Connect with us

Security

Keep an eye out around the house with the Netgear Arlo 6-camera security system on sale for one day only

Published

on

This is the largest Arlo camera package and includes all you need to get set up.

Home security is super important, and something you should take seriously. Arlo’s security cameras are a very popular option, and right now you can pick up a 6-pack for just $359.99 at Woot, which is 28% less than the list price and beats the next best price of $405 at Amazon right now.

These cameras can be use both indoors and outdoors, which makes them extremely versatile. The kit is the original Arlo series, not the Pro, but it has been updated particularly to work with Amazon’s Alexa. The base station it comes with allows you to add on more cameras, even more advanced versions like the Arlo Pro 2 if you want. The Arlo camera is 100% wire free and has a fast-charging battery. It has two-way audio thanks to a built-in mic and speaker. You can also use Arlo Smart to add things like customized alerts, zone detection, and the ability to contact emergency services right away.

Unlike many Woot deals, this is for a brand new product and includes a one-year warranty is with the purchase. Shipping is free for Amazon Prime members.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Security

Firefox Quantum Offers Anti-Cryptojacking Feature

Published

on

By

Firefox Quantum, the latest version of open-source internet browser Firefox, has a new privacytoggle that protects against cryptojacking, according to a blog post by Mozilla on May 21.

Mozilla previously warned official blog post that websites can deploy scripts that launch a crypto miner on a user’s machine without them being aware — a practice known as cryptojacking.

To combat these exploitative practices, Mozilla partnered with online privacy company Disconnect to create a crypto mining blocker for their browser. Users can now toggle an opt-in feature, that purportedly blocks would-be cryptojackers from taking advantage of spare computing power to mine cryptocurrencies.

Mozilla initially announced that it would block cryptojacking in new browser releases in August 2018. As per a report by Cointelegraph, Firefox featured cryptojacking protection in its Firefox Nightly 68 and Beta 67 versions this April, just prior to the launch of Quantum.

Firefox Quantum also aims to mitigate the practice of so-called “fingerprinting,” which makes a sort of digital fingerprint of a user that is employed to monitor their activities on the internet.

Cryptojacking at the consumer level was called “essentially extinct” by cybersecurity company MalwareBytes on April 23. According to the report:

“Marked by the popular drive-by mining company CoinHive shutting down operations in early March, consumer cryptomining seems to have gone the way of the dodo. Detections of consumer-focused bitcoin miners have dropped significantly over the last year and even from last quarter, while business-focused miners have increased from the previous quarter, especially in the APAC region.”

According to the report, consumer malware detections have gone down by approximately 40%. Businesses, however, are being targeted more heavily by cryptojacking attempts, with

Business detections increasing by about 7% during the first quarter of 2019.

Source: https://cointelegraph.com/news/firefox-quantum-offers-anti-cryptojacking-feature

Continue Reading

Security

Google replaces its Bluetooth security keys because they can be accessed by nearby attackers

Published

on

By

  • Google offered free replacements of its Bluetooth Titan Security Keys after it found that nearby attackers could access them.
  • Google said the issue does not impact the tool’s ability to prevent remote phishing attacks.
  • The company advised users to continue using the key until a replacement arrives.
CNBC Tech: Google Titan Key 5

Logging in to Gmail on a phone is a cinch.Magdalena Petrova | CNBC

Google found a security issue that could give an attacker access to a users’ device based on a tool meant to keep it secure, the company disclosedWednesday.

Google is offering free replacements of its Bluetooth Low Energy Titan Security Keys after it found that anyone within about 30 feet could communicate with the key and its paired device while a user tried to activate the key or pair their devices.

The Titan Security Key is meant to provide an additional layer of protection for users hoping to prevent their accounts from being taken over by phishing attacks. While Google said the issue does not interfere with the key’s ability to protect users from a remote phishing attack, it still reveals a significant gap in the device’s security.

The flaw could undermine Google’s recent messaging around privacy and security, which has become a hot issue in Silicon Valley. Google CEO Sundar Pichai penned a New York Times op-ed earlier this month advocating for the democratization of privacy after unveiling a host of new privacy features at Google’s developer conference.

Google recommended continuing to use the affected keys until their replacement arrives. As an extra precaution, users should use the keys when they aren’t near other people who may try to gain access to their devices, then immediately unpair the key after signing on, Google said. However, iOS users who have updated the version 12.3 will not be able to sign into any accounts linked to the key until they receive a replacement, according to Google. The company advised staying logged onto accounts on iOS devices until the new replacement arrives.

Google said that only BLE versions of the keys are affected. Devices with a “T1” or “T2″ on the back are eligible for the free replacement by visiting google.com/replacemykey.

Google’s new security key will protect you from phishing attacks

Source: https://www.cnbc.com/2019/05/15/google-finds-security-issue-with-its-bluetooth-titan-security-keys.html

Continue Reading

Internet

Google Chrome Update — ‘A Threat To Children, Cybersecurity And Government Snooping’

Published

on

By

The way we access websites is about to change. As a result, crisis talks have now been scheduled between the U.K. government and the internet industry to discuss the risks. The primary concern is a proposed but as yet unconfirmed update to Google’s popular Chrome web browser, one that would hit many of the techniques used to monitor internet content for both safety and snooping. It isn’t just Google that will change. But the market-leading position of its Chrome browser has focused governmental minds.

