Month: September 2017
Apple claims iPhone Face ID has better security than Touch ID
Apple announced the new iPhone Face ID system, which replaces Touch ID in favor of facial recognition and may offer 20 times fewer false positives than fingerprint scanning.
With the announcement of the premium Apple iPhone X, the company left behind what it called the “gold standard” of smartphone security in Touch ID to focus on facial recognition with Face ID.
Phil Schiller, senior vice president of worldwide marketing for Apple, said during the iPhone event in Cupertino, Calif., that the iPhone Face ID system was built on a new system called TrueDepth. This system combines a traditional camera, an infrared camera, a depth sensor and a dot projector — which projects 30,000 infrared dots onto the user’s face — to create a “mathematical model of your face.”
This model is then run through the Neural Engine — a part of the new A11 Bionic system-on-a-chip — to compare the new scan against past models. The system will be able to learn over time to adapt as a person’s appearance changes with new hairstyles, facial hair, glasses, etc. All Face ID data will be stored in the Secure Enclave on the user’s device and not transmitted to the cloud.
According to Schiller, the chance of random person being able to unlock another device with the Touch ID fingerprint scanner was 1 in 50,000, but the iPhone Face ID should have a 1 in 1,000,000 chance of a false positive — a 20 times improvement. Schiller did note this likelihood would be higher if people share DNA, but claimed it should be able to tell the difference between a user and their “an evil twin.”
The iPhone Face ID security system was tested against realistic masks designed by Hollywood special effects teams, Schiller said, and was not fooled. And, iPhone Face ID unlock requires the user’s attention and will not work if the user is looking away or has his or her eyes closed. The Face ID security feature will be available exclusively on the iPhone X premium model and not for forthcoming iPhone 8.
September 8, 2017
By: Emily Sullivan, News Assistant, NPR Business Desk
Even before Hurricane Irma arrived at Florida’s doorstep scammers geared into action.
A GoFundMe campaign purporting to be from Miami-born singer Jason Derulo set a fundraising goal of $1 million for Irma victims before being shut down by the website. Robocalls set up by scammers are telling people that their insurance premiums are overdue and that they must pay up immediately or else risk losing their coverage.
Amazon suspended 12 third-party vendors for attaching questionable fees to flood essentials. A case of water arrived at a home accompanied with a surprise $100 delivery fee. Florida Attorney General Pam Bondi told the Palm Beach Post that she has been in touch with Amazon, among other firms, about cracking down on abuses.
Such scams are pretty common during times of distress. In fact, less than two weeks after Harvey made landfall in Texas, the Office of the Texas Attorney General received nearly 3,000 complaints of storm-related fraud.
It’s likely that scammers will redirect their targets to Irma relief efforts. As Irma continues to accumulate damage in the Caribbean and is expected to ravage parts of Florida, the generosity of people living elsewhere unaffected is much needed. But it is crucial to exercise caution in donating to relief efforts.
Here are tips from legitimate sources on how to donate safely to Irma relief, and how to report instances of price gouging and fraud.
Know where your money is going
The Center for Internet Security reported that over 500 domain names associated with Harvey were registered as the storm approached Texas, noting that “the majority of these new domains include a combination of the words ‘help,’ ‘relief,’ ‘victims,’ ‘recover,’ ‘claims’, ‘donate,’ or “lawsuits.'”
It’s crucial to exercise caution with dubious Irma websites and dubious crowdfunding accounts. See a crowdfunding page that looks suspicious with a faceless organizer—or purported to be run by a celebrity who has not endorsed the page? Report it. GoFundMe has a policy of returning donors’ money if fundraising pages are shown to be fake.
Contribute to organizations that have an experience assisting in disaster relief, and be skeptical of charities that pop up solely in response to Irma. You can check out charities with the Better Business Bureau’s (BBB) Wise Giving Alliance, Charity Navigator, Charity Watch, or GuideStar.
Think twice about texting a donation
Confirm that the charity has authorized donations via text message — and keep in mind that your contribution may not reach the charity until after your phone bill is paid. It may be faster to donate directly to the charity.
Be wary of clicking on links or opening attachments in e-mails
Don’t assume that emails you get — or social media messages you see — have really been posted by the legitimate source. The Center for Internet Security recommends that people exercise extreme caution when responding to individual pleas for financial assistance such as those posted on social media, crowd funding websites, or in an email, even if it appears to originate from a trusted source.
