Communicator Communities

Making web theming and maintenance easy.

US border searches use loophole to search devices at the border without a warrant

April 13, 2017

The number of phone and laptop searches by customs officials at the US border have almost doubled in the past year.

New figures released this week by the Customs and Border Protection (CBP) saw the number of device searches rise from 8,383 to 14,993 searches — an increase of about 80 percent — between October and March, the first six months of the agency’s fiscal year.

That accounts for just under 2,500 device searches out of 31.6 million travelers on average each month, or less than 0.01 percent of all travelers who enter the country, says the agency, tasked with ensuring the admissibility of goods and people into the country.

The new numbers appear to lower earlier figures, which the agency said contained an “anomaly,” referring to a system upgrade that misattributed the date.

Earlier figures published by NBC News last month suggested that this year would be a “blockbuster” for device searches, with around 5,000 device searches in February alone, according to an unnamed Homeland Security official speaking to the publication. The new border search figures point to a number less than half of that, the statistics say, but a CBP spokesperson could not explain the disparity between the Homeland Security official and the statistics.

Read More

Win 10 Creators Update

April 11, 2017

Today’s the day when Microsoft officially kicks off the rollout of its latest Windows 10 feature update, known as the Creators Update and/or 1703.

Starting around 1 p.m. ET on April 11, Microsoft began making Creators Update available, along with a first Cumulative Update with fixes (15063.138) to the Creators Update release.

The plan, as officials have said, is to make this a phased rollout, with newer machines getting the release first.

Microsoft’s guidance is for users to wait until Creators Update is automatically made available to them. This way, lingering bugs and incompatibilities have a better chance of being worked out before users install the latest update.

Those who really want to get it immediately can do so by proactively downloading it from the Software Download site or using the Media Creation Tool. The bits are also available via Windows Update, Windows Update for Business and Windows Server Update Services (WSUS) as of today, April 11.

As officials said: “This (manual download) option is recommended for advanced users on devices running a licensed version of Windows 10.”

Read More

SEO Results

April 10, 2017

When a company begins to develop a SEO strategy or work with an optimization firm, the single biggest question on everyone’s minds is, “How long until our site tops the SERPs?”

It’s a fair question to ask. Brands (especially those who are just starting out) are in a hurry to gain visibility, leads, clients and sales.

The only problem, however, is that this inquiry is exceptionally challenging to answer on a broad scale.

There are a myriad of variables that SEOs must take into consideration before even contemplating a tentative answer. Elements such as competition, baseline traffic, target market, and a wide array of other components must be analyzed to understand a site’s current standings.

In an effort to address this topic, let’s first dive into some of the most influential aspects that impact a site’s rise or fall in the SERPs.

Four Authoritative Aspects of SEO

  1. Website Domain

At a foundational level, domain names play a significant role in how a website ranks. In just this one area, there are a variety of factors that control how a site fares.

While aspects of your domain, such as keyword inclusion, will impact your property, elements like the site’s age override these sorts of ingredients.

As search engines revolve around trust, the older a site is, the more credence it is given.

Even if the domain is rather old, you may have just acquired it from another business. Unfortunately, business owners aren’t privy to the site’s reputation up to that point; if it was abused, it will take longer to repair.

Read More

CIA tools linked to hacking

April 10, 2017

Security researchers have confirmed that the CIA hacking tools exposed by Wikileaks have been used against targets in at least 16 different countries.

Last month WikiLeaks published a over 8,000 documents – apparently internal CIA files – detailing the intelligence agency’s hacking programmes. And now security company Symantec said it has tied the documents to the activities of a sophisticated cyberespionage operation it has been tracking for some time, which it dubs ‘Longhorn’.

For example it said the makers of the tools and this group shares cryptographic protocols specified in the Vault 7 documents published by Wikileaks.

The tools haven’t been picked up by attackers following the Vault 7 leak – which detailed secret CIA files for hacking iPhones, Android, smart TVs and more – but rather used as part of longstanding cyberespionage campaigns. Symantec said it “couldn’t speculate” as to the real identity of the group, which is advanced group and apparently not running campaigns against North America targets.

Longhorn has been active since at least 2011, using a variety of backdoor Trojans and zero-day vulnerabilities to infiltrate governments and international organisations, as well as targets in the financial, telecoms, energy, aerospace, information technology, education, and natural resources sectors.

Read More

Google’s war on fake news

April 10, 2017

Google has started showing a ‘fact check’ label in search results next to articles containing claims that have been vetted for veracity.

The fact-check tagging system, which is rolling out globally on Google Search and News, expands on a program introduced by Google’s Jigsaw group to Google News in the UK and US in October.

Now some results will display a summary showing what the claim was, who said it, and which organization fact-checked it.

Only articles that have been fact-checked by news publishers and fact-checking organizations will display the label and summary.

Google itself does not vet articles or facts but has decided to include the labels, not necessarily to clamp down on producers of fake news, but to highlight articles that have been fact-checked in accordance with its own news publisher rules.

Read More

Hackers are attacking Word users

April 9, 2017

Attackers are exploiting a previously undisclosed vulnerability in Microsoft Word, which security researchers say can be used to quietly install different kinds of malware — even on fully-patched computers.

Unlike most document-related vulnerabilities, this zero-day bug that has yet to be patched doesn’t rely on macros — in which Office typically warns users of risks when opening macro-enabled files.

Instead, the vulnerability is triggered when a victim opens a trick Word document, which downloads a malicious HTML application from a server, disguised to look like a Rich Text document file as a decoy. The HTML application meanwhile downloads and runs a malicious script that can be used to stealthily install malware.

Researchers at McAfee, who first reported the discovery on Friday, said because the HTML application is executable, the attacker can run code on the affected computer while evading memory-based mitigations designed to prevent these kinds of attacks.

Read More

Smarter Android

April 7, 2017

Google is introducing a new way for its AI-powered services to improve as people use them.

The tech giant is testing whether its mobile services could use an approach called Federated Learning to refine their underlying machine-learning models.

For each Google service, a machine-learning model is downloaded to a mobile device. Federated Learning allows these models to improve by learning from data on the phone, and then to summarize any local changes as a small update. This update is then encrypted and sent back to the Google cloud, where it is averaged with other user updates to improve the shared backend model.

The continual refinement of the machine learning model stored on the phone benefits the end user, as improvements no longer depend solely on the improved machine learning models being downloaded to their phone.

Read More

In theory, getting a VPN is good advice

April 6, 2017

Last week, Congress voted to gut proposed internet privacy rules set out by the outgoing Obama administration that would have prevented your internet provider from selling your browser history to advertisers. President Donald Trump signed the bill a day after, making it law.

Many turned to what appeared to be an obvious solution: A virtual private network (VPN).

And, a lot of the time, the bad ones won’t protect your privacy as they promise.

Some services are better than others. We’re not here to tell you the best ones or pick sides, but there are some pointers to note from our sister-site CNET and here on ZDNet. For example, paid services are usually better at hiding your traffic than free services where the customer is usually the product.

The idea of using a VPN is simple enough. The good ones are designed to push your internet traffic through a protected and secured tunnel, which shields your browsing records — such as the websites you view — from your internet provider. (As a result, some VPNs push your internet traffic through servers in other countries to trick content providers, like Netflix, into thinking you’re in a different place — usually in order to gain access to content in other geographies.)

But VPNs, for the most part, are lousy, often over capacity, and almost always significantly reduce your internet speeds. And, sometimes services simply don’t work or load because they can detect you’re using a VPN, forcing you to jump off the VPN — effectively defeating the point of using the service on a long-term basis.

Read More

Chinese hacking campaign

April 4, 2017

A Chinese hacking group with advanced cyber-espionage capabilities has been targeting managed IT services providers across the globe in a campaign to steal sensitive data.

The cybercriminal gang is using sophisticated phishing attacks and customized malware in order to infect victims’ machines and then gain access to IT providers and their customer networks.

Dubbed Operation Cloud Hopper, the cyber-espionage campaign has been uncovered by security researchers at PwC, BAE Systems, and the UK’s National Cyber Security Centre. The researchers say the campaign is “highly likely” to be the work of the China-based APT10 hacking group.

The group has been focusing on espionage since 2009 and has evolved from targeting US defense firms as well as the technology and telecommunications sectors to targeting organizations in multiple industries across the globe.

Read More

Extreme vetting

April 4, 2017

Foreigners visiting the US may soon be required to turn over their phones and passwords before they are let in, as part of “extreme vetting” proposals floated by the Trump administration.

The proposed new screening procedures may also require visitors to answer invasive questions about their beliefs and ideology, according to a Wall Street Journal report.

Administration officials are also pushing to subject more visa applicants to deeper scrutiny and vetting at US embassies abroad, where constitutional and legal protections against unreasonable searches and seizures typically don’t apply.

The changes to the rules, which have yet to be formally announced, include proposals to ask prospective US visa applicants to turn over their phones to allow a closer examination of a person’s contacts and other information.

Read More

1 2 3 10