ComputerWorld – Page 34 – Computer Security Articles

Credit to Author: Evan Schuman| Date: Thu, 07 Jul 2022 03:00:00 -0700

Microsoft is backing away from its public support for some AI-driven features, including facial recognition, and acknowledging the discrimination and accuracy issues these offerings create. But the company had years to fix the problems and didn’t. That’s akin to a car manufacturer recalling a vehicle rather than fixing it.

Despite concerns that facial recognition technology can be discriminatory, the real issue is that results are inaccurate. (The discriminatory argument plays a role, though, due to the assumptions Microsoft developers made when crafting these apps.)

Let’s start with what Microsoft did and said. Sarah Bird, the principal group product manager for Microsoft’s Azure AI, summed up the pullback last month in a Microsoft blog.

To read this article in full, please click here

ComputerWorld Independent

July 6, 2022 admin

European Parliament approves sweeping big tech antitrust laws

Credit to Author: Charlotte Trueman| Date: Wed, 06 Jul 2022 06:28:00 -0700

The European Commission announced late yesterday that the Digital Markets Act (DMA) and Digital Services Act (DSA) have been voted through, marking a new chapter for how technology companies will be able to operate in the EU. The parliament voted 588 in favor and 11 against for the DMA, while 539 MEPs backed the DSA, with 54 votes against.

To read this article in full, please click here

ComputerWorld Independent

July 5, 2022 admin

Think twice before deploying Windows’ Controlled Folder Access

Credit to Author: Susan Bradley| Date: Tue, 05 Jul 2022 07:29:00 -0700

As ransomware attacks gained steam in the mid-2010s, Microsoft sought to give Windows users and admins tools to protect their PCs from such attacks. With its October 2017 feature update, the company added a feature called Controlled Folder Access to Windows 10.

On paper, Controlled Folder Access sounds like a great protection for consumers, home users, and small businesses with limited resources. As defined by Microsoft, “Controlled folder access helps protect your valuable data from malicious apps and threats, such as ransomware. Controlled folder access protects your data by checking apps against a list of known, trusted apps. Supported on Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11 clients, controlled folder access can be turned on using the Windows Security App, Microsoft Endpoint Configuration Manager, or Intune (for managed devices).”

To read this article in full, please click here

ComputerWorld Independent

July 5, 2022 admin

Are banks quietly refusing reimbursements to fraud victims?

Credit to Author: Evan Schuman| Date: Tue, 05 Jul 2022 03:00:00 -0700

There are some scary reports popping up that various major financial institutions no longer credit back all fraudulent transactions, even when victims file a police report. If true, it’s a disastrous move that will painfully hurt the institutions.

Let’s look a recent New York Times report on the problem:

To read this article in full, please click here

ComputerWorld Independent

June 29, 2022 admin

FCC commissioner wants Apple, Google to remove TikTok from App Stores

Credit to Author: Jonny Evans| Date: Wed, 29 Jun 2022 05:34:00 -0700

FCC Commissioner Brendan Carr has written to Apple and Google to request that both companies remove the incredibly popular TikTok app from their stores, citing a threat to national security.

Is your data going TikTok?

Carr warns the app collects huge quantities of data and cited a recent report that claimed the company has accessed sensitive data collected from Americans. He argues that TikTok’s, “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. data…puts it out of compliance,” with App Store security and privacy policies.

To read this article in full, please click here

ComputerWorld Independent

June 28, 2022 admin

How Apple is improving single sign-on

Credit to Author: Jonny Evans| Date: Tue, 28 Jun 2022 07:59:00 -0700

Among a slew of announcements at WWDC this year were some important changes to Apple’s support for single sign-on (SSO). Here’s what’s coming when new updates ship this fall.

SSO + BYOD = iOS 16, iPadOS 16

Apple first introduced SSO support at WWDC 2019 with Sign in with Apple, which also saw the introduction of extensions to enable this kind of authentication. It allowed a user to access a service or website using their Apple ID, and meant support for identity providers, the use of highly secure token-based signatures and the tools service providers required to implement these systems.

To read this article in full, please click here

ComputerWorld Independent

June 27, 2022 admin

Time for a mid-year browser security check

Credit to Author: Susan Bradley| Date: Mon, 27 Jun 2022 09:24:00 -0700

We’ve reached the mid-point of 2022 and when it comes to security, I feel like we’re not making much headway. I still see people report they’re getting scammed, ransomed, and attacked on a regular basis — and for many users the browser is becoming the most important part of whatever platform you use. So now is a good time to review your browsers, and any extensions you’ve installed to beef up security.

Note, I said browsers —plural. While enterprises might want to standardize on only one browser for better control, for small businesses and individual users, I recommend installing more than one. (I often use three different browsers.)

Why is this important? Because attackers (and trackers) go after browsers. In fact, it’s good to think of your browser a separate operating system, and act accordingly to protect it. Though I focus mainly on Windows issues, these guidelines and recommendations apply to Mac OS, Ubunto, Mint, and others.

To read this article in full, please click here

ComputerWorld Independent

June 24, 2022 admin

The surveillance-as-a-service industry needs to be brought to heel

Credit to Author: Jonny Evans| Date: Fri, 24 Jun 2022 09:40:00 -0700

Here we go again: another example of government surveillance involving smartphones from Apple and Google has emerged, and it shows how sophisticated government-backed attacks can become and why there’s justification for keeping mobile platforms utterly locked down.

What has happened?

I don’t intend to focus too much on the news, but in brief it is as follows:

Google’s Threat Analysis Group has published information revealing the hack.
Italian surveillance firm RCS Labs created the attack.
The attack has been used in Italy and Kazakhstan, and possibly elsewhere.
Some generations of the attack are wielded with help from ISPs.
On iOS, attackers abused Apple’s enterprise certification tools that enable in-house app deployment.
Around nine different attacks were used.

The attack works like this: The target is sent a unique link that aims to trick them into downloading and installing a malicious app. In some cases, the spooks worked with an ISP to disable data connectivity to trick targets into downloading the app to recover that connection.

To read this article in full, please click here