All posts on July, 2016

Backing up to the cloud? Read the fine print

Some things never change. Back in July 2007 I had a “mad as hell and I’m not going to take it any more” moment regarding cloud based file backup services.

One thing that backups are supposed to protect against is deleting a file by accident. Yet, multiple reviews at the time (Wall Street Journal, Ars Technica and the New York Times) failed to consider this.

And, the service that got glowing reviews back then, Mozy, provided poor protection. Files deleted on your computer would be deleted by Mozy after 30 days.

Fast forward to this week when Steve Gibson mentioned on his Security Now podcast, that someone he knows uses Carbonite to back up their files. That got me wondering. Sure enough, a look at Carbonite’s website turned up this

To read this article in full or to leave a comment, please click here

Read more 0 Comments
ApprovedBusiness and financeFinance and economics

Stress tests results reveal a broadly healthier industry

ANY big announcement about banks that is made after the markets close, and with a weekend to come before they reopen, brings back dark memories of the 2007-08 financial crisis. The results of the latest European bank stress test, which were released on Friday night, lacked the drama of that period and contained much that was reassuring. But they did not dispel the doubts that linger around a handful of institutions, notably in Italy.

Aggregate numbers suggested that European banks were in a generally healthier position than at the time of the last stress test, in autumn 2014. This time the banks started off with an average “fully-loaded” capital ratio of 12.6% and ended up with one of 9.2% in the tests’ most adverse scenario; that compares with a fall from 11.1% to 7.6% last time. No country’s banking sector ended these tests with an average capital ratio below the 5.2% of Ireland; in 2014, the capital ratio for several countries was negative, implying systemic insolvency. And all banks, except for Monte dei Paschi of Italy and Allied Irish, had capital ratios in the adverse scenario that exceeded 5.5%—a threshold that has previously been…Continue reading

Read more 0 Comments

Black Hat conference trims insecure features from its mobile app

Black Hat has disabled features of its mobile application because attackers could have logged in as legitimate attendees, posted messages in their names and spied on the messages they sent.

The problem was discovered by mobile security vendor Lookout who detail the problem in a blog that says the method of registration and password resets were flawed.

“[W]e’ve removed user-to-user messaging functionality and activity feed updates out of an abundance of caution,” a spokesperson for the conference organizer UBM said in an email.

The problems stemmed from the fact that new accounts were created without email verification, and that even when users reset their passwords, authentication tokens weren’t revoked. So attackers logged in already could stay logged in.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Windows 7 PCs with free OS upgrade are still available, for now

Many computer users have upgraded from Windows 7 or 8 to Windows 10 as part of Microsoft’s free upgrade offer, which ends on Friday.

After Friday, holdovers who want to upgrade from Windows 7 will have to shell out from $119.99 to $199.99 for a Windows 10 license.

But for those who’d rather buy a new PC, Windows 7 laptops and desktops will still be available with the flexibility to upgrade to Windows 10 for free.

PC makers HP, Lenovo and Dell have stopped selling PCs with home editions of Windows 7. However, they are still selling PCs, loaded with Windows 7 Professional, that can be upgraded to Windows 10 Pro for free.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

KeySniffer Follows the Scent of Cheap Wireless Keyboards

A vulnerability in inexpensive wireless keyboards lets hackers steal private data, Bastille reported this week. The vulnerability lets hackers use a new attack the firm dubbed “KeySniffer” to eavesdrop on and capture every keystroke typed from up to 250 feet away. The stolen data is rendered in clear text. It lets hackers search for victims’ credit card information, passwords and more.

Read more 0 Comments