Symantec CEO: Source Code Reviews Pose Unacceptable Risk ( 172

In an exclusive report from Reuters, Symantec's CEO says it is no longer allowing governments to review the source code of its software because of fears the agreements would compromise the security of its products. From the report: Tech companies have been under increasing pressure to allow the Russian government to examine source code, the closely guarded inner workings of software, in exchange for approvals to sell products in Russia. Symantec's decision highlights a growing tension for U.S. technology companies that must weigh their role as protectors of U.S. cybersecurity as they pursue business with some of Washington's adversaries, including Russia and China, according to security experts. While Symantec once allowed the reviews, Clark said that he now sees the security threats as too great. At a time of increased nation-state hacking, Symantec concluded the risk of losing customer confidence by allowing reviews was not worth the business the company could win, he said.

Equifax Increases Number of Britons Affected By Data Breach To 700,000 ( 58

phalse phace writes: You know those 400,000 Britons that were exposed in Equifax's data breach? Well, it turns out the number is actually closer to 700,000. The Telegraph reports: "Equifax has just admitted that almost double the number of UK customers had their information stolen in a major data breach earlier this year than it originally thought, and that millions more could have had their details compromised. The company originally estimated that the number of people affected in the UK was 'fewer than 400,000.' But on Tuesday night it emerged that cyber criminals had targeted 15.2 million records in the UK. It said 693,665 people could have had their data exposed, including email addresses, passwords, driving license numbers, phone numbers. The stolen data included partial credit card details of less than 15,000 customers."

Security, Privacy Focused Librem 5 Linux Smartphone Successfully Crowdfunded ( 82

prisoninmate shares a report from Softpedia: Believe it or not, Purism's Librem 5 security and privacy-focused smartphone has been successfully crowdfunded a few hours ago when it reached and even passed its goal of $1.5 million, with 13 days left. Librem 5 wants to be an open source and truly free mobile phone designed with security and privacy in mind, powered by a GNU/Linux operating system based on Debian GNU/Linux and running only Open Source software apps on top of a popular desktop environment like KDE Plasma Mobile or GNOME Shell. Featuring a 5-inch screen, Librem 5 is compatible with 2G, 3G, 4G, GSM, UMTS, and LTE mobile networks. Under the hood, it uses an i.MX 6 or i.MX 8 processor with separate baseband modem to offer you the protection you need in today's communication challenges, where you're being monitored by lots of government agencies.

How Does Microsoft Avoid Being the Next IBM? ( 223

An anonymous reader quotes a report from Ars Technica: For fans of the platform, the official confirmation that Windows on phones isn't under active development any longer -- security bugs will be fixed, but new features and new hardware aren't on the cards -- isn't a big surprise. This is merely a sad acknowledgement of what we already knew. Last week, Microsoft also announced that it was getting out of the music business, signaling another small retreat from the consumer space. It's tempting to shrug and dismiss each of these instances, pointing to Microsoft's continued enterprise strength as evidence that the company's position remains strong. And certainly, sticking to the enterprise space is a thing that Microsoft could do. Become the next IBM: a stable, dull, multibillion dollar business. But IBM probably doesn't want to be IBM right now -- it has had five straight years of falling revenue amid declining relevance of its legacy businesses -- and Microsoft probably shouldn't want to be the next IBM, either. Today, Microsoft is facing similar pressures -- Windows, though still critical, isn't as essential to people's lives as it was a decade ago -- and risks a similar fate. Dropping consumer ambitions and retreating to the enterprise is a mistake. Microsoft's failure in smartphones is bad for Windows, and it's bad for Microsoft's position in the enterprise as a whole.

T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number ( 62

Lorenzo Franceschi-Bicchierai, reporting for Motherboard: Until last week, a bug on a T-Mobile website let hackers access personal data such as email address, a customer's T-Mobile account number, and the phone's IMSI, a standardized unique number that identifies subscribers. On Friday, a day after Motherboard asked T-Mobile about the issue, the company fixed the bug. The flaw, which was discovered by security researcher Karan Saini, allowed malicious hackers who knew -- or guessed -- your phone number to obtain data that could've been used for social engineering attacks, or perhaps even to hijack victim's numbers. "T-Mobile has 76 million customers, and an attacker could have run a script to scrape the data (email, name, billing account number, IMSI number, other numbers under the same account which are usually family members) from all 76 million of these customers to create a searchable database with accurate and up-to-date information of all users," Saini, who is the founder of startup Secure7, told Motherboard in an online chat. "That would effectively be classified as a very critical data breach, making every T-Mobile cell phone owner a victim," he added.

