We always seem to be talking about another security breach or hacked web or email accounts and so on. Many of us have multiple email addresses and it would probably be good to know if any of our many different email addresses have been hacked (or pwned).
You pronounce pwned as p-owned as it is an abbreviation of professionally owned. “Owned is a slang word that originated among 1990s hackers, where it referred to “rooting” or gaining administrative control over someone else’s computer. The term eventually spread to gamers, who used the term to mean defeat in gaming.”
Here’s a free website that will search your email address and report when and where your email was “pwned”. This site will even notify you when future pwnage occurs and finds your email account has been compromised.
What is the site all about?
This site came about after what at the time, was the largest ever single breach of customer accounts — Adobe. Post-breach analysis of user credentials kept finding the same accounts exposed over and over again, often with the same passwords which then put the victims at further risk of their other accounts being compromised.
The FAQs page goes into a lot more detail, but all the data on this site comes from publicly leaked “breaches” or in other words, personal account data that has been illegally accessed then released into the public domain. Have I been pwned? aggregates it and makes it readily searchable.
Why build the site?
This site serves two primary purposes: firstly, it obviously provides a service to the public. Data breaches are rampant and many people don’t appreciate the scale or frequency with which they occur. By aggregating the data here, it not only helps victims learn of compromises of their accounts, but also highlights the severity of the risks of online attacks on today’s internet. Secondly, the site provided its developer, Troy Hunt, with an excellent use case for putting a number of technologies through their paces and keeping his hands-on skills somewhat current.
Who is behind Have I been pwned?
I’m Troy Hunt, a Microsoft Regional Director and Most Valuable Professional awardee for Developer Security, blogger at troyhunt.com, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight.
I created Have I been pwned? as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach. I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community.
Short of the odd donation, all costs for building, running and keeping the service currently come directly out of my own pocket. Fortunately, today’s modern cloud services like Microsoft Azure make it possible to do this without breaking the bank!
Norton by Symantec on Tuesday announced the Norton Core secure router for smart devices in the connected home at CES in Las Vegas.
The router protects up to 20 PCs, Macs, Android and iOS smartphones and tablets on a home network, and unlimited devices connected to the Internet of Things.
It will update its firmware in background mode automatically, but not the firmware on connected devices, said Ameer Karim, general manager of consumer IoT security at Symantec.
Core Functions The router scans incoming and outgoing network packets across the home network, quarantines infected connected devices to a separate network, and alerts the user.
It provides a real time security score on network and connected device security, and gives users tips on strengthening security settings.
The router has customizable parental controls.
Users will be able to manage their home devices remotely from a connected mobile device.
Lost or stolen smartphones won’t pose a security problem because the router is cloud connected, so users can instantly change the password if necessary.
Users also will be able to add a PIN or Touch ID credentials for additional seciruty.
The Norton Core supports Wave 2 WiFi and simultaneously transmits at both 2.4 GHz and 5 GHz. It uses MU-MIMO technology.
The Norton Core supports speeds of up to 2.5 Gbps for 4K streaming and lag-free gaming.
Stellar WiFi The router combines an omnidirectional antenna design with advanced beam forming to ensure your devices get stellar WiFi anywhere in your home.
It can pause the home network as required, and can identify which devices can and cannot be paused, he said. IoT devices such as alarm systems, door locks, IP cameras, healthcare devices and appliances won’t be paused.
Consumers can preorder the Norton Core now; it will begin shipping in the United States this summer.
The router is priced at $200, which includes a one-year subscription to Norton Core Security Plus. The subscription will cost $10 a year after that.
Layers of Security The Norton Core device raises the question of whether your hardware and software solutions should be integrated into a single platform. Software needs to change so quickly, and it seems like the top security software solutions always change over time.
The Norton Core is designed as a geodesic dome, and there’s a reason why the best routers are funky looking. They need to optimize the number and location of the antennas.
Still, there is no easy answer when it comes to security. You have to have layers of security, and while the Norton Core is a good potential solution … it shouldn’t be the only one you rely on.
Get more information and pre-order here: https://us.norton.com/core
The North American Aerospace Defense Command is celebrating the 61st Anniversary of tracking Santa’s yuletide journey! The NORAD Tracks Santa website, www.noradsanta.org, launching Dec 1, features Santa’s North Pole Village, which includes a holiday countdown, games, activities, and more. The website is available in eight languages: English, French, Spanish, German, Italian, Japanese, Portuguese, and Chinese.
Official NORAD Tracks Santa apps are also available in the Windows, Apple and Google Play stores, so parents and children can countdown the days until Santa’s launch on their smart phones and tablets! Tracking opportunities are also offered on Facebook, Twitter, YouTube, Instagram and Google+. Santa followers just need to type “@noradsanta” into each search engine to get started.
Starting at 2:01 a.m. EST on Dec. 24, website visitors can watch Santa make preparations for his flight. NORAD’s “Santa Cams” will stream videos on the website as Santa makes his way over various locations. Then, at 6 a.m. EST, trackers worldwide can speak with a live phone operator to inquire as to Santa’s whereabouts by dialing the toll-free number 1-877-Hi-NORAD (1-877-446-6723) or by sending an email to email@example.com. Any time on Dec. 24, Windows Phone users can ask Cortana for Santa’s location, and OnStar subscribers can press the OnStar button in their vehicles to locate Santa.
NORAD Tracks Santa is truly a global experience, delighting generations of families everywhere. This is due, in large part, to the efforts and services of numerous program contributors.
It all started back in 1955 when a local Sears & Roebuck advertisement directed children to call Santa directly – only the phone number was misprinted. Instead of reaching Santa, the phone rang through to the Crew Commander on duty, Colonel Harry Shoup at the Continental Air Defense Command Operations Center. Thus began the tradition, which NORAD has carried on since it was created in 1958.
Here’s a link to a video of Colonel Shoup talking about how this beloved tradition began.
This year’s contributers include: the 21st Space Wing, Acuity Scheduling, Adobe, Alaska NORAD Region, America Forces Network, Analytical Graphics, Inc., Agingo, Avaya, BeMerry! Santa / Noerr Programs, Bing®, Canadian NORAD Region, Chirpon, The Citadel Mall, Civil Air Patrol, Christmas in the Park, Colorado Springs Business Alliance, Continental NORAD Region, CradlePoint, Defense Video & Imagery Distribution Systems, DoD News, The Elf on the Shelf, Extended Stay America, Getty Images, Globelink Foreign Language Center, Harris, Hewlett Packard, Historic Arkansas Riverwalk of Pueblo, iLink-Systems, ikaria consulting, Kids.gov, Level 3 Communications, Marine Toys for Tots Foundation, Meshbox, Microsoft®, Office Depot/Office Max, Naden Band of Maritime Forces Pacific, Newsline360, OneRender, OnStar, PCI Broadband, Portable North Pole/Ugroup Media, Ronald McDonald House Charities of Southern Colorado, SiriusXM®, Space Foundation, Spil Games, Strategic Air & Space Museum, U.S. Air Force Academy Band, U.S. Department of State Family Liaison Office, Verizon, Windows Azure, and Zillow.
DARPA challenges researchers to link human brains with computers.
The United States Defense Advanced Research Projects Agency, or DARPA, last week announced a new program that aims to build a connection between the human brain and the digital world. To achieve the goals of the Neural Engineering System Design program, DARPA has invited proposals to design, build, demonstrate and validate a human-computer interface that can record from more than 1 million neurons and stimulate more than 100 thousand neurons in the brain in real time.
The interface must perform continuous, simultaneous full-duplex interaction with at least 1,000 neurons — initially in regions of the human auditory, visual, and somatosensory cortex.
Devices created for the NESD project might be used to compensate for sight or hearing deficits, DARPA suggested, as well as other possible applications.
DARPA will award up to $60 million in funding, depending on the quality of proposals received, the successful achievement of milestones, and the availability of funds. Multiple awards are expected.
DARPA is seeking innovative, not incremental, research proposals. A successful NESD device will leverage significant advances in disciplines including microelectronics, photonics, scalable neural encoding, and processing algorithms.
DARPA would like a single device measuring one cubic centimeter — the size of two nickels stacked — that can perform the read, write and full-duplex functions desired. It will consider designs that embody those capabilities separately in devices of that size.
The devices must be secure to prevent spoofing, tampering, or denial-of-service attacks. DARPA will help proposers work on security issues.
