by the Spanish police this morning. The company reported the incident via a series of tweets as the raid was being carried out. "Right now spanish police @guardiacivil is doing an intervention in our office @ICANN," was tweeted just about 4 hours ago followed by another tweet reporting that the police was headed to CTO's home. "We're wating for him to arrive to our office to start the intervention." Michele Neylon writes: "The move comes a couple of days after a Spanish court ordered the domain registry to take down all .cat domain names being used by the upcoming Catalan referendum. The .cat domain registry currently has over 100 thousand active domain names, and in light of the actions taken by the Spanish government, it's unclear how the registry will continue to operate if their offices are effectively shutdown by the Spanish authorities. The seizure won't impact live domain names or general day to day operations by registrars, as the registry backend is run by CORE and leverages global DNS infrastructure. However, it is deeply worrying that the Spanish government's actions would spill over onto an entire namespace." — Update – 20 SEP 2017: puntCAT's head of IT, Pep Masoliver, has been arrested as part of a Spanish government crackdown on pushes for independence, reports Kevin Murphy in Domain Incite: "He's been charged with 'sedition' and is still in police custody this evening… His arrest coincided with the military police raid of puntCAT's office in Barcelona that started this morning, related to a forthcoming Catalan independence referendum." — Fundació puntCAT releases statement: "The Fundació puntCAT wants to express its utmost condemnation, indignation and reprobation for the actions that it has been suffering lately with successive judicial mandates, searches and finally the arrest of our Director of Innovation and Information Systems, Pep Masoliver. ... The show that we have experienced in our offices this morning has been shameful and degrading, unworthy of a civilized country. We feel helpless in the face of these immensely disproportionate facts. We demand the immediate release of our colleague and friend." — Update 21 Sep 2017: EFF issues press letter condemning the police raid: "We have deep concerns about the use of the domain name system to censor content in general, even when such seizures are authorized by a court, as happened here. And there are two particular factors that compound those concerns in this case. First, the content in question here is essentially political speech, which the European Court of Human Rights has ruled as deserving of a higher level of protection than some other forms of speech. Even though the speech concerns a referendum that has been ruled illegal, the speech does not in itself pose any imminent threat to life or limb. The second factor that especially concerns us here is that the seizure took place with only 10 days remaining until the scheduled referendum, making it unlikely that the legality of the domains' seizures could be judicially reviewed before the referendum is scheduled to take place." Follow CircleID on TwitterMore under: Registry Services, Top-Level Domains [...]



EFF Resigns from World Wide Web Consortium (W3C) over EME Decision

2017-09-19T07:36:00-08:00

In an open letter to the World Wide Web Consortium (W3C), the Electronic Frontier Foundation (EFF) announced on Tuesday that it is resigning from World Wide Web Consortium (W3C) in response to the organization publishing Encrypted Media Extensions (EME) as a standard. From the letter: "In 2013, EFF was disappointed to learn that the W3C had taken on the project of standardizing "Encrypted Media Extensions," an API whose sole function was to provide a first-class role for DRM within the Web browser ecosystem. By doing so, the organization offered the use of its patent pool, its staff support, and its moral authority to the idea that browsers can and should be designed to cede control over key aspects from users to remote parties. ... We believe they will regret that choice. Today, the W3C bequeaths an legally unauditable attack-surface to browsers used by billions of people. They give media companies the power to sue or intimidate away those who might re-purpose video for people with disabilities. They side against the archivists who are scrambling to preserve the public record of our era. The W3C process has been abused by companies that made their fortunes by upsetting the established order, and now, thanks to EME, they'll be able to ensure no one ever subjects them to the same innovative pressures."

Follow CircleID on Twitter

More under: Cybersecurity, Policy & Regulation, Privacy, Web




Net Neutrality Advocates Planning Two Days of Protest in Washington DC

2017-09-18T09:53:00-08:00

A coalition of activists and consumer groups are planning to gather in Washington, DC to meet directly with the members of Congress, as they protest plans to defang regulations meant to protect an open internet.

The event organizer, Fight for the Future, is running a dedicated website 'battleforthenet.com/dc' in which it states in part: "On September 26-27 Internet users from across the country will converge on Washington, DC to meet directly with their members of Congress, which is by far the most effective way to influence their positions and counter the power of telecom lobbyists and campaign contributions. ... The only thing that can stop them is a coordinated grassroots effort of constituents directly pressuring our members of Congress, who have the power to stop the FCC and vote down bad legislation."

Participating organizations in the protest include Fight for the Future, Public Knowledge, EFF, Center for Media Justice, Common Cause, Consumers Union, Free Press and the Writers Guild of America West. See additional report by Dominic Rushe in The Guardian.

Follow CircleID on Twitter

More under: Net Neutrality, Policy & Regulation




Forty Percent of New Generic TLDs Shrinking, According to Domain Incite Analysis

2017-09-18T08:39:00-08:00

Forty percent of non-brand new gTLDs are shrinking, reports Kevin Murphy in Domain Incite: "According to numbers culled from registry reports, 172 of the 436 commercial gTLDs we looked at had fewer domains under management at the start of June than they did a year earlier. ... As you might expect, registries with the greatest exposure to the budget and/or Chinese markets were hardest hit over the period. .wang, .red, .ren, .science and .party all saw DUM decline by six figures. Another 27 gTLDs saw declines of over 10,000 names."

Follow CircleID on Twitter

More under: Domain Names, Registry Services, Top-Level Domains




China to Create National Cyberattack Database

2017-09-15T13:43:00-08:00

China has revealed plans to create a national data repository for information on cyberattacks and will require telecom firms, internet companies and domain name service providers to report threats to it. Reuters reports: "The Ministry of Industry and Information Technology (MIIT) said companies and telcos as well as government bodies must share information on incidents including Trojan malware, hardware vulnerabilities, and content linked to "malicious" IP addresses to the new platform. An MIIT policy note also said that the ministry, which is creating the platform, will be liable for disposing of threats under the new rules, which will take effect on Jan. 1."

Follow CircleID on Twitter

More under: Cybercrime, Cybersecurity, Policy & Regulation, Registry Services, Telecom