Google Launches New Search Engine for Discovering Datasets

We are living in a data-centric age. Everyone is on the move to discover
data, no matter how small it may be. The good news is there are
thousands of data sources on the internet where anyone can go and
extract data. These repositories provide free access to data from
governments, private and public organizations. However, accessing and
even using such data is not always a smooth ride, especially when you
are dealing with thousands of data at a time.

Google Dataset Search

To make the task of accessing data repositories easier, Google has launched a new tool known as Dataset Search.
This is a tool that scientists, geeks, journalists, and other people
can use to find the exact data that they are looking for to back up
their work.

The working mechanism of Dataset Search is quite similar to that of Google Scholar.
It gives you the power to find datasets from whichever locations they
are hosted. This can be from the organization’s website or from the
personal website of an individual who published the data.

In order to facilitate a seamless access of dataset, Google has created a set of guidelines
which dataset providers can use to make their data accessible to Google
search. The search engine should be able to understand the content of
their data. Some of this information include:

• A brief information about the data
• The creator of the data
• The person who collected the data
• The methods that were used during data collection
• The date when it was published
• The terms for using the data

Using the above information, Google will analyze the data and collect
a set of different versions of the same dataset that may be existing on
the internet. It uses the schema.org standard which is an open standard
for describing data on the internet. Data providers are encouraged to
use the same standard to describe their data.

A Variety of References

Dataset Search provides a wide source of references of any given
dataset that it has collected. Although environmental and social
sciences are some of the main sources of references, governments and
news organizations are also the main sources of data. The fact that most
of more data repositories are embracing the use of schema.org standard
to describe their data means that Dataset Search is able to access lots
of data at any given time. This also gives room for the growth of this
tool.

Dataset Search is multilingual. There are plans to incorporate more
languages into the tool. It also has a user-friendly interface making it
easy to use. You simply need to type the information that you are
looking for and the rest of the job will be done for you.

The launch of Dataset Search is one of the recent moves that Google
has been making to improve the accessibility of data. Unlike other
initiatives that focused on particular groups of people, Dataset Search
targets a broader audience. It will be of great use to anyone who is
looking for critical data from governments and news outlets. However,
the availability of data depends on the metadata that the publishers
provide.

from Blogger http://www.solutionrider.in/2018/10/google-launches-new-search-engine-for.html

Hidden Keylogger Discovered In Hundreds Of HP Laptops

Preinstalled software has been discovered on HP laptop models, that could have been recording every letter and keystroke on users’ keyboards.

The keylogger security flaw was discovered by researcher Michael Myng, who found a hidden software could be present in over 460 different HP laptop models – including the EliteBook, ProBook, Pavilion and Envy ranges.

Fortunately, for everyone concerned, the keylogger was found to be in a deactivated state, and a by-product of a system driver originally used during the testing phase.

However, the left over flaw, present is some laptops from as far back as 2012, could have represented serious privacy concerns. However, anyone wishing to take advantage of the security issue would have to have physical access to a user’s laptop and also administrative rights.

Patch issued

HP have now issued a patch that removes the issue, and have been praised for the their fast reaction once they were made aware of the problem. That said, it is the second time this year that HP has had to issue an emergency patch for its laptops.

HP said more than 460 models of laptop were affected by the “potential security vulnerability”. The issue affects most laptops in the EliteBook, ProBook, Pavilion and Envy ranges, alongside others. The full list of exactly what laptops are and aren’t affected, can be found, here.

HP advice

HP’s advisory stated that the vulnerability “impacts all Synaptics OEM partners… Neither Synaptics nor HP has access to customer data as a result of this issue… A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

Anyone who owns a HP laptop has been strongly urged to check whether their model laptop is affected and update their system as soon as they can.

from Blogger http://thesolutionrider.blogspot.com/2017/12/hidden-keylogger-discovered-in-hundreds.html

Nvidia Will No Longer Publish New Drivers For 32-Bit Systems

Nvidia has confirmed that it will no longer offer support for 32-bit systems following Release 390. The decision was made public in an announcement post published to the company’s official website earlier today, but in recent weeks there have been some signs that this was coming.

The reveal of Nvidia’s Titan V graphics card sent shockwaves through the PC industry thanks to its impressive specs. The company confirmed at that time that it would only support the 64-bit versions of Windows 10 and Windows 7, with Windows 8.1 not receiving official support, according to a report from Hexus.

The Titan V does offer support for Linux users on 32-bit systems via an official Nvidia driver. This will not be the case going forward, as the companywide decision to discontinue support for 32-bit hardware apparently includes both Linux and FreeBSD.

“Later driver release versions will not operate, nor install, on 32-bit operating systems,” read Nvidia’s statement on the decision. “Driver enhancements, driver optimizations, and operating system features in driver versions after Release 390 will not be incorporated back into Release 390 or earlier versions.”

The company doesn’t plan to leave users with 32-bit systems out in the cold entirely. Critical driver security patches are set to continue until January 2019.

This makes for something of a sea change for Nvidia, as the company has previously followed Microsoft’s lead in terms of the operating systems that its GPUs would support. Microsoft plans to continue to support the 32-bit versions of Windows 7 and Windows 8.1 until 2020 and 2023, respectively, and is set to support the 32-bit version of Windows 10 indefinitely.

On the other hand, it’s perhaps unsurprising to see Nvidia choose to discontinue support at this time. People will continue to utilize 32-bit architecture until they have a reason not to, so a major GPU manufacturer ending compatibility might hurry a complete transition toward 64-bit hardware.

In effect, this isn’t too much of a departure from a situation like Apple’s decision to render certain older pieces of hardware obsolete. It’s a matter of available resources, and cutting down on the amount of different variations of hardware that need to be supported can save time and effort.

from Blogger http://thesolutionrider.blogspot.com/2017/12/nvidia-will-no-longer-publish-new.html

Snowden’s New App Turns Your Phone Into A Home Security System

YOUR DIGITAL SECURITY, any sufficiently paranoid person will remind you, is only as good as your physical security. The world’s most sensitive users of technology, like dissidents, activists, or journalists in repressive regimes, have to fear not just hacking and online surveillance, but the reality that police, intelligence agents, or other intruders can simply break into your home, office, or hotel room. They can tamper with your computers, steal them, or bodily detain you until you cough up passwords or other secrets.

To help combat that threat, one of the world’s most well-known activists against digital surveillance has released what’s intended to be a cheap, mobile, and flexible version of a physical security system. On Friday, the Freedom of the Press Foundation and its president, famed NSA leaker Edward Snowden, launched Haven, an app designed to transform any Android phone into a kind of all-purpose sensor for detecting intrusions.

Safe Haven

Designed to be installed on a cheap Android burner, Haven uses the phone’s cameras, microphones and even accelerometers to monitor for any motion, sound or disturbance of the phone. Leave the app running in your hotel room, for instance, and it can capture photos and audio of anyone entering the room while you’re out, whether an innocent housekeeper or an intelligence agent trying to use his alone time with your laptop to install spyware on it. It can then instantly send pictures and sound clips of those visitors to your primary phone, alerting you to the disturbance. The app even uses the phone’s light sensor to trigger an alert if the room goes dark, or an unexpected flashlight flickers.

Since he became the director of the Freedom of the Press Foundation in early 2016, Snowden has led a small team of programmers and technologists working on security tools. The projects so far range from software that only allows secrets to be decrypted if a group of collaborators combine their secret keys, to a hardware modification for the iPhone that’s designed to detect if malware on the device is secretly transmitting a user’s data.

The ‘Evil Maid’ Problem

The notion of a smartphone-based alarm system arose when Micah Lee, a technologist at the news outlet The Interceptand board member of the Freedom of the Press Foundation, suggested it to Snowden in early 2017. Lee hoped for a new approach to the perennial problem that the cybersecurity community calls the “evil maid” attack: It’s very difficult to prevent someone with physical access to your computer from hacking it.