These days, almost everyone is familiar with the concept of internet domain names and the fact that memorable, human-readable addresses are translated into machine-readable IP addresses. But most people have likely never heard of DNS over HTTPS or DOH, and so will be unaware of a planned change to how all this works.

However, DOH is now being fast-tracked, and it has agitated U.K. child safety and intelligence agencies enough to convene a crisis meeting on 8 May, citing child safety, cybersecurity and even terrorism as concerns.

DOH will encrypt the addresses of the websites we visit, potentially bypassing local Internet Service Providers (ISPs), and connecting directly to central nameservers that could well be managed by the companies behind the browsers themselves. This means that many of the filtering and protection tools in place today, usually administered by ISPs, would no longer work.

The new approach brings definite security advantages, notwithstanding that we’ll be entrusting Google and its peers with even more data on us. If the addresses of the websites you want to visit can’t be seen, they can’t be filtered or policed. And campaigners claim that this has implications for the fights against terrorism and extremism, as well as for child safety.

Coming at a time when the monitoring of online content has never been more in the news, and when cybersecurity breaches are reported weekly, the clear need to improve online security is driving welcome change. But the unintended consequences of those changes are apparently now a major concern.

All change

The Internet’s Domain Name System (DNS) is one of its greatest strengths and also one of its greatest weaknesses. The internet is easy to use, but that comes with the risk of the manipulation of DNS names, with snooping on open traffic, and, in many parts of the world, with local monitoring and filtering. So it’s little surprise that the Internet Engineering Task Force (IETF) has been working on a revised approach.

As open traffic, your IP address and browsing activities can be profiled and your requests can potentially be intercepted and manipulated. Who you are and what you’re looking at can be monitored. But with more and more of what is done online being encrypted, the very act of accessing specific websites can be encrypted as well. This is what DNS over HTTPS is all about, bypassing locally held DNS nameservers, sending encrypted traffic to a central server instead.

The change would see web browsers (or other central services) handling domain queries, transparently to users, rather than fielding these as open internet traffic through the ISP. More secure and less open to interception, yes, because all of this would be encrypted HTTPS traffic, but it means that you would be serviced from a central location and not by an operator under your country’s legislative control. Think of it as a built-in, always-on VPN.

presentation from BT on the ‘Potential ISP Challenges with DNS over HTTPS’ earlier this month, acknowledged that “DOH could be a game changer in operator/application dynamics” with fast-tracked standards bringing potentially adverse implications on cybersecurity and on safety from online harms. BT cited a reduced ability to derive cybersecurity intelligence from malware activity and DNS insight, significant new attack opportunities for hackers, and the inability to fulfill government mandated regulation or court orders as potential concerns.

Online responses to the ‘crisis’ suggested that this latter point, the impact on government snooping, was much more of a concern for the authorities than any impact on online safety filters.

Crisis meeting scheduled

According to the Sunday Times, a crisis meeting has now been convened for 8 May to bring together the country’s major ISPs, including BT, Virgin, Sky and TalkTalk, with the country’s National Cyber Security Centre (NCSC) to discuss the implications. The primary concern is that it will be impossible for the country’s ISPs to filter out illegal or inappropriate material. This could have implications for terrorism, extremism, child safety and, of course, password-protecting the U.K.’s countrywide porn habits from July 15, as announced last week.

Because DOH is expected to be largely centralized, and (at least initially) managed by the major browsers, this is where Google comes in. Chrome is the U.K.’s most popular browsing application. With DNS queries not being serviced by an ISP’s nameservers, the ISPs would have no way of tracking, filtering or policing browsing. It would invalidate child safety locks and render useless the planned porn filter. For the ISPs, it could also mandate a rethink in the ways content is cached through efficient and cost-effective content delivery networks.

The well-populated databases of dangerous sites held by ISPs would be bypassed. But, it would also make government online snooping much more difficult. According to the Sunday Times, “BT, which has 9m broadband customers, said in a statement that parental controls, the first line of defense for millions of households, could be rendered ‘ineffective’ by the new system. It added that it could ‘hamper our ability to protect customers from online harms’.”

A spokesperson for the U.K.’s Internet Services Providers’ Association, the trade association representing more than 200 ISPs, including BT, Sky and Virgin, told me that “U.K. broadband providers are actively involved at a national and international level in ensuring that encrypted DNS is implemented in a way that does not break existing protections provided to U.K. internet users. If internet browser manufacturers switch on DNS encryption by default, they will put users at serious risk by allowing harmful online content to go unchecked. Internet browser companies must ensure that parental controls and cybersecurity protections offered by broadband companies continue to work and protect users. We would expect internet browsers to provide the same protections, uphold the same standards and follow the same laws as U.K. ISPs currently do.”

No need to panic?

The encryption of DNS name traffic is not the issue. The central management of the system, bypassing local controls, is the issue. There’s no reason that the new ecosystem cannot work in the existing framework. But it won’t start out that way, and it puts significant control in the hands of the device browsers. Theoretically, there could be device- or even application-specific DOH datasets accessed. And any user filtering would need to be at a device level instead of relying on the ISP. These changes need to be fully communicated and documented in how-to guides before being made.

For their part, Google has confirmed that an encrypted version of Chrome is already available but is not yet included as standard. In a statement, the company said that “Google has not made any changes to the default behavior of Chrome.”

Source: https://www.forbes.com/sites/zakdoffman/2019/04/22/crisis-as-changes-to-google-chrome-threaten-child-safety-and-cybersecurity/#7d0977f05704

Continue Reading
Advertisement

Trending

%d bloggers like this: