Chrome bug triggered errors on websites using Symantec SSL certificates

superstitial_pcw_logo_125x4-100004108-orig.gif

Chrome bug triggered errors on websites using Symantec SSL certificates | PCWorld

Source link

How Windows 10's data collection trades your privacy for Microsoft's security

privacy-policy-538719_1280-100696893-large.3x2.jpg

Windows 10’s aggressive data-collection capabilities may concern users about corporate spying, but enterprises have control that consumer-edition Windows users do not: Administrators can decide how much information gets sent back to Microsoft.

But enterprises need to think twice before turning off Windows telemetry to increase corporate privacy. That’s because doing so can decrease the effectiveness of Windows 10’s security features.

Microsoft isn’t merely vacuuming up large amounts of data because it can. The company has repeatedly reiterated its stance that Windows 10 does not collect the user’s personal data, but rather anonymized file data that is then used to improve overall user experience and Windows functionality.

With the current shift to Windows-as-a-service, Microsoft plans to release more updates to the operating system more frequently, and it will use telemetry data to understand how people are actually using Windows and applications. Microsoft can use the information to figure out what new features are needed or to prioritize changes to existing components.

For Microsoft, more data means more security

But the telemetry data is used for more than how to improve or evolve Windows. There is an actual security impact, too.

Knowledge is power, and in the case of Windows 10, that usage data lets Microsoft beef up threat protection, says Rob Lefferts, Microsoft’s director of program management for Windows Enterprise and Security.

The information collected is used to improve various components in Windows Defender, such as Application Guard and Advanced Threat Detection (these two features are available only to customers with Windows 10 Enterprise with Anniversary Update and Enterprise E5 subscriptions). As Windows 10’s built-in security tool, Windows Defender uses real-time protection to scan everything downloaded or run on the PC. The information from these scans is sent back to Microsoft and used to improve protection for everyone else.

For example, Windows Defender Application Guard for Microsoft Edge will put the Edge browser into a lightweight virtual machine to make it harder to break out of the browser and attack the operating system. With telemetry, Microsoft can see when infections get past Application Guard defenses and improve the security controls to reduce recurrences.

Source link

Implantable medical devices can be hacked to harm patients

superstitial_pcw_logo_125x4-100004108-orig.gif

Implantable medical devices can be hacked to harm patients | PCWorld

Source link

Senators fail to stop new rules allowing US law-enforcement hacking

superstitial_pcw_logo_125x4-100004108-orig.gif

Senators fail to stop new rules allowing US law-enforcement hacking | PCWorld

Source link

Study warns of human rights risks from censoring online terror content

superstitial_pcw_logo_125x4-100004108-orig.gif

Study warns of human rights risks from censoring online terror content | PCWorld

Source link

Senators plan last-ditch push to curb U.S. law enforcement's hacking power

superstitial_pcw_logo_125x4-100004108-orig.gif

Senators plan last-ditch push to curb U.S. law enforcement’s hacking power | PCWorld

Source link

UK's internet surveillance law receives royal approval

superstitial_pcw_logo_125x4-100004108-orig.gif

UK’s internet surveillance law receives royal approval | PCWorld

Source link

How to protect yourself on Twitter with its improved mute, report, and filter tools

privatei-quality-tweets-100695422-medium.jpg

Like many people, I spend too much time on Twitter, the “microblog” social network that lets you have snippets of conversations and post short insights (or, more likely, alleged jokes) that can be seen by everyone else on the network.

Before this year’s U.S. election, Twitter was generally an interesting and often fun place to be for most people, and a terrible disaster and nearly unusable for some. The election accelerated that, no matter which candidate you backed (if any).

For those who become the short-term or long-term targets of attack by groups of people for whatever reason, Twitter hasn’t previously offered enough tools to beat back harassment and abuse. Many targets have shuttered their accounts, while others have to work exceptionally hard to have any real interaction via Twitter at all.

I and many others have criticized Twitter for lagging in improving discourse on its own, such as identifying abuse and blocking it and its perpetrators without requiring others to intervene, and building sophisticated tools that would let people choose to filter and block content and people. Twitter’s abuse reporting tools and response have improved gradually, but still seemed to fall far behind the company’s stated guidelines for appropriate interaction.

That changed somewhat recently, as Twitter rolled out a variety of improvements that, taken together, can keep the service usable if you become a direct or incidental subject of attack. You can also filter out discussions of topics you’re not interested in, like sports events or specific teams. (Twitter could do much more to categorize messages, such as using machine learning to tag tweets by subject or add keywords, but so far it’s resisted that.)

There’s a tendency for media to accuse people of living in echo chambers composed only of like-minded people, reinforcing sometimes ill-conceived notions about others. Twitter’s filtering and blocking tools can play into that. But there’s an obvious difference between being exposed to ideas that differ from ones you hold and being being bombarded by offensive or abusive statements and images.

Here’s some advice about how to configure and use Twitter’s new tools, including one rolled out earlier this year, both to fight abuse and to keep your timeline more to your liking.

Quality is job what?

It’s obvious that Twitter analyzes all the public messages that pass across its systems, because it offers data that derive from that analysis. I’ve found it frustrating that it didn’t turn its ad analytics tools towards helping people have a better experience.

Source link

Why you need a cloud backup service, and how to use one

backuponline-100537758-primary.idge_.jpg

Cloud backup is exactly what it sounds like. Your data is stored in an online repository, where it’s accessible to you when you need it. It works like this: You download a desktop client to your PC, select the folders you want to back up, and that data uploads to the service on a set schedule. Then if catastrophe strikes, such as a house fire or robbery, you have a clean, up-to-date copy of your data stashed on a server somewhere, all safe and sound.

Cloud backup does not eliminate the need for a local backup on an external hard drive of some sort, but it provides an easy solution for keeping another backup off-site. Your other options are to circulate a few hard drives that you keep in a safe at the office (a pain to remember), or run a remote server (technically challenging). Pay a few bucks a year to store your hard drive data online with a third-party provider is the easiest choice for most people.

Finding a service is easy enough, too. There’s Backblaze (the service I currently use), Carbonite (a service I have used), Mozy, SpiderOak (another service I’ve used), and many others.

The hard part is understanding how to use cloud storage and familiarizing yourself with some of the details you might not think about.

Cloud backup vs. cloud syncing

It’s important to clarify the difference between a cloud backup service and a sync service like Dropbox or Google Drive. If you need a few files always in sync among multiple PCs or mobile devices, you’d be better off relying on a sync service. With a backup service, you could definitely pull out individual files in a pinch, but the user interface is usually a little cumbersome for grabbing files compared to, say, Dropbox’s.

Most mainstream cloud storage backup services offer what’s essentially unlimited backup, though limits of some sort will apply. The only exception to that rule is SpiderOak, which sets data storage limits but offers a higher degree of encryption and security than most services. Skip any cheap service that limits your data to 500GB or 1TB.

Take the time to figure out what the rules are for your backup service. In general, online backup services let you save any personal files on your PC. Some services also let you back up connected drives as part of the price, while others will charge extra for it.

Even if your plan does allow external hard drives, that doesn’t mean you can back up home servers or RAID boxes with multiple hard drives. You’ll also have to reconnect your external hard drives regularly to avoid having your saved content deleted from your cloud backup.

Source link

Pure URL simplifies web addresses for safer surfing

superstitial_pcw_logo_125x4-100004108-orig.gif

Pure URL simplifies web addresses for safer surfing | PCWorld

Source link