News Posts matching #Government

Return to Keyword Browsing

US and UK Government Websites Infected with Crypto-mining Malware

Potentially thousands of websites operated by various government ministries, departments, and statutory agencies, of the United States and the United Kingdom, could be infected with crypto-currency mining malware. The already infamously slow government websites, often crippled with bandwidth and hosting deficiencies, not to mention webpage design that's often behind web standards, are now embedded with crypto-miners thanks to outdated accessibility software.

Most government websites implement a web-based text-to-speech software called Browsealoud. Outdated versions of the software can be surreptitiously infected with crypto-mining scripts, by exploiting a vulnerability in the way the software dials home to the text-to-speech server. The scripts slow down computers by forcing them to mine crypto-currency for unauthorized people. Browsealoud has been developed by British software company Texthelp, which is reaching out to all its customers to update to the latest version of their software. It's always handy to have mining script blocking browser extensions.

Intel Warned China of Meltdown and Spectre Before the US Government

It's no surprise that leading Chinese tech companies have close associations with the Chinese Government and the PLA. Intel has waded into controversial waters as reports point to the chipmaker sharing information about its products' vulnerability to Meltdown and Spectre with Chinese tech companies before warning the United States Government, potentially giving the Chinese government either a head-start into securing its IT infrastructure, or exploiting that of a foreign government.

Lenovo and Alibaba were among the first big tech companies to be informed about Meltdown and Spectre; Lenovo is Intel's biggest PC OEM customer, while Alibaba is the world's largest e-commerce platform and cloud-computing service provider. Both companies are known to have close associations with the Chinese government. The United States Government was not part of the first group of companies informed about the deadly vulnerabilities.

Microsoft Officially Announces the Windows 10 "China Government" Edition

Remember that piece regarding Microsoft's Windows 10 for the chinese government? Well, Microsoft has just officially announced it in its Shanghai presentation today. In a joint-venture with China's government, CETC (China Electronics Technology Group), CMIT (a conglomerate of China-based manufacturers), and Lenovo, the Redmond-based company has apparently managed to deliver what they themselves thought impossible: a version of their operating system that doesn't spy on its users. Lenovo, as you might have guessed already, will be one of the first OEM partners to preinstall Windows 10 China Government Edition on new devices.

Based on Windows 10 Enterprise Edition, the Windows 10 China Government Edition ironically ticks all the boxes for what enthusiasts would like to see from their OS: it's a modular approach to Windows, where users (read, in this case, government entities) can remove features they aren't looking to take advantage of (like OneDrive), whilst giving the capability to "manage all telemetry and updates." Aren't those just great features to have?

Microsoft Lifts "Spying" Components in Windows 10 for Chinese Government Version

Reports have started coming in that Microsoft has finalized its special, "non-spying" edition of Windows 10 for the Chinese government. In a joint-venture with China's own CTEC (China Electronics Technology Group), the Redmond-based company has apparently managed to deliver what they themselves thought impossible: a version of their operating system that doesn't spy on its users.

China's government previously banned Windows 8 and its derivatives, citing security concerns, and later launched an anti-monopoly probe against Microsoft. This meant that Microsoft was largely left out of China's huge state-backed enterprises in China - and one can imagine how lucrative a market this one is. Microsoft surely wouldn't be willing to allow such a chance of revenue to just jostle over to the Linux field, following the Chinese government's attempts to craft a custom OS (Kylin, which failed) and recent efforts with new NeoKylin initiative. Microsoft isn't willing to relent so as to what and how were features cut from their Windows 10 version that leads it to continue normal functions even without the heavily baked-in, essential, flaunted telemetry features. What is true, though, is that the company did say telemetry and data collection was so deeply embedded on their operating system that removing them would break it at a fundamental level which is, apparently, only the case if you don't have the money (or potential revenue) to pony up for a custom edition.

