A cyberattack impacted computer systems in more than 150 countries over the weekend. The weapon used to initiate the attack is believed to be based on recently published vulnerabilities stolen from the National Security Agency. The attack, one of the largest ever, took over computers, encrypted their files and demanded payment in Bitcoin of $300 or more. Among the major institutions and government agencies impacted were FedEx in the U.S., the Russian Interior Ministry and Britain’s National Health Service. The attack also hit smaller venues, such as a car manufacturing factory in Romania owned by Renault. Continue reading Major Cyberattack Hits 150 Countries, Could Keep Spreading

Slack came to life three years ago, out of a failed video game, and, as messaging software, combines rich data on how people use a product with information on how people feel about using it. When it debuted in 2014, word of mouth catapulted Slack to a value of $4 billion. Now, the private company has attracted competition from Microsoft, which last fall unveiled Teams, free to 85 million users of Office 365, and Facebook with its free collaboration tool Workplace. A smaller company, Atlassian, has also had success. Continue reading Slack Faces Off Against Bigger Competitors, Tweaks Software

The World Wide Web Consortium (W3C) has formally moved its Encrypted Media Extensions (EME) anti-piracy mechanism to the stage of Proposed Recommendation. The decision of whether or not to adopt the EME standard now depends on a poll of W3C’s members, which have until April 19 to respond. Although the proposed standard has many critics, W3C director/HTML inventor Sir Tim Berners-Lee has personally endorsed it. Engineers from Google, Microsoft and Netflix created EME, which has been under development for some time. Continue reading World Wide Web Consortium Proposes HTML5 DRM Standard

WikiLeaks released thousands of documents yesterday that it claims detail methods used by the CIA “to break into smartphones, computers and even Internet-connected televisions,” reports The New York Times. According to WikiLeaks, the CIA and allied intelligence services bypassed encryption on messaging services including Signal, Telegram and WhatsApp. WikiLeaks also suggests that agencies can collect audio and messaging data from Android phones “before encryption is applied.” The Wall Street Journal notes that such activities, if actually taking place with consumer electronics, could fuel tensions between intelligence agencies and the tech industry, which has been concerned about customer privacy. Mobile devices are a major concern; NYT published an article detailing potential smartphone vulnerabilities. Continue reading WikiLeaks Claims of CIA Hacking Could Impact Tech Industry

A new report from rights organization Electronic Frontier Foundation (EFF) found that half of today’s Web’s traffic is now protected by encryption. The increased adoption of HTTPS is largely a result of efforts from big tech companies, like Google and Facebook, and an increased awareness of government surveillance. Google started factoring whether a website was on HTTPS or HTTP into its algorithm. WordPress, one of the biggest Web hosting providers, switched to HTTPS last year. Continue reading Half of Web Traffic Now Encrypted as Websites Adopt HTTPS

The Signal app from non-profit Open Whisper Systems provides end-to-end encrypted messaging, voice calling, and now video chatting. The new feature, along with improved voice calling functionality, comes as part of a beta update for the app’s Android and iOS versions. Signal is a popular choice for activists and journalists who need a private communications platform, but it is still struggling to find a foothold in the mainstream because it sacrifices some popular features for security.  Continue reading Signal App Update Adds Ability to Make Encrypted Video Calls

In a recently published Infrastructure Security Design Overview, Google explains its six layers of security for the cloud it uses for its own operations and its public cloud services. The company also revealed that it designs custom chips, “including a hardware security chip that is currently being deployed on both servers and peripherals,” that allow it to “securely identify and authenticate legitimate Google devices at the hardware level.” The chip works with cryptographic signatures validated during each boot or update. Continue reading Newly Published Google Overview Spells Out Security Details

To improve encryption, Google has launched an open source project, Key Transparency, a follow-up to its Certificate Transparency, both of which focus on the need to verify the authenticity of the person or server the user believes he is connecting to. Keybase, a collection of verified users and their “cryptographic credentials” is one solution, but Google now wants to ascertain that the contacts are verified systematically and are privacy-protected, by having the address “double-check” itself. Continue reading Google Key Transparency Project to Boost Messaging Security

Wisconsin-based startup Fasetto demonstrated its LINK storage and communications device at CES 2017. Ideal for media production, the portable Wi-Fi and Bluetooth 4G connected device might be the easiest way to distribute video via up to 15 mixed devices. A production unit merely needs access to a web browser and a little more than eight hours of battery charging time for streaming distribution. This device might also function as a budget version of on-set video support. The compact design (2-inches by 2-inches by 1-inch deep and a mere 4 ounces) packs up to 2TB of solid state storage with a 64 bit octa-core 2.1GHz Exynos 7420 processor and 4GB of RAM. Continue reading CES: Fasetto Rolls Out a New Class of Connectivity with LINK

Documentary filmmaker Laura Poitras, who shot the Oscar-winning “Citizenfour” about Edward Snowden, along with 150 other documentary filmmakers, signed an open letter from the nonprofit Freedom of the Press Foundation (FPF) asking camera manufacturers Canon, Nikon, Olympus, Sony, Fuji, Kodak and Ricoh to add encryption features. The fear is that thieves, law enforcement or agents of authoritarian governments can access footage by simply taking possession of the camera, and the documentarians want protection. Continue reading Documentarians Entreat Camera Manufacturers for Encryption

In September, Yahoo revealed a 2014 security breach that involved 500,000 of its users’ accounts. Now the company has announced an even larger data breach from 2013 involving more than one billion accounts, including those of more than 150,000 government and military employees. “The two attacks are the largest known security breaches of one company’s computer network,” reports The New York Times. “The newly disclosed 2013 attack involved sensitive user information, including names, telephone numbers, dates of birth, encrypted passwords and unencrypted security questions that could be used to reset a password.” Continue reading Yahoo: Second Data Breach Involves 1 Billion User Accounts

The free encrypted messaging app Signal is gaining users, not just because privacy advocates and security researchers have all given it a seal of approval. The app, available for smartphone and computer, is a bulwark against hacking, which got a national spotlight when WikiLeaks posted emails from Hillary Clinton campaign chair John Podesta. Others fear increased government surveillance under the incoming President Donald Trump, a reaction to Trump’s choice of CIA chief, Mike Pompeo, who advocates just that. Continue reading Signal Emerges as a Must-Have Hacker-Proof Messaging App

PlayOn, whose software records video from streaming services to watch offline without ads on any device, now offers this functionality for mobile devices. PlayOn Cloud is available as a free download on iOS (with Android support coming soon). It allows the user to download video to mobile devices, and keeps the recording in the cloud for 30 days. Viewers can watch offline, with AdSkip technology. Support is available for Netflix, Amazon Video, Hulu, Yahoo! View, HBO Now, YouTube, NBC, ABC, CBS, Fox, PBS and The CW. Continue reading PlayOn Delivers Streaming Video Recording to Mobile Devices

In January, Chrome will begin placing a “not secure” warning on the left of its address bar for websites that do not use strong HTTPS-connected encryption, which accounts for nearly half of the world’s existing sites. Up until then, Chrome has only posted warnings on HTTPS sites with faulty encryption. Later in 2017, Chrome plans to expand the categories of sites for which it will issue warnings, including any unencrypted pages visited via Chrome’s Incognito and any HTTP site offering downloads. Continue reading Chrome Tightens Up Security Warnings for Unencrypted Sites

In response to a classified edict from the National Security Agency or the FBI, Yahoo scanned all of its users’ incoming emails for a specific “set of characters,” keeping the scans and the software system it built to do so a secret. Millions of emails were scanned, but neither federal agency nor Yahoo will say if they found what they were looking for. Experts say this is the first case of a U.S. Internet company agreeing to search all arriving emails, rather than stored messages or a small number of email accounts. Continue reading In a First, Yahoo Secretly Scans All Incoming Emails for Feds