Just in time for the US presidential election, Google is rolling out a “fact check” tag to its News service.
Google News aggregates stories from various sources identifying them via labels like “highly cited,” “featured,” “opinion,” “in depth,” and now, “fact check.” The fact check feature will appear as a tag among Google News search results.
Fact checking, once a job that was relegated to interns and entry-level reporters, “has come into its own,” Google News head Richard Gingras wrote in blog post.
“Rigorous fact checks are now conducted by more than 100 active sites,” he said, citing the Duke University Reporter’s Lab. “They collectively product many thousands of fact-checks a year, examining claims around urban legends, politics, health, and the media itself.”
Google’s algorithms will determine which articles may contain fact checks using the schema.org ClaimReview system; it also looks for sites that follow commonly accepted criteria for fact checks. Publishers interested in applying to have their service included can find more details online.
News junkies in the US and UK will see new tagged reports in the expanded story box on the Web and in the Google News & Weather iOS and Android apps.
“We’re excited to see the growth of the Fact Check community and to shine a light on its efforts to divine fact from fiction, wisdom from spin,” Gingras said.
Google began labeling types of articles seven years ago, making it easier for readers to access a range of content. Earlier this year, it added a “Local Source” tag to highlight local coverage of major topics.
The news comes as Facebook is grappling with a rash of fake news in its trending section. Amidst concern that its trending news team was surfacing only liberal news, Facebook ditched human curators for computer algorithms. But its algorithms are apparently rather gullible. Facebook later joined an organization dedicated to tackling misinformation online, alongside Twitter and more than two dozen other tech and media titans.
The question we should all be asking now – who’s going to fact-check Google?
Japan’s Funai Electric, which claims to be the world’s last VCR manufacturer, says it will cease production of the machines later this month.
VCRs for home use were first introduced in the 1960s, gaining traction after Sony brought lower-priced models to market. Other Japanese manufacturers, including Panasonic, RCA, JVC and Toshiba, were also instrumental in developing the VCR.
These electromechanical devices were used to record, store, and play back television programs using a magnetic tape cassette as well as provide pre-recorded movies of the day.
Somewhat late to the party, Funai started manufacturing video-cassette recorders in 1983, and at one point was selling 15 million units a year. Unfortunately, the clunky VCR has since been replaced by an array of new technologies: DVDs, Blu-ray, and now, streaming video services.
As consumers moved forward to smaller, faster and more convenient methods of satisfying their video needs, Blockbuster and other like them fell along the wayside – not able to embrace the changes in video delivery technology.
Last year, Funai sold 750,000 units, and found it was getting harder to find the parts to make VCRs. A Funai spokesperson said that customers have been calling the company and asking where they can find the last few products.
With a landmark decision in 1984, the U.S. Supreme Court ruled that home use of VCRs to record television didn’t constitute a violation of copyright law, paving the way for an explosion of the technology in American homes.
For a period of time, a battle raged between Sony’s Betamax and JVC’s VHS — both VCR tape formats of that time — but VHS eventually won out.
So now the end has finally come. I remember when VCR tapes were used as “high-end” data backup systems for the business computers of that time. I can’t tell you how happy I am that those times are in the past.
If the founders of a new face recognition app get their way, anonymity in public could soon be a thing of the past. FindFace, launched two months ago and currently taking Russia by storm, allows users to photograph people in a crowd and figure out their identities, with 70% reliability.
It works by comparing photographs to profile pictures and in the future, the designers imagine a world where people walking past you on the street could find your social network profile by sneaking a photograph of you, and shops, advertisers and the police could pick your face out of crowds and track you down via social networks.
In the short time since the launch, Findface has amassed 500,000 users and processed nearly 3m searches, according to its founders.
Unlike other facial recognition technology, their algorithm allows quick searches in big data sets. Three million searches in a database of nearly 1billion photographs: that’s hundreds of trillions of comparisons. With this algorithm, you can search through a billion photographs in less than a second from a standard desktop computer. The app will give you the most likely match to the face that is uploaded, as well as 10 people it thinks look similar.
The technology can work with any photographic database, though it currently cannot use Facebook, because even the public photographs are stored in a way that is harder to access. I’m sure it’s just a matter of time before this challenge is resolved. We might even see Facebook leading the charge if they see a way to monetize this technology.
