10.1 C
London
Monday, October 23, 2017
Home Tags Big Brother

Tag: Big Brother

The iPhone 8 and iPhone 8 Plus add wireless charging and a faster processor.
About $500 buys you a 12-inch MacBook-like laptopmdash;with full-size USB and HDMI ports.

Expensive free apps

This post is the result of collaboration between Elevenpaths (Telefónica Cyber Security Unit) and Kaspersky Lab.

Both companies have used their own expertise, researchers and tools, such as Tacyt (an innovative tool for the monitoring and analysis of mobile threats) and GReAT’s internal tools and resources.
Big Brother and Google Play Fraudulent apps trying to send Premium SMS messages or trying to call to high rate phone numbers are not something new.

Actually, it is easy to find them specially in Spain, Russia and some other european countries. Of course, it is much more interesting to talk about how certain groups bypass detection mechanisms such as those used by Google Play, since this has become difficult to achieve in the past few years. Some years ago it was pretty easy to upload a dialer (or other similar fraudulent app) to Google Play [1] [2], but new detection mechanisms made attacker to focus on alternative markets, at least for a period of time. Recently, we have found a Spanish group that successfully uploaded a non-official Big Brother (Gran Hermano) TV show app, which is one of the most popular TV shows in Spain even being on the air for 16 years now. [Analysis:cdd254ee6310331a82e96f32901c67c74ae12425] This was not a very sophisticated app, but they were able to upload it into Google Play using an old trick.

First, they uploaded a clean an innocuous version that of course passed or the security controls from Google Play.

Then, some days later, a new version was uploaded with a major features update, including subscription to paying services.

This trick was extremely simple but successful, since the app was in the Google Play for around two months (from mid September to mid November 2015). It seems this was not the first time this group tried to upload a Big Brother-like app. We have detected (via Tacyt [3]) at least another 4 similar applications that, regarding some particular logging messages we found in the code, could have the same origin: com.granhermano.gh16_1; from 2015-09-15 to 2015-09-22;com.granhermano162; from 2015-09-29 to 2015-11-14;com.granhermanodieciseis; from 2015-09-29 to 2015-11-11com.granh.gh16_3; from 2015-10-05 to 2015-10-15;com.hisusdk; from 2015-09-16 to 2015-11-14 (the one analyzed). As we said before, this group was found to be using a specific string “caca” as a logging tag, which is not something usual: The word “caca” is a colloquial word in Spanish referring to an excrement (very similar to the word “poo” in English). We could find it in certain testing code, referring to lines of code that should be removed later, but it is unusual to find it in such similar applications and used in the same way.

Because of that, it makes sense to think that those applications were developed by the same group. Other strings and function names used in the code make us conclude that those applications could be developer by native Spanish speakers. This app is using several commercial third party services such as Parse.com for the first network communication.

This first API call is used in order to get all the information necessary to run further actions (URLs, authentication, etc). {“results”:[{“Funcionamiento”:” Ahora la única pestaña importante es la de VOT.”,”action1″:”http://tempuri.org/getPinCode”,”action2″:”http://tempuri.org/crearSubscripcion”,”activa”:”si”,”createdAt”:”2015-09-08T16:17:24.550Z”,”estado”:true,”id_categoria”:”2608″,”id_subscripcion”:”400″,”metodo1″:”getPinCode”,”metodo2″:”crearSubscripcion”,”namespace”:”http://tempuri.org/”,”nombreApp”:”GH16 – españa”,”numero_corto”:”795059″,”numero_sms”:”+34911067088″,”objectId”:”tNREzkEocZ”,”password”:”15xw7v7u”,”updatedAt”:”2015-11-27T10:28:00.406Z”,”url”:”http://ws.alertas.aplicacionesmonsan.net/WebSubscription.asmx?WSDL”,”urlcode”:”http://spamea.me/getcode.php?code=”,”usuario”:”yourmob”,”vot”:true}]} As we can see above, it references to different URLs: spamea.me is service that no longer exists at the time of writing, but that used to be hosted on 107.6.184.212, which seems a hosting service shared with many other websites. ws.alertas.aplicacionesmonsan.net is legitimate service focused on mobile monetization, including SMS premium and direct carrier billing.
It is used from the app in order to subscribe the user to a service called “yourmob.com”. Of course, using paying services is not malicious itself, since it is legitimate that companies could bill for their services, but user should be clearly noticed about service cost and conditions beforehand. Despite we found a reference to “Terms and Conditions” (in Spanish) poiting to the website servimob.com , we could not verify that this information is shown to users and, anyway, users don’t have the opportunity to reject the agreement and don’t be subscribed. Presence outside Google Play It make sense that if a group have included this kind of app in Google Play, They were going to try something similar using other app sources (thanks to Facundo J.
Sánchez that spotted this). Analysis: 9b47070e65f81d253c2452edc5a0eb9cd17447f4 This app worked slightly different.
It uses other 3rd party services and it sends Premium SMSs for monetization.

They got from the server what number to use, for how many seconds and if the screen should be on or off. We found that they used very similar words for comments and method names (most of them in Spanish, including “caca”), same topic (Big Brother), references to “yourmob” and much more, so definitely we can link it with the Spanish group mentioned before. One of the webservices used by this application (http://104.238.188.38/806/) exposed a control panel showing information about people using this app: As you probably know, groups developing this kind of apps usually reuse their servers and supporting infrastructure for multiple apps, for example this one: https://www.virustotal.com/en-gb/file/cc2895442fce0145731b8e448d57e343d17ca0d4491b7fd452e6b9aaa4c2508a/analysis/ It was using this vps as well http://vps237553.ovh.net.
Some of the panels and services provided by the VPS were located here: http://vps237553.ovh.net/nexmo/getcode.php?code=http://vps237553.ovh.net/polonia/autodirect1.phphttp://vps237553.ovh.net/polonia/autodirect2.phphttp://vps237553.ovh.net/polonia/guardar_instalacion.phphttp://vps237553.ovh.net/polonia/guardar_numero.phphttp://vps237553.ovh.net/polonia/guardar_numero.php?androidID=http://vps237553.ovh.net/polonia/guardar_sms.phphttp://vps237553.ovh.net/polonia/push_recibido.phphttp://vps237553.ovh.net/polonia/panel.phphttp://vps237553.ovh.net/nexmo/ As we can see in their control panel, they have been quite successful in terms of spread, since there are registered phones from many different countries (Spain, Holland, Poland, etc). In addition, an iterative search on terms such as IP addresses, unique paths, etc, has shown that other apps could be using the same supporting infrastructure that was shown above, including the following IP addresses and domain names: In particular, 45.32.236.127 was pointed by different domain names in the past months: kongwholesaler.tk (2016-05-22) acc-facebook.com (2016-04-11) h-instagram.com (2016-04-11) msg-vk.com (2016-04-11) msg-google.ru (2016-04-10) msg-mail.ru (2016-04-10) iwantbitcoins.xyz (2015-11-04) These domains have probably been used for fraudulent initiatives such as phishing attacks, since they are very similar to well-known and legitimate services. Something that kept our attention was that “vps237553.ovh.net”, used from a sample and resolving to 51.255.199.164, was also used at some point (June 2016 regarding our passive DNS) by “servimob.com” domain (same domain referenced in the app from Google Play). Back to Google Play As you can imagine, they tried again to upload a new app to Google Play, following a similar philosophy and techniques that we have seen before. e49faf379b827ee8d3a777e69f3f9bd3e559ba0311a131c23e6427dd7e0e47280dd8f421febdc4f7 These apps were available in Google Play for a few weeks in September 2016, using similar techniques, especially to those applications that we found outside Google Play. Conclusions This Spanish group has been quite successful on uploading this kind of apps in Google Play, using interesting topics such as the Big Brother TV show.
Spain and Poland have been two countries traditionally targeted by SMS scams and similar malware. However, we have never seen in the past few years any group that was able to upload apps to legitimate markets in such an easy way. Perhaps the key point is that they try to be close enough to the border between a legitimate business and a malicious one.

It requires telecom firms to store customers' Internet Connection Records for 12 months.

A controversial UK surveillance bill has become law, despite efforts to stop it.

The Investigatory Powers Act 2016 today received the final stamp of approval from the Queen—a practice called Royal Assent.
It requires telecom firms to store customers' Internet Connection Records for 12 months.

These records include top-level domains you visited, but not sub-pages (so it would show pcmag.com but not pcmag.com/apple or pcmag.com/android, for example).

This data would be accessible by law enforcement and intelligence agencies provided they secure the necessary warrants and judicial approvals, and be used to "disrupt terrorist attacks and prosecute suspects, according to the UK Home Office.

"The Internet presents new opportunities for terrorists and we must ensure we have the capabilities to confront this challenge," Home Secretary Amber Rudd said in a statement. "But it is also right that these powers are subject to strict safeguards and rigorous oversight."

That oversight includes an Investigatory Powers Commissioner to oversee the program, and protections for journalistic and legally privileged material, as well as tough sanctions for those abusing their power.

Security advocates, however, still have concerns about the law, which has been dubbed the "Snooper's Charter."

As Big Brother Watch notes, for example, a 2000 version of the bill provided 28 government organizations access to communications data. "Under the new Investigatory Powers Bill, this has now been extended to 48 organizations which now also have the power to snoop on citizen's browsing histories."

It also "extends the level of access police and intelligence agencies have to citizen's communications data and allows them to collect information on people's phone calls, text messages and social media conversations upon request," the group says.

A petition calling for an end to the Investigatory Powers Act launched earlier this year and has secured more than 138,000 digital signatures.
Since it got more than 100,000 signatures, the issue will get debated in Parliament, but that occured after the bill had passed through its parliamentary stage, so the debate shouldn't result in any major changes.

"This government is clear that, at a time of heightened security threat, it is essential our law enforcement, security and intelligence services have the powers they need to keep people safe," Rudd said.

Some provisions in the bill require testing and will not be set into motion "for some time," according to the Home Office.

All other mandates—like Internet Connection Records—are moving forward as the new law replaces 2014's Data Retention and Investigatory Powers Act, which sunsets on Dec. 31.

Enlarge / You can always figure out a way to hide from Big Brother.reader comments 14 Share this story The eighth episode of Ars Technica Live is coming up next tomorrow, November 16, in Oakland, California, at Longitude! Join Ars Technica editors Dan Goodin and Annalee Newitz with guest Morgan Marquis-Boire for a conversation about infosec, surveillance, and digital authoritarianism. Marquis-Boire is a New Zealand-born hacker, security researcher, and journalist. He is the director of security for First Look Media and a contributing writer for The Intercept. Prior to this, he worked at Google. Marquis-Boire is a Senior Researcher at the Citizen Lab, University of Toronto, focusing on state-sponsored hacking and the global surveillance industry. He currently serves as a special advisor to the Electronic Frontier Foundation and as an advisor to the Freedom of the Press Foundation and Amnesty International. Filmed before a live audience at Oakland tiki bar Longitude, each episode of Ars Technica Live is a speculative, informal conversation between Ars Technica hosts and an invited guest.

The audience, drawn from Ars Technica’s readers, is also invited to join the conversation and ask questions.

These aren’t soundbyte setups; they are deep cuts from the frontiers of research and creativity. Doors are at 7pm, and the live filming is from 7:30 to 8:20-ish pm (be sure to get there early if you want a seat). You can stick around afterward for informal discussion at the bar, along with delicious tiki drinks and snacks.

Can't make it out to Oakland? Never fear! Episodes will be posted to Ars Technica the week after the live events. Yes, we have a Facebook invite for this event.
See you tomorrow, Bay Area Arsians!
If local police showed up at your door requesting fingerprints and DNA samples, would you passively and unquestioningly comply? Or would you ask what crime you're suspected of committing and demand probable cause for making the request or proof of a search warrant? The fact is, there's a 50 percent chance your photo is already part of a biometric database.

And law enforcement agencies across the country are using facial recognition software to regularly search this "virtual lineup" with little to no regulation or limits, according to an eye-opening 150-page report, "The Perpetual Line-Up: Unregulated Police Face Recognition in America," published this week by the Georgetown Center on Privacy & Technology. "Unless you've been arrested, the chances are you're not in a criminal fingerprint database or a criminal DNA database either. Yet by standing for a driver's license photo, at least 117 million adults have been enrolled in a face recognition network searched by the police or the FBI," said Alvaro Bedoya, the center's executive director and co-author of the report. According to "The Perpetual Line-Up," only 8 percent of the photos that appear in the FBI's facial recognition system are of known criminals.

This is an unprecedented privacy violation, Bedoya said.
It's "a national biometric database that is populated primarily by law-abiding people." With great power comes … no accountability? Georgetown researchers sent 106 public records requests to police agencies and found that of the 52 agencies that acknowledged using facial recognition, only one had obtained legislative approval before doing so. No state in the country has passed laws that define how facial recognition can be used in police investigations. Police departments don't need a warrant to search facial recognition databases, nor do they limit use of the technology to investigating serious crimes, the report said. Only a handful of departments have imposed voluntary limits on their searches -- for instance, to require reasonable suspicion.

And only one agency -- the Ohio Bureau of Criminal Investigation -- explicitly prohibited "using face recognition to track individuals engaging in political, religious, or other protected free speech." Most police departments don't even audit their facial recognition systems for accuracy or teach their staff how to visually confirm facial matches. (That skill may seem like it would be innate but actually requires specialized training.)  "With only a few exceptions, there are no laws governing police use of the technology, no standards ensuring its accuracy, and no systems checking for bias," said Clare Garvie, a co-author of the report "It's a Wild West." The fallibility of technology Law enforcement agencies like the FBI argue that using biometric tools reduces the likelihood of racial policing because an algorithm is not biased.

But the report also disputes that claim, stating research shows facial recognition is significantly less accurate when identifying African Americans, women, and young people.

TV tropes about magical Enhance buttons aside, the reality is the facial recognition software used to search photo databases is far from perfect. "The algorithms make mistakes," Garvie told PCWorld by email. "These mistakes happen at a higher rate when the systems are used to try and identify people in lower-quality images," including surveillance camera images, smartphone photos, and social media pictures.
In addition, search systems are set up to return results, "regardless of whether the suspect being searched for is in the database," she added. "This means that a system may return a list of 10 or 40 completely innocent people."  Think that doesn't have real-world consequences? Read The Intercept's chilling story of how one man's life was ruined by a facial recognition mismatch, and see whether you still think that unrestricted, unaudited use of facial recognition by law enforcement is a good idea. Big Brother is watching "Perhaps the most dystopian aspect of the report is its findings that real-time facial recognition -- identifying people in public as they pass a live-feed video camera -- is increasing in popularity among police departments," Wired writes.   The report says at least five major police departments have "run real-time face recognition off of street cameras, bought technology that can do so, or expressed a written interest in buying it." That's counting only the departments that responded to the study.

The New York Police Department is known to have a facial recognition program, but it denied Georgetown's records request -- as did the Los Angeles Police Department, which also claims to use real-time facial recognition. This kind of surveillance tracking has serious privacy implications. "This is the ability to conduct a real-time digital manhunt on the street by putting people on a watch list. Now suddenly everyone is a suspect," said Bedoya. "It turns the premise of the Fourth Amendment on its head." It also could fly in the face of last year's Supreme Court decision on privacy, in which the justices unanimously agreed that "putting a GPS tracker on you, your car, or any of your personal effects counts as a search" and is therefore protected by the Fourth Amendment. People have a reasonable expectation to the privacy of their location data, the court concluded. Facial recognition is "an extraordinarily powerful tool," said Bedoya. "It doesn't just track our phones or computers.
It tracks our flesh and our bones.

