US Secret Service Seeks Sarcasm-Detection Software

The US Secret Service has issued a request for proposals to develop software able to detect and analyze written sarcasm with a goal of fully automating its social-media monitoring in real time. The intent of the software is, in part, to eliminate false positives and wasted time associated with law enforcement officers following erroneous leads that might have been the result of someone posting a joke or flippant message on social message. The goal of the US Secret Service and its social-media monitoring program are to find credible threats from people intending real harm. The call raised privacy concerns that such technology would stifle free expression among people that would fear that their sarcastic comments would bring them to the Secret Service’s attention. Some people expressed doubt that the technology would be effective. (The Washington Times)(Engadget)(TIME)(US General Services Administration)

Japan’s SoftBank Moves into Consumer Robotics

Japanese telecommunications and Internet company SoftBank plans to sell robots designed for consumer use, to function as babysitters, nurses, emergency medical workers, and companions, said CEO Masayoshi Son. Son recently demonstrated a prototype robot called Pepper, which will cost ¥198,000 ($1,931). It will be sold at Softbank Mobile stores starting in February 2015. The company has not unveiled plans for introducing Pepper outside Japan. (Reuters)(Associated Press @ Washington Post)(ZDNet)

Europe’s “Right to be Forgotten” Is Proving Difficult to Execute

Last month, the European Court of Justice ruled that individuals have the “right to be forgotten,” which holds that search-engine operators should delete outdated, inaccurate, or irrelevant information from the results they return. However, search-engine operators are finding this hard to accomplish, particularly because they have received huge volumes of deletion requests from users. . For example, Google says it is fielding an average of 10,000 requests per day. The right to be forgotten has proven to be controversial. Proponents say it is necessary to protect individual privacy. Opponents say that it is a form of censorship, will be too time-consuming and expensive to comply with, and will balkanize search result by creating one set for Europe and one for the rest of the world. Issues surrounding the European Court of Justice’s decision led to two days of meetings by EU data-protection authorities. The group of 28 data authority leaders is scheduled to produce an agreement specifying compliance requirements in September of this year. (TIME)(Reuters)

Yet Another OpenSSL Vulnerability Is Found

A security researcher has discovered a new, remotely exploitable vulnerability in OpenSSL that could let an attacker intercept and decrypt traffic between vulnerable clients and servers. The Heartbleed flaw in the popular OpenSSL Internet security protocol, found earlier this year, forced many website operators to update their software and advise millions of users to change their passwords. The new vulnerability—which Masashi Kikuchi, a researcher with IT consultancy Lepidum Co., found—affects all OpenSSL versions. To exploit the bug, an attacker must first have a man-in-the-middle position on a network. (SlashDot)(Threat Post)(Computerworld)(OpenSSL Security Advisory)(Lepidium Co.)

UK Government Amending Law, Wants Life Sentence for Malicious Hackers

The UK government wants to amend its current laws to let judges give a life sentence to computer hackers whose misdeeds result in loss of life or threaten national security. The 1990 Computer Misuse Act now gives hackers a maximum sentence of ten years. In the newly introduced Serious Crime Bill, cyberattacks resulting in loss of life, serious illness or injury, or serious damage to national security carry a life sentence while those resulting in serious economic or environmental damage carry a 14-year sentence. “Malicious hackers who risk triggering deadly civil unrest by cutting off food distribution, telephone networks, or energy supplies by sabotaging computer networks could be sentenced to life in prison,” according to the Telegraph. (SlashDot)(iTnews.com.au)(Telegraph)

New Chrome Encryption Extension Promises Better Privacy

Google now offers an extension for its Chrome browser designed to provide easy e-mail encryption to users. The company is touting the End-to-End extension for its simplicity of use compared to similar open source tools such as PGP and GnuPG. Google is basing End-to-End on the OpenPGP standard. The tool is in alpha, meaning the code is available for testing and evaluation now at https://code.google.com/p/end-to-end/source/checkout . Google also is offering bounties for any bugs found in End-to-End through its Vulnerability Reward Program. (Businessweek)(PC Mag)(TIME)(Google Online Security Blog)

Intel Unveils Wireless Docking Station

The future of personal computing does not include wires and cables, according to Intel. With this in mind, the company is showing its WiGig docking station that provides power to mobile devices and other technologies. The technology is based on the high-speed WiGig wireless-communications standard, which enables data transmission at speeds up to 7 Gbits per second, and immediately connects to any devices within its short range, confined to a single room.  Intel expects to introduce the technology commercially by 2016. (ValueWalk)(Gizmodo)(CNET)

Apple Allowing Virtual-Currency Transactions in Applications

Software developers can now offer virtual-currency transactions in their Apple-based applications for iPhones and iPads. Apple revamped its App Store guidelines to permit applications to process transactions with, according to the Apple developer blog, “approved virtual currencies provided that they do so in compliance with all state and federal laws for the territories in which the app functions.” Apple has not yet released a list of “approved” virtual currencies. Apple previously removed applications using virtual cash from its online store. In response, some developers reportedly deleted virtual currency coding from their programs so that they could remain in the store. Google Android currently supports transactions using several different types of virtual currency. (Reuters)(BBC)(Apple)

Researchers Report Hacker Attack Campaign against US, EU Targets

Security vendor FireEye has uncovered a series of attacks against targets in Europe and the US that occurred between 29 April and 27 May. FireEye says a group of Middle East-based hackers called the Molerats are responsible for the attacks, launched via remote-access tool exploits known as Poison Ivy. The group, which also engages in phishing attacks, is become more active, according to researchers, who traced Molerats attacks to campaigns launched against the BBC, an unnamed US financial institution, and government organizations in Israel, Latvia, Macedonia, New Zealand, Slovenia, Turkey, the UK, and the US. Although the attackers typically use free, commonly available malware, FireEye says the group appears to be adapting its attacks to be increasingly difficult to detect. (SlashDot)(eWeek)(FireEye)

Bug Leaves Linux, Open Source Users at Risk

Security researchers have discovered a new vulnerability in open source software that attackers could exploit to launch malware attacks. Developers have since released a patch for the bug in the GnuTLS cryptographic code library, which could place Linux and other open source software users at risk for problems such as buffer overflow attacks. GnuTLS is an open-source implementation of Internet encryption protocols including Secure Sockets Layer; Transport Layer Security; and Datagram Transport Layer Security, used in various Linux distributions. An infected server could exploit the vulnerability during the handshake between the Secure Sockets Layer and Transport Layer Security, culminating in the crash of vulnerable clients. It could also allow attackers to execute code on the system. The vulnerability was reported by Joonas Kuorilehto, a principal systems engineer at Codenomicon, the same vendor of vulnerability-testing tools responsible for finding the Heartbleed flaw in the OpenSSL Internet-security protocol earlier this year. (Ars Technica)(PC World)(Red Hat Bug Tracker)

Showing 41 - 50 of 4,392 results.
Items per Page 10
of 440