Report suspicious organizations
Find out if a charity or fundraiser is registered in your state by contacting the National Association of State Charity Officials. If the organization is not registered, consider donating to one that is.
Be skeptical if an organization will not send you information about their programs and finances: any legitimate organization will be glad to provide you with this information. The Better Business Bureau Wise Giving Alliance has charity reports on thousands of U.S. charities. If you believe a scam may be taking place, you can contact the BBB to report what you know.
Report instances of price gouging
Florida governor Rick Scott declared a state of emergency last Monday, meaning business were subject to fines of up to $25,000 for price gouging on items like food, ice, gas and lumber.
“You’ve got vendors trying to trick people,” said Bondi. “It’s sickening and disgusting and we’re not going to have it.”
[Residents were instructed that if they] suspected price gouging, [they were to] obtain as much information as possible in the form of estimates, invoices, receipts or bills. When comparing products, note as much information as possible, including the product name, size or quantity, manufacturer, item number and unit price. [They were to] report this information to Bondi’s office through the Florida Attorney General’s Price Gouging Hotline at 1.866.966.7226.
When your anti-virus software poses a security risk, it can be a devastating blow to your organization. At Integrated Technology Group, we provide network security software designed to safeguard your data, and make sure that you and your staff are able to enjoy the breathtaking opportunities that technology offers.
We will help build a more secure digital world for your company by providing a comprehensive network security audit able to define potential vulnerabilities and performance limitations. We will explain any found security threats and offer necessary remediation suggestions. Contact us today for more information on our internal and external scans and our new Perimeter Scan. firstname.lastname@example.org or 518.479.3881.
September 13, 2017
Heard on NPR’s All Things Considered – Transcript follows
David Welna, National Security Correspondent, Washington Desk, NPR on Twitter
The acting secretary of homeland security has banned the U.S. government from using Kaspersky software. The Russian company’s software — widely used throughout the world — has been deemed an unacceptable security risk.
ARI SHAPIRO, HOST: Kaspersky Labs is a big Moscow-based company that makes antivirus software. It’s used worldwide, even by some American government agencies. Now that may be over, at least for the U.S. government. The Department of Homeland Security issued a directive today that effectively bans all federal entities from using Kaspersky software or even having any products tied to it. NPR’s David Welna reports.
DAVID WELNA: The directive banning Kaspersky products was issued by acting Homeland Security Secretary Elaine Duke just hours after the U.S. Senate began debating a defense bill with a similar ban that applies only to the Pentagon. New Hampshire Democratic Senator Jeanne Shaheen has led the effort in Congress to forbid federal agencies from using Kaspersky products, and she says she’s pleased the Trump administration is also taking action.
JEANNE SHAHEEN: I applaud the department and acting Secretary Duke for issuing this directive that calls on all departments and agencies to identify any use or presence of Kaspersky products on their systems and to develop plans to get rid of them.
WELNA: The DHS gives agencies up to 90 days to start implementing its plan to discontinue use of Kaspersky products, then remove them from all federal government information systems. Senator Shaheen says there are ample grounds to impose such a ban.
SHAHEEN: Certainly there have been concerns raised publicly. There are concerns on record and some that suggest there has been direct collaboration with certain officials from Kaspersky and from the FSB, which is of course the successor to the KGB. There is also classified information that raises concerns.
WELNA: Those concerns about Kaspersky went public in May when Florida Republican Senator Marco Rubio posed this question to the chiefs of six U.S. spy agencies.
MARCO RUBIO: Would any of you be comfortable with Kaspersky Lab software on your computers?
WELNA: All six answered no. Shaheen says that for her, it was a key moment.
SHAHEEN: They were not comfortable with Kaspersky software on their computers. And if they’re not comfortable, then I don’t think the rest of the federal government should be comfortable.
WELNA: In an emailed statement, Kaspersky Labs said it was disappointed by the decision to ban its products. It said the company has never helped any government anywhere with cyber-espionage and added that it’s, quote, “disconcerting that a private company can be considered guilty until proven innocent due to geopolitical issues.”
In its directive, the DHS invites Kaspersky to address the department’s concerns. Kaspersky Labs says it looks forward to showing that the allegations made against it are without merit. -David Welna, NPR News, Washington.
SHAPIRO: And we should note that Kaspersky Labs is among NPR’s corporate underwriters.