New Toshiba Self-Encrypting HDD Meets Government-Class Security Requirements

The Storage Products Business Unit of Toshiba America Electronic Components, Inc., a committed technology leader, announces the MQ01ABUxxxBW series, a mobile-grade thin 7mm hard disk drive (HDD) with self-encrypting technology, including Toshiba's unique wipe technology, which automatically erases data when an HDD is accessed by an unregistered system, has achieved validation to U.S. Federal Information Processing Standard 140-2 (FIPS 140-2). The MQ01ABUxxxBW series is the first Toshiba self-encrypting drive (SED) validated to the FIPS 140-2 standard. Toshiba's SED models are designed to the Trusted Computing Group's (TCG) industry-standard "Opal" Security Sub-Classification. This globally accepted standard implements protocols created to help IT managers, security management application providers and client security professionals to better manage data security and to help prevent potentially damaging and costly breaches to sensitive information. The FIPS-validated model also provides tamper-evident labeling for additional security, with a resulting validation to Level Two of the FIPS 140-2 standard.

The 7mm mobile thin SED series underwent rigorous cryptographic module validation testing by a U.S. National Institute of Standards and Technology (NIST)-certified testing laboratory in order to be validated by the U.S. Federal Information Processing standard. As a result of this validation, this Toshiba HDD series is now available for use in highly regulated and security-sensitive storage applications, such as government systems. The combination of support for ATA (Advanced Technology Attachment) Enhanced Secure Cryptographic Erase function, the TCG-Opal SSC (Security Subsystem Class) protocols, the Toshiba wipe technology extensions of the Opal protocols, and the FIPS 140-2 module level validation makes the MQ01ABUxxxBW series suitable for encrypting confidential data stored on client-grade mobile and desktop computers protected by security management applications.

American Industrial Systems Announces Military-Grade Displays and Panel Computers

American Industrial Systems Inc. (AIS) is an International Traffic in Arms Regulations (ITAR) accredited supplier and manufacturer of cost-effective Commercial Off-The-Shelf (COTS) military grade rugged touch computers and displays for government, aerospace, and defense entities. Facing tight budgets, the Army, Navy, Air Force and Defense agencies are looking for solutions that withstand the test of time while meeting stringent performance, maintainability and reparability, Size, Weight and Power (SWaP), Command, Control, Communications, Computers, and Intelligence (C4I) requirements. AIS MIL-STD and MIL-SPEC compact ruggedized touch computers and displays are designed, manufactured and qualified to pass MIL-STD-810 and MIL-STD-461. All units are tested for drop-shock, moisture, dust and vibration resistance and temperature extremes for military, aerospace and government applications.

Intel Federal LLC to Propel Supercomputing Advancements for the U.S. Government

With the U.S. Government increasingly using high- performance computing (HPC) to address current and future national challenges, Intel Corporation today announced it has been awarded two subcontracts totaling $19 million with the U.S. Department of Energy (DOE). As part of these two awards, Intel Federal LLC, a wholly owned subsidiary, will be a major participant in the Lawrence Livermore National Security, LLC (LLNS) managed Extreme-Scale Computing Research and Development "FastForward" program aimed at driving advancements in exascale computing.

The DOE has been a leading developer of supercomputing technology for a broad range of critical applications in the space of national security, economy, energy resources and consumption. The "FastForward" program will harness the talents of the national laboratories, academia and U.S. industry to develop the next generation of HPC technologies.

AMD Selected by U.S. Government to Help Engineer and Shape the Future of HPC

AMD today announced that it was selected for an award of $12.6 million for two research projects associated with the U.S. Department of Energy's (DOE) Extreme-Scale Computing Research and Development Program, known as "FastForward." The DOE award provides up to $9.6 million to AMD for processor-related research and up to $3 million for memory-related researchi. AMD's award-winning AMD Opteron processor has powered many of the world's largest supercomputers over the past decade and the company invented the world's first and only Accelerated Processing Unit (APU).

FastForward is a jointly funded collaboration between DOE Office of Science, and National Nuclear Security Administration (NNSA) to initiate partnerships with multiple companies to accelerate the research and development of critical technologies needed for extreme scale computing, on the path toward exascale computing. Exascale computing is essentially a grand challenge to provide the next level of computational power required to help ensure the prosperity and security of the United States. The DOE's strategic plan seeks to address the nation's most pressing scientific challenges by advancing simulation-based scientific discovery made possible by the world's highest performing exascale supercomputers.

HP and AMD Research Shows Concerns About Security, Budgets Main Barriers to Gov 2.0

According to a recent survey commissioned by HP (NYSE: HPQ) and AMD, security concerns are still the top barrier to the adoption of Gov 2.0 tools, with 40 percent of government IT professionals listing security as a concern.

Gov 2.0, which involves the use of technology to make government an open platform that allows for greater innovation, also is being hampered by lack of budget (20 percent) and lack of technical expertise and ability (14 percent).

FBI and Other US Government Agencies License Unreal Engine

US Federal Bureau of Investigation (FBI), and other US government agencies, licensed the Unreal Engine from Epic. Unreal is one of the most popular cross-platform game engines in the industry, and United States, through various agencies will use the engines in "serious games", games designed to simulate situations such as crime scenes, encounters, casualty treatment, for the agents to learn to deal with. While the full financial details of these deals were not disclosed, the deal with FBI Intelligence Advanced Research Projects Activity (IARPA) earned Epic around US $10 million.

Anything that Ends in .com Seizable by US Government

Last week, US authorities shut down a Canadian-run website that ends with the TLD (top-level domain) ".com", raising eyebrows. It appears that the US is staking claim to the ".com" TLD, letting the authorities seize any ".com" domain, even of websites that are not American. Internet infrastructure company EasyDNS, in its latest blog post, said "[the] ramifications of this are no less than chilling and every single organization branded or operating under .com, .net, .org, .biz etc. needs to ask themselves about their vulnerability to the whims of U.S. federal and state lawmakers."

This latest controversy highlights how "the U.S. continues to hold over key components of the global domain name system, and rips a Band-Aid off a historic sore point for other nations," Wired commented. It also strengthens the case for non-American businesses and internet companies to opt for local TLDs (eg: ".co.uk", ".de", ".in", etc.,). Naming yourself "Dotcom" isn't such a bright idea, either.

Governments Take On Google Over User Monitoring

Authorities from various countries, are suiting up to take on Google over its controversial "One Google, One Policy", which is in effect from today, which its critics call as being invasive to privacy. "Under the new policy," DailyTech writes, "Google will do away with separate privacy agreements and individual collection of data in its various products. In its place will be a single mass monitoring/data mining apparatus, which will collect sensitive information including location, interests, age, sexual orientation, sexual habits, relationship status, religion, political views, health concerns, employment status, and more."

Google's implementation of the new policy has been faced with opposition from French authorities, who sent an open letter to Google CEO Larry Page asking for technical details of how Google plans to collect and use user data. The letter notes that the new policy "does not meet the requirements of the European Directive on Data Protection, especially regarding the information provided to data subjects." Across the Atlantic, in the US, Attorneys General of various states expressed concerns and voiced criticism over the new policy.

SOPA-like Legislation Mulled in Spain

The Spanish cabinet has approved a new legislation similar to America's Stop Online-Piracy Act (SOPA), designed to bring down websites facilitating copyright infringement in 10 days flat thanks to a streamlined due-process. Named after former Spanish culture minister Angeles Gonzalez-Sinde, the legislation will be called the "Sinde Law", the legislation proposes a mechanism with which copyright holders have the ability to report websites hosting copyrighted content (direct downloads), or facilitating copyright infringement (bit-torrent tracker sites), to a commission dedicated to hearing such complaints. This body decides if it wants to act against the infringing website or the ISPs providing infrastructure to it. A case will then be passed to a judge to rule on whether the site should be shut down.

The bill is being drafted in a way that ensures the process from complaint to action/dismissal happens within a time-frame of 10 working days. The Spanish Government says that it is high time the country had such a legislation, because rampant copyright infringement is stifling innovation and creativity. A report by market-intelligence firm IDC says that 97.8% of music consumption in Spain was illegal. Deputy PM Soraya Saenz de Santamaria said that the objective of this legislation is "to safeguard intellectual property, boost [Spanish] culture industries and protect the rights of owners, creators and others in the face of the lucrative plundering of illegal downloading sites." The legislation is welcomed by the creative industries, and criticized by net activists.

Windows 8 Secure Boot Feature: Not So Secure?

We have brought you the potential perils of the upcoming UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature here, here and here. However, it appears that it may not be so 'secure' after all, since there appears to be a surefire way to circumvent it, at least for the moment, while it's in development.

