Featured ContentNote: We're able to pay for good user-contributed content
After a few initial delays, AT&T today announced
that they're launching their new "Digital Life
" home automation and security platform in fifteen markets: Atlanta, Austin, Texas, Boulder, Colo., Chicago, Dallas, Denver, Houston, Los Angeles, Miami, Philadelphia, Riverside, Calif., San Francisco, Seattle, St. Louis and select areas of New York and New Jersey.
$30 a month and a $150 installation fee nets you a fairly stock home security setup that provides 24/7 home monitoring, while another $10 a month and an additional $100 installation fee provides up to three carbon monoxide and glass breaking sensors.
A flurry of additional home automation features can be purchased for $10 each, ranging from sensors that can tell if you've got a water leak, to remotely-manageable thermostats. AT&T is saying that they plan to offer their Digital Life platform in fifty markets before the end of this year.
While ISPs have been lusting after the home security market for years, their success on this front is uncertain. While Verizon, Comcast and others have launched home security services, they generally keep the number of users close to the vest. Clearly they see ample opportunity here, but it's primarily with higher-end customers with oodles of disposable income, given much of this functionality can be done with do-it-yourself kits much less expensively.
There's also the added question of whether you really want AT&T in charge of your Internet, TV, home phone, wireless phone, home security, home automation, and bank account
. The company's customer service reputation is historically among the worst in the industry
, and their record in regards to consumer privacy and respecting surveillance laws
isn't particular hot either.
By now AT&T's total disregard for privacy and wiretap laws in their cooperation with the government's warrantless wiretap program is fairly well established. As numerous NSA and AT&T whistleblowers have illustrated, the company dumps all voice and data from any carrier that touches their network directly into the lap of the NSA
-- with no warrants or transparency and only marginal government oversight.
The ACLU is pressuring regulators to take a closer look at lagging carrier Android updates, claiming that belated security updates in particular are putting consumer privacy at risk. "All four of the major wireless carriers consistently fail to provide consumers with available security updates to repair known security vulnerabilities in the software operating on mobile devices," the ACLU stated in a complaint filed with the FTC
(pdf). Un-upgraded handsets are "defective and unreasonably dangerous," claims the ACLU, given they feature security vulnerabilities that may be used "to target spear-phishing campaigns, physically track or stalk individuals, and perpetrate fraud, resulting in costly bills to the consumer."
According to documents obtained by CNET
, the DEA is upset because the encryption used by Apple's iMessage foils their ability to snoop on those communications. Even with a warrant (increasingly seen as optional these days by law enforcement and intelligence agencies) and the fact that carriers let the NSA snoop on everything in real time
, "it is impossible to intercept iMessages between two Apple devices."
Well not entirely impossible; the memo notes that sometimes interception is possible, but it would require the government to conduct man in the middle attacks using spoofed cell towers, something the feds just got busted for using for years without properly informing Judges
Back in March of last year you might recall that the FCC announced
they had cooked up a new voluntary "cybersecurity" program designed to shore up and unify ISP responses to botnets and other security threats. The plan essentially just urged ISPs to voluntary follow a code of practice for shoring up security measures versus botnets, attacks on the Domain Name System (DNS), and Internet route hijacking.
Porn copyright troll Prenda Law has apparently run afoul of one very tough Judge. We've previously noted
how Prenda has been trying to scare broadband users into settling with the company en masse after they've been tracked downloading copyrighted porn films.
Iran, like Pakistan, in 2011 decided to make use of VPNs illegal
, claiming the move was necessary for "security reasons" and to "stop militants" (easier spying is of course just coincidence). Reuters
notes that the Iranian government have lately been clamping down harder on VPNs, hunting down and shuttering "illegal" VPNs. The country allows only official, surveillance-ready VPNs to operate. The clamp down comes as Iran prepares for its presidential election in June. Iran also filters or bans Facebook, Twitter, and YouTube significantly.
If you live in the United States, you may be familiar with the common sentiment that you generally cannot take your favorite cellular enabled device (tablet, smartphone, Sony PlayStation Vita, etc.) and use it on any carrier you like. With GSM carriers, this is referred to as a SIM lock. story continues..