This is a tracking technology unlike anything our society has ever seen." Who's watching the watchers? It may be too late to keep your face out of a biometric database, but privacy advocates hope to limit the ways in which the system can be abused.

A coalition of civil liberties groups is calling for the Department of Justice to investigate police facial recognition databases, starting with police departments that are already under investigation for biased policing. The aim is not to ban the use of facial recognition software, but to pass strict legislation on its use. "Face recognition can and should be used to respond to serious crimes and public emergencies.
It should not be used to scan the face of any person, at any time, for any crime," the report argues. The report proposes that states pass laws to protect civil liberties -- including requiring a "reasonable suspicion" of criminal conduct before searching databases -- limiting the amount and types of data stored, and requiring independent oversight with regular audits of performance. "As technology advances," The Verge writes, "drawing a line between policing and invasive surveillance will be an unavoidable part of the debate over facial recognition." But Bedoya points out that state legislatures have already passed laws that limit not only geolocation trackers but automatic license plate readers, drones, wiretaps, and other surveillance tools. "It's not about protecting criminals.
It's about protecting our values."
Microsoft CEO Satya Nadella faced sharp questions from Gartner analysts Tuesday about the privacy-invading implications of its $26.2 billion acquisition of LinkedIn, and its all-knowing virtual assistant, Cortana. Helen Huntley, one of the Gartner analysts questioning Nadella at a conference in Orlando, was particularly pointed about the fears. Cortana, said Huntley, "knows everything about me when I'm working.
She knows what files I'm looking at, she knows what I'm downloading, she knows when I'm working, when I'm not working," she said. Cortana is "big brother intersected ... with productivity," said Huntley. Nadella countered this with his own question. "How does one build trust in technology?" He called it one of the "most pressing issues of our time." Cortana will operate on "four pillars," which include keeping data secure, as well transparency, meaning that users will "know exact what Cortana knows," said Nadella.

There is also an ability to turn off data access.

The fourth pillar is to be compliant with regulations, he said. Nadella was appearing via video link from Microsoft's Redmond headquarters at the Gartner Symposium/ITxpo before a crowd that includes 8,000 attendees. He was scheduled to appear in person, but a back injury kept him from flying. "When you turn 49 don't act 19 in the gym," said Nadella, to the chuckles of an audience of people mostly in their middle years as well. With LinkedIn, Huntley, who was asking questions in tandem with fellow analyst Chris Howard, was pointed once again: "What are you going to do to our data?" "We are just custodians of that data," said Nadella.

The only data the company has access to is when users allow it for the purpose of adding value to it, he said. For instance, Nadella said, that someone can be much more informed about who they are meeting with if their calendar includes LinkedIn profile links of meeting attendees.

A user's news feed can also be shaped to include information about meeting participants. "Those are natural points of integration," he said. This ability to integrate with LinkedIn, said Nadella, "will not be exclusive of Microsoft but available to everyone." Allowing integration will help make LinkedIn grow, he said. Nadella defended Microsoft as an open company. "Windows is the most open platform there is," he said. But asked how Microsoft will work with competitors on platforms including Azure, Nadella turned philosophical.

That knowledge "comes maybe with middle age" -- a point at which one becomes "comfortable with what I would say are complex relationships." A gentle laugh rolled through the audience. Nadella, in response to questions about how A.I. will interact with users, talked about Microsoft's pursuit of A.I. but not the specifics. "There is still a dark side," said Howard, of A.I.; "there is a risk of an over-mediated life." But, as he did with privacy, Nadella worked to calm concerns and said A.I. will augment human capability, not replace it. "It looks like that they have a vision for the future," said one attendee, Steve Edmonson, a CIO with Chicago governmental organization he didn't want identified.

But with respect to A.I., Nadella didn't talk about "where that is really headed." This story, "Microsoft’s Nadella takes on privacy fears about LinkedIn, Cortana " was originally published by Computerworld.
Only a handful of brands have as much weight in the security suite as Symantec's Norton.

The 2017 edition of Symantec Norton Security Deluxe continues a long tradition of top-notch security, as confirmed by independent labs and my own hands-on testing and evaluation.
Installed in Windows, it's a top-tier security suite, and Mac users also get a suite, not just an antivirus.

As for the Android edition, it's an Editors' Choice.
Support for iOS is pretty limited, but that's typical. Overall, the suite is excellent, but it's just shy of an Editors' Choice award. A $79.99 per year Norton subscription lets you install Norton's security products on up to five Windows, Android, macOS, or iOS devices. Webroot charges the same for five licenses, while Trend Micro lists for $89.95.

For about the same as Trend Micro's price, you can install McAfee's top-level security software on all the devices in your household. Oh, and for that rare individual who just has one device, Norton Security Standard protects a single PC or Mac for $59.99 per year. You'll find that all of these prices are frequently discounted, sometimes deeply. As with many cross-platform multi-device suites, Norton's online console is central to managing and installing protection. You start by creating your account and entering your license key.

At that point you can download and install Norton Security for your Windows system. You can also extend protection for up to four other devices.
I'll go into detail about protection on other platforms later in this review. Appearance-wise, there's not much change since last year.

The main window still features four panels devoted to Security, Identity, Performance, and More Norton.

Clicking a panel slides down the whole panel row, revealing additional icons related to the panel you clicked.

For example, when you click Security, you get icons for Scans, LiveUpdate, History, and Advanced. Most of the new developments are invisible. New Protection LayersKeeping up with the very latest malware innovations requires expertise, study, and analysis. Having researchers perform that analysis can take too long, so a couple of years ago Symantec launched an initiative focusing on machine learning.

According to my Symantec contact, the team "consists of 10 PhDs and two research Engineers from top schools, with combined 100+ years of experience in applied machine learning." That's quite a brain trust. Symantec has always taken a layered approach to system protection.

At the network level, Norton fends off attacks and blocks contact with malicious websites.
If a malicious file makes it onto your disk, the antivirus scan may wipe it out. Other factors such as file prevalence and behavior-based blocking come into play. The current product line adds several new layers to the protection mix. Proactive Exploit Protection actively prevents exploit techniques such as heap spray and ROP (Return Oriented Programming).

Threat Emulation handles malware that has been encrypted, packed, or obfuscated by running it in a controlled environment and evaluating it after it self-decrypts, much like Check Point ZoneAlarm Extreme Security 2017's similar feature.

And a predictive machine-learning algorithm aims to catch even the freshest and most innovative malware. These new layers aren't visible to the user (or even the expert).

But they help Norton keep malware out of your system. Shared AntivirusAfter a brief hiatus, Symantec again offers antivirus product, Symantec Norton AntiVirus Basic.

Feature-wise, the suite's antivirus protection is identical. However, where users of the standalone antivirus must rely on FAQs and forums for support, the suite adds a full range of tech support, and a Virus Protection Promise—if Symantec's tech support agents can't rid your system of pesky malware, the company will refund your money.

But as far as features go, the suite's antivirus protection is identical. Read my review for all the juicy antivirus details. Norton doesn't participate with all of the independent testing labs that I follow, but those that do include it give it high marks.
In the three-part test performed by AV-Test Institute, it got top marks for malware protection and low false positives, though it slipped in performance, taking 5 of 6 possible points.
Its total of 17 points is good, but Trend Micro Maximum Security, Bitdefender, and Kaspersky managed 18 of 18 possible points in the latest test.

There's nothing second-rate about a perfect AAA rating from Simon Edwards Labs, though.

And Norton is one of a very few products to pass two tests performed by MRG-Effitas.
Its aggregate lab score, 9.7 points out of a possible 10, beats all others except Kaspersky Total Security. Norton also did very well in my own hands-on tests.
Its detection rate of 97 percent and malware-blocking score of 9.7 are among the best, though Webroot did manage a perfect 10 points. When I tested Norton with 100 very recent malware-hosting URLs, it blocked 98 percent of the malware downloads.
In some cases, its Web-based protection kept the browser from even visiting the malicious URL, but mostly the Download Insight feature eliminated the malware payload. Only Avira Antivirus Pro 2016 has done better in recent tests, with 99 percent protection. I use Norton as a touchstone for measuring antiphishing success, reporting the difference between the tested product's protection rate and Norton's. Webroot, Bitdefender Internet Security 2017, and Kaspersky are the only recent products that have done better than Norton.

And of course it's significantly more accurate than the phishing protection built into Chrome, Firefox, and Internet Explorer. Other Shared FeaturesDespite the word Basic in its name, Norton's standalone antivirus offers a lot more than just the basics.
It doesn't include full firewall functionality, but in testing, its Intrusion Prevention component did an impressive job blocking exploit attacks, stopping them at the network level and identifying many of them by name. You'll also find a complete antispam component that filters POP3 email accounts and integrates with Microsoft Outlook. A Norton Insight scan lists all the files on your computer, along with the trust level for each, prevalence among Norton users, and impact on system resources.

The antivirus scanner uses Norton Insight results to avoid scanning known and trusted files.

The Norton Safe Web browser extension uses red, yellow, and green icons to flag safe, iffy, and dangerous links in search results. You can click through for a full report on just why a given site got the rating it did. The Symantec Norton Identity Safe password manager is free for anyone to use, but having it integrated with your Norton protection is convenient.
It handles all basic password manager functions and syncs across all your devices, though it lacks advanced features like two-factor authentication and secure password sharing. Several of the shared features aim to improve your system's performance. Using the startup manager, you can reversibly disable programs from launching at startup, or set them to launch after a delay.

The File Cleanup tool wipes temporary files that waste space.

There's even a disk defragger, in case you don't have Windows optimizing disk fragmentation in the background. See How We Test Security Software Intelligent FirewallAs noted, the standalone antivirus includes a powerful Intrusion Prevention tool, a feature more commonly associated with firewall protection. With the suite, you get a complete two-way firewall. The built-in Windows firewall completely handles the task of stealthing your PC's ports and preventing outside attack.

Any firewall that aims to replace the built-in needs to do at least as well. Norton passed my port-scan and other Web-based tests with flying colors. What you don't get with the Windows firewall is control over how programs access the Internet and network.

Don't worry; Norton won't bombard you with confusing queries about what ports and IP addresses a given program should be allowed to access.
It handles such matters internally, automatically assigning network permissions to the vast number of known and trusted programs in its online database. When Norton encounters an unknown program attempting Internet access, it cranks up the sensitivity of its behavior-based malware detection for that program, and keeps an eye on its connections.
If the program misbehaves, Norton cuts its connection and eliminates it.

This isn't quite the same as the journal and rollback technology that McAfee and Webroot SecureAnywhere Internet Security Complete apply to unknown programs, but it's effective. I always do my best to disable firewall protection using techniques that would be available to a malware coder. Norton doesn't expose any significant settings in the Registry, so that route is out.

Both of its processes resist termination.

And its single Windows service can't be stopped or disabled.
It's worth noting that this isn't always the case.
I completely disabled all processes and services for ThreatTrack Vipre Internet Security Pro 2016, for example.

And while the majority of McAfee's 14 processes and 13 services resisted attack, quite a few succumbed. Excellent Android ProtectionNorton's standalone antivirus is PC-specific. With the suite, you can cover your Mac, Android, and iOS devices as well.

Click More Norton in the program's main window, then click the Show Me How button to get started.
Sign in to your Norton account and enter the email address used on the device you want to protect. Unlike the similar feature in McAfee LiveSafe, you don't have to choose the platform.

Clicking the emailed link on the device automatically selects the proper download. On an Android device, you get Norton Security and Antivirus (for Android).

Along with Bitdefender Mobile Security and Antivirus, this product is an Editors' Choice for Android security. Please read our review of that product for a deep dive into its features.
I'll summarize here. Note that the Android app has gotten a significant user interface redesign since our review, and more new features are due in the coming weeks. Immediately after installation, the antivirus runs an update and a scan. You also must activate the app for Device Administration in order to make use of its anti-theft features, and give it Accessibility permission so it can scan apps on Google Play. Norton scans for malicious and risky apps, as expected. More interestingly, its App Advisor works inside Google Play, checking every app you tap and reporting the risk level.

Tap the small notification at the bottom to see details of App Advisor's findings. Norton's extensive set of anti-theft features can be triggered either by logging in to the Web console or by sending coded SMS commands. Naturally you can use it to locate, lock, or wipe the device, and the scream feature helps find a misplaced device at home. When you lock the device, it displays a contact message of your choice, so someone who finds your lost device can arrange to return it. The Sneak Peek feature lets you remotely (and silently) snap a photo of whoever is holding the device. When you lock a lost or stolen device, it automatically snaps a photo every 10 minutes, and reports its location every five minutes. You can also remotely back up your contacts before resorting to the Wipe command, which performs a factory reset. There's a link to install the free separate App Lock app, and another to install a trial of the Norton WiFi Privacy VPN (Virtual Private Network).
It offers call blocking on Android smartphones.

And you can extend protection to another device directly from within the Android app. Suite for macOSIt's fairly common for multi-platform suites to give macOS short shrift, but Norton doesn't follow that trend. Norton Security on a Mac is a full security suite, not just antivirus. My Norton contacts say that the definition file size is down by two thirds in the current edition, which means faster scans and lower memory usage. As expected, the antivirus component scans files on access, on demand, and on schedule.
It can also scan inside ZIP files.

The full-scale firewall blocks dangerous network connections and controls how programs access the network.

The related Vulnerability Protection feature blocks port scan attacks and attacks attempting to exploit system vulnerabilities. Norton's Safe Web website reputation monitor installs in Chrome, Firefox, and Safari, marking up search results and optionally blocking access to dangerous sites, just as with the Windows edition. Phishing protection is likewise parallel to what you get with Windows. The File Guard feature aims to protect your most important files from unauthorized modification. You can set it to guard up to 250 specific files.
It doesn't protect an entire folder the way Trend Micro's Folder Shield or Bitdefender's Data Shield do.

Files under guard can't be opened, moved, copied, or deleted. You can optionally let system processes like Finder and Spotlight manage guarded files.
If you want to manipulate or modify a file that's under guard, you simply enter your password in the popup notification. Find Your iOS Devices You may want to think twice about using up one of your five licenses to protect an iOS device, as the feature set on iOS is seriously limited. Norton does offer to back up your contacts, just as it does under Android. You can use the Web portal to locate your iOS device.

And you can trigger a loud alarm to help find a nearby device.
Is it under the sofa? Or in that scruffy guy's backpack? But that's the extend of anti-theft. You can't lock or wipe the device, and you certainly can't snap a sneak peek photo. The iOS version does offer one unusual feature.

As long as you're using a device with microphone and speakers, say, a laptop or another mobile device, you can make an Internet call to the lost or stolen device. Note, though, that this won't work if the device is locked with a PIN or passcode. That's the extent of mobile security on iOS devices. No Performance WorriesAround 10 years ago, Norton had a reputation for being a resource hog, offering security at the expense of performance.

The developers quashed that reputation by spiffing up the suite's performance, and they continue to work toward less and less performance impact. I check performance using three tests that measure boot time, the time to move and copy a ton of files between drives, and the time to zip and unzip that same collection of files.
I average the results of multiple tests with no suite installed, then install the suite and average another round of testing. Norton's results were outstanding, quite a bit better than last year's.

They were so outstanding that, just to be sure, I uninstalled the product and repeated the whole process.

The results were the same within a few percent. Norton had no measurable effect on the boot time test or zip/unzip test.

The file move and copy test took 16 percent longer with Norton watching over the test system, well below the current average of 24 percent.
It's pretty clear that you don't have to worry about Norton dragging down your system's performance. Overshadowed by PremierAntivirus protection in Norton Internet Security Deluxe is excellent, with very high marks in my hands-on tests and in independent lab tests.
Its phishing protection is so good that I use it as a touchstone for evaluating other products.

Add a self-sufficient, tough firewall and a straightforward antispam tool and you've got a fine suite for your Windows devices. Norton's Android security product is an Editors' Choice, and it offers more under macOS than many.

Granted, it doesn't do a lot on iOS devices, but they do tend to need less protection. The main reason this product isn't an Editors' Choice for cross-platform multi-device suite is that its big brother, Norton Internet Security Premier, is significantly better.

For just $10 more, Premier gets you twice as many licenses, plus some significant added features.
It's a seriously better deal, well worth an Editors' Choice. Our other top pick in this category, McAfee LiveSafe, doesn't offer quite the stellar protection that Norton does, but a single subscription lets you install protection on every device in your household. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: n/a Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.
Big Brother Watch report Police forces across the UK have been responsible for “at least 2,315 data breaches” over the last five years, according to research by Big Brother Watch, prompting concerns about the increasing amount of data they're holding. Titled Safe in Police Hands? the 138-page report is released today after months of requests made by the campaign group under the Freedom of Information Act, covering police forces' breaches of the Data Protection Act from June 2011 to December 2015. According to Big Brother Watch, the results “show officers misusing their access to information for financial gain and passing sensitive information to members of organised crime groups”. Over the last five years, more than 800 members of staff at police forces “accessed personal information without a policing purpose” and information was “inappropriately shared with third parties more than 800 times”. The issues span improper disclosure of information, accessing police systems for non-policing purposes, inappropriate use of data for personal reasons and more, says BBW.
It continued: Digital by default is the future for the country.
In response to this the levels of data the police handle will increase. Whilst there have been improvements in how forces ensure data is handled correctly this report reveals there is still room for improvement.

Forces must look closely at the controls in place to prevent misuse and abuse. “With the potential introduction of Internet Connection Records (ICRs) as outlined in the Investigatory Powers Bill, the police will be able to access data which will offer the deepest insight possible into the personal lives of all UK citizens,” the group reported, adding that any breach of this information would be “over and above” what was included in the report. Of the 2,315 breaches that Big Brother Watch was informed of, more than 55 per cent (1,283) resulted in no formal disciplinary action being taken, while in 11 per cent (258) of cases those responsible received either a written or verbal warning.
In 13 per cent of cases (297) the individuals involved either resigned or were dismissed, while only 3 per cent (70) of breaches resulted in either a criminal conviction or caution. Reg readers will remember that the Information Commissioner's Office fined Kent Police £80,000 earlier this year when it passed the entire contents of a potential domestic abuse victim's phone to the solicitor of the man she was accusing of abuse - a man whom it turned out was also a copper at Kent Police. In another case from this year, an Essex police officer was given a “final written warning” after misusing Police Intelligence systems to snoop on his ex-wife's stepbrother. In the light of such findings, Big Brother Watch has proposed five policy recommendations to “address concerns we have with the increased levels of data the police will have access to, [and] they also propose more stringent methods of dealing with data breaches including a move towards error reporting and notification for the individual whose data has been breached”. The campaign groups recommends introducing custodial sentences for the most serious data breaches, adding that where such breaches are uncovered the individual should be given a criminal record.

This movement was recently supported by a Parliamentary inquiry spurred by the data breach of TalkTalk, which also recommended that CEOs take a hit to compensation if their company's infosec practices were not up to scratch. Big Brother Watch also recommended the mandatory reporting of any breach that concerns a member of the public, and the removal of Internet Connection Records from the Investigatory Powers Bill: The scale of breaches within police forces should pose major questions regarding the plans to allow police officers access to even more personal information through Internet Connection Records proposed in the IP Bill.

