Connect with us

Security

Facebook is letting out trillions of posts check your settings now

Published

on

Facebook want to increase its functionality in search engine, for that it is exposing all the public posts of users to google. Facebook recently indexed 2 trillion public posts. Now we can see posts, conversations, likes, pictures by inserting any phrases in search engine.

So on that point your public posts are available for universal search. Worlds biggest social network make it more easy by exposing posts. It just works like as Twitter and google search only. So beware that you are exposed to the world now by your posts. Lets just change settings of our profiles if we don’t want to reveal.

Step 1 : Limit the visibility of Future posts
fb-privacy-shortcutshd1

Step 2 : Limit the visibility of past posts

facebook-timeline-privacy-hide-old-posts-warning

Facebook is letting out trillions of posts check your settings now

Business

Capital One begins journey as a software vendor with the release of Critical Stack Beta

Published

on


If every company is truly a software company, Capital One is out to the prove it. It was one of the early users of Critical Stack, a tool designed to help build security into the container orchestration process. In fact, it liked it so much it bought the company in 2016, and today it’s releasing Critical Stack in Beta.

This is a critical step toward becoming a commercial product, giving the bank its first entree into software selling.

Capital One is embracing modern applications delivery methods like containerization, and it needed a tool specifically tuned to the security requirements of a financial services company. That’s what Critical Stack purports to give it, and they liked it so much, they thought others who required a similar level of security would too.

Critical Stack is compatible with Kubernetes, the popular container orchestration tool, but it’s been designed to provide a higher level of security than the base product, while giving large institutions like banks a packaged approach to container orchestration.

“One of the many strengths of Kubernetes is its rapid development cycle. You understand how challenging that can be to keep up with that moving target. We have an orchestration layer that has an abstraction away from that. Critical Stack is a stand-alone tool within the ecosystem of tools compatible with Kubernetes,” Liam Randall, Capital One’s senior director of software engineering and Critical Stack co-founder told TechCrunch.

Critical Stack does everything you would expect a Kubernetes distribution to do including managing the container delivery and lifecycle management, but it’s specifically designed to allow operations to automate security and compliance policies around the containers, something banks and other highly regulated businesses need to do.

The company also concentrated on putting that kind of functionality in an interface that’s easy to use.

Photo: Critical Stack

While the company isn’t open sourcing this tool, they believe by selling it, they can get a similar set of benefits. “When you think about a lot of the great platforms, the best lessons learned come from working with other partners,” Randall said. While he and his team found a broad set of use cases internally, they felt that getting the product into the hands of others would only help enhance it — and it doesn’t hurt they could make some money doing it.
Featured Image: Smith Collection/Gado/Getty Images Readmore

Continue Reading

Europe

Germany bans kids’ smartwatches that can be used for eavesdropping

Published

on


A German regulator has banned domestic sales of children’s smartwatches that have a listening function — warning that parents have been using the devices to secretly eavesdrop on teachers at their kids’ school.

In an announcement on Friday, the Federal Network Agency telecoms watchdog said it had already taken action against some online sellers. The target group for the smartwatches are children between the ages of 5 and 12 years.

“Via an app, parents can use such children’s watches to listen unnoticed to the child’s environment and they are to be regarded as an unauthorized transmitting system,” said Jochen Homann, president of the Federal Network Agency in a statement. “According to our research, parents’ watches are also used to listen to teachers in the classroom.”

Back in February, the same federal agency banned sales of an Internet connected doll — called My Friend Cayla — in the country where it’s illegal to manufacture, sell or possess surveillance devices disguised as another object.

On Friday the agency warned there are a large number of providers in the German market that are offering smartwatches for children which contain a listening function, often referred to as a “baby monitor” or “monitor function” in the companion app.

The app owner is able to silently call the device via such functions and listen unnoticed to the conversations of the watch wearer and others in their vicinity — an act of covert surveillance that is illegal in Germany.

The agency has instructed parents to destroy any devices they have bought, and asked schools to be on the look out for smartwatches being used by children — and to request destruction of listening devices they identify.

The Federal Network Agency is not the only European body concerned about risks posed by children’s connected toys, nor specifically by kids smartwatches. Last month the Norwegian Consumer Council put out a report about children’s smartwatches, raising concerns about security flaws, privacy concerns, and risks posed by what they described as unreliable features.

While this month a UK consumer rights group also raised concerns about poorly secured IoT toys which it said could enable strangers to talk to children. The group also called for devices with known security flaws to be banned from sale.

The latest ban may increase pressure for the European Commission to consider whether European Union-wide regulation is needed for Internet connected toys. Back in February, the commissioner for justice, consumers and gender equality, expressed concern, telling the BBC: “I’m worried about the impact of connected dolls on children’s privacy and safety.”
Readmore

Continue Reading

Europe

Call to ban sale of IoT toys with proven security flaws

Published

on


Ahead of 2017’s present buying season, UK consumer rights group Which? has warned parents about the risks of giving connected toys to their children, and called for devices with known security and/or privacy risks to be banned from sale on kids safety grounds.

Working with security researchers the group has spent the past 12 months investigating several popular Bluetooth or wi-fi toys that are on sale at major retailers, and says it found “concerning vulnerabilities” in several devices that could “enable anyone to effectively talk to a child through their toy”.

It’s published specific findings on four of the toys it looked at: Namely the Furby Connect; I-Que Intelligent Robot; Toy-fi Teddy; and CloudPets cuddly toy.

The latter toy drew major criticism from security experts in February when it was discovered that its maker had stored thousands of unencrypted voice recordings of kids and parents using the toy in a publicly accessible online database — with no authentication required to access the data. (Data was subsequently deleted and ransomed.)

Which? says in all cases it was found to be far too easy for someone to illicitly pair their own device to the toys and use the tech to talk to a child. It especially highlights Bluetooth connections not having been properly secured — noting for example there was no requirement for a user to enter a password, PIN code or any other authentication to gain access.

“That person would need hardly any technical know-how to ‘hack’ your child’s toy,” it writes. “Bluetooth has a range limit, usually 10 meters, so the immediate concern would be someone with malicious intentions nearby. However, there are methods for extending Bluetooth range, and it’s possible someone could set up a mobile system in a vehicle to trawl the streets hunting for unsecured toys.”

In the case of the Furby, Which?’s external security researchers also thought it would be possible for someone to re-engineer its firmware to turn the toy into a listening device due to a vulnerability they found in the toy’s design (which it’s not publicly disclosing).

Although they were not themselves able to do this during the time they had for the investigation.

Which? describes its findings as “the tip of a very worrying iceberg” — also flagging other concerns raised over kids’ IoT devices from several European regulatory bodies.

Last month, for example, the Norwegian Consumer Council warned over similar security and privacy concerns pertaining to kids’ smartwatches.

This summer the FBI also issued a consumer notice warning that IoT toys “could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed”.

“You wouldn’t let a young child play with a smartphone unsupervised and our investigation shows parents need to apply the same level of caution if considering giving a child a connected toy,” said Alex Neill, Which? MD of home products and services in a statement.

“While there is no denying the huge benefits these devices can bring to our daily lives, safety and security should be the absolute priority. If that can’t be guaranteed, then the products should not be sold.”
Readmore

Continue Reading

Subscribe to our Newsletter

Trending