Forgot your password?
Close
typodupeerror

Submission + - FCC Still a No on Broadband Subsidies for Musk's Starlink (broadbandbreakfast.com)

Submitted by Anonymous Coward
An anonymous reader writes: Agency said petition under review was filed about 45 months late.

The Federal Communications Commission said Friday – for the third time in two years – that Elon Musk's Starlink satellite internet service will not receive nearly $900 million in subsidies to get thousands of rural U.S. homes and businesses online.

Submission + - Harmful "nudify" websites used Google, Apple, and Discord sign-on systems (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: Major technology companies, including Google, Apple, and Discord, have been enabling people to quickly sign up to harmful ‘undress’ websites, which use AI to remove clothes from real photos to make victims appear to be ‘nude’ without their consent. More than a dozen of these deepfake websites have been using login buttons from the tech companies for months.

On multiple occasions, tech companies and payment providers have taken action against AI services allowing people to generate nonconsensual images or video after media reports about their activities. Clare McGlynn, a professor of law at Durham University who has expertise in the legal regulation of pornography and sexual violence and abuse online, says Big Tech platforms are enabling the growth of undress websites and similar websites by not proactively taking action against them.

"What is concerning is that these are the most basic of security steps and moderation that are missing or not being enforced,” McGlynn says of the sign-in systems being used, adding that it is "wholly inadequate" for companies to react when journalists or campaigners highlight how their rules are being easily dodged. "It is evident that they simply do not care, despite their rhetoric, McGlynn says. “Otherwise they would have taken these most simple steps to reduce access."

Submission + - Why the NSA Recommends Turning Off Your Phone Weekly 6

Submitted by Admin Linda
Admin Linda writes: In an age where smartphones are central to our daily lives, the idea of turning them off might seem unnecessary or even inconvenient. However, the National Security Agency (NSA) has recommended that users turn off their phones at least once a week. While this might sound surprising, there are valid cybersecurity reasons behind this advice. Let's explore why the NSA suggests this simple yet effective measure and how it can protect your personal information.

Smartphones have become powerful mini-computers, handling everything from banking transactions to personal communications. This convenience also makes them prime targets for hackers and cybercriminals. Malicious software, or malware, can infiltrate your phone through apps, websites, or even text messages. Once inside, malware can steal sensitive data, track your activities, or turn your device into a tool for further attacks.

Cyberthreats are constantly evolving, and even the most vigilant users can be vulnerable. This is where the NSA's advice comes into play.

Why Turning Off Your Phone Helps

Interrupting Malware Activity:

One of the primary reasons to turn off your phone regularly is to disrupt any potential malware running in the background. Some forms of malware are designed to persist in your phone's memory, collecting data or monitoring your actions. Powering down your device can halt this activity, at least temporarily, and may prevent the malware from achieving its goals.

Clearing Temporary Data:

Smartphones accumulate a lot of temporary data during use. This data includes cache files, cookies, and other remnants from apps and web browsing. While most of this data is harmless, it can also be used by malicious actors to track your behavior or exploit vulnerabilities. Restarting your phone clears much of this temporary data, reducing the risk of exposure.

Refreshing System Resources:

Over time, your phone's operating system and apps can experience slowdowns or glitches due to continuous use. Restarting your phone helps refresh system resources, ensuring that everything runs smoothly and securely. This is especially important if you've noticed performance issues, as these can sometimes be indicators of underlying security problems.

Enhancing Privacy:

Regularly turning off your phone can also enhance your privacy. Many apps and services collect data in the background, even when you're not actively using them. A power cycle can interrupt these processes, limiting the amount of information your device shares with third parties.

Thwarting Persistent Threats:

Some sophisticated forms of malware, known as "persistent threats," can survive reboots and are designed to stay on your device for long periods. However, turning off your phone at least once a week can make it more difficult for these threats to remain undetected or continue their operations.

Simple Yet Effective: A Practical Approach to Security

The NSA's advice to turn off your phone once a week is a simple yet practical step that anyone can take to improve their cybersecurity. It's a low-effort, high-impact measure that helps protect your personal information and keeps your device running smoothly. In a world where digital threats are constantly evolving, even small actions like this can make a big difference.

Additional Tips for Smartphone Security

While turning off your phone regularly is a great start, it's important to adopt other security practices as well:
  • Keep Your Software Updated: Always install the latest updates for your operating system and apps. These updates often include security patches that protect against newly discovered vulnerabilities.
  • Use Strong Passwords and Biometric Authentication: Secure your device with a strong password or biometric options like fingerprint recognition or facial recognition.
  • Be Cautious with Apps: Only download apps from trusted sources, and be wary of granting unnecessary permissions.
  • Enable Two-Factor Authentication (2FA): Use 2FA whenever possible to add an extra layer of security to your accounts.
  • Monitor Your Phone's Activity: Keep an eye on your phone's performance. Unexplained slowdowns, battery drain, or unusual data usage could be signs of a security issue.

The NSA's advice to turn off your phone once a week is a simple but effective way to enhance your device's security and protect your personal information. In a world where cyberthreats are constantly evolving, taking proactive measures like this can help safeguard your privacy. Combine this practice with other security tips, and you'll be well on your way to a safer, more secure digital experience.

Submission + - Apple, Amazon Use Gender/Race/Ethnicity to Exclude Groups from Programs

Submitted by theodp
theodp writes: "There is no doubt that people of all races and ethnic backgrounds deserve a seat at every table and that increasing racial and ethnic diversity throughout Amici’s workforces is the right thing to do," read the 2022 Amicus brief submitted to the Supreme Court by Apple and other companies in support of upholding Affirmative Action (Aug. 2024 update).

But when it comes to its own upcoming Apple Entrepreneur Camps, which offer participants opportunities including "unprecedented access to Apple engineers and leaders," Apple makes it clear upfront that seats at the table are only available "for founders and developers who are female*, Black, Hispanic/Latinx, or Indigenous." The in-person Apple Entrepreneur Camps are divided into female-only and underrepresented-only (Black, Hispanic/Latinx, or Indigenous) cohorts.

Despite the gender, race, and ethnicity participation requirements, the Code of Conduct for Apple Entrepreneur Camps states: "Apple is committed to diversity and to providing a harassment-free Apple Entrepreneur Camp experience for everyone. All Entrepreneur Camp attendees, including Apple personnel, have the right to a safe and welcoming environment regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion, or any other attributes."

Meanwhile, Amazon announced it will only be accepting applications for Amazon Future Engineer (AFE) scholarships from female students in India. "We have seen many instances where parents have prioritised a son’s education, due to lack of resources," Amazon explained. "We’d like to encourage all eligible girl students to seize this opportunity to advance their careers in engineering and technology. We are excited to see the impact of our earlier cohorts and will continue empowering young women in India." Despite Amazon's pledge to provide "equal access to STEM education" and "quality, hands-on learning for all students, no matter their zip code or skin color," Amazon allows both female and male students to apply for AFE scholarships in the U.S., explaining that the evaluation criteria "includes things like [...] racial, ethnic and gender diversity."

Apple's and Amazon's choices to exclude certain groups entirely from opportunities in the name of promoting tech inclusivity follows in the footsteps of similar earlier efforts by tech giants and their nonprofit partners. After years of lobbying by tech-backed Code.org and its partners, the practice was even codified into law in 2015 by the Every Student Succeeds Act (ESSA), which contained language favoring certain groups of schoolchildren over others with funding for programs aimed at "increasing access for students through grade 12 who are members of groups underrepresented in such subject fields, such as female students, minority students, English learners, children with disabilities, and economically disadvantaged students, to high-quality [computer science and STEM] courses."

Submission + - Brazil's X Users Will Be Fined $9000 a Day If They Use VPN (yahoo.com)

Submitted by Anonymous Coward
An anonymous reader writes: This is according to a report by The Guardian, which explains that the suspension is due to X failing to meet a pivotal deadline. Here’s what we know so far about why X has been banned in Brazil and the fine being imposed on Brazilians for trying to get on the platform.

https://x.com/MikeBenzCyber/st...

Submission + - France Unveils Plan To Cut Greenhouse Gas Emissions By 50 Percent By 2030 (france24.com)

Submitted by Anonymous Coward
An anonymous reader writes: The French government unveiled a plan on Monday to accelerate cuts to its greenhouse gas emissions, targeting a reduction of 50 percent by 2030 compared with 1990 levels. Unveiled by Prime Minister Elisabeth Borne, the roadmap includes detailed figures for reductions for individual sectors of the economy, ranging from the transport industry to households. The objectives – from speeding up the transition to electric cars or switching freight from road to rivers – are aimed at bringing France’s ambitions for slashing carbon pollution into line with the EU's target for 2030.

France has so far cut its emissions by 25 percent compared with 1990 levels, requiring major fresh efforts if it is to hit the new 50-percent target. "We're asking for a bit from the smallest (polluters) and a lot from the biggest," an aide to Borne told reporters, meaning around half of efforts would be for companies, a quarter for households and a quarter for local administrations.

Submission + - Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption (wired.com)

Submitted by Anonymous Coward
An anonymous reader writes: Spain has advocated banning encryption for hundreds of millions of people within the European Union, according to a leaked document obtained by WIRED that reveals strong support among EU member states for proposals to scan private messages for illegal content. The document, a European Council survey of member countries’ views on encryption regulation, offered officials’ behind-the-scenes opinions on how to craft a highly controversial law to stop the spread of child sexual abuse material (CSAM) in Europe. The proposed law would require tech companies to scan their platforms, including users’ private messages, to find illegal material. However, the proposal from Ylva Johansson, the EU commissioner in charge of home affairs, has drawn ire from cryptographers, technologists, and privacy advocates for its potential impact on end-to-end encryption.

For years, EU states have debated whether end-to-end encrypted communication platforms, such as WhatsApp and Signal, should be protected as a way for Europeans to exercise a fundamental right to privacy—or weakened to keep criminals from being able to communicate outside the reach of law enforcement. Experts who reviewed the document at WIRED’s request say it provides important insight into which EU countries plan to support a proposal that threatens to reshape encryption and the future of online privacy. Of the 20 EU countries represented in the document leaked to WIRED, the majority said they are in favor of some form of scanning of encrypted messages, with Spain’s position emerging as the most extreme. “Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption,” Spanish representatives said in the document. The source of the document declined to comment and requested anonymity because they were not authorized to share it.

In its response, Spain said it is “imperative that we have access to the data” and suggests that it should be possible for encrypted communications to be decrypted. Spain’s interior minister, Fernando Grande-Marlaska, has been outspoken about what he considers the threat posted by encryption. When reached for comment about the leaked document, Daniel Campos de Diego, a spokesperson for Spain’s Ministry of Interior, says the country’s position on this matter is widely known and has been publicly disseminated on several occasions. Edging close to Spain, Poland advocated in the leaked document for mechanisms through which encryption could be lifted by court order and for parents to have the power to decrypt children’s communications.

Submission + - UK regulator almost fines police forces for allowing app on phones (theguardian.com)

Submitted by Bruce66423
Bruce66423 writes: Two police forces have been reprimanded by Britain’s data watchdog after officers unlawfully recorded more than 200,000 phone conversations using an app originally intended for hostage negotiators.

The automatic recordings, made over several years, included “highly sensitive” conversations with victims, witnesses and perpetrators of suspected crimes, according to the Information Commissioner’s Office (ICO).

The app, called Another Call Recorder (ACR), recorded all incoming and outgoing calls and was originally intended for use by a small number of officers at Surrey and Sussex forces. However, it was downloaded on to the work phones of more than 1,000 staff members.

It has now been withdrawn from use and the recordings, other than those considered to be evidential material, have been destroyed, according to the ICO.

The watchdog said it considered issuing a £1m fine to both forces but opted for the reprimand to reduce the impact on public services.

Submission + - The Netherlands To Block Export of Advanced Chips Printers To China (politico.eu)

Submitted by Anonymous Coward
An anonymous reader writes: The Dutch government confirmed for the first time Wednesday it will impose new export controls on microchips manufacturing equipment, bowing to U.S. pressure to block the sale of some of its prized chips printing machines to China. The U.S. and the Netherlands reached an agreement to introduce new export restrictions on advanced chip technology to China at the end of January, but until now, the Dutch government hadn't commented publicly on it. The deal, which also included Japan, involves the only three countries that are home to manufacturers of advanced machines to print microchips. It is a U.S.-led initiative to choke off the supply of cutting-edge chips to China.

"Given the technological developments and geopolitical context, the government has concluded that it is necessary for the (inter)national security to expand the existing export controls on specific manufacturing equipment for semiconductors," Foreign Trade Minister Liesje Schreinemacher wrote in a letter to Dutch lawmakers published Wednesday evening. The Dutch government wants to prevent Dutch technology from being used in military systems or weapons of mass destruction, Schreinemacher wrote — echoing the U.S. reasoning when it imposed its own export controls in October. The Netherlands also wants to avoid losing its pole position in producing cutting-edge chip manufacturing tools: Schreinemacher said the government wants to uphold "Dutch technological leadership." While China is not explicitly named in Schreinemacher's letter, the new policy is targeted at Chinese efforts to overtake the U.S. and others like Taiwan, South Korea, Japan and leading European countries in the global microchips supply chain.

The new export restrictions deal a blow to ASML, the global leader in producing advanced microchips printing machines based in Veldhoven, in southern Netherlands. In the letter, Schreinemacher said the new export control measures include the most advanced deep ultraviolet (DUV) machines, which are part of ASML's advanced chips printers portfolio. The Dutch firm, which is the highest-valued tech company in Europe, already did not receive export licenses for selling its most advanced machines using extreme ultraviolet light (EUV) technology to China since 2019. ASML in a statement confirmed it will now "need to apply for export licenses for shipment of the most advanced immersion DUV systems," but it noted it has not yet received more details about what "most advanced" means.

Submission + - Canada's tax revenue agency tries to ToS itself out of hacking liability (substack.com) 1

Submitted by schwit1
schwit1 writes: The Canada Revenue Agency (CRA), the tax department of Canada, recently updated its terms and conditions to force taxpayers to agree that CRA is not liable if their personal information is stolen while using the My Account online service portal—which, ironically, all Canadians must use when doing their taxes and/or running their business.

The CRA's terms of use assert the agency is not liable because they have "taken all reasonable steps to ensure the security of this Web site".

Excerpt from the CRA terms statement:

"10. The Canada Revenue Agency has taken all reasonable steps to ensure the security of this Web site. We have used sophisticated encryption technology and incorporated other procedures to protect your personal information at all times. However, the Internet is a public network and there is the remote possibility of data security violations. In the event of such occurrences, the Canada Revenue Agency is not responsible for any damages you may experience as a result."

Unfortunately, that is not true. After reviewing the HTTP responses from the CRA My Account login page, it's clear the agency has not configured even some of the most basic security features. For example, security protections for their cookies are not configured, nor are all the recommended security headers used.

Not only is that not "all reasonable steps," but the CRA is missing the very basics for securing online web applications.

The terms of use also state that users are not allowed to use "any script, robot, spider, Web crawler, screen scraper, automated query program or other automated device or any manual process to monitor or copy the content contained in any online services."

Looking at the HTTP response headers using web browser developer tools doesn't breach the terms of services, but the CRA must be well aware that internet users perform scans like this all the time.

And it's not the legitimate My Account users who are likely to be the culprits. Unfortunately for Canadians, threat actors don't read terms of use pages.

A statement like this doesn't protect anyone, except CRA, from being held responsible for failing to properly secure Canadian citizens' personal data.

Submission + - Google Researchers Unveil ChatGPT-Style AI Model To Guide a Robot (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: On Monday, a group of AI researchers from Google and the Technical University of Berlin unveiled PaLM-E, a multimodal embodied visual-language model (VLM) with 562 billion parameters that integrates vision and language for robotic control. They claim it is the largest VLM ever developed and that it can perform a variety of tasks without the need for retraining. According to Google, when given a high-level command, such as "bring me the rice chips from the drawer," PaLM-E can generate a plan of action for a mobile robot platform with an arm (developed by Google Robotics) and execute the actions by itself.

PaLM-E does this by analyzing data from the robot's camera without needing a pre-processed scene representation. This eliminates the need for a human to pre-process or annotate the data and allows for more autonomous robotic control. It's also resilient and can react to its environment. For example, the PaLM-E model can guide a robot to get a chip bag from a kitchen—and with PaLM-E integrated into the control loop, it becomes resistant to interruptions that might occur during the task. In a video example, a researcher grabs the chips from the robot and moves them, but the robot locates the chips and grabs them again. In another example, the same PaLM-E model autonomously controls a robot through tasks with complex sequences that previously required human guidance. Google's research paper explains (PDF) how PaLM-E turns instructions into actions.

PaLM-E is a next-token predictor, and it's called "PaLM-E" because it's based on Google's existing large language model (LLM) called "PaLM" (which is similar to the technology behind ChatGPT). Google has made PaLM "embodied" by adding sensory information and robotic control. Since it's based on a language model, PaLM-E takes continuous observations, like images or sensor data, and encodes them into a sequence of vectors that are the same size as language tokens. This allows the model to "understand" the sensory information in the same way it processes language. In addition to the RT-1 robotics transformer, PaLM-E draws from Google's previous work on ViT-22B, a vision transformer model revealed in February. ViT-22B has been trained on various visual tasks, such as image classification, object detection, semantic segmentation, and image captioning.

Slashdot Top Deals

If you don't have time to do it right, where are you going to find the time to do it over?

Close