The Baltimore Sun
(via Ars Technica
) notes that Verizon contacted police after they noticed a Baltimore Deacon was quite happily storing his significant child pornography collection in the cloud. The Deacon apparently thought it was a great idea to store this content in his Verizon Online Backup and Sharing account; Verizon noticed the content and contacted the Center for Missing and Exploited Children, who in turn contacted law enforcement. 67-year-old William Steven Albaugh was released on $75,000 bond while the investigation continues. Aside from the obvious discussion on disgusting child porn, priests, and stupidity -- the incident raises some obvious questions about just how extensively Verizon monitors cloud content.
Comcast has finally launched a security suite for smartphones and tablets after testing the service since 2009. According to a company press release
, Xfinity customers can now download a free app called Constant Guard Mobile that will protect users from phishing attacks and fraudulent websites. The company also offers desktop users a version of Constant Guard
made by Norton. Whether you really think you need your cable company to provide mobile device security, or whether you want yet another large company fiddling with your private data -- is of course up to the individual. We'd be interested in hearing Comcast user impressions of the app in the comment section below.
DNSSEC is a flavor of security that allows both sites and providers to validate domain names to make sure they're correct and not tampered with, and is supposed to help combat things like DNS cache "poisoning" and phishing scams. While some ISPs like Comcast have made great efforts
to get DNSSEC deployed, most ISPs and companies are lagging far behind.
Verizon has been trying to justify their blocking of Google Wallet on Verizon phones
, insisting the app is blocked because Google Wallet uses the "secure element" on devices to store a user's Google ID. In response to complaints filed with the FCC, Verizon insists the unending blockade has nothing to do with the fact Verizon (in conjunction with AT&T and T-Mobile) is working on their own competing mobile payment platform named Isis.
We've noted repeatedly how privacy technology discussions often have a bizarre and amusing lack of context, the press getting borderline hysterical about every NebuAD
scandal, while ignoring that carriers and the government buy, sell and trade all user information daily with only a fleeting regard for law.
Time and time again we've seen folks come forward with evidence of carriers like AT&T, Sprint and Verizon simply dumping all live traffic in the government's lap
in violation of law (which they simply change when they get caught).
UK provider British Telecom is under fire for a website glitch that allows an individual to add services to a user account -- simply by providing a phone number and zip code. The vulnerability, spotted by The Register
, was actually initially even worse: users who entered that information were easily able to acquire all the additional information of a primary account holder. British Telecom says they've fixed the latter issue -- but has refused to address the initial problem with their website. "One could easily make a nuisance of oneself ordering extra services for someone and BT would be happy to comply with those requests, it seems," notes the Register
reader. "They should ask for the BT account number as well at the very least, since that is not something that people give out."
A new security vulnerability has been found in Skype that allows anyone to change your password and take control of your Skype account. First posted to a Russian Internet forum several months ago, The Next Web
says they've tested the five step hack and have confirmed that it works.
Add increased home thefts as another potential side-effect of utilities' efforts to deploy electricity meters with embedded Wi-Fi. We've already noted how these meters have a strong tendency to interfere with home routers and WISP equipment
, but now concerns are being raised that they're too easy to hack, allowing people to easily determine when residents haven't been at home. Security researchers tell New Scientist
that they were able to hack into most common Wi-Fi embedded utility meters using just $1,000 of gear from 500 meters away, letting them easily see who was -- or wasn't -- home. "I consider it an embarrassment that this kind of technology is deployed with no protection whatsoever," one researcher complains.
has an interesting read on a new attack that has been exploiting vulnerabilities in multiple varieties of DSL modems, forcing users in Brazil to visit compromised websites in turn leading to the theft of financial information. Researchers say the attack is a "perfect storm" of incompetence courtesy of Brazilian regulators, ISPs and hardware vendors who failed to properly test and confirm modem security across more than six unnamed varieties of DSL modems. Kaspersky Lab Expert Fabio Assolini put it this way in a blog post
"This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems. This enabled the attack to reach network devices belonging to millions of individual and business users, spreading malware and engineering malicious redirects over the course of several months."
"The negligence of the manufacturers, the neglect of the ISPs and ignorance of the official government agencies create a 'perfect storm,' enabling cybercriminals to attack at will."
The attack has infected more than 4.5 million DSL modems, according to Assolini.
·more stories, story search, most popular ..
Recent news contributorsJKukiewicz , Karl Bode , swintec