blog trackingRealtime Web Statistics Default Archives | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘default’

How to set Microsoft’s Cortana as default voice assistant on Android

Microsoft brought its phone companion app, Cortana, to Android some time ago, allowing the users of Google’s popular OS to relish in some of its key features. Indeed, Siri and Google Now’s rival is one of the better voice assistants to try to shake things up and offer a third alternative to the aforementioned apps. 
And Cortana is actually getting better at making full use of Android’s potential in particular. With the most recent one to hit the beta version of Cortana, Microsoft enabled the Android version of its voice assistant app …

View full post on PhoneArena

Microsoft updates Cortana beta, lets you replace Google Now as default assistant

The Cortana beta available for Android users has been updated by Microsoft. The company has added the feature to enable users of the assistant to set Cortana as default, replacing the pre-loaded Google Now. This alteration will also enable you to press and hold the home button to activate the personal helper.

View full post on MobileNations

More than 100000 Wireless Routers have Default Backdoor

A recently reported flaw that allowed an attacker to drastically reduce the number of attempts needed to guess the WPS PIN of a wireless router isn’t necessary for some Arcadyan based routers anymore.<!– adsense –>
Last …

View full post on National Cyber Security » Computer Hacking

More than 100000 Wireless Routers have Default Backdoor

A recently reported flaw that allowed an attacker to drastically reduce the number of attempts needed to guess the WPS PIN of a wireless router isn’t necessary for some Arcadyan based routers anymore.<!– adsense –>
Last …

View full post on National Cyber Security » Computer Hacking

New Bill in the UK wants internet to be censored from porn by default

Baroness Howe of Idlicote most definitely seems to be thinking of the children, but is this a sensible approach?

At the start of this month, she was granted the first reading of her private member Bill on ‘online safety’ in the House of Lords.

The Online Safety Bill states that ISPs and mobile telcos should provide a porn-free internet connection by default.

Of course, an adult wants can choose to opt-in to the uncensored porn-permitted version, provided the site containing adult content has an 18+ verification system.

The Bill wants technology for filtering out porn to be provided at point of sale on every Internet enabled electronic device that can download content.

It also states that ISPs and telcos should provide clear information on ‘online safety’ defined as “the safe and responsible use of the Internet by children and young people on an electronic device.”

This proposal hasn’t exactly received a warm reception from industry, with trade body, the ISP Association arguing that “filtering by default will only reduce the degree of active interest and parental mediation, lull parents into a false sense of security and lead to over blocking. The question also arises of who decides what is pornographic and what is not?”

But wait a minute — haven’t we been here before? Yes, we have. Back in late 2010/early 2011, Tory MP Claire Perry called for ISPs to implement an opt-in system for porn with over 18-age verification.

Minister for Culture Ed Vaizey and parenting network Mumsnet indicated initial support for this idea.

But Mumsnet became concerned that filtering technologies might over-block, impacting, for example, its breastfeeding guidance.

Flash forward to last summer, when the Bailey Review on sexualisation and commercialisation of childhood was released, and we saw another wave of conservatism, with the Coalition refocusing on protecting kids from internet porn.

By last October, David Cameron was meeting the big four UK ISPs: BT, Virgin, Sky, and TalkTalk. It was decided a voluntary Code of Practice was the best route forward. A website, called ParentPort to allow parents to complain about inappropriate content on the internet was also launched.

Under the self-regulatory approach, BT and Virgin provided parental control software for computer-based filtering. Sky will have ‘active choice measures’ that require customers to opt out of parental controls.

TalkTalk went a bit further still, allowing customers to opt into a filtered network service where parents set the blacklists that filter and block content, including porn.

It was found TalkTalk’s filters didn’t actually work very well. For instance, it failed to block one of the biggest porn sites in the world.

This is where we are now. To my mind, having government legislate in this way will only lead to confusion. Let the consumer choose. This is legal pornography, and having a blanket default of state sponsored censorship seems a wholly disproportionate and unnecessary approach to controlling access.

This got me to thinking about the issues for those who would decide to opt in to access pornography. In order to validate your age, you will need to provide identification and then be listed on a database as someone who has chosen to access porn.

The Information Commissioner Office has recognised the importance of protecting people who could be on the list, but ultimately the best way to protect this data is for it not to exist.

ISPs already provide technologies for parents wanting to control what their kids see and it is the parents’ prerogative to use these. To my mind, these seem to give enough flexibility and sufficient control for any concerned parents.

I think we need to protect the status quo that those who object to pornography opt-out of the general internet and can opt in to censored version, not the other way around.

With this being a private member’s bill, it won’t get anywhere until it gets government support. Thankfully, the Department of Culture, Media and Sport have already said they prefer the current flexible, self-regulation that benefits industry and consumers.

And this might be a nail in the coffin for this bill, so it can be buried in the graveyard of failed private member bills, where I think it belongs.

What do you think?

Take Our Poll

UPDATE, later on the same day… Well, I had hoped this condemnation from DCMS was the nail in the coffin and this Bill could be buried alongside other failed private member bills. That doesn’t seem to be the case.

A Parliamentary Inquiry Report into Online Child Safety was released today, chaired by Claire Perry. It mirrors many of the recommendations of the Bill and seeks a formal Government review on the opt in filter, rolling out ‘active choice’ measures, single account ‘one click’ filtering for all devices on the same internet connection, a single regulator for internet safety and even public wi-fi networks having a a default adult content bar. Clearly this issue is not going away any time soon.

Feet graphic courtesy of ShutterStock
Adult signs image courtesy of ShutterStock

Article source:

View full post on National Cyber Security

Google search domains to get HTTPS by default

The steady roll-out of SSL for the world’s most popular websites continues with the news Google’s global search domains including are finally to get HTTPS encryption by default over the coming weeks.

The company turned on HTTPS by default for its global .com domain in October, which now works for all users while signed into Google services, before which secure searching had to be conducted through a special site few would have heard of,

Even once turned on, users outside the US wanting to access the HTTPS feature would have had to manually specify the .com domain (which some know is encrypted), or the equivalent local domain (which many don’t) or change the default search engine in their browser, which few do.

Once implemented, the new setting will make that unnecessary although all users will still need to be signed into a Google service to access HTTPS search.

Twitter turned on https by default only three weeks ago after making the security an opt-in option last year. Facebook offers https in its security settings but is not engaged by default.

If SSL offers an important layer of security, why would companies not turn it on by default?

The main reason is that requires that the company can handle the encryption overhead at data centre level, no mean feat when millions of concurrent users are accessing a service. That adds complexity and expense, hence HTTPS’s slow journey towards being becoming standard.

For Google users, encrypted search means that visited sites can see that a user has landed from Google, but not the search term entered. It also shields this data while using unsecured WiFi.

The impetus to get https turned on without the need for user interaction dates from the appearance of easy-to-use sniffing software such as Firesheep, a proof-of-concept research tool used to point out the weakness of Twitter and Google to eavesdropping when used on open wireless connections without SSL turned on.

Article source:

View full post on National Cyber Security » Computer Hacking

Twitter enables HTTPS by default

Twitter has enabled secure hypertext transfer protocol (HTTPS) for all its users by default, meaning that traffic on the micro-blogging site is now encrypted, providing better protection against man-in-the-middle attacks.

HTTPS keeps the session cookie encrypted throughout the log-in session, preventing the information from being intercepted. Twitter, which made opt-in HTTPS available to users for the first time last March, said that it is particularly important to use the encrypted protocol when accessing Twitter over an unsecured Internet connection, like a public Wi-Fi hotspot.

“HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients,” said Twitter in a blog post.

Users still have the option to turn off HTTPS through the Account Settings page.

The move was welcomed by security firm Sophos, which said that using public Wi-Fi hotspots to access Twitter without enabling HTTPS could allow a hacker to “sniff your session cookie”. This means they could post tweets as you, or read your private direct messages.

“Don’t imagine that sniffing session cookies from unencrypted connections is rocket science,” said Graham Cluley, senior technology consultant at Sophos. “Tools such as Firesheep have made it child’s play in the past for anyone to access the Twitter or Facebook account of someone close by if they haven’t taken the right precautions.”

Cluley pointed out that actor Ashton Kutcher’s Twitter account was hacked during the brainbox TED Conference last year. The hacker accessed Kutcher’s account over an unencrypted Wi-Fi connection and posted pro-SSL graffiti in his name.

Google became one of the first major web communication companies to adopt HTTPS across its sites in January 2010. The Google Plus social network has there for had HTTPS turned on since launch.

In the case of Facebook, however, HTTPS is still disabled by default, despite giving users the option to enable it a year ago.

Meanwhile, research published by the Electronic Frontier Foundation last year showed that the SSL certificate system that underpins web security is far from trustworthy. Ultimately, this means that users may not be able fully trust HTTPS connections. However, until schemes like DNSSEC come online to prevent website spoofing, they have no choice but to do so.

Article source:

View full post on National Cyber Security » Computer Hacking

HTTPS enabled by default – nice one Twitter!

Twitter announces that it has enabled HTTPS/SSL by default — a great step for protecting users’ privacy.HTTPS enabled by default – nice one Twitter!, Blog, Twitter, #HTTPS, default, enabled, nice

View full post on Naked Security — Sophos

View full post on National Cyber Security

Change default Apache port in XAMPP – Lucid Nerd Tutorial

How to change default Apache port in XAMPP. I this video I will cover how to change the default Apache port to help you solve any port confilcts you may have with XAMPP Server. LINKS: LUCID NERD LINKS: Subscribe: Lucid Nerd Channel Page: Lucid Nerd Blog: Follow on Twitter Facebook Page: Google+ Page: Add us to your circles. Lucid Nerd on iTunes: Lucid Nerd Channel Description: The Lucid Nerd is a channel offering beginner computer tutorials covering everything form computer basics to web development and computer programming. VIDEO RELATED LINKS: Start – Stop Microsoft’s IIS : XAMPP homepage: Apache homepage: MySQL homepage: PHP homepage: REPEATED TAGS FOR SEO: Specific Tags: Apache Port XAMPP “Windows 7″ “Lucid Nerd” Tutorial MySQL PHP “AMP Stack” General Tags: “Lucid Nerd” “Computer Tutorials” “Computer How To’s” “Beginner Computer Tutorials” Computer Tutorials Beginner “Web Development” “Computer Programming” “Windows 7″ “Mac OSX” Educational Help

Article source:

View full post on National Cyber Security » Announcements

Avoid default installations

View full post on SANS Institute Security Awareness Tip of the Day

View full post on National Cyber Security

Page 1 of 212»

My Twitter

  • RT @GregoryDEvans: What Presidential Candidates, Brangelina and Reality Television Mean For Education – Finding Common Ground –… https://t.…
    about 1 hour ago
  • The latest The Ciber Crime Daily! Thanks to @GregoryDEvans @HasvdRiet @twbriggs
    about 13 hours ago
  • RT @GregoryDEvans: Are LGBT Students Safe? – Leadership 360 – Education Week
    about 14 hours ago
  • RT @GregoryDEvans: 8 New Uses For Old Things Around The House, According To Toddlers #security #hacker #HTCS
    about 20 hours ago
  • RT @GregoryDEvans: 8 New Uses For Old Things Around The House, According To Toddlers #security #hacker #HTCS
    about 20 hours ago By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans