Everything tagged

Latest from The Spokesman-Review

Google stops shipping security fixes for Android < 4.3

The Wall Street Journal is reporting that Google has stopped shipping security fixes for Android devices that operate on Android versions 4.3 and earlier.

Dubbed Jelly Bean, version 4.3 was released on July, 2013, updating phones that had originally shipped with 4.1 and 4.2. Devices with Android versions 4.4 (KitKat) and newer are not affected by this policy.  

According to the WSJ, about two-thirds of all Android phones currently active in the world are now potentially susceptible to security vulnerabilities that can compromise the device owners privacy and potentially lead to viruses and malware being installed on the device.

What this means in the real world is that anyone using an older Android device needs to get a new phone (the carriers and Google LOVE this option) or attempt to update their phone to the newest OS (the carriers HATE this option), because the out of date phone poses a privacy and security threat not only to the owner of the phone, but also to everyone around that person, potentially even compromising the security of their employer.

When Google stops shipping security and bug fixes for these devices, this means that known vulnerabilities can be exploited by hackers and others with ill intent, stealing personal, private data and/or turning the phone into a node for a giant botnet.

Many carriers and manufacturers exacerbate the problem by not shipping or even allowing system updates to their phones, so it is incumbent upon each individual Android user to investigate their phone to ascertain the vulnerabilities it may contain and take appropriate steps to mitigate the potential risks involved.

Google doesn't provide update instructions directly, but you can check your device on your cell phone carrier's website:

Verizon Wireless
AT&T
T-Mobile

 

 

Disqus users should reset passwords

Any commenters that log directly into our Disqus commenting system are advised to change their passwords due to a security vulnerability announced by Disqus.com.

http://engineering.disqus.com/2014/04/10/heartbleed.html

PLEASE NOTE: This applies ONLY to users who use their DISQUS account to comment, NOT users who comment using their spokesman.com login credentials, as illustrated below:

The Spokesman-Review takes the security of our users very seriously, so if in doubt PLEASE reset your passwords. For more information about the vulnerability, please check my last blog post about Heartbleed.

I repeat, if in doubt, change your passwords

If you have any issues or questions about this matter, please email us at webteam@spokesman.com or you can email me directly at dang@spokesman.com.

The Aviator web browser - Google’s Chrome without the Googles

Privacy is a hot-button issue these days. Between Facebook/Twitter/Google tracking your movements across the web and the NSA implanting tracking code in your brain… (Hyperbole, yes. But until all of Snowden's NSA whistle-blower secrets have been divulged, it's best to assume that the Gov't has satellites that shoot high-powered laser beams from space and can conduct brain surgery on you while you're swimming in your backyard pool. I got that tip from my schizophrenic Aunt years ago. Should have listened to her advice.)

Anyway, let's just say that privacy is hard to come by these days. Especially on the web. That's why it warms my heart to hear about WhiteHat Security's new, and free, Aviator browser.

Here's the skinny: It's basically Google Chrome, but without the Google part. What I mean by that is Aviator is built on the same open source Chromium browser (the guts or innards of Google Chrome), but without Google's search engine (it uses DuckDuckGo, behavior tracking and advertising.

But it doesn't just do away with the Googles. By default, the Aviator browser doesn't allow any tracking code from any website, unless you specifically allow it to. It comes built-in with the fantastic Disconnect plugin (which has so much awesome in it that I've decided to write a separate post about it), blocks all third-party cookies, and it runs by default in privacy/incognito mode.

I downloaded it and took a test drive with it, and it feels exactly like Google Chrome. If you like Google Chrome, then this is probably a good option for you because it's still compatible with all of the normal Chrome plugins.

If, like me, you don't like Chrome, it's less appealing. I like my Firefox just fine, but then again, I'm a web developer. For 99% of the rest of the people, I'd probably recommend this.

CdA School Safety Overhaul Begins

Coeur d'Alene School District 271 transportation shop technician Lynn Porter, center and foreman Joe Mares, left apply #22 to a bus on Thursday. The district is installing large numbers on the top of its school buses so police can easily find a bus if it's hijacked. (SR photo: Kathy Plonka)

The tragedy of Sandy Hook Elementary School in Newtown, Conn., has slipped from the headlines, but the lessons learned from the mass shooting of students and teachers last December are translating into millions of dollars in security improvements at Coeur d’Alene schools. The school district is upgrading door locks, surveillance cameras and fencing, tightening building access and updating emergency response plans at all 17 of its schools. Even the bus fleet is getting attention: new digital radios with GPS navigation, security cameras and large numbers affixed to the roof to help police track down from the air any bus that goes missing/Scott Maben, SR. More here.

Question: Do you feel better re: safety of local schools as a result of this security upgrade?

Newt’s Peeps Managed Event Well

A Berry Picker photographer writes of this photo: "The security at the Gingrich event was much more robust than that experienced at the Santorum event.  It was interesting how the whole event was managed.  While there was a lot of room available, the management pressed everyone into a relative small area.  This made it look like people were crowded in which they were.  There was a lot of room for the media.  A raised platform was provide at the back of the roped off area for video and just in front of that was a long table for reporters with laptops.  I cannot help but think that this was because of a grater attention to detail on the part of the Gingrich organization.  I saw one senior staff person carefully check the stage flags to make sure they hung just right.  The level of both security and stage management was impressive."

‘Extra duty’ police program too costly?

A government program that arranges “extra duty” security jobs for Spokane police officers and Spokane County sheriff’s deputies isn’t paying its way, according to a county cost-recovery specialist.

Other public officials disagree, saying private employers shouldn’t be forced to pay fixed costs the government would have to pay anyway.

The program essentially sells government service, including the use of patrol cars and other equipment, to private organizations.

It’s an alternative to allowing officers to arrange their own off-duty work without supervision, or to prohibiting them from doing freelance work.

The problem, according to Guy Cavender, manager of the county’s “cost recovery project,” is that the sheriff’s extra-duty program – presumably the city’s, too, he said – isn’t covering expenses.

Read the rest of John Craig's story here.

A Case for Security

As Mariah mentioned earlier, Security for tomorrow is going to be pretty heavy in DC. Like I said, I’m not surprised and here’s why: Some idiot from Wisconsin made threats to assassinate Obama via posts made on a website (www.alien-earth.org). He’s been arrested.

From the Reuter’s Article:

Steven Joseph Christopher, in three postings to www.alien-earth.org, said he planned to assassinate Obama in Washington “as a sacrificial lamb,” the department said in a statement.

“It’s really nothing personal about the man. He speaks well… But I know it’s for the country’s own good that I do this,” Christopher reportedly wrote.

“It’s not because I’m racist that I will kill Barack, it’s because I can no longer allow the Jewish parasites to bully their way into making the American people submit to their evil ways.”

Case in point.