Some security analysts have sounded the alarm about the potentially disturbing implications. The app has already been used by a St Petersburg photographer to snap and identify people on the city’s metro line.
But the FindFace app is really just a shop window for the technology, the founders said. There is a paid function for those who want to make more than 30 searches a month, but this is more to regulate the servers from overload rather than to make money. They believe the real money-maker from their face-recognition technology will come from law enforcement and retail.
The pair claims they have been contacted by police departments in other regions, who told them they started loading suspect or witness photographs into FindFace and came up with results. “It’s nuts: there were cases that had seen no movement for years, and now they are being solved,” said Kabakov.
The startup is in the final stages of signing a contract with Moscow city government to work with the city’s network of 150,000 CCTV cameras. If a crime is committed, the mugshots of anyone in the area can be fed into the system and matched with photographs of wanted lists, court records, and even social networks.
It does not take a wild imagination to come up with sinister applications in this field; for example being able to tag and identify participants in street protests, sporting events or any large group or gathering in places where CCTV cameras are installed.
The pair also has big plans for the retail sector. Kabakov imagines a world where cameras identify you looking at, say, a stereo in a shop, the retailer finds your identity, and then targets you with marketing for stereos in the subsequent days.
Again, it all sounds more than a little disturbing. In today’s world we are constantly surrounded by gadgets. Our cell phones, iPads, tablets, televisions, fridges, everything around us is sending real-time information about us to the internet. We already have large data files on people’s movements, their interests and so on, cataloged on massive internet servers around the world – next they’ll be matching our interests to our photographs and perhaps when a camera picks us up on the street – everyone will know exactly where we are. Now we can really kiss our privacy goodbye. From the Washington Post: https://www.washingtonpost.com/news/morning-mix/wp/2016/05/18/russias-new-findface-app-identifies-strangers-in-a-crowd-with-70-percent-accuracy/
The U.S. Department of Homeland Security has issued a warning to remove Apple’s QuickTime for Windows. The alert came in response to Trend Micro’s report of two security flaws in the software, which will never be patched because Apple has ended support for QuickTime for Windows.
Computers running QuickTime are open to increased risk of malicious attack or data loss, US-CERT warned, and remote attackers could take control of a victim’s computer system. US-CERT is part of DHS’ National Cybersecurity and Communications Integration Center.
“We alerted DHS because we felt the situation was broad enough that people having unpatched vulnerabilities on their system needed to be made aware,” said Christopher Budd, global threat communication manager at Trend Micro. The only mitigation available is to uninstall QuickTime for Windows,” US-CERT’s alert said.
Instructions from Apple can be found here: https://support.apple.com/en-us/HT205771Apple has not discontinued security updates for QuickTime on Apple computer systems – just Windows based systems. It is not clear why Apple made the decision to end Windows support.
Zero Day Warning
Trend Micro’s Zero Day Initiative learned about the vulnerabilities from researcher Steven Seeley of Source Incite, who is named in the warning. ZDI then issued advisories detailing the critical vulnerabilities:
• The Apple QuickTime moov Atom Heap Corruption Remote Code Execution vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QuickTime. The problem first came to ZDI’s attention late last year. The number of users at risk is unknown at this time.
• The QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability allows an attacker to write data outside of an allocated heap buffer by providing an invalid index.
Software makers regularly retire applications, so it’s not unusual that QuickTime would be vulnerable. However, it was odd that Apple did not issue a public statement about ending its support for QuickTime for Windows and that the software was still available for download.
Increasing Software Vulnerability
QuickTime joins a growing list of software that is not supported any longer. That list includes Microsoft Windows XP and Oracle Java 6, which means users of those operating systems increasingly will be vulnerable to attack.
DHS didn’t have any comment to add to its alert, said spokesperson Scott McConnell, who referred questions to Apple. Apple did not respond to requests to comment for this story.
The warnings come amid recent reports about computer system vulnerabilities, including one issued just a few days ago about a vulnerability in Adobe’s Flash Player that could leave computers open to ransomware, which can lock up entire systems until an attacker is paid to release control.
Do you own an older Kindle that’s been gathering dust? Get it updated before March 22 or you won’t be able to get online and download your books any more.
This is pretty much their final warning: If you have a Kindle, you need to update it before March 22 or it’s going to lose Internet connectivity.
That outcome would be very bad, because without the update you’ll no longer be able to access the Kindle Store or sync your device with the cloud, not to mention any other Kindle services you might be using. According to Amazon, the update is required to ensure the Kindle remains compliant with continuously evolving industry web standards.
You’ll know if your Kindle didn’t get updated in time because you’ll see the following message on your device: “Your Kindle is unable to connect at this time. Please make sure you are within wireless range and try again. If the problem persists, please restart your Kindle from the Menu in Settings and try again”
If you’ve been using your Kindle regularly then it’s most likely going to be fine. Kindles will update automatically via Wi-Fi, but if the device has been turned off or out of battery for a while, charge it up and make sure you Sync and Check for Items.
When the update has been applied you’ll find a confirmation letter called “03-2016 Successful Update” on your device. You can check for it by viewing all Recent items in your Kindle Library.
The following devices don’t need the update:
Kindle Paperwhite (6th and 7th generation)
Kindle 7th Generation
Kindle Voyage 7th Generation
If you’ve got one of the following, you do need the update:
Kindle 1st Generation (2007)
Kindle 2nd Generation (2009)
Kindle DX 2nd Generation (2009)
Kindle Keyboard 3rd Generation (2010)
Kindle 4th Generation (2011)
Kindle 5th Generation (2012)
Kindle Touch 4th Generation (2011)
Kindle Paperwhite 5th Generation (2012)
Amazon also points out that the Kindle Keyboard 3rd Generation, the Kindle Touch 4th Generation and the Kindle Paperwhite 5th Generation will only update via Wi-Fi, even if you have the 3G connection active.
If you do miss today’s deadline, you’ll need to manually download and install the required update. You can get more information on that process here.
More than 200 million users are currently running Windows 10 and that number is growing rapidly. The temptation to save money with Microsoft’s free upgrade might be so strong that you’re ready to upgrade now.
Should you upgrade now? There are certainly many great reasons to upgrade but a word of caution before you proceed.
Now may be the perfect time for a conversation about upgrading your Windows operating system. This newsletter is designed to make you pause and give serious deliberation to your decision to implement the Windows 10 operating system at this time. As a Microsoft business partner we certainly see the benefits to Windows 10 for many people, but some businesses may want to take more time and do more planning because once you upgrade there is no turning back. (Well, you can downgrade, so long as you have not deleted the windows.old folder. Users have a month to go back without any change in files, on best case installations.)
As you probably know, Microsoft is offering a free Windows 10 upgrade available through July of this year. Upgrading to Windows 10 seems like an easy process, with just a couple of clicks you are up and running.
The decision to upgrade should be made very carefully as it will impact your business and the performance of your IT environment. While it certainly makes sense for Microsoft’s business model and moving to Windows 10 is likely to be inevitable at some point for your business, we recommend that you take the time to more fully understand what is involved in moving from your current operating system to the new Windows 10 environment.
Here are some things to consider:
1. There are different editions of Windows 10. There’s Windows 10 home and Windows 10 Professional. If you choose the free Windows upgrade, you have no choice in the version that you will be receiving. It depends on what you’re upgrading from but in any case it may make sense financially to take advantage of the free upgrade.
2. You also have the ability to control whether your upgrade will take place automatically or manually. I recommend “manually” performing the upgrade just so you are the one in control of the process rather than be surprised the next time you turn on your PC.
3. If you are planning to purchase new PCs or notebooks, we recommend that you consider purchasing a Windows 10 PC. It might be tempting to shop for Windows 8 PCs and upgrade for free but we are not convinced this is the smartest option. Individuals should seriously consider the Windows 10 operating system. In the business world you are likely using a Windows 7 system and possibly considering upgrading for free, while it’s available. It all depends on the line of business applications your company is running.
4. As with any upgrade or downgrade plan you will want to complete a full backup of your data beforehand to avoid any potential problems.
5. Keep in mind that not all PCs can support Windows 10. Before a PC will be upgraded to Windows 10, Microsoft uses a vetting process to help insure your system can handle the upgrade. If you’re buying Windows 10 compatible hardware, then you’re going to be assured of a successful migration.
In summary, you have until the end of July of this year to take advantage of the free Windows 10 upgrade. Deciding whether or not to upgrade now is an important decision for you, especially if saving money is a consideration. To plan the upgrade you’ll need to have a strategy in place very soon.
