" >Trump demands Apple unlock iPhones: 'They have the keys to so many criminals and criminal minds' - CNBC | Canada News Media
Connect with us

Tech

Trump demands Apple unlock iPhones: 'They have the keys to so many criminals and criminal minds' – CNBC

Published

on


President Donald Trump, in a CNBC interview Wednesday, stepped up his pressure over Apple‘s refusal to unlock iPhones for authorities in criminal cases.

“Apple has to help us. And I’m very strong on it,” Trump told “Squawk Box” co-host Joe Kernen from the World Economic Forum in Davos, Switzerland. “They have the keys to so many criminals and criminal minds, and we can do things.”

Apple CEO Tim Cook has been credited with being able to work with the president and his administration in a way other Silicon Valley companies have stumbled. In November, Cook toured Apple’s Austin campus with Trump.

Trump told CNBC he’s helped Apple a lot.

“I’ve given them waivers, because it’s a great company, but it made a big difference.” The president was referring to waivers from tariffs put on Chinese-made imports in the trade war between Washington and Beijing.

Last week, Trump slammed Apple for declining the government’s request to unlock password-protected iPhones used by the shooter who killed three people in December at the Pensacola, Florida, Naval Air Station before being fatally shot.

In a statement, Apple said it provided gigabytes of information to law enforcement related to the Pensacola case but that it would not build a “backdoor” or specialized software to give law enforcement elevated access.

Trump told CNBC on Wednesday: “They could have given us that information. It would have been very helpful.”

The president said he’s not concerned about his relationship with Cook or Apple because the stakes are so high.

“You’re dealing with drug lords and you’re dealing with terrorists, and if you’re dealing with murderers, I don’t care,” Trump said.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

Security researcher says to 'stop buying' Samsung phones – Tom's Guide UK

Published

on


SAN FRANCISCO — Don’t use a mobile authenticator app on an old smartphone, because the app is only as secure as the operating system in which it’s running, two security researchers said at the RSA Conference here earlier this week.

In fact, one of the researchers says to avoid Samsung phones altogether.

Aaron Turner and Georgia Weidman emphasized that using authenticator apps, such as Authy or Google Authenticator, in two-factor authentication was better than using SMS-based 2FA. But, they said, an authenticator app is useless for security if the underlying mobile OS is out-of-date or the mobile device is otherwise insecure.

“You don’t want the risk associated with 32-bit iOS,” said Turner, adding that you should use only iPhones that can run iOS 13. “In Android, use only the Pixel class of devices. Go to Android One if you can’t get Pixel devices. I’ve had good experiences with Motorola and Nokia Android One devices.”

And he warned the audience to stay away from one well-known Android brand.

“[German phone hacker] Karsten Nohl showed that Samsung was faking device updates last year,” Turner said. “Stop buying their stuff.”

The problem is that if an attacker or a piece of mobile malware can get into the kernel of iOS or Android, then it can do anything it wants, including presenting fake authenticator-app screens. 

“One of my clients had an iPhone 4 and was using Microsoft Authenticator,” Turner said, indicating another authenticator app. “All an attacker would need to do is to get an iPhone 4 exploit. My client was traveling in a high-risk country, his phone was cloned and then after he left the country, all sorts of interesting things happened to his accounts.”

Some Android phones are safer than iPhones

And don’t think iOS devices are safer than Android ones — they’re not. There are just as many known exploits for either one, and Weidman extracted the encryption keys from an older iPhone in a matter of seconds onstage.

The iPhone’s Secure Enclave offers “some additional security, but the authenticator apps aren’t using those elements,” said Weidman. “iOS is still good, but Android’s [security-enhanced] SELinux is the bane of my existence as someone who’s building exploits.”

“We charge three times as much for an Android pentest than we charge for an iOS one,” Turner said, referring to an exercise in which hackers are paid by a company to try to penetrate the company’s security. “Fully patched Android is more difficult to go after.”

Attacking from underneath

Authenticator apps beat SMS texted codes as 2FA second factors because app codes can’t be intercepted over the air, aren’t tied to a phone number and never leave the device. But authenticator app codes can be stolen in phishing attacks, and as we saw yesterday, by Android malware in screen-overlay attacks.

However, even the best training against phishing attacks and the best Android antivirus apps won’t stop attacks that come from the kernel, the underlying part of the mobile operating system to which the user doesn’t have access.

“What could possibly go wrong when installing a user-mode application with sensitive cryptographic key materials on a platform with kernel vulnerabilities?” Turner asked rhetorically.

Kernel vulnerabilities also can be used to hack two-factor push notifications, which Google uses for its own accounts and which can’t be phished. 

In short, “we need to move away from usernames and passwords,” Turner said.

Fingerprints aren’t the answer, but this might be

Asked about biometric authentication such as fingerprint readers and facial recognition, Weidman said that it’s “better than nothing when used in addition to passwords.”

Turner wasn’t so sure.

“I am fundamentally opposed to using biometrics because it’s non-revocable,” he said, citing a famous case from Malaysia in which a man’s index finger was cut off by a gang to steal the man’s fingerprint-protected Mercedes. “Fingerprint readers are biometric toys.”

The only form of two-factor authentication without security problems right now, Turner said, is a hardware security key such as a Yubikey or Google Titan key.

“I’ve got two Yubikeys on me right now,” Turner said. “Hardware separation is your friend.”

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

PS5 might get an amazing controller feature that the Xbox Series X can’t match – BGR

Published

on


Sony is under a lot of pressure to unveil the PlayStation 5, or at least some new details about the upcoming console, as Microsoft is already way ahead. The Xbox Series X name and design were revealed in mid-December, and the company just shared many of the console’s next-gen specs this week. Both were complete surprises, as Microsoft hijacked an awards show to reveal the console’s design last December, and then suddenly dropped a blog post that featured a deep dive into the Xbox Series X’s hardware this week.

While we wait for Sony’s moves, which will likely be affected by the coronavirus outbreak that prompted the cancelation of several major events, with Sony itself pulling out of at least three trade shows so far, we do have more exciting PlayStation news for you. Unlike Microsoft, which has controlled the narrative, Sony’s innovations have leaked at a steady pace. And the newest finding is more exciting than any of the previous ones, as it details a controller feature that would give the new PlayStation a huge advantage over the Series X.

Not all of the patents we’ve seen online will end up becoming features of the PlayStation 5, but patents do provide plenty of information about Sony’s vision for the future of gaming. It’s thanks to patent leaks that we learned about the design of the PS5 dev kit last year. And other patents revealed plenty of interesting potential PS5 features, like a voice-based digital assistant that would provide help in real-time, rear-facing buttons, or support for biofeedback on a future DualShock 5 accessory.

The newest Sony patent, found by SegmentNext, details a feature that you may have been dreaming of: Wireless charging support for the DualShock controller.

A PS5 concept a few months ago imagined a PS5 console that would feature a built-in wireless charging coil near the top, where the DualShock controllers could be placed when not in use (image above). That’s not how the latest patent describes the tech working, however — here’s the relevant portion of the patent:

A wireless charging adapter that can snap onto a computer game controller can be inductively coupled to a charging base to wirelessly recharge a battery in the controller. The adapter also can include keys that mirror keys on the controller so that a gamer can remove the adapter with controller from the charging base, keep the adapter on the controller, and use both the controller keys and adapter keys to control a computer game.

The wording above suggests that the DualShock 5 won’t necessarily feature components that would allow wireless charging. Instead, you might have to buy an accessory for it. But the document also suggests that once applied, the accessory can stay on during gameplay, as it’ll feature button duplicates so that you can continue using the controller while it’s charging.

Sony is also considering a scenario where the gamer would keep the charging accessory on the charging mat, and hook the controller with a wire to that accessory to continue playing. That doesn’t sound very user-friendly.

The fact that Sony is looking at an accessory indicates that the DualShock 4 could be turned into a controller that can charge wirelessly with the help of the same device.

The best way to charge DualShock 5 controllers would be, of course, via USB-C, but Sony has yet to confirm whether the console will feature any USB-C ports. An accessory maker already announced an SSD drive for consoles that would need a USB-C port to deliver the fastest theoretical speeds possible, though.

As with previous Sony gaming-related patents, there’s no guarantee the gadget described in this new patent will ever be made. But it certainly makes sense to see Sony looking at wireless charging solutions for DualShock controllers, given that wireless charging tech adoption has been increasing in recent years.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he’s not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that’s not necessarily a bad thing.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

Amazon halts all employee travel, Google adds new restrictions due to coronavirus – TechRepublic

Published

on


Amazon bans all nonessential employee travel in the US and internationally, and Google expands travel restrictions after an employee is stricken with coronavirus.

In an unexpected move, both Amazon and Google announced new restrictions Friday on employee travel due to concerns over coronavirus and COVID-19, the illness the virus causes.

Amazon has asked all of its 798,000 employees to stop all nonessential travel, both domestic and internationally, immediately, according to an Amazon spokesperon. This is after Amazon already restricted employee travel to China earlier this month.

The cancellations are due to fear of novel coronavirus (COVID-19). The CDC has now 64 confirmed cases of COVID-19 in the US, including 47 cases among repatriated individuals. The latest two cases in the US are individuals in northern California and they both have contracted the disease from unknown sources, making them the first possible “community spread” instances of the disease in the US. So far, there have been 2,867 deaths from coronavirus around the world, and there are 83,861 cases globally. Hospitals in the US and the UK are preparing for a coronavirus outbreak.

Travel also restricted for Amazon employees on worldwide team 

The New York Times reported on Friday that Amazon employees on its worldwide operations team, which oversees technology and logistics, were told not to plan any meetings requiring travel until at least April, when the company hoped to have a better sense of the outbreak’s impact.

SEE: Coronavirus having major effect on tech industry beyond supply chain delays (free PDF) (TechRepublic)

Google expanding employee travel restrictions

Google has expanded its employee travel restrictions, now adding South Korea and Japan to the list of areas that already included China, Iran and two Italian regions of Lombardy and Veneto. This occurred after a Google employee tested positive for coronavirus, according to the company. 

More for CXOs

“We can confirm that one employee from our Zurich office has been diagnosed with the coronavirus,” a Google spokesperson said in a statement. “They were in the Zurich office for a limited time, before they had any symptoms. We have taken —- and will continue to take — all necessary precautionary measures, following the advice of public health officials, as we prioritize everyone’s health and safety.”

Google also announced that it is canceling its Google News Initiative Summit because of concerns over coronavirus. The conference had been scheduled for late April in Sunnyvale, Calif. 

“We regret that we have to cancel our global Google News Initiative summit but the health and well-being of our guests is our No. 1 priority,” Richard Gingras, vice president of news at Google, said in a statement.

Google has not yet announced any plans to cancel its own annual developer conference, Google I/O, scheduled for May 12-14 in Mountain View, Calif. 

Tech conferences around the world impacted

Meanwhile,
tech conferences around the globe
have been either cancelled, postponed, or have had significant exhibitors pull out for fear of coronavirus.

“The coronavirus has caused record-breaking event cancellations and postponements worldwide. Compared to last February, there is a 500% increase (and growing) in the cancellation or postponement of significant events. This past month (February 2020), we have seen more than 220 significant and major events between 5,000 to hundreds of thousands of attendees be cancelled or postponed. To give context, there were just 45 significant and major events canceled or postponed in February 2019. And, this is just the tip of the iceberg – we can all expect to see more global events cancelled in the coming months related to the coronavirus concerns,” said Campbell Brown, CEO and co-founder, PredictHQ.

Some of the major conferences cancelled in the past few weeks include Mobile World Congress, which PredictHQ’s data puts the event’s direct economic value at $5 million, Cisco Live Melbourne, Facebook’s annual marketing conference, DEF CON China and the Tokyo Marathon.

How to handle changing travel plans amid an outbreak

The quick-changing travel plans amid an outbreak like COVID-19 can make it difficult for companies to juggle employee travel plans and schedules.

In early February, before tech conferences began being canceled, and before companies started pulling out of events, companies were already limiting employee travel to China. At that time, Martin Ferguson, vice president of public affairs at American Express Global Business Travel, told TechRepublic’s Veronica Combs that he was seeing an increase in clients stopping all nonessential business travel to, from and within Wuhan and mainland China as well as areas surrounding mainland China. Some companies were also asking employees to work from home for two weeks after traveling to China as a precaution. 

With uncertainty affecting many of the decisions being made right now, companies need to keep employee travel plans flexible. For companies that are still allowing travel, request that employees book airline fares that can be canceled or rebooked without penalty, and hotel rooms that can be canceled without penalty. This way, if a conference or event is canceled, the company will not incur additional costs as a result of the employee canceling their trip.

Also, keep schedules flexible. For any upcoming conferences that have yet to be booked, wait. Watch the website for the conference daily to see if the main sponsors are still attending, and if any news is released about the event. Ask employees to wait as long as possible before booking airfare and hotel.

To encourage travel, some airlines are offering free flight cancellations or changes on all newly-booked flights. JetBlue is offering free flight cancellations or changes on all flights booked between February 27 and March 11, if the flight is completed by June 1, 2020, and the credit can be used for future travel. Alaska Airlines is also allowing new tickets booked from February 27 through March 12 for travel through June 1, 2020 to be cancelled or changed and the funds used for future travel. 

SEE: Policy pack: Guidelines for remote workers (TechRepublic Premium)

What to tell employees regarding travel and the coronavirus

As previously reported in TechRepublic, Emma Follansbee, an associate at The National Law Review, recommended what employers should do, and what they should avoid, when discussing travel and the coronavirus with employees:

  • Provide education and information on the virus  — Be brief and repeat what official sources have stated without adding information.The communication goal is to instill confidence in employees that the company is taking proactive steps as necessary
  • Reinforce sick leave policies — The flu season has been worse than usual in the US this season. This is a good time to reiterate sick leave policies. Follansbee also recommends training managers to send people home if they are sick.
  • Consider a temporary travel opt-out policy — Employers should consider temporarily suspending travel directly to a region with a high number of coronavirus cases. Follansbee also suggested that companies consider requiring employees traveling to or from the infected regions to refrain from reporting to work.
  • Don’t offer medical opinions and misinformation: Take a “less is more” approach.
  • Don’t institute employee medical examinations and quarantines: Employers that isolate or quarantine employees when public health agencies have not yet done could be violating protections under the Americans With Disability Act, medical privacy laws, and state wage and hour laws.                  
  • Don’t use selective enforcement of travel opt-outs: This policy must be applied equally across all employees. For example, employers cannot require pregnant or disabled employees to opt out of travel, while requiring other employees to continue traveling to a region. 

Also see 

<a href="https://tr3.cbsistatic.com/hub/i/r/2020/02/28/10fc1907-e3d4-42c8-abfc-393baeabfb84/resize/770x/11d721cc0316324fb1f74a218a699ccc/amazon-hq-with-logo.jpg" target="_blank" data-component="modalEnlargeImage" data-headline="

Amazon has halted all employee travel due to the coronavirus.

” data-credit=”Image: Smith Collection/Gado / Getty Images” rel=”noopener noreferrer nofollow”>Amazon

Amazon has halted all employee travel due to the coronavirus.

Image: Smith Collection/Gado / Getty Images

Let’s block ads! (Why?)



Source link

Continue Reading

Trending