The Android Security Update for May 2016 includes a number of critical issues. Jack Wallen has the highlights, and shows how to find out if your device is up to date.
Mobile devices offer powerful productivity, but there is also the risk of security breaches. Tech Pro Research’s survey looks at the best practices for securing these devices.
Developers would often rather write apps than secure them, but public cloud providers can help them do both.
Genetically modifying animals and plants is a growing concern — with some people totally against the idea. And there are now a variety of biotech tools that make defining GMOs a bit less clear-cut for the general public. Taking a gene from a sea animal and putting into a pig sounds extremely unnatural, but does simply removing a gene sound as bad? Or what if farmers used traditional breeding techniques to get to a particular genetic end goal that was discovered by less “natural” genetic experimentation?
- If scientists merely remove genes, not add any new genes, does that qualify as a genetically modified organism? Using CRISPR/Cas9 techniques, a researcher created a button mushroom that doesn’t brown after it’s cut — by removing some genetic material to turn off an enzyme — and the USDA says that’s not a GMO mushroom. (However, this decision may change.) [url]
- There are at least a couple engineered genetic “kill switches” for genetically modified microbes. Have researchers not seen/read Jurassic Park? Or Blade Runner? [url]
- Off-patent generic GMO soy beans are starting to enter the market since it’s been about 20 years since Monsanto developed them. Out of about 84 million acres of soybeans planted in the US, only a couple thousand or so acres will be seeded with generic Roundup Ready knockoffs. Monsanto has a Roundup Ready 2 variant that’s still under patent protection (as well as another version still pending approval), so don’t worry about not being able to buy the authentic stuff. [url]
After you’ve finished checking out those links, take a look at our Daily Deals for cool gadgets and other awesome stuff.
You may have heard, recently, that the guy who was apparently behind the celebrity nudes hacking scandal (sometimes called “Celebgate” in certain circles, and the much more terrible “The Fappening” in other circles) recently pled guilty to the hacks, admitting that he used phishing techniques to get passwords to their iCloud accounts. But… that’s not all that he apparently used. He also used “lawful access” technologies to help him grab everything he could once he got in.
We keep hearing from people who think that just “giving law enforcement only” access to encrypted data is something that’s easy to do. It’s not. Over and over again, security experts keep explaining that opening up a hole for law enforcement means opening up a hole for many others as well, including those with malicious intent. ACLU technologist Chris Soghoian reminds us of this by pointing to an earlier article about how the guy used a “lawful access” forensics tool designed for police to get access to such data (warning, link may ask ask you to pay and/or disable adblocker):
On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.
Obviously, the situation with encryption on the iPhone is a bit different, but the same basic principle applies. Opening up a door is, by definition, opening up a vulnerability. And we should be very, very, very wary about opening up any kind of vulnerability. It’s tough enough to find and close vulnerabilities. Deliberately opening one can be catastrophic.