Eventually, Lee and Snowden’s group of developers at the Freedom of the Press Foundation partnered with the security-focused nonprofit Guardian Project to build and test a software solution to that problem. “We thought, is there a way we can use a smartphone as a security device,” says Nathan Freitas, the director of the Guardian Project. “Take all the surveillance technologies in smartphones and flip them on their head, to keep watch on all the things you care about when you’re not there?”

In practice, Haven could protect its users from more than just hands-on computer hackers; it could guard against everyone from abusive spouses to authoritarian police. In November, the groups teamed up with the Colombian activism group Movilizatorio to conduct a trial with social justice activists—a group that’s been the target of dozens of assassinations over the last year, in the fallout of tense negotiations between guerrilla groups and the country’s government. Movilizatorio founder Juliana Uribe Villegas says the app provided a key reassurance that month, for a group of 60 testers, that government or criminals agents weren’t breaking into their homes to plant surveillance equipment or, far worse, to kidnap or physically harm them.

“It’s very significant for them to know that they have tools they can use themselves when the government isn’t protecting them,” Uribe Villegas says. “It’s great to think about cybersecurity, but in countries like ours, personal security is still at the top of our list.”

Privacy First

Of course, any device that takes pictures and records audio clips in your home or office and sends them over the internet might sound more like an intolerable privacy violation than a security measure, especially for someone as privacy-sensitive as Snowden, who hasn’t even carried a mobile phone since he first became a fugitive from the US government in 2013.

But Haven takes some serious measures to prevent its surveillance mechanisms from being turned against a phone’s owner. It integrates the encrypted messaging app Signal, so that every alert, photo, and audio clip it sends to the user is end-to-end encrypted. As another safeguard, users can also configure Haven to work with the Android app Orbot, which has an option to turn your phone into a so-called Tor Onion Service—essentially, a server on the darknet. That means the Haven phone’s event log can be accessed remotely from your desktop or another phone, but only over Tor’s near-untraceable connection. In theory, that means no eavesdropper can break in to access those audio and photo snapshots of your sensitive spaces.

“Now you can take this huge aggregation of sensors available on any phone today—accelerometers, light sensors, cameras, microphones—and make it work for you and only you,” Snowden says. He notes that despite his personal avoidance of carrying a smartphone, even he has used Haven in hotel rooms while traveling and at home, albeit only with some additional precautions that he declined to fully detail.

In WIRED’s (source) initial tests of Haven’s beta version, the app successfully detected and alerted us to any attempts to approach a laptop on an office desk, reliably sending photos of would-be evil maids over Signal. If anything, the app was too sensitive to saboteurs; it picked up and alerted us to every stray office noise. The app’s accelerometer detection was so hair-triggered that even leaving the phone on top of a computer with a moving fan inside created hundreds of alerts. You can set thresholds for the audio, but it was tricky choosing a level that wouldn’t trigger false positives. Freitas says the developers are still working on fine-tuning those controls, but that users may have to experiment.

Snowden acknowledges that Haven can’t stop an intruder bent on physically harming someone. But by simply detecting and recording their presence, it might just make them think about the consequences of that intrusion’s documentation, and give victims a significant tool they haven’t had before. “If you’re the secret police making people disappear, Haven changes the calculus of risk you have to go through,” Snowden says. “You have to worry that every possible cell phone might be a witness.”

from Blogger http://thesolutionrider.blogspot.com/2017/12/snowdens-new-app-turns-your-phone-into.html

5 Hackers Arrested For Spreading Ransomware

Recently, Romanian authorities have arrested three people suspected of infecting computer systems by spreading the ransomware CTB-Locker (Curve-Tor-Bitcoin Locker). Two other suspects from the same criminal group were arrested in Bucharest in a parallel rescue investigation linked to the United States.

Over the past week, Romanian authorities have arrested three people suspected of infecting computer systems by spreading the ransomware CTB-Locker (Curve-Tor-Bitcoin Locker). Two other suspects from the same criminal group were arrested in Bucharest in a parallel rescue investigation linked to the United States.

The CTB-Locker and Cerber malware are among the world’s leading ransomware families. This action will likely be quantified and catalogued as the largest ransomware related operation.

During this law enforcement operation called “Bakovia”, six cases were investigated in Romania as a result of a joint investigation conducted by the Romanian Police (Service to Combat Cybercrime), the Romanian and Dutch Public Prosecutor’s Office, the Dutch National Police (NHTCU), the UK National Crime Agency, the FBI with the support of the Europol European Center for Cybercrime (EC3) and the Joint Cybercrime Action Group (J-CAT).

As a result of this investigation, the agents seized a significant amount of hard disks, laptops, external storage devices, mining devices and various documents. Investigations in Romania have resulted in the criminal group’s accusation of misuse of devices with intent to commit cybercrime and blackmail.

Earlier this year, the Romanian authorities obtained detailed information from the Dutch High Technology Crime Unit and other authorities on the activity of a group of Romanian citizens who were involved in sending spam messages.

The targets of this spam attack were well-known companies in countries like Italy, the Netherlands and the United Kingdom. The intent of spam messages was very specific: infecting computer systems and encrypting their data with the Ransomware CTB-Locker also known as Critroni.

But what did the messages contain?

According to what was already known, each email had an attachment, often in the form of an invoice, that hid a file with malicious code. Once the attachment was opened on a machine with a Windows operating system, the malware encrypts the files on the infected device.

Once infected, all documents, photos, music, videos, etc. on the device were encrypted using asymmetric encryption techniques, which makes it extremely difficult to decrypt the files without the encryption key created by criminals. This type of attack “forced” the victims to pay the ransom, such was the desperation. Many companies, after paying, were given the key to decipher their files.

170 victims have been identified in several European countries till to the date; all have filed complaints and provided evidence that will help prosecute suspects.

Vulnerable Windows systems

The CTB-Locker was first detected in 2014 and was one of the first variants of ransomware to use Tor to hide its command and control infrastructure. It is intended for almost all versions of Windows, including XP, Vista, 7 and 8.

Cerber Ransomware in the United States

In addition to the CTB-Locker distribution, two people from the same criminal group in Romania are also suspected of distributing Cerber Ransomware. They are suspected of contaminating a large number of computer systems in the United States. The US Secret Service has subsequently initiated an investigation into Cerber Ransomware infections.

This case illustrates the Crime-as-a-Service (CaaS) model since services were offered to any criminal online.

The investigation, in this case, revealed that the suspects did not develop the malware themselves but acquired them from specific programmers before launching multiple infection campaigns on their own, having to pay in return about 30% of the profit. This modus operandi is called an affiliate program and is “Ransomware-as-a-service”, representing a form of cybercrime used by criminals primarily on the Dark Web, where criminal tools and services like ransomware are made available by criminals to people with few knowledge on cybernetic issues, bypassing the need for specialized technological skills.

Never pay the Ransom

Ransomware attacks are relatively easy to prevent if the user can maintain appropriate “digital hygiene”. This includes regular backup of the data stored on your computer, keeping your systems up to date, and installing robust antivirus software. Also, never open an attachment you receive from someone you do not know or from any strange link or friend sent on social networks by a company, online game partner, etc.

If it is infected, we recommend that you do not pay the requested redemption. Most certainly, even paying will never be able to get your files back and will only fund criminal activities. Make a complaint to the national police authorities and give the maximum of detail, do not hide any causes of contagion. This will allow due investigation and enforcement of the law by punishing the criminal groups behind these crimes.

from Blogger http://thesolutionrider.blogspot.com/2017/12/5-hackers-arrested-for-spreading.html