Android security audit: An easy-to-follow annual checklist

Credit to Author: JR Raphael| Date: Wed, 12 Dec 2018 13:35:00 -0800

Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason.

As we’ve discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you’ll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?)

To read this article in full, please click here

Read more

Google Smart Lock: The complete guide

Credit to Author: JR Raphael| Date: Wed, 12 Dec 2018 03:00:00 -0800

Think fast: How many times a day do you pick up your phone to look at something? Unless you live in the tundra or have far more self-control than most, the answer probably falls somewhere between “quite a few” and “more than any sane person could count.” Assuming you keep your device properly secured, that means you’re doing an awful lot of unlocking — be it with your face, your fingerprint, or the code you tap or swipe onto your screen.

And that’s to say nothing of the number of times you type your password into your laptop or enter your credentials into an app or website during the day. Security’s important, but goodness gracious, it can be a real hassle.

To read this article in full, please click here

Read more

And that was actually the CLEAN version!

Credit to Author: Sharky| Date: Tue, 11 Dec 2018 03:00:00 -0800

It’s more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there.

“It was part of an email security product,” fish says. “The filter could identify emails containing language that was not considered business appropriate.

“We’d had HR incidents involving inappropriate language in the past, especially from field hands emailing to office staff — it gave a new meaning to ‘crude oil workers’ — so it was decided we should enable the feature with its default settings and give it a run.

“Only a few hours later we received an alert that a message had been identified with inappropriate language.

To read this article in full, please click here

Read more

Innovative anti-phishing app comes to iPhones

Credit to Author: Jonny Evans| Date: Mon, 10 Dec 2018 08:01:00 -0800

We’re always told never to click on a link we receive in an email in case doing so takes us to some dodgy phishing site where our account details are violated, but what if our email app warned us before we clicked malicious links?

Can this app offer you protection?

MetaCert isn’t fully available yet, but it does seem to be a promising solution that provides email users in enterprise and consumer markets an additional line of defence against clicking on malicious links received in email messages.

The solution emerged from the developer’s earlier work building an API to help app developers add a layer of security to WebView.

To read this article in full, please click here

Read more

Forbidden names, revisited

Credit to Author: Sharky| Date: Mon, 10 Dec 2018 03:00:00 -0800

Flashback a few decades to the glory days of online service CompuServe, when anyone could get an account — but not everyone could use their real names, according to a pilot fish in the know.

“You logged in with your account number, but to join a forum — a chatroom focused on a specific topic — you had to give a real name,” fish says. “The name on your billing record was the default.

“Of course there were fraudsters who used an official-sounding name to phish people for personal info and credit card data. So users were not allowed to have words like ‘billing’ as any part of their in-forum real name. This could only be overridden by the forum sysop. I was one.

To read this article in full, please click here

Read more

5 handy Google Fi features you shouldn't forget

Credit to Author: JR Raphael| Date: Thu, 06 Dec 2018 09:21:00 -0800

Got Fi? Google’s unusual wireless service may have shifted its name from Project Fi to Google Fi this fall, but its core proposition remains the same: Pay only for the data you use, and avoid all the traditional carrier gotchas and nonsense.

For the right kind of person, especially among those of us on Android, Fi can be a real cost- and hassle-saver. And aside from its most prominently promoted perks — the seamless network-switching, the public Wi-Fi use, the fee-free roaming and hotspot capabilities, and so on — Fi has some pretty interesting out-of-the-way options that can really elevate your experience.

To read this article in full, please click here

Read more

Will Apple’s iPhone replace your password?

Credit to Author: Jonny Evans| Date: Thu, 06 Dec 2018 07:00:00 -0800

Imagine using Face ID on your iPhone alongside a password and Touch ID on your computer in order to access highly secure websites, such as online banks, enterprise intranets and confidential online data services.

That’s a possibility as Apple begins testing a new security standard called WebAuthn.

What is WebAuthn?

Apple has begun beta-testing support for the standard in Safari Technology Preview Release 71, thought it does warn this support is an “experimental feature”, so it may go no further than that.

To read this article in full, please click here

Read more

Blockchain: What’s it good for? Absolutely nothing, report finds

Credit to Author: Lucas Mearian| Date: Wed, 05 Dec 2018 03:01:00 -0800

In a joint report for the Monitoring, Evaluation, Research and Learning (MERL) Technology conference this fall, researchers who studied 43 blockchain use cases came to the conclusion that all underdelivered on claims.

And, when they reached out to several blockchain providers about project results, the silence was deafening. “Not one was willing to share data,” the researchers said in their blog post.

To read this article in full, please click here

Read more

Amazon launches patient data-mining service to assist docs

Credit to Author: Lucas Mearian| Date: Fri, 30 Nov 2018 02:59:00 -0800

Amazon this week announced its latest data analytics product, one aimed at scouring unstructured data within electronic medical records (EMRs) to offer up insights that physicians can use to better treat patients.

Amazon’s new Comprehend Medical AWS cloud service is a natural-language processing engine that purports to be able to read physician notes, patient prescriptions, audio interview transcripts, and pathology and radiology reports – and use machine learning algorithms to spit out relevant medical information to healthcare providers.

Amazon’s Comprehend Medical software service is one of 13 new machine learning software products the company announced on Tuesday.

To read this article in full, please click here

Read more

Microsoft Patch Alert: After months of bad news, November’s patching seems positively serene

Credit to Author: Woody Leonhard| Date: Thu, 29 Nov 2018 08:30:00 -0800

By far the most important reason for this month’s relative patching calm: Microsoft decided to wait and get the Windows 10 (version 1809) patch right instead of throwing offal against a wall and seeing what sticks.

What remains is a hodge-podge of Windows patches, some mis-identified .NET patches, a new Servicing Stack Update slowly taking form, a bunch of Office fixes – including two buggy patches that have been pulled and one that’s been fixed – the usual array of Flash excuses and Preview patches.

To read this article in full, please click here

Read more

Microsoft's multi-factor authentication service flakes out – again

Credit to Author: Gregg Keizer| Date: Tue, 27 Nov 2018 14:02:00 -0800

Just one day after Microsoft came clean with an explanation of a Nov. 19 outage that blocked users of Office 365 from logging into their accounts using Multi-Factor Authentication (MFA), today the service again went on the fritz.

“Starting at 14:25 UTC on 27 Nov 2018, customers using Multi-Factor Authentication (MFA) may experience intermittent issues signing into Azure resources, such as Azure Active Directory, when MFA is required by policy,” read the Azure status dashboard. Two and a half hours later, the dashboard reported that after resolving a problem with an earlier DNS (Domain Name Service) issue, engineers rebooted the services. “They observed a decrease in the failure rate after the reboot cycles,” the dashboard concluded.

To read this article in full, please click here

Read more