Always Providing You With Ongoing Information

Posts tagged ‘Internet’

The Next Windows 10 Update- April 2020

snapshot41_025

Microsoft will soon release … Windows 10 version 2004 scheduled for general release in April 2020.

Read About It Here

Microsoft Launched A New Chromium-Based Edge browser

Snapshot41_238

 Top Browsers

  1. Mozilla Firefox
  2. Google Chrome
  3. Opera
  4. Microsoft Edge-Edge received a fairly cool reception when it first launched with Windows 10 as a replacement for Internet Explorer, but it experienced a revival earlier this year when Microsoft partnered with Google to release a new version of Edge based on Chromium (the engine used by Chrome).The new and improved Edge is an impressive browser that offers most of Chrome’s advantages, without hogging as much memory. Microsoft has also brought its own expertise to the table, sharing its skills and experience with Google.

    Furthermore, the new Edge isn’t restricted to Windows 10 PCs, and Microsoft has released versions for Android, iOS and macOS. It appears as though a version for Linux is on the way as well (to the surprise and confusion of open source fans). With all the major platforms covered, the new Edge is well worth considering as your new primary browser.

    It’s just a shame that it’s pushed so hard within Windows itself, which can be off-putting if you’ve chosen another browser as your default.

  5. Vivaldi

Google & Mozilla Changing What You See in Chrome & Firebox Address Bars

Snapshot24_002

Chrome 77, which is due out in September, sites that use Extended Validation (EV) certificates will no longer have a space in the address bar to display the site owner’s name.

Something similar is happening in desktop Firefox 70, scheduled for an October release, will be the same.

Mozilla and Google are moving the EV information to behind the padlock icon, which users can click on to view certificate information. Mozilla says its change to EV indicators is about “reducing the exposure of EV information while keeping it easily accessible”.

Certificate vendors could charge more for EV certificates to owners of HTTPS websites, such banks and e-commerce sites, which would undergo an extended validation process.

Google explains that its new approach to EV certificate indicators in Chrome 77 is because the Chrome Security UX team “has determined that the EV UI does not protect users as intended”.

“Users do not appear to make secure choices (such as not entering password or credit card information) when the UI is altered or removed, as would be necessary for EV UI to provide meaningful protection,” Google says.

Additionally, EV indicators are an example of “positive indicators”, such as the padlock that still Chrome uses to indicate an HTTPS site.

Chrome will eventually remove the padlock icon for HTTPS sites and has already started instead to emphasize a red ‘Not secure’ warning for all HTTP sites. Firefox 77 will also follow Google Chrome’s lead on ‘not secure’ alerts for HTTP sites.

Researchers Found 35 Election Voting Systems Have Been Connected To The Internet

Snapshot6_001

A group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.

Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year the researchers told Motherboard.

Votes are generally stored on memory cards inside the voting machines at polling places. After an election, poll workers remove these and they’re driven to county election offices. However, some counties want to get their results faster, so they use wireless modems, either embedded in the voting machines or externally connected to them, to transmit the votes electronically. The system that receives these votes, called an SFTP server, is connected to the internet behind a Cisco firewall.

For security reasons, the SFTP server and firewall are only supposed to be connected to the internet for a couple of minutes before an election to test the transmission, and then for long enough after an election to transmit the votes. But the researchers found some of the systems connected to the internet for months at a time, and year-round for others, making them vulnerable to hackers.

1565282528251-image3

ES&S diagram showing the configuration for the Cisco ASA firewall that sits on the internet in front of an FTP server that receives votes transmitted from voting machines. (The FTP server is labeled here as Data Comm RMS, for Results Management System). The diagram also shows the backend election-management system (EMS), which is used in some jurisdictions to program voting machines before each election, and the reporting system (EMS client) that collects votes from the FTP server and tabulates the results. Eleven states use ES&S’s DS200 optical scan machines with modems to transmit results on election night (the number of counties in a state that do this varies). Image: ES&S
Although no one is suggesting that any of these systems have been manipulated or hacked, the findings reveal how little local and federal election officials understand how these critical election systems are really configured and connected, and the extent to which they are beholden to what the vendors tell them.

Senator Ron Wyden (D-Oregon) said the findings are “yet another damning indictment of the profiteering election vendors, who care more about the bottom line than protecting our democracy.” It’s also an indictment, he said, “of the notion that important cybersecurity decisions should be left entirely to county election offices, many of whom do not employ a single cybersecurity specialist.”

“Not only should ballot tallying systems not be connected to the internet, they shouldn’t be anywhere near the internet,” he added.

1565282731675-image2

An ES&S document supplied to Rhode Island and dated 2015, which clearly shows the modem transmission of votes from the company’s DS200 optical scan voting machines going over the internet.

DEF CON 27 IoT

Snapshot23_002

The DEF CON 27 IoT Village, organized by security consulting and research firm Independent Security Evaluators (ISE) will highlight the significant challenges of security and privacy within this universe of devices on August 8-10, Eldorado Ballroom at the Las Vegas Flamingo Hotel.

IoT Village is now the premier platform for the IoT hacking community to inform manufacturers and consumers about new vulnerabilities research. The past six years, IoT Village has established a worldwide reputation at DEF CON, the largest gathering for hackers, and has showcased over 50 speakers who have exposed more than 300 vulnerabilities. IoT Village has educated countless attendees and sponsors about the most innovative techniques to both hack and secure IoT.

 

WIDESPREAD INTERNET OUTAGES !

dress2_001

A week ago Verizon caused a major BGP misroute that took out huge chunks of the Internet, including CDN company Cloudflare, partially down for a day.

Cloudflare went down again for half an hour yesterday, and this time, it was the company’s own fault— Javascript spiked the firewalls’ CPU usage, crippling throughput and causing widespread HTTP 502 errors. Microsoft’s Office365 also seems to have experienced a multi-hour partial outage yesterday, with the service working over some ISPs and routes but not others for about four hours.

Facebook and its properties WhatsApp and Instagram have suffered widespread outages relating to image display for most of today. The problem seems to be bad timestamp data being fed to the company’s content delivery network (CDN) in some image tags.

Twitter has suffered some as-yet-unexplained disturbances as well. The outages appear to be mostly in the Eastern United States and Europe, with few or no reports shown in other regions on several third-party outage-tracking sites.

Twitter DM outage spike on July 3, as shown at https://outage.report/twitter-direct-messages.

Twitter DM outage spike on July 3, as shown at https://outage.report/twitter-direct-messages.

 

The State Of Social Media, Facebook & Twitter Testify Before Congress

The Senate Intelligence Committee hosted the morning session, focusing on efforts being made to keep elections safe.

Tag Cloud

%d bloggers like this: