Microsoft Adds Anti-snooping Safeguards

Microsoft has added encryption safeguards to the Outlook.com webmail service and to the OneDrive cloud storage service, in part to better protect these consumer products from government surveillance.

“Our goal is to provide even greater protection for data across all the great Microsoft services you use and depend on every day. This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data,” Matt Thomlinson, vice president, Trustworthy Computing Security, at Microsoft wrote in a blog post.

The move follows similar ones from other cloud computing providers. For example, Google announced end-to-end encryption for Gmail in April, including protection for email messages while they travel among Google data centers. It recently announced similar encryption for its Google Drive cloud storage service.

It’s not clear from Microsoft’s announcement whether the encryption protection it announced covers Outlook.com messages and OneDrive files as they travel within Microsoft data centers. It’s also not clear what, if any, encryption OneDrive and Outlook.com have had until now. Microsoft didn’t immediately respond to a request for comment.

Cloud computing providers like Microsoft, Google, Amazon and many others have been rattled by disclosures from former National Security Agency contractor Edward Snowden regarding government snooping into online communications, due to the effect on their consumer and business customers.

As a result, these companies have been busy boosting encryption on their systems, while also lobbying the U.S. government to stop the stealthy and widespread monitoring of Internet services.

Source

Did Sears Suffer A Data Breach?

Sears Holdings Corp acknowledged it has launched an investigation to determine whether it was the victim of a security breach, following Target Corp’s revelation at the end of last year that it had suffered an unprecedented cyber attack.

“There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach,” Sears spokesman Howard Riefs said in a statement on Friday.

“We have found no information based on our review of our systems to date indicating a breach,” he added.

He did not say when the operator of Sears department stores and Kmart discount stores had begun the investigation or provide other information about the probe.

Sears Holdings Corp operates nearly 2,500 retail stores in the United States and Canada.

Bloomberg News reported on Friday that the U.S. Secret Service was investigating a possible secret breach at Sears, citing a person familiar with the investigation. The report did not identify that source by name.

The Bloomberg report said that its source did not disclose details about the scope or timing of the suspected breach.

A spokesman for the U.S. Secret Service declined comment when Reuters asked if the agency was investigating a possible breach at Sears.

The Secret Service is leading the U.S. government’s investigation into last year’s attack on Target, which the company has said led to the theft of some 40 million payment card numbers as well as another 70 million pieces of personal data.

Source

MediaTek’s Octa-Core Processor Tested

MediaTek raised quite a few eyebrows earlier this year when it announced it would build the world’s first proper ARM octa-core, not a big.LITTLE design. The MT6592 has now popped up on a Chinese site, with the first Antutu results.

It scored 25,496, which places it behind the 1.7GHz Snapdragon in the HTC One, but it’s still a lot faster than the Nexus 4’s Qualcomm APQ8064, although throttling may have something to do with that. The score seems too high, but not long after the results emerged, a number of mobile sites started talking about disappointing results, claiming that MediaTek’s octa-core was somehow supposed to end up on a par with Samsung’s latest Exynos 5 big.LITTLE chip and the Qualcomm 800.

This of course is utter rubbish and FUD of the highest order.

The 28nm MT6592 is indeed an octa-core, but it has eight A7 cores, not a combo of A15 and A7 cores. The A7 is about one fifth of the die area of an A15 and according to ARM it consumes one quarter to one fifth of the power, making such comparisons asinine. In other words, MediaTek’s octa-core should end up a lot smaller and cheaper than a quad A15, maybe even a quad A12. That is why we find the 25,496 result hard to believe – it should be less, not more. For example, the Tegra 4 on Shield hits about 36,000, yet it’s a much bigger chip, on a device with more RAM.

The benchmarked chip ran at 1.7GHz, but MediaTek said the MT6592 should have no trouble hitting 2GHz, which could make it faster than a Snapdragon 600. What’s more, the tested device featured 1GB of RAM, 720p display and a Mali-450 GPU, so it is clearly not high-end.

However, the big problem for MediaTek’s curious new SoC is the sheer number of cores. Most apps simply can’t put them to good use and unless MediaTek has a clever trick up its sleeve, the chip might not be nearly as fast in real world applications. It does look promising in benchmarks, though.

Source

Privacy Advocates & Lawmakers Push For Google Probe

Privacy groups and lawmakers are pushing for a new and more expansive investigation into Google and its privacy practices after the U.S. Federal Communications Commission announced that it found no evidence that the company violated eavesdropping laws.

Late last week, the FCC reported that there was no legal precedent to find fault with Google collecting unprotected home Wi-Fi data, such as personal email, passwords and search histories, with its roaming Street View cars between 2007 and 2010.

