Thursday, November 3, 2016

EU-US Privacy Shield data transfer agreement under scrutiny by privacy advocacy groups

EU-US Privacy Shield data transfer agreement under scrutiny by privacy advocacy groups

(Image credit: Getty Images)
A new EU-U.S. pact governing the transfer of personal data faces a second legal challenge, putting the details of the deal which underpins billions of dollars of transatlantic trade in digital services under further scrutiny. French privacy advocacy group La Quadrature du Net, non-profit Internet service provider French Data Network and its Federation FDN industry association have now challenged the adoption of the Privacy Shield pact by the European Commission at the Luxembourg-based General Court, following in the steps of Irish group Digital Rights Ireland.
The Privacy Shield agreement was reached earlier this year after the European Union’s highest court struck down the previous Safe Harbor Principles used by companies to enable them to transfer Europeans’ personal data to the United States, due to concerns about intrusive U.S. surveillance of online data. The new agreement gives businesses storing Europeans’ data on U.S. servers – from human resources information to people’s browsing histories and hotel bookings – an easy way to do so without falling foul of tough EU private data transfer rules.
More than 500 companies have signed up to Privacy Shield so far, including Google, Facebook and Microsoft, while over 1,000 are being processed by the U.S. Department of Commerce. The agreement seeks to strengthen privacy protections for EU citizens by giving them a means of seeking redress in the case of disputes, including through a new privacy ombudsman within the State Department who will deal with complaints from Europeans about U.S. spying.
But the objectors say that restrictions on U.S. surveillance activities – in particular the bulk collection of data and the purposes for which the data can be used – are inadequate and therefore the Privacy Shield agreement should be annulled. Under EU law companies or individuals may challenge EU acts before the EU courts if they are directly concerned within two months of the act coming into force, otherwise they have to go through national courts, a process which takes longer.
However both challenges face a strong risk of being declared inadmissible if the court finds that the associations are not directly concerned. In their challenge the French groups say that the U.S. ombudsman is not an effective mechanism for dealing with complaints. “The fact that it relies on so-called ‘independent’ instruments is in no way sufficient to consider it an independent judicial entity,” they said.
A spokesman for the European Commission, which negotiated the Privacy Shield with Washington, said it was aware of the new complaint. “We don’t comment on ongoing court cases. As we have said from the beginning, the Commission is convinced that the Privacy Shield lives up to the requirements set out by the European Court of Justice, which have been the basis for the negotiations,” Christian Wigand said.
The U.S. Department of Commerce did not respond to questions about the second challenge.
Reuters

IoT Zombies are eating the Internet

IoT Zombies are eating the Internet

By Alex deVries and Tim Skutt
Distributed denial of service (DDoS) attacks have always been a problem for popular hosted sites, but the ones from the last few weeks are different.
The first one to make the news was Brian Krebs’ krebsonsecurity.com, one of the most comprehensive security news sites today. The DDoS attack was on the order of 620Gbps, which cost Akamai too much to defend and resulted in krebsonsecurity.com going offline for a couple days. The source: hacked webcams acting as DDoS zombies.
A second one was on OVH, a French hosting provider. They survived a 1.5Tbps attack. Their claim that the attack was from 145,000 hacked cameras and DVRs is consistent with Akamai’s observations.
skutt-blog-image-1 (1)
Besides the scale, what’s different about these attacks? IoT
The advent of IoT brings with it incredible scale of powerful low-cost devices. A botnet of 150k devices gives a great platform for an attacker. The devices are often scattered on the Internet, making them difficult to track.
Devices like cameras can be easy to hack. Devices have relatively long life spans and firmware is rarely updated, so devices often remain vulnerable to attacks long after known vulnerabilities are patched. Firmware can be reverse engineered, having either have been ripped from a purchased device or downloaded from firmware updates. Many devices also have default usernames and passwords to make this even easier.
Targets aren’t hard to find, either. Sites like shodan.io make it trivial to find certain devices on the Internet.
skutt-blog-image-2
Securing devices
There are best practices that can be followed to secure devices. Device identity, secure default configuration, secure updates and resource protection are just some. These work well for new designs.
Let’s also be realistic: in the meantime, there’s millions of improperly secured devices on the Internet and they’ve been there for years. Fixing them is

Lenovo Phab 2 Pro the first Tango capable smartphone will change how we look at AR and here is how

Lenovo Phab 2 Pro the first Tango capable smartphone will change how we look at AR and here is how

Seeing objects in a room
By 
Lenovo Phab 2 Pro is the latest smartphone by Lenovo to go on sale for $499.99. In fact, the device is the first one that is powered by Google Tango framework which relies on depth sensing to create seamless Augmented reality figures on the screen. This company has been working on the technology since last few years with constant videos demoing it right from the early stages.Also, Google announced a Project Tango smartphone way back in 2014 along with Project Tango Tablet released in 2014.
Tango was originally known as Project Tango and looked like a simple concept that maybe used for something. We were not sure about what the depth-sensing will actually do but we got a concrete idea about it after Lenovo announced the smartphone in CES 2016 earlier this year. But Lenovo demoed the capabilities of the tango technology in Phab 2 Pro which made it a serious contender for the most innovative smartphone for the year.
The demos during Lenovo Tech World painted a perfect picture of how capable the platform was and that smartphones were powerful enough to sufficiently track the 3D world and project an augmented reality on the screen. These demos included using Tango platform to measure the dimensions of the room accurately and use shopping apps to virtually redecorate your room before buying furniture or new products for your home.
Other demonstrations included live size models of dinosaurs where you can check different species of dinosaurs  with life-size AR renders. The renders can be changes in scale to comparatively study the entire field with an unprecedented level of interactivity. This can result in newer and dedicated applications for students across different fields, right from students of architecture to medical students.
During the launch, there will be more than 20 apps available for Phab 2 Pro users to experience different aspects of what Tango platform has to offer. These apps range from ‘Augmented reality gaming’ and ‘Augmented reality utilities’ with the gaming apps directly aiming at pure gaming like Pokemon GO but without the battery drain while ‘utilities’ hinting at apps like “WayFairView,” “Measure,” and “Magic Plan.”

Related Posts Plugin for WordPress, Blogger...