Softpedia has scored an exclusive interview with security researcher Peter Kleissner, who has created various Windows (XP, Server 2003 etc) "bootkits", which allow OS infection at the highest privilege level, giving unrestricted access to the whole of the PC. His latest one, called Stoned Lite, shows how the Windows 8 secure boot process, still in development, can be subverted, as it stands. He is planning to release details of how the code works at the upcoming International Malware Conference (MalCon) - malcon.org - that will take place in India on November 25th. It appears that the real vulnerability exists in the legacy BIOS boot procedure, not in Microsoft's implementation of secure boot, as Kleissner said:
The problem with the legacy startup is that no one verifies the MBR, which makes it the vulnerable point. With UEFI and secure boot, all the boot applications and drivers have to be signed (otherwise they won't be loaded). You can compare it to TPM, although Arie van der Hoeven from Microsoft announced that the secure boot feature is mandatory for OEMs who want to be UEFI certified. It is a good message that security is not an option.

India Develops 10 Dollar Laptop for Students

In an attempt to empower millions of students across the country, Indian Government agencies have formulated plans to release a laptop at prices that equal that of a trip to a pizzeria in the west. Under a Government-sponsored scheme that runs parallel to the One Laptop Per Child (OLPC) global initiative, the administration sought to implement this scheme to make the computer up to 10 times more affordable than an OLPC. The Government believes that the hidden costs involved in deploying laptops under the OLPC scheme make it still inaccessible to the larger student population, and that much better hardware could be provided at its cost.

The first thing that comes to your mind would probably be the kind of hardware that would make such a cheap laptop. Earliest data trickling in about the specifications indicates each laptop to have about 2 GB of memory, and support wireless networking. We will attempt to find out more about the hardware in the days to come. The Indian Government has reportedly spent close to US $1.5 billion on developing this concept and researching solutions to make this notebook durable and worthy of deployment to the most remote rural areas, that suffer power-outages and voltage fluctuations. Higher Education Secretary R.P. Agrawal said last week that it would be available within six months. The public education scheme governing the deployment of these laptops was flagged off today, in the southern-Indian city of Tirupati. The laptop will be available to students on a priority basis, and will later reach mass-retail channels in the country.

IBM to Supply US Government with 20 Petaflops Supercomputer

IBM will be supplying the US Government with two new supercomputers for the Lawrence Livermore National Laboratory to handle analysis of the U.S. nuclear stockpile. The first is a 500 teraflops supercomputer called the BlueGene/P which the lab will receive by April, the second being the 20 Petaflops supercomputer which is due by 2012. It is estimated to perform up to 10 times greater than the current most powerful systems. More information follows:

IBM Learns of Temporary Suspension from New Business with U.S. Federal Government

IBM announced today that it has learned that it has been temporarily suspended from participating in new business with U.S. Federal government agencies.

The notice of temporary suspension was issued by the Environmental Protection Agency (EPA) and relates to an investigation by the EPA of possible violations of the Procurement Integrity provisions of the Office of Federal Procurement Policy Act regarding a bid for business with the EPA originally submitted in March 2006. The temporary suspension applies to all Federal agencies and IBM business units. IBM may continue awards in existence as of the date of this suspension, unless a particular agency directs otherwise.

UK Government Plans to Compile Massive Database of Citizens' Academic Records

So, apparently the United Kingdom is considering compiling a database. Logged in this database will be the academic records of every UK citizen aged 14 or older. This isn't going over very well with anyone. To start things off, the government's track record with data isn't the cleanest (anyone remember the little incident with lost health records?). The main beef that most people have with this plan is that it gives possible employers access to the academic records of people. What's wrong with this is put into words quite elegantly, as stated by a professor from the University of London:
This disregards how people change throughout their lives. Academic records are no indication of future success. There are many reasons for the grades we get: they might reflect the teaching or a personal crisis. People who do badly at school often do well later in life. There's a danger that these records prevent change and progress for the better.
Whether the UK plans to continue compiling this database after such criticism is unclear at this point.
Return to Keyword Browsing
Dec 18th, 2024 18:11 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts