Worried about hacks, senators want info on Trump’s personal phone

Two senators have written to the U.S. Department of Defense about reports that President Donald Trump may still be using an old unsecured Android phone, including to communicate through his Twitter account.20170130 3127871

“While it is important for the President to have the ability to communicate electronically, it is equally important that he does so in a manner that is secure and that ensures the preservation of presidential records,” Tom Carper, a Democrat from Delaware, and Claire McCaskill, a Democrat from Missouri, wrote in the letter, which was made public Monday.

The senators are members of the Senate Committee on Homeland Security and Governmental Affairs.

Trump’s use of an Android smartphone that may not be secure was raised last month in a report by The New York Times.

The senators are worried that the phone may be vulnerable to hackers who could access sensitive information by turning on “audio recording and camera features, as well as engaging surveillance tools that allow location and other information tracking features.” A number of experts have raised concerns about the president’s use of an unsecured phone.

The vulnerabilities are among the reasons why national security agencies discourage the use of personal devices, the senators added, pointing to a Department of Defense’s 2013 Commercial Mobile Device Implementation Plan, which stated that “DoD policies, operational constructs, and security vulnerabilities currently prevent the adoption of devices that are unapproved and procured outside of official government acquisition.”

The senators want information from DoD and its Defense Information Systems Agency (DISA) on whether Trump received on or before his inauguration a secured, encrypted personal smartphone and is using it.

If not, they would like a written response that describes what kind of personal smartphone Trump is using, or has used, since taking office, as well as “a written response outlining the steps DISA has taken, or plans to take, to develop written policies and procedures regarding protective measures for President Trump’s use of a personal smartphone.”

The senators also want to know what measures DISA has taken so that The National Archives and Records Administration can preserve Trump’s tweets and other records arising from the use of the device.

Democratic party presidential candidate Hillary Clinton ran into an investigation and criticism, including from Trump, for using a private email server when she was secretary of state.

Cybersecurity alliance promoting intel-sharing seeks to expand

Hackers have probably had a harder time slipping past your security software, thanks to an alliance between some of the top vendors in the industry.ransomware hardware security embedded circuit board integrated controller

The Cyber Threat Alliance, a group of security firms that often compete, says its efforts to share intelligence on the latest hacking threats have been paying off.

Rivals including Fortinet, Intel Security, Palo Alto Networks and Symantec originally entered into the alliance over two years ago, even as doubts arose over whether it’d last.

But now the group is seeking to expand. In an effort to recruit more members, the Cyber Threat Alliance is announcing that it’s become a not-for-profit. In addition, a former White House official will be its new leader.

The intelligence sharing between the vendors will also accelerate. Before it was done manually, and involved sharing 1,000 malware samples each day. But alliance members have built a platform that will now automate the information sharing in real-time.

For customers, it means their security software will better detect cyber threats, and more quickly. By sharing intelligence, the security vendors are essentially pooling their resources to gain a more complete picture of today’s cyber threats.

“I think it should make the bad guys nervous,” said Joe Chen, Symantec’s vice president of engineering, on Monday.

The alliance has also added two new founding members, security firm Check Point and Cisco Systems.

Cisco joined to gain a greater reach to stymie the hackers, said Matt Watchinski, a senior director at the company’s Talos security group. Now, Cisco can share preventive tips that’ll be used not just in its own patches but in security software from many of the leading vendors.

“We’re going to be able to attack these guys and put them in a much smaller box, because of the reach of this entire group,” he said.

It’ll take time to see how effective this new stage of the alliance is in thwarting cyber attacks. But the prior intelligence-sharing efforts have bolstered Intel Security’s ability to detect some serious hacking attempts.

In one case a few weeks ago, Intel Security was able to quickly spot a critical infrastructure attack against a customer by using data that came from another alliance member, said Vincent Weafer, vice president of Intel Security’s McAfee Labs.

“We were able to make a real difference against real threats, by linking the information together,” he said. “It reduces the time to identify and see these issues.”

If not for the alliance, it might have taken a few weeks to spot the attack, perhaps by relying on a public advisory from the FBI or US-CERT — too late to prevent the hacking attempt, Weafer said.

To ensure the Cyber Threat Alliance remains independent, the group members sought a neutral party to lead it, and chose Michael Daniel, a former White House cybersecurity coordinator.

Alliance members are hopeful other security vendors will join. Their customers are clearly benefitting from the partnership, they say.

“We want you to ask every security vendor why they’re not a member of the Cyber Threat Alliance,” said Rick Howard, chief security officer of Palo Alto Networks.

Google strengthens Android relationship with Intel in IoT

Intel may have cut ties with Android on smartphones and tablets, but the company’s partnership with Google on Android for the internet of things is growing stronger.Raspberry Pi 3 and Android Things

Google’s Android Things, a slimmed down version of Android for smart devices, will be coming to Intel’s Joule 570x computer board.

The combination will allow makers to cook up Android-based gadgets or smart devices for use in home, retail, or industrial settings.

The Intel board adds a lot of processing and graphics muscle to projects. With 4K graphics capabilities, the 570x is good for devices with screens or computer vision, like robots and drones. Intel demonstrated a bartending robot that used the board at its annual trade show last year.

A standout feature in Joule 570x is a RealSense 3D depth camera, which can recognize objects and measure distances. The board has an Atom T5700 processor, 4GB of LPDDR4 RAM, 16GB of storage, and 802.11ac Wi-Fi.

Right now, only three boards — Raspberry Pi, Intel’s Edison, and NXP’s Pico i.MX6UL — support Android Things.

On paper, the Joule 570x has better specifications than the Raspberry Pi 3. But it could also be overkill for Android Things, which can also work on work on sensor devices that require only basic processors like Quark on Intel’s Edison.

Putting Android Things in more devices will help Google effectively compete with Amazon’s Alexa, the voice-assistant technology that is being used in more gadgets and home appliances.

Last week, Google hinted that makers will be able to build devices with the company’s machine-learning technologies like voice and speech recognition, which are mainly based in the cloud. Google’s will bring its TensorFlow APIs (application programming interfaces) to makers later this year.

Android Things is still in preview, and a final version of the OS hasn’t been released. The OS previously went by the name Project Brillo, and a release date for a final version of the OS isn’t available.

Android Things is also one way for Google battle Microsoft’s Windows 10 IoT Core, Ubuntu’s Snappy Core, and other Linux-based embedded OSes. Billions of IoT devices will ship in the coming years, and there’s an OS battle raging in the area, much like the OS competition in the PC and server markets.

Twitter’s rolling out new features to counter abuse soon

Twitter said late Monday it is rolling out features soon to counter abuse on its platform, though it did not provide details of the measures it is taking to address the problem.151027 dorsey

“We’re taking a completely new approach to abuse on Twitter. Including having a more open & real-time dialogue about it every step of the way,” wrote company CEO Jack Dorsey, referring to a tweet by Ed Ho, vice president for engineering, in which he promised the changes soon.

“This week, we’ll tackle long overdue fixes to mute/block and stopping repeat offenders from creating new accounts,” wrote Ho in one of a series of tweets.

Twitter has been asked by a large number of users to crack down on abuse and harassment on its platform, with some even quitting the service after being harassed online.

Dorsey asked users in December to identify what were the most important things users wanted Twitter to improve or create in 2017, and he was able to narrow down on four categories of which one was abuse. The others were the flexibility to easily fix typos in tweets, and make it easier to follow conversations and find topics.

“We heard you, we didn’t move fast enough last year; now we’re thinking about progress in days and hours not weeks and months,” Ho promised in a message on Twitter. He did not provide details on what were the changes that the company planned to introduce.

A company spokesman did not also provide details, promising to reveal more in the coming days and weeks.

Twitter said in a statement that it is approaching safety with a sense of urgency, and will be rolling out a number of product changes in the coming days and weeks. Some of these will be immediately visible, while the others will be more targeted to specific scenarios.

“We will update you along the way and continue to test, learn and iterate on these changes to evaluate their effectiveness. You can expect to see meaningful progress in this area,” the company said.

Net neutrality policy still up in the air under Trump

During his campaign, U.S. President Donald Trump called the Federal Communications Commission’s net neutrality rules a “top-down power grab,” leading many observers to expect a quick repeal.screen shot 2017 02 01 at 8.51.22 am

Trump’s presidency is still in its infancy and it’s unclear what his administration will do about the hot-button issue.

It’s difficult to determine what direction the unpredictable Trump administration will take, said Nathan White, senior legislative manager at Access Now, a digital rights group.

“The world is a very complicated place right now,” he said. “I don’t think we can get too far out front and predict the future.”

Ajit Pai, Trump’s pick for chairman of the FCC, has promised, however, to “fire up the weed whacker” and kill net neutrality and other regulations passed by the FCC during President Barack Obama’s administration.

But this week, Pai declined to outline a path forward on net neutrality, saying only that he continues to oppose the FCC’s 2015 decision to reclassify broadband as a regulated common carrier under Title II of the Telecommunications Act.

“We haven’t made any determinations at this time,” Pai said during a press conference Tuesday. “My position is pretty simple. I favor a free and open Internet and I oppose Title II. That’s pretty much all I can say about that topic.”

The Republican-controlled Congress may take a different path than a possible repeal of the rules at the FCC.

Lawmakers will likely push for legislation, similar to a proposal from early 2015, that would write basic net neutrality protections into law, Senator John Thune, the Republican chairman of the Senate Commerce, Science, and Transportation Committee, said recently. A law passed by Congress would supersede any actions taken at the FCC.

Even though the FCC may move to repeal its reclassification, Thune called for a bipartisan agreement on some baseline rules. A Republican-controlled FCC moving to repeal the net neutrality rules “may help inspire some of my Democrat colleagues to embrace the idea that a bipartisan, legislative solution is the best possible outcome,” he said in a Jan. 23 speech.

Internet companies and users need certainty about long-term rules that won’t change every time there’s a new party in power, Thune said.

“We need clear and reasonable rules for the digital road that Internet companies, broadband providers, and end users can easily understand,” he added. “Complex and ambiguous regulations that shift with the political winds aren’t in anyone’s best interest.”

It’s unclear, however, if Congress will have “the attention or the political will” to move forward with a bill, said Access Now’s White.

Meanwhile, supporters of strong net neutrality rules vow to fight any effort to repeal the rules and rescind the classification of broadband as a regulated service. About 4 million people submitted comments to the FCC during its recent net neutrality rulemaking proceeding, with the large majority favoring strong net neutrality rules, supporters noted.

Net neutrality advocates will look to fire up that crowd again if Pai or Trump move to kill the rules.

Without Title II authority for the rules, broadband providers may be able to change charge websites for paid traffic prioritization, said Holmes Wilson, co-founder of digital rights group Fight for the Future.

Recent court rulings were “pretty clear” that the FCC can’t ban paid prioritization without Title II authority, he said by email. “If they’re talking about reclassifying back out of Title II, people should see that as an underhanded way to kill net neutrality and give companies like Comcast free reign to shake down your favorite sites,” Wilson added.

Pai and the FCC would need to explain a major shift in policy two years after the FCC passed its rules, supporters of the regulations said.

“Chairman Pai’s FCC cannot move quickly to dismantle protections supported by the vast majority of the American people,” said Matt Wood, policy director at digital rights group Free Press. “While Pai’s boss, Donald Trump, may have little respect for the rule of law, administrative law still binds the FCC.”

Congress could pass legislation, but that’s not a given, Wood added. That’s “assuming this Congress can get anything done, unlike its recent do-nothing predecessors,” he said. “But the current rules are the common-sense floor for any new law, not the overreach that members of the current majority in Congress and the FCC preposterously make them out to be.”

 This article was updated to correct a typo in the quote from Holmes Wilson, co-founder of digital rights group Fight for the Future.

Samsung’s Tizen 4.0 OS is in development and due out in September

A new version of Samsung’s Tizen OS, version 4.0, is now under development for mobile devices, wearables and smart gadgets and is due for release in September.Samsung's Gear S3 Frontier

Tizen is mainly used in Samsung products. The release date of Tizen 4.0 is listed on the OS’s developer website, which also states that the first beta of the OS will come out in June.

The Tizen 4.0 release date is listed as part of the Tizen .NET roadmap. The page states that “the first official version of Tizen .NET will be released in September 2017 as a part of Tizen 4.0.”

The page went up recently, and an image detailing the roadmap seems to have  typographical errors. The chart is supposed to show a timeline for Tizen .NET releases extending into 2017, but the release date of Tizen 4.0 is listed for September 2016, in an apparent mistake.

Tizen is a competitor of iOS and Android, but has struggled. The OS is in a handful of Samsung smartphones in India, but the handsets are stuck at version 2.4.

Samsung’s smart TVs and smartwatches like Gear S3 also use Tizen. The OS will be used in the company’s home appliances, washing machines, and even vacuum cleaners.

Most of Samsung’s smartphones have Android today, but it is maintaining Tizen, as it doesn’t want to put all its eggs in one basket. Samsung is developing technology so its Android mobile devices, Windows PCs and Tizen devices can easily communicate with one another.

Tizen has also been ported to work on boards like Raspberry Pi and the Artik developer board.

Tizen may be Samsung’s ticket to success in the internet of things market, where competitive OSes include Google’s Android Things and Microsoft Windows 10 IoT Core. Tizen 3.0 already supports Open Connectivity Foundation’s emerging IoTivity protocol, designed for easy pairing of compatible devices.

Shipments of IoT devices will outstrip smartphones in the coming years, touching 30.7 billion by 2020, and 75.4 billion by 2025, according to IHS.

With Tizen 4.0 so close, Samsung is moving on quickly from Tizen 3.0, which hasn’t made it to many devices yet.

Tizen 3.0 was portrayed as a powerful 64-bit OS compatible with ARM and x86 processors, with support for 4K graphics and image and speech recognition. Samsung claimed Tizen 3.0 was 30 percent faster than Tizen 2.4.

Tizen 4.0 will have richer features and be faster than its predecessor. It’ll also be a beneficiary to Microsoft’s embrace of open-source technologies.

In November, Samsung announced a pact with Microsoft framed to allow .Net developers to easily write Tizen applications for mobile devices, smartwatches, smart TVs and IoT devices. Samsung is releasing previews of Tizen .NET to make that possible, and will bake a final version of related tools into Tizen 4.0.

The origins of Tizen date back to 2007, when Intel started developing the Linux-based Moblin OS. In 2010, Moblin was merged with Nokia’s Maemo into a new OS called Meego. That OS was then merged with LiMo to form Tizen. Tizen is considered Samsung’s OS, but the development is managed by the Linux Foundation.

Tim Cook: Apple may take legal action over immigration restrictions

After sending an email to employees expressing Apple’s opposition to the Trump administration’s new immigration restrictions, Apple CEO Tim Cook is now making a forceful stand.tim cook apple ceo

“More than any country in the world, this country is strong because of our immigrant background and our capacity and ability as people to welcome people from all kinds of backgrounds,” Cook told the Wall Street Journal. “That’s what makes us special. We ought to pause and really think deeply through that.”

Cook isn’t just vocally opposing the restrictions on refugees and immigrants from seven predominantly Muslim countries. Apple is also considering legal action. It’s unclear exactly what form that action would take, with Cook telling the WSJ that the company “wants to be constructive and productive.”

The executive order has directly affected Apple employees, who have reached out to Cook to share their stories and make sure Apple leadership is aware of the immigration ban’s real-world impact.

Other tech companies are also considering legal action or have already acted. Amazon is backing a lawsuit against the Trump administration brought by Washington State Attorney General Bob Ferguson, announced on Monday.

“This executive order is one we do not support,” Amazon CEO Jeff Bezos wrote in a letter to employees. “Our public policy team in D.C. has reached out to senior administration officials to make our opposition clear. We’ve also reached out to congressional leaders on both sides of the aisle to explore legislative options. Our legal team has prepared a declaration of support for the Washington State Attorney General who will be filing suit against the order. We are working other legal options as well.”

This story, “Tim Cook: Apple may take legal action over immigration restrictions” was originally published by Macworld.

AMD sets Ryzen CPUs up for a strong start in looming chip brawl with Intel

As a pesky underdog, AMD challenged Intel in chip innovation until the mid-2000s. AMD churned out innovations like dual-core and 64-bit chips, which kept Intel on its toes.ryzen new

But some disastrous technological and management decisions cost AMD dearly, and over time, buyers began to consider its processors inferior to Intel’s chips. Intel ran away with PC and server chip market share.

AMD now is looking to rally its dwindling fan base with a series of Zen-based chips this year for desktops, servers, and laptops. The hyped-up Zen chips are expected to be good, and even Intel readily acknowledges the stiff competition coming its way.

AMD promises that Zen chips will deliver a 40 percent improvement in instructions per cycle, an important metric for chip performance. That number is impressive, considering most chips based on a new architecture have typically boasted CPU improvements of up to 20 percent.

The expectations around Zen are high, and the likelihood of it being a flop is unlikely, said Dean McCarron, principal analyst at Mercury Research.

“If it shows well, we’ll be going back to 1997 or 2006 when AMD was competitive with Intel,” McCarron said.

If that doesn’t happen, it’ll likely be business as usual for AMD, McCarron said.

A strong start is important for AMD, and early adopters of Zen will be the committed user base of enthusiast and gamers who are AMD loyalists.

AMD ryzen pcs

AMD Ryzen PCs at CES 2017.

AMD’s first Zen-based Ryzen chips are coming in March to high-end desktops. Systems and motherboards will be available right away, Lisa Su, CEO of AMD, said during an earnings call.

The first Ryzen chips will initially compete with Intel chips like Core i5 and i7, Su said. Eventually, AMD will release a full complement of Ryzen chips to take on all Intel desktop chips.

“What we’ll see is some pent-up demand from them in the early launch,” McCarron said. Some AMD loyalists who held off PC purchases will quickly pick up Ryzen chips for gaming desktops.

Following the initial rush, the word-of-mouth on Ryzen will ultimately determine if Intel desktop users start moving over to AMD chips.

AMD is expecting quick returns on Ryzen chips as the gaming market is exploding, Su said. AMD also plans to release its Vega GPU in the second quarter for enthusiasts, and it could be paired up with Ryzen chips.

Most gaming machines today have Intel’s high-end Core chips. Gaming PC makers like Dell’s Alienware and Falcon Northwest are dedicated to Intel chips. But if there’s demand, those PC makers could offer Ryzen chips in gaming PCs.

amd 3

An AMD AM4 motherboard, which will house Ryzen and Raven Ridge chips.

In the second half of the year, AMD will release Zen chips, code-named Raven Ridge, for laptops. It’s more difficult to predict whether Zen will be a hit in laptops as pricing matters more than the components inside.

Raven Ridge’s success also depends on PC makers. If major brands don’t adopt the chips, AMD’s chances of success diminish, McCarron said.

PC makers haven’t publicly stated whether they will offer laptops with Raven Ridge chips, but a few will likely bite. HP, Dell, and Lenovo have been using AMD chips in more laptops and could be open to using Raven Ridge.

Raven Ridge is a strong product for high-end notebooks and 2-in-1s, but it could also be used in desktops, AMD’s Su said. Su didn’t share details about the GPU that will be integrated into Raven Ridge.