Google Paid $7.2 Billion Last Year To Partners, Including Apple, To Prominently Showcase Its Search Engine and Apps on Smartphones ( 57

A reader shares a Bloomberg report: There's a $19 billion black box inside Google. That's the yearly amount Google pays to companies that help generate its advertising sales, from the websites lined with Google-served ads to Apple and others that plant Google's search box or apps in prominent spots. Investors are obsessed with this money, called traffic acquisition costs, and they're particularly worried about the growing slice of those payments going to Apple and Google's Android allies. That chunk of fees now amounts to 11 percent of revenue for Google's internet properties. The figure was 7 percent in 2012. These Google traffic fees are the result of contractual arrangements parent company Alphabet makes to ensure its dominance. The company pays Apple to make Google the built-in option for web searches on Apple's Safari browsers for Mac computers, iPhones and other places. Google also pays companies that make Android smartphones and the phone companies that sell those phones to make sure its search box is front and center and to ensure its apps such as YouTube and Chrome are included in smartphones. In the last year, Google has paid these partners $7.2 billion, more than three times the comparable cost in 2012.

Russian Central Bank To Ban Websites Offering Crypto-currencies ( 45

An anonymous reader shares a report: Russia will block access to websites of exchanges that offer crypto-currencies such as Bitcoin, Russian Central Bank First Deputy Governor Sergei Shvetsov said on Tuesday. He called them "dubious." Russian financial authorities initially treated any sort of money issued by non-state approved institutions as illegal, saying they could be used to launder money. Later the authorities accepted the globally booming market of crypto-currencies but want to either control the turnover or to limit access to the market "We cannot stand apart. We cannot give direct and easy access to such dubious instruments for retail (investors)," Shvetsov said, referring to households.

Tokyo Preparing For Floods 'Beyond Anything We've Seen' ( 98

In the face of an era of extreme weather brought on by climate change, global cities are working to improve their defenses. The New York Times reports (Warning: may be paywalled; alternative source) of Tokyo's $2 billion underground anti-flood system that consists of tunnels that divert water away from the region's most vulnerable floodplains. The city is "preparing for flooding beyond anything we've seen," says Kuniharu Abe, head of the underground site. From the report: But even in Tokyo, the onset of more frequent and intense storms has forced officials to question whether the region's protections are strong enough, a concern that has become more urgent as the city prepares to host the 2020 Olympic Games. Across Japan, rainfall measuring more than 2 inches an hour has increased 30 percent over the past three decades, the Japan Meteorological Agency estimates. The frequency of rainfall of more than 3 inches an hour has jumped 70 percent. The agency attributes the increase of these intense rains to global warming, heralding a new era in a country that is among the world's wettest, with a language that has dozens of words for rain. [...]

Experts have also questioned the wisdom of erecting more concrete defenses in a country that has dammed most of its major river systems and fortified entire shorelines with breakwaters and concrete blocks. Some of these protections, they say, only encourage development in regions that could still be vulnerable to future flooding. In eastern Saitama, where the Kasukabe facility has done the most to reduce floods, local industry has flourished; the region has successfully attracted several large e-commerce distribution centers and a new shopping mall. Still, the Kasukabe operation remains a critical part of Tokyo's defenses, say officials at Japan's Land Ministry, which runs the site. Five vertical, underground cisterns, almost 250 feet deep, take in stormwater from four rivers north of Tokyo. A series of tunnels connect the cisterns to a vast tank, larger than a soccer field, with ceilings held up by 60-foot pillars that give the space a temple-like feel. From that tank, industrial pumps discharge the floodwater at a controlled pace into the Edo river, a larger river system that flushes the water into Tokyo Bay.

Slashdot Top Deals