Security

Toy manufacturer VTech has been the victim of a hack that exposed details of five million customers. The compromised data included some details, albeit limited, of the children who use the products. As its name suggests, VTech's product range ... includes many electronic toys that have increased in sophistication over the years. These include several tablet computers which don't allow web access, but do let children share messages with friends and family and download child-friendly apps through a system known as the "Learning Lodge." No Financial Data Compromised The company has ... (view more)

Dell has confirmed it shipped computers with a major built-in security flaw. The unintentional move could expose users to a significant risk of hackers accessing their personal data. The issue at hand deals with an exploit in the secure sockets ... layer (SSL). Specifically, Dell has inadvertently shipped PCs and laptops with both a trusted root certificate and key, when only the trusted certificate should have been allowed. The idea behind the mishap was to help identify Dell computers when they were connected to Dell's online support service. In this case, the computer's model number could be ... (view more)

Facebook is to warn users when it believes a government is trying to hack their account. The company is giving few details about how it will detect such attempts, or which governments may be involved. The warnings will appear when Facebook has ... reason to believe an "account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state." According to Facebook, the message is not meant as an indication that Facebook's own servers or systems have been compromised - whether by a government or anyone else. Early Warning System Instead, Facebook will ... (view more)

Google is to tone down security warnings for users of the Chrome browser. It believes the move won't increase user risk and may instead encourage websites to improve security. The change involves the way secure websites appear in the address bar in ... Chrome. At the moment, a website in Chrome will appear with one of four icons to the left of the address to indicate whether or not it is secure: A plain white 'blank page' icon indicates an ordinary http site, meaning there's no encryption of data passing back and forth between the website and the user's computer. A green ... (view more)

Some media outlets have accused Microsoft of building creepy keylogger spyware into Windows 10. That's a somewhat overblown interpretation, but some users may want to take the option to turn off the relevant setting. Traditionally references to " ... keyloggers " are about unauthorized programs installed on computers, often without the owner's knowledge and often through trickery. Such programs are designed to track everything the user types, then relay the data over the Internet to criminals who then look for passwords, credit card numbers, and bank account information. In this ... (view more)

Mozilla has blocked Adobe Flash from running by default in the Firefox browser, citing security concerns. Meanwhile, Facebook's security chief has called for Adobe Flash to be killed off permanently. Adobe Flash is widely used for both videos and ... animations, including ones which play automatically on a website. The technology has fallen from favor over the years, however, thanks to problems with both performance and security. It's a popular target for malware creators as it is so widely used by users, regardless of their operating system or browser. A big part of the decline came when ... (view more)

Plans to draw up guidelines for how firms use facial recognition technology have fallen apart after civil liberties groups withdrew from talks. They say businesses aren't making a serious offer at an acceptable compromise. Businesses and consumer ... groups have been taking part in facial recognition guideline talks since early last year. They've been organized by the National Telecommunications and Information Administration (NTIA), a government agency. The idea behind the talks was to avoid the need to draw up and implement legislation, something that could be politically tricky. The ... (view more)

Kaspersky Lab, one of the biggest security software firms, says its own internal network was attacked by hackers. The company heavily implied that a national government was behind the hack. Owner Eugene Kaspersky says the hackers were able to access ... confidential internal data relating to research and development into new and improved security techniques. The attack didn't delete or change any data, or affect any performance. The company is also quick to stress that no customers were affected by the move and that it's products continue to work as designed. Attack Method Impressive, ... (view more)

A new security firm says it has come up with a way to stop malicious software before it reaches a user's computer. The "Isolation Platform" will initially be offered to business users, but remains to be seen how practical the solution is. According ... to makers Menlo, the main problem with most security tools are that they are based around the idea of examining programming code on a user's computer, and trying to determine if the code is malicious. Only if everything appears to be OK is a program allowed to run on the computer. Menlo says that's flawed because malware ... (view more)

Some of the largest tech firms are urging President Obama to drop plans to make it easier for law enforcement and security agencies to access Internet communications. They say the President should resist any idea for such firms to implement ... mandatory "backdoors." The proposal means that firms are only allowed to use encryption if they also build in a way that makes it possible for law enforcement groups to access the data in an unencrypted form. The "key" to unlock the data would effectively be split into two parts: one held by the Internet firm, and the other by the ... (view more)