In between the desktop and laptop chips, AMD in the second quarter will ship the beefy Zen server processor code-named Naples, which will have up to 32 cores. The goal with Naples is to provide more threads, faster throughput, and more memory capacity in servers.

But AMD will be more conservative with Naples server chip shipments, partly because it’ll be more difficult to topple Intel, which has a commanding server chip market share of more than 90 percent.

amd am4 platform

Su indicated AMD may compete on chip pricing with Intel to gain server market share. It worked with AMD’s Opteron chips, which were considered a cheaper alternative to Xeon chips.

Zen-based chips for mobile devices like tablets and smartphones are not on the roadmap because the company is targeting higher-margin and higher-performance computing products.

In the longer-term roadmap, AMD is developing the Zen 2 and Zen 3 chips and is preparing to make chips using the 7-nanometer process. AMD has its chips made at GlobalFoundries, which has said it will make 7-nm chips by 2018. However, fab companies often don’t meet targets for mass volume chip shipments on a new process.

Last week, Intel announced it will establish a pilot factory for 7-nm chips. Intel is currently making chips at the 14-nm process but will ship its first 10-nm chips, code-named Cannonlake, by the end of the year. The 7-nm chips will follow 10-nm parts.

AMD has fine-tuning its operational and technical capabilities and has set itself up for a strong 2017, building on the success of GPUs like Polaris, Patrick Moorhead, principal analyst at Moor Insights and Strategy, said in a research note. Moorhead was formerly employed by AMD.

“It’s all up to AMD to flawlessly execute this year,” Moorhead said.

WhatsApp reduces spam, despite end-to-end encryption

Can a spam filter work even without reading the content of your messages?

WhatsApp thinks so. Since last April, the messenger app has been successfully fighting spam abuse, even as it’s been using end-to-end encryption.dsc05664

That encryption means that no one — not even WhatsApp — can read the content of your messages, except for the recipient.

More privacy, however, can raise issues about spam detection. If WhatsApp can’t scan your messages for suspicious content, say for advertisements peddling cheap Viagra, then how can it effectively filter them out?

“In reality, we actually haven’t seen this as a big problem,” WhatsApp software engineer Matt Jones said on Wednesday. “We actually reduced spam by about 75 percent from around the time that we launched end-to-end encryption.”

Its spam detection mechanisms work by looking at unusual behavior from users in real-time, Jones said while speaking at the USENIX Enigma 2017 conference.

For instance, WhatsApp will analyze how long a suspected spammer has been registered on WhatsApp or how many messages he has sent in the last 30 seconds.

To detect what activity is possibly malicious, WhatsApp has been studying the behavior of spammers who’ve already been banned on the platform, Jones said. That’s helped WhatsApp learned their tricks of the trade. So it’ll be on the lookout for telltale patterns, such as evidence a bad actor was running a computer script to send out a flood of WhatsApp messages.

The level of spam has fallen on WhatsApp since implementing end-to-end encryption.

The app is also looking at the “reputation” of the internet and mobile providers powering the suspected spammer’s messages, Jones said. That includes examining the network and the phone numbers to determine if WhatsApp has routinely blocked other spammers from related sources in the past.

In the fight against spam, WhatsApp also has a key advantage over platforms such as email. To register, users need to provide the app a phone number. That can be a hassle for spammers.

“If we make things expensive for [the spammers], their business model won’t work,” Jones said.

Improbable scenarios, such as a user with a U.S. phone number suddenly connecting to an internet network in India, will also set off alarms, Jones said. But the spam detection isn’t perfect, he said, and it will result in mistakes. For example, users who are traveling internationally might be flagged.

The messaging app also takes a strict stance on suspected offenders. Rather than try to filter out spam, it’ll block the account where the messages came from, Jones said.

For spammers, that means a quick boot from the service. But for legitimate users, it can mean being unfairly banned and filing an appeal. However, the messaging app has been introducing new measures to cut down the incorrect user bans, Jones said.