Windows 7 and 8 are fast approaching their end of sales date for PC’s with Windows preinstalled. That means that as of October 2016, major OEM’s like Dell and HP will no longer be selling PC’s with Windows 7 or 8 preinstalled – so if you replace a PC after this date you will only be able to get one with Windows 10. Keep that in mind especially if your primary line of business application is not supported under Windows 10.
We believe Windows 10 is a solid upgrade for most users, but it’s not for everyone just yet. In some cases, if your primary business software is not compatible with Windows 10 then it may not be for you at all.
Below is a chart showing the Microsoft Windows End of Sale lifecycle to help with planning you upgrade.
People who don’t want to pay for Netflix services can buy stolen log-in credentials on the black market for rock-bottom prices, Symantec reports.
The online security company said it found advertisements and software aimed at cheapskate streamers, though it didn’t mention the names of the shady sites and forums.
Netflix Logins For Sale. The ads, which show Netflix logins for sale for as little as a quarter each, proudly display guarantees of “freshly cracked” accounts. They also ask their “customers” not to spoil the fun by changing passwords or messing with payments, either of which would alert the paying user to the fact that their account has been breached.
It is, of course, illegal — these are stolen accounts, gathered through nefarious means like malware and phishing. But since Netflix takes a laissez-faire approach to sharing accounts, paying users could easily be watching shows at the same time as someone who bought their login for a quarter on the Dark Web.
Netflix CEO Reed Hastings has said in the past that he doesn’t consider password sharing a big problem, and as long as the user base keeps growing (the service just passed 65 million subscribers globally), this common practice is likely to stay that way
Sharing your Netflix log-in? Turns out you might not be the only one who lets a friend or family member log into your Netflix account. In fact, if you don’t, you’re in the minority, according to a poll of over 5,000 Netflix users conducted by Global Web Index.
Only 35 percent of users claimed to be the sole user of the account — 30 percent shared it with one other person, 16 percent with two people, and 19 percent shared it with three or more.
Netflix has plans that permit multiple streams to multiple screens at once, which means they’re fine with accounts being shared to a certain degree. Two spouses and a kid watching a movie shouldn’t require three accounts, of course — but spreading the login among four or five friends might be something the company would like to stop.
Could your account be on one of these lists? It’s hard to say, but one easy way to check is to look at your recently watched shows. If you see a lot you don’t recognize and don’t seem like your style (or that of anyone you share with), you might want to change your password. That simple action will immediately stop your account from being used by others without your permission.
The “Internet of Things” security is badly broken and getting worse. The Shodan search engine is only the latest reminder of why we need to fix IoT security.
Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams.
The feed includes images of marijuana plantations, back rooms of banks, infants and children in their homes, kitchens, living rooms, garages, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores. The cameras are vulnerable because they use the Real Time Streaming Protocol (RTSP, port 554) to share video but have no password authentication in place. Shodan crawls the Internet at random looking for IP addresses with open ports. If an open port lacks authentication and streams a video feed, the new script takes a snap and moves on.
While the privacy implications here are obvious, Shodan’s new image feed also highlights the dismal state of IoT security, and raises questions about what we are going to do to fix the problem.
Of course insecure webcams are not exactly a new thing. The last several years have seen report after report hammer home the point. In 2013, the FTC sanctioned webcam manufacturer TRENDnet for exposing “the private lives of hundreds of consumers to public viewing on the Internet.” Today it’s estimated that there are now millions of such insecure webcams connected and easily discoverable with Shodan. That number will only continue to grow.
So why are things getting worse and not better? Webcam manufacturers are in a race to gain market share. Consumers do not perceive value in security and privacy and have not shown a willingness to pay for such things. As a result, webcam manufacturers slash costs to maximize their profit, often on narrow margins. Many webcams now sell for as little as $20.
The problem: Consumers are saying we’re not supposed to know anything about this cybersecurity stuff and the manufacturers don’t want to lift a finger to help users because it costs them money.
If consumers were making an informed decision and that informed decision affected no one but themselves, perhaps we could let the matter rest. But neither of those conditions are true. Most consumers fail to appreciate the consequences of purchasing insecure IoT devices. Worse, such a quantity of insecure devices makes the Internet less secure for everyone. What botnet will use vulnerable webcams to launch DDoS attacks? What malware will use insecure webcams to infect smart homes? You may remember in November the story about a 2008-era malware – Conficker.B affects police body cams in 2015, it threatens not just the reliability of recorded police activity but also serves as a transmission vector to attack other devices.
The bigger picture here is not just personal privacy, but the security of IoT devices. As we expand that connectivity, when we get into systems that affect public safety and human life—medical devices, the automotive space, critical infrastructure—the consequences of failure are higher than something as shocking as a Shodan webcam peering into the baby’s crib.
FTC to the Rescue? When it comes to strong-arming manufacturers, government entities like the US Federal Trade Commission (FTC) may be able to help. Maneesha Mithal, associate director of the FTC’s division of privacy and identity protection, was quick to mention several examples where the organization went after at-fault companies. In recent years according to Mithal, the FTC has prosecuted more than 50 cases against companies that did not reasonably secure their networks, products, or services.
The FTC takes action against companies engaged in deceptive or unfair business practices, she explained. That includes IoT manufacturers who fail to take reasonable measures to secure their devices.
In addition to the enforcement action against TRENDnet, the FTC also issued security best practices for IoT manufacturers back in January 2015, urging them to build in security at the design phase rather than bolting it on as an afterthought. These practices could be a “defense-in-depth” strategy to mitigate risks, pushing security patches to connected devices for the duration of the product life cycle, and so on.
As consumers of IoT products it’s our responsibility to learn about the individual security and password settings for the devices we use and secure them to the best of our ability. Just don’t rely on the manufacturer to protect you – they probably won’t.
Data Privacy Day – January 28, 2016
Data Privacy Day (DPD) is an effort to empower people to protect their privacy, control their digital footprint and escalate the protection of privacy and data as everyone’s priority. Held annually on January 28th, Data Privacy Day aims to increase awareness of privacy and data protection issues among consumers, organizations, and government officials. DPD helps industry, academia, and advocates to highlight consumer privacy efforts.
Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is now a celebration for everyone, observed annually on Jan. 28.
Data Privacy Day is led by the National Cyber Security Alliance, a non-profit, public private partnership focused on cyber security education for all online citizens. StaySafeOnline.org has many resources to help you, your family and your business stay safe online.
Free Security Check-Ups Check your computer for known viruses, spyware, and discover if your computer is vulnerable to cyber attacks.
Check Your Privacy Settings One-stop shop for easy instructions to update your privacy settings wherever and however you go online.
Parent Resources Information regarding cyberbullying, child identity theft, Facebook for parents, social networking, etc.
Educator Resources Prepared educational materials for the classroom, K – 12th grades.
Business Resources Informational resources for businesses regarding bring your own device, information security, document destruction, compliance, data breach, and risk management. https://www.staysafeonline.org/data-privacy-day/business-resources
Privacy and Domestic Violence Resources for domestic violence survivors and victims to help safeguard the privacy of their personal information.
I received an email yesterday from John McAfee. Yup – he’s the guy that founded McAfee Antivirus, he’s the libertarian party candidate in the 2016 presidential election and he’s also promoting his new security technology device called Everykey!
Everykey is a brand new product designed to replace your passwords and keys. When Everykey is close to your phone, laptop, tablet, house door, car door, or another access-controlled device, it unlocks that device. When you walk away, that device locks back down. Everykey can also log you into your website accounts. If you lose your Everykey, you can remotely freeze it, so no one else can use it.
Using the EveryKey App, you pair your key to your devices, manage key settings such as the active range and even freeze your key if it is lost or stolen. The EveryKey app also pushes the latest over-the-air software updates to your key so you stay up to date with features and updated security standards.
There are currently 2 different device options.
A Wrist Band: This wearable accessory turns EveryKey into a sleek and stylish fashion statement. Just pop your key into the pocket on the back of the band and wear it wherever you go.
Key ring: One day, Everykey will replace all of your keys on that big bulky keychain. Until that day, you can use the Everykey Rey Ring Accessory as a convenient way to carry your keys.
Current pricing which includes 1 Key Ring Accessory and 1 charging cable for each EveryKey device purchased.
1 EveryKey – $128
2 Pack: $230
4 Pack: $435
10 Pack: $1,024
Expect the first EveryKey devices to ship in March of 2016
For additional information: https://everykey.com/
Get regular updates and additional information about Everykey here: https://www.indiegogo.com/projects/everykey-your-only-key#/updates