However, the FCC did fine Google $25,000 for obstructing its investigation.

A Google spokesperson took issue with the fine.

“We disagree with the FCC’s characterization of our cooperation in their investigation and will be filing a response,” said the spokesperson in an email to Computerworld. “It was a mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We have worked with the relevant authorities to answer their questions and concerns.”

The Electronic Privacy Information Center (EPIC), a national privacy watchdog, disagreed with the FCC findings.

In a letter sent to U.S. Attorney General Eric Holder today, EPIC asked that the Department of Justice investigate Google’s surreptitious collecting of Wi-Fi data from residential networks.

“Given the inadequacy of the FCC’s investigation and the law enforcement responsibilities of the attorney general, EPIC urges the Department of Justice to investigate Google’s collection of Wi-Fi data from residential Wi-Fi networks,” wrote Mark Rotenberg, executive director of the advocacy group.

“By the [FCC’s] own admission, the investigation conducted was inadequate and did not address the applicability of federal wiretap law to Google’s interception of emails, usernames, passwords, browsing histories and other personal information,” Rotenberg added.

Source…

The U.S. Is Falling Behind

The U.S. government is losing a race in cyberspace — a social-networking race for the hearts and minds of the Internet community, a computer security expert said Wednesday.

Other countries — and many companies — are using social-networking tools to their advantage, while the U.S. government has taken tiny steps forward, said Rand Waltzman, a program manager focused on cybersecurity at the U.S.Defense Advanced Research Projects Agency (DARPA).

The Chinese government pays citizens to patrol social-networking sites and dispute negative talk about all levels of government or any aspect of Chinese life, and companies such as Dell and Best Buy are training workers to respond to complaints on Facebook and other social-networking services, Waltzman said at the Suits and Spooks security conference in Arlington, Virginia.

U.S. regulations prevent the government from undertaking similar campaigns, he said. “Any time you want to go to the bathroom, you need presidential approval,” he said.

The U.S. will not be able to protect its residents if it cannot engage in its own covert social-media operations, Waltzman said.

Waltzman told about a U.S. special forces unit in Iraq in 2009 that attacked an insurgent paramilitary group, killed 16 of the members of the group and seized a “huge” weapons cache. As soon as the U.S. unit left the scene, the Iraqi group returned, put the bodies on prayer mats, and uploaded a photograph from a cheap mobile phone, he said. The group put out a press release in English and Arabic.

Source…

Kindle Fire Raises Privacy Concerns

Amazon told a Massachusetts congressman that the Silk browser in its Kindle Fire tablet doesn’t pose a privacy threat to customers, but the lawmaker wasn’t satisfied with that statement.

U.S. Rep. Ed Markey (D-Mass.), the co-chairman of a congressional caucus on consumer privacy, on Tuesday released the results of questions he had put to Amazon CEO Jeff Bezos in October about Silk and the data it collected.

Markey wasn’t happy with Amazon’s answers.

“Amazon’s responses to my inquiries do not provide enough detail about how the company intends to use customer information, beyond acknowledging that the company uses this valuable information,” said Markey in a statement.

“Amazon states ‘Customer information is an important part of our business,’ but it is also important for customers to know how the company uses their personal information,” Markey continued. “Amazon is collecting a massive amount of information about Kindle Fire users, and it has a responsibility to be transparent with its customers. I plan to follow-up with the company for additional answers on this issue.”

Silk, which is based on the open-source WebKit engine, connects to Amazon’s cloud service and servers by default. The service will handle much of the work of composing Web pages, pre-rendering and pre-fetching content, and squeezing the size of page components, a way, claimed Amazon, to speed up browsing on low-powered devices like the Kindle Fire.

Source….

Terror Alerts To Be Issued Via Facebook, Twitter

The U.S. government may start issuing terror alerts via Facebook and Twitter, according to a news service report.

The Associated Press reported Thursday that the U.S. Department of Homeland Security is working to re-design the current color-coded terror alert system. The new system, according to the report, would have only two levels of alerts — elevated and imminent.

Those alerts would be conveyed out to the public in part via social networking sites Facebook and Twitter . The AP article is based on a 19-page draft of the plan that the news service obtained.

“The new terror alerts would also be published online using Facebook and Twitter ‘when appropriate,’” the news agency reported, “but only after federal, state and local government leaders have already been notified.”

The new system is expected to be in place by April 27.

Zeus Kerravala, an analyst at Yankee Group Research, said the fact that the U.S. government is entrusting something as critical as terrorist alerts to Facebook and Twitter shows how important social networking sites have become to people’s lives.

Read more….