Home Tags Accommodation

Tag: accommodation

Revenge of the Nerds: The all-new 2018 Audi S4 and S5

All the clever gadgets from the A4, but with a lot more power under the hood.

The 2017 Mini Countryman: SUV practicality, car-like driving fun

The littlest SUV has quirky charm and coped like a champ in the snow.

Lawyers who sued Uber over service animals will get $2.38M fee...

EnlargeJACQUES DEMARTHON/AFP/Getty Images reader comments 53 Share this story A lawsuit accusing ride-hailing service Uber of not properly serving blind customers has been resolved, with the federal judge who oversaw the case giving final approval to a settlement and fee award yesterday. The US National Federation for the Blind sued Uber in 2014, saying drivers would frequently refuse to pick up riders who used service animals, violating the Americans with Disabilities Act.
In April, the NFB and Uber reached a deal in which Uber would send reminders to drivers, using e-mail and popups, reminding them of their obligation to accept service animals. Uber also agreed to pay $225,000 so that the NFB could have blind riders test Uber. But while Uber and the NFB were able to agree on the terms of the deal, a fight over legal fees dragged on. Lawyers representing the NFB asked for more than $3 million in fees, enhanced by a multiplier of 2.0. In their fees motion (PDF), the lawyers argued the sum was justified, since the litigation addressed several novel issues—including whether a transportation network like Uber is a "place of public accommodation" subject to the ADA. NFB lawyers argued that the settlement gave blind persons and others who rely on service animals "nationwide access to what is so far the most important new transportation innovation of the 21st Century." After a hearing last week, US Magistrate Judge Nathanael Cousins authorized (PDF) $1.59 million in fees, as well as a multiplier of 1.5 "to fully award plaintiffs for the fair market value of their work in taking on this case." That's a total of $2.38 million.

Cousins noted that in a similar case, in which National Federation of the Blind sued Target to make its website more disabled-accessible, a judge allowed for a 1.65 multiplier for the plaintiffs' legal fees. Neither Uber nor lawyers for the NFB immediately responded to inquiries from Ars. "We are pleased that this settlement has received final court approval, but strongly disagree with the ruling on plaintiffs' motion for attorneys' fees," an Uber spokesperson said in an e-mailed statement to The Recorder, which reported on the final order yesterday. Uber is considering an appeal on the fees issue. A lawyer representing the blind clients said was he was looking forward to working together with Uber on the matter of service animals but said Uber's tone during the fee fight had been unfortunate. "The idea that I would gear up and do extra work because I think a case is going to settle is bananas," attorney Michael Bien told The Recorder.

Kaspersky to 1337 haxors: take down our power grid. We dare...

Capture the flag romp will offer chance to do the thing governments everywhere fear Kaspersky Labs is launching a capture-the-flag event at which hackers will have the chance to pop a simulated power station. The hacking events are popular with security types who compete to break into specially set-up systems to obtain flags and score points for feats of exploits, cracking, and pivoting. Kaspersky Labs will set up a power plant complete with simulated critical systems. "During the competition the teams will perform a number of specific tasks including breaking into IT systems, understand schematics, gain control of a control system, and finally to turn off or disable the various microgrid components," Kaspersky senior developer Kirill Kruglov says in a Russian canned statement. "We create replicas of systems and equipment used in modern enterprises, and therefore everything that happens ... we can project onto real infrastructure. "Detection of critical vulnerabilities in industrial systems helps cybersecurity experts to better understand their systems' features and consequently helps to improve attitudes and protection technologies." Teams of up to five are invited to apply to participate in the second annual Industrial CTF Tournament next month in the fledgling Russian tech city of Innopolis.
It will cover some form of travel and accommodation costs and offer high-tech gadgets to winners. The event is run during Kaspersky's fourth annual APCS conference. ®

Beware of the Airbnb WiFi Risks: Black Hat

At Black Hat, a researcher details how both naive users and hosts of the popular accommodation sharing service could be at risk. Airbnb has emerged in recent years to become a popular option for both those seeking accommodations and those looking to provide their homes and apartments as a place to stay for travelers.

A common feature of most Airbnb rentals is WiFi access, but providing that connectivity might well come with risks for both the person providing the space and the guest, according to a Black Hat USA talk scheduled for Aug. 4 in Las Vegas.In an interview with eWEEK ahead of the talk, titled "AirBnBeware: Short Term Rentals Long Term Pwnage," security researcher Jeremy Galloway from Atlassian provided details about the risks that he sees for Airbnb WiFi users.Galloway was quick to point out that the flaws he is discussing in his talk are not in any software or technology that Airbnb itself provides, but rather in how renters and guests make use of WiFi.

Galloway said that Airbnb has become so popular that the attack surface that potentially risky WiFi access represents shouldn't be ignored.In many Airbnb rentals, there is WiFi access much as there is any major hotel chain, though Galloway argued that the risk is far greater than at a hotel, as consumer-grade devices are being used, often without any thought of secure deployment. With Airbnb, Galloway said that a big risk is from what he refers to as the "Average Paper Clip" (APT) threat.

A guest could potentially walk over to a host's WiFi access point, stick a paper clip in the reset hole and gain full access to the device, without restrictions. "We're now allowing people into our homes and onto our networks with millions of Airbnb locations, so that's millions of networks that are able to be completely compromised," he said.If a guest is able to get full control of a WiFi access point, he or she could potentially install malware on the device and can perform a wide range of attacks. A malicious guest potentially could also conduct a man-in-the-middle attack, gaining access to all of a network's traffic and having the ability to redirect traffic to malicious sites.Given that guests in Airbnb locations are usually there for short-term stays, the next guest could be at risk from malware implanted by a malicious guest.

There is also the potential that a host has placed some form of monitoring software or malware on the network that could be a risk to users, though Galloway doesn't expect that most hosts would have any intention of hacking their own customers.Galloway emphasized that the risks to WiFi networks are not unique to Airbnb; that said, to date those risks have been overlooked or simply not understood, he believes.As a top-level recommendation for Airbnb hosts, Galloway suggests that they remove physical access to their WiFi access points.

That is, instead of leaving the WiFi router out in the open, he suggests putting it in a locked room or a secured cabinet."Using an enclosure and restricting access to a WiFi router keeps honest users honest," he said. "But if someone is dedicated to attacking you, they will."For users, Galloway suggests the use of a virtual private network (VPN) that will create a secure tunnel for them over a network and limit the risk of a WiFi network that may have been tampered with.In addition, Galloway suggests that as part of an Airbnb welcome guide for users as well as hosts, there should be a sentence or two about online security and reminding users to stay safe.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.

Verizon Adds FireEye Cyber-Security Tools for Business Users

Verizon is adding cyber-security tools from FireEye to its managed services portfolio to help enterprises maintain data and network security. Verizon is adding services from security vendor FireEye to its Verizon Enterprise Solutions offerings to provide increased cyber-security options to enterprises that want to better protect their data and IT systems. The two companies announced the addition of the FireEye advanced threat protection capabilities Oct. 29.  FireEye provides a virtual machine-based security platform that provides enterprise-class, real-time threat protection against a wide array of existing and still-developing cyber-attacks, according to the company. FireEye's Mobile Threat Prevention (MTP) platform provides real-time, dynamic threat protection without using signatures. The new fee-based services, which will be offered jointly by the two companies, will be available to enterprise users running Android or iOS devices beginning in the first quarter of 2015, according to the announcement. "From working with thousands of clients around the globe we know there's a need to update not only the security technology but how we think about combating today's ever-evolving threat landscape," Kathie Miley, executive director of global security solutions for Verizon Enterprise Solutions, said in a statement. "By teaming with FireEye, we're able to offer clients the technology for detecting advanced threats, as well as the intelligence to provide our customers with the insight into the nature of an attack and a path to remediate before a threat becomes significant." FireEye's MTP services are designed to provide near-real-time visibility into threats on mobile devices, which through the partnership will let Verizon clients gain enterprise-wide views into the security of their mobile device operations, according to the companies. The MTP system collects threat data intelligence through millions of FireEye virtual machines that are installed worldwide to help provide the latest threat information, the companies said. "This intelligence will enable security teams to identify, block and provide context around the nature of an attack and potential attack groups to inform a more strategic response and remediation strategy," according to Verizon. FireEye's monitoring tools allow enterprises to see where attacks originate, gauge the potential intent of the attackers and learn if attacks of all types have ever been seen before, as well as providing information on how such attacks can be prevented in the future, the companies said. Under the new services, Verizon security analysts will then correlate the FireEye-spotted events with system-wide security alerts to enhance the threat-detection process and help enterprises increase their protection. Verizon often works to increase its enterprise cyber-security product offerings for business customers. In June, Verizon expanded a partnership with virtualization and cloud infrastructure vendor VMware to include mobile security and enterprise mobility management (EMM) services, including an EMM platform, combined with endpoint security, telecom analytics and desktop virtualization. In April, Verizon's annual Data Breach Investigations Report (DBIR) concluded that cyber-attacks nowadays often differ widely and can vary in intensity and targets based on specific industry sectors. The 2014 DBIR received data from 63,437 security incidents of which 1,367 were confirmed data breaches. The attacks come through nine basic attack patterns that vary across industries, including point-of-sale (POS) intrusions, Web application attacks, insider misuse, theft and loss, miscellaneous errors, crimeware, payment-card skimmers, denial-of-service attacks and cyber-espionage. For example, in the accommodation industry, 75 percent of all attacks came from POS intrusion. In contrast, when it comes to the health care industry, theft and loss was the top attack pattern, representing 46 percent of all data breaches. In the financial services industry, Web application attacks represented 27 percent of all data breaches, and only 3 percent of breaches were the result of theft or loss. The 2014 DBIR found 198 total incidents during 2013 of POS-related data breaches, with the top affected industries being food services and retail.