Ultimately, NESD’s aim is to develop a modular, scalable interface that can serve multiple applications to monitor and modulate large-scale activity in the central nervous system.
Proposed devices must not require external links or connectors for powering or facilitating communications with computers.
Hardware components must be modular. They must have clear, well-defined hardware interconnect and software APIs that easily accommodate upgrades to componentry, as well as new neural signal transduction modalities or algorithms, so they can be used for future R&D.
The NESD program will require scientific and technical advances in two major technical areas: neural transducers and algorithms; and hardware, prototyping and manufacture.
“The point of this solicitation is to see what proposers think the best solution to design questions such as this are,” said DARPA Senior Policy Advisor Rick Weiss.
The NESD program’s expected to run in three phases over a four-year period.
The Rationale for a Brain-Computer Interface
The brain is probably the last medical threshold we haven’t been able to cross with medical devices. Treating a lot of degenerative disorders — whether related to pain, Parkinson’s disease, mental health, or vision problems — with drugs hasn’t necessarily always worked.
The brain is just a circuit, and if you can interface with it with microelectronics and address issues, that can be a significant improvement in the quality of life.
Keeping Brain Implants Secure
The research will be performed initially in closed-loop systems, eliminating security concerns. Any research beyond that will have to demonstrate adequate security provisions and include appropriate audits.”
Whether NESD devices can be as secure as DARPA hopes is not certain, as hackers have repeatedly defeated cybersecurity measures.
More Than Tech
“I do have concerns that you come up with a device that’s a complicated chip with a lot of capabilities, and don’t address the question of how to train the brain to interface with that,” commented Aron Seitz, a professor of psychology at UC Riverside, who trains disabled people in the proper use of their prosthetics.
It took experts 10 to 20 years to realize that hearing-disabled people who had received cochlear implants didn’t know how to understand the signals, and there’s huge emphasis now on training people how to understand those signals.
Watch my Amazon store for a special deal on “Aluminum Foil Helmets”!
If you’ve not already heard, or have somehow forgotten over the long holiday, next week marks a significant milestone for Microsoft’s Internet Explorer web browser. Next week, along with the first Patch Tuesday of 2016, Microsoft will stop supporting Internet Explorer versions 8, 9, and 10. This means that after January 12, 2016, Microsoft will no longer supply security updates for these versions.
Don’t know how to check what version you have? Simply click the “tools” icon in the top right corner of your screen and then click “About Internet Explorer”
For those clinging to the old versions, a new patch (KB3123303) delivered during Patch Tuesday will install a nag notification to warn users about the lack of support and offer an upgrade to Internet Explorer 11 (where applicable).
Microsoft really wants folks to either move to Internet Explorer 11, or Windows 10 and Microsoft Edge in an effort to stay secure on the web. Unfortunately, even though Microsoft is touting a 200 million active device milestone for Windows 10, customers may not be as accepting of the new web browser built into the latest OS.
Microsoft Edge was supposed to be the future of web browsers with a sleek and fast interface. But, as it exists today, Edge is buggy and temperamental and is a huge black mark on an ever improving OS. Recent browser stats show that customers may be using the exit of IE 8, 9, and 10 from supportability as a way to migrate to Chrome and Firefox. Not really what Microsoft intended. In December, Internet Explorer dipped below the 50% usage mark, while Chrome is creeping closer to taking the number 1 spot. Edge has only been able to garner a paltry 2.3% share.
If you have any questions about updating your Internet Explorer browser just give us a call and we’ll be happy to help you! 781-826-9665
CVS said Friday investigators have confirmed that the company that manages their photo website was indeed hacked this summer, possibly resulting in the theft of some CVS customer information.
The photo website of the nation’s second-largest drugstore chain has been shut down since July after the breach was detected. The photo sites of Rite Aid, Costco and Wal-Mart Canada also were affected in the breach. CVS Health Corp. said it started contacting potentially-affected customers on Friday. A spokesman for the Woonsocket, Rhode Island-based company wouldn’t say how many customers were being notified, or comment beyond the note to consumers posted on CVS’ photo website.
The company’s main CVS.com website, the computer system used by its pharmacies, its optical website and its MinuteClinic online bill pay site were not affected by the breach. Sales made in CVS stores also were not affected.
The Rite Aid and Wal-Mart Canada sites also remained down Friday afternoon, while the Costco site has restarted limited operations.
Staples Inc., the parent company of Canada-based PNI Digital Media, which manages all of the sites, says that based on its investigation so far, it appears that the hackers breached PNI’s computer systems and used malware to capture user information on the company’s servers. But it says that there’s no sign that hackers accessed user photos or pin numbers.
“The company is working with outside security experts to determine the nature and scope of the incident, including what user data was impacted and the time period involved,” Staples’ statement read.
CVSPhoto Website: Updated September 11, 2015: In July, we learned that customer credit card information entered by certain users on CVSPhoto.com, which is operated by PNI Media (an independent third-party vendor who manages the hosted CVSPhoto.com site), was potentially impacted. As a precaution, we immediately shut down access to online and related mobile photo services and began an investigation, which is ongoing.
We continue to work diligently on restoring service to CVSPhoto.com and we expect that our online photos service will resume later this fall. Your images are saved and you will have access to them once service to CVSPhoto.com is restored. Our in-store photo centers are not affected and remain in service. Film and disposable camera orders are being processed and your CVS/pharmacy will contact you when they are received.
Investigators have now confirmed that there was an illegal intrusion into PNI’s system that potentially resulted in the unauthorized acquisition of data entered by certain users on CVSPhoto.com. In the coming days we will be sending a direct notification to those customers who were potentially affected by this intrusion.
Intel has released the world’s smallest Windows PC, a tiny thumb-drive-sized device that converts any television or monitor into a functional computer. Similar to the Google’s Chromecast or Amazon’s Fire Stick, the Intel Compute Stick can be plugged into an HDMI port. Though Intel says the Compute Stick can be used for streaming video, it can also do much more than that. The four-inch Compute Stick comes installed with Windows 8.1, 2 GB of RAM and 32 GB of storage. It connects to the Internet via Wi-Fi, and it has a microSD slot for additional storage if you need it. “It’s everything you love about your desktop computer in a device that fits in the palm of your hand,” says Intel.
Well … maybe not quite “everything”! Your desktop computer probably has a keyboard, a mouse, a lot more storage and RAM, and a much faster processor. But point taken, it is a full-fledged computer that’s the size of a pack of gum. That’s pretty neat. Intel suggests that the Compute Stick be used for “light productivity, social networking, Web browsing, and streaming media or games.” It also said small businesses might use it as an inexpensive computing solution. Microsoft has confirmed that this device will be eligible for a Windows 10 upgrade as well. Originally it was projected to sell for $149.00 but the market is looking like $169.00 right now via Amazon.com.
If you’re looking for a Windows 8 computer experience on your living room TV then the Intel Compute Stick just might be the answer. Just don’t plan on firing up memory and processor hungry 3-D games or animation programs. Get additional information from Intel: http://www.intel.com/content/www/us/en/compute-stick/intel-compute-stick.html CNET Video Review: http://www.cnet.com/products/intel-compute-stick/
As the number of internet connected devices — also known as the Internet of Things — continues to grow, so too does the number of devices using voice recognition technology as an interface to allow for hands free control.
Last fall, Amazon revealed a connected speaker with a Siri-style assistant named “Echo” that can perform tasks like adding items to your ecommerce shopping basket on command. At the recent CES conference, Internet connected ‘smart TVs’ which let couch-potatoes channel-hop by talking at their screen, rather than pushing the buttons of a physical remote control are now even more common. It’s clear that the consumer electronics of our future will include more devices with embedded ears that can hear what their owners are saying. And, behind those ears, the server-side brains to data-mine our conversations for advertising intelligence.
“You can control your SmartTV, and use many of its features, with voice commands. If you enable Voice Recognition, you can interact with your Smart TV using your voice. To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you. In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use od Voice Recognition.”
If the SmartTV owner realizes how ridiculous this is, Samsung does at least allow them to disable the eavesdropping voice recognition ‘feature’, and instead use a more limited set of predefined ‘voice commands’ — and in that instance says it does not harvest their spoken words.
However it will still gather usage info and any other text-based inputs for data mining purposes, as it also notes further down in the policy. So an entire opt-out of being tracked is not part of this very expensive package.
If you do not enable Voice Recognition, you will not be able to use interactive voice recognition features, although you may be able to control your TV using certain predefined voice commands. While Samsung will not collect your spoken word, they may still collect associated texts and other usage data so that we can evaluate the performance of the feature and improve it.
Samsung states: “You may disable Voice Recognition data collection at any time by visiting the “settings” menu. However, this may prevent you from using all of the Voice Recognition features.”
An Internet connected TV that eavesdrops on the stuff you say when you’re sitting on the sofa or watching TV in bed is just the latest overreaching privacy intrusion to come to light for consumers. As technology continues its ever onward march, it’s unlikely to be the worst, and certainly won’t be the last. As more smart devices are deployed in our homes, cars and lives are networked and brought online, and given the technical ability to snoop on us — there is a growing imperative to clean up the darker corners of the digital commerce environment. As consumers we need to insist on setting some boundaries on what is and is not acceptable. Just last month the FTC even warned us of the huge security risks in the Internet of Things.
What happens to our privacy when the Internet is in everything? When all the technological things in your home have networked ears that are fine-tuned for commercial intelligence gathering, where will you go to talk about “personal” or “sensitive” stuff?
An exact time for Redmond’s big reveal on January 21, 2015, has been announced. Get ready for more Windows 10 news at 9 a.m. PST on that day. Plus, more details have leaked regarding Windows 10, including leaks of Microsoft’s ‘Spartan’ browser.
The general consensus is that Microsoft still has a long way to go to produce a unified OS. Recently, Microsoft publicly took the first steps to doing just that, with Windows 10. Skipping the Windows 9 name entirely, Microsoft aims to step into the next generation of computing with the right foot forward.
You will soon be able to download Microsoft’s Windows 10 Technical Preview by venturing over to its Windows Insider Program website. You’ll need a Microsoft account to get it, and it’s worth bearing in mind that it’s not the finished product so may be a bit rough around the edges. DO NOT install this on your primary computer and expect to format and re-image any system you do install it on. https://insider.windows.com/
While there is still very little information regarding the Windows 10 Road Map, here’s what we know: •The event back on September 30 announced the release of the Technical Preview of Windows 10 for laptops and desktops. This is just over three years after Microsoft unveiled the first public beta build of Windows 8.
- Microsoft announced its Windows Insider Program on October 1st, designed to keep early adopters up to date with the latest preview builds of Windows 10.
- Starting with Technical Preview for laptops and desktops, the preview build will extend to servers shortly thereafter.
- As of October 7, the preview build is available to Windows 7 users as well.
- The Technical Preview will end sharply on April 15, which conveniently leaves right off at…
- Microsoft’s Build 2015 conference in April, at which the company will talk more about Universal Apps and likely issue a Windows 10 release date.
- Finally, the company promises that Windows 10 will ship to consumers and enterprise “later in the year” in 2015.
How much will it cost? One thing Microsoft has been absolutely mum about is how much Windows 10 will cost. While the company has yet to say anything concrete, we now know a bit more about how Microsoft is thinking – or rather, rethinking – how it will generate dollars from this go ’round.
According to Microsoft Chief Operating Officer Kevin Turner “We’ve got to monetize it differently,”. “And there are services involved,” he continued. “There are additional opportunities for us to bring additional services to the product and do it in a creative way. And through the course of the spring and summer we’ll be announcing what that business model looks like.”
The most recent report may be totally wrong, but the word is that Windows 8.1 users will have access to the Windows 10 upgrade at no charge. Softpedia reports that, meanwhile, owners of Windows 7 and older will have to pay up to get the new OS. (Also, Microsoft has confirmed that the two most recent Windows versions will be able to upgrade to Windows 10 directly.)
Cortana warping over to Windows 10? That’s right, Windows 10 will see Cortana, Microsoft’s Siri and Google Now competitor, available in all versions of the new OS, including desktops, laptops and tablets.
The Bottom Line:
What is it? A complete update of Windows
When is it out? It will launch “later in the year” in 2015
What will it cost? No clue. Microsoft will not comment on pricing yet.
So tune in this Wednesday the 21st at 9am PST: http://www.techradar.com/us/news/software/operating-systems/microsoft-sets-time-for-windows-10-live-stream-1280640