The information the police will have access to under these powers is vast. Police forces are already struggling to keep the personal information they can access secure.
It is clear that the addition of yet more data may just lead to the risk of a data breach or of misuse. Warning that a “weakening of data protection law post Brexit would put the UK at risk, in terms of trade, security and data privacy,” and thus endorsing stronger data protection legislation as “a fundamental part of keeping people and businesses safe,” Big Brother Watch also recommended – much as everyone else is doing – the necessity of adopting equivalent standards to the EU's General Data Protection Regulations if the UK is to trade with the Single Market. ®
More than two-thirds (70%) of UK consumers fear the increase in the number of interconnected everyday devices make it too easy for things to go wrong, while 58% resent the fact computers run their lives, according to research by KPMG. Smart energy meters, smart health monitors, smart cars and even smart fridges are just some of the developments around internet-connected devices that people can use in their everyday lives and businesses can harness for the huge volumes of potential customer data they provide. The business consultancy firm said until consumers overcome their fear and resentment, the UK might miss out on huge opportunities. “There are so many opportunities for the latest technologies to provide value and enhance our lives, but we are failing to take advantage of them and will continue in that vein until consumers can be convinced always-connected devices are safe and worthwhile,” said the KPMG report. The firm conducted a survey of 1,600 UK consumers which asked for their attitudes to the internet of things (IoT) and revealed people are uncomfortable with increasing surveillance of their lives. More than half (56%) are concerned about a big brother effect and 36% suggested employers are monitoring their every action. The survey surprisingly revealed 54% mainly want their phone just to make calls. Most said internet-based products – such as smart fridges which self-order food or cookers reminding owners about recipes – are not necessary. But 48% said they welcomed the prospect of smart meters that can save energy and money, while 40% said health monitors to warn people about impending illness are a good idea. Director in KPMG's cyber security practice Wil Rockall said it is clear consumers are struggling with a desire to use connected devices for an easier life, as they remain wary of the rise of the machine. “They still support innovation, but having the latest technology in the right environment is key – nearly 60% acknowledged technology makes people more effective at their job," he said. Security and privacy were high on the list of worries for consumers, with 62% believing there is insufficient concern about it, according to the survey.  "The fact remains, where once an Englishman’s home was considered to be his castle, the advent of the IoT means fortress walls can be breached more easily,” said Rockall. Gartner expects the market to outpace traditional technology spending in the next few years, creating $1.9tn of economic value added by 2020, as more processes become digital and the physical and virtual worlds merge. Smart Meter Implementation Programme In the UK, the government is running a project to get smart energy meters in all households and businesses. The Department of Energy and Climate Change (DECC) had targeted introducing smart meters in homes by the summer of 2014, but that was put back to the autumn of 2015.  The final project – known as the Smart Meter Implementation Programme (Smip) – is planned to go live in 2020. The project will mean millions of intelligent energy meters in homes and businesses will collect information on usage and send all the data to a central hub that will process it and forward it to the energy suppliers.  The Smip requires major IT investments, with a need for smart meters, smart communicating sensors, modules, advanced communications networks, as well as technologies to secure data. British Gas plans to roll out 1.3 million meters in 2014. Overcoming the user scepticism – as highlighted by KPMG– is one of the major challenges faced by the Smip, as people question its value if prices continue to rise. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Privacy has been a key feature of Computing's coverage over the last year or so, particularly post-NSA/Snowden revelations, and this week's top 10 news stories feature several more juicy stories that zoom-in on privacy issues. Whether it be your data being passed on to another country's government, your confidential details being lost or even worse, your private snaps being posted online for everyone to see, it seems the world is doing its best to intrude upon the privacy that one once had before computers, the internet, Facebook, and er.. word of mouth, came along. 10) Microsoft fights back against US warrant demanding overseas emails be handed over One company that is not standing for this new take on ‘privacy' is Microsoft. In fact it's fighting a US federal court order that has demanded it to hand over email data held in its Dublin data centre to US federal authorities.A Microsoft spokesperson said that the company "will not be turning over the email and plans to appeal". If it did end up turning over the email - and the US government usually gets what it wants - then it would set an unwanted precedent for other US tech firms, which would ultimately mean that non-US customers would lose trust, with enterprises less likely to adopt cloud computing provided by a US firm. 9) Samsung unveils first ever smartwatch that can make and receive calls When South Korean firm Samsung claimed that it had launched the ‘first ever' smartwatch that can make and receive calls - many might think, cynically, that it's first for a reason. But the company is seemingly trying to get as many features packed into its Gear S as possible before arch nemesis Apple reveals (or doesn't reveal) its much-anticipated iWatch. If the smartwatch really does catch on - be it Apple, Samsung, LG or Sony - it may not be the consumer that really wins, but rather the patent lawyers, many of whom are probably already hard at work ensuring that their respective client thought of [insert something daft here] first. 8. Box still watching and waiting for intended IPO, says COO Levin When Box filed to go public in April just about everyone was expecting the firm to IPO soon after. But after a disastrous few months in which shares of cloud computing firms plummeted, the firm put its IPO plans on hold. And it seems as if the firm isn't yet close to an IPO with its COO Dan Levin telling Computing that Box is "watching and waiting" for an IPO that it absolutely intends to go ahead with. Levin said that the firm was waiting for market conditions and business conditions to "make sense". 7. Insurers to demand more data via telematics to fine-tune insurance prices, says AXA CIOAfter the NSA/Snowden leaks showed collusion between tech companies and the spooks, many people have come to see organisations' use of data as another way for the state to watch them. This has profound implications for telematics, which insurers are increasingly using to gather data on a drivers' habits so that they can then offer people personalised insurance policies. But despite surveillance concerns AXA's CIO Kevin Murray said people are now moving away from thinking of this as Big Brother watching them. More worryingly, perhaps, for those who take their privacy seriously, is that AXA is looking at various other methods to tailor insurance rates. These co-opt items such as smart thermometers (like Google's Nest product) to know how often you're at home, and how much energy you use, and the use of heat sensors and graphical imagery from satellites to determine the condition of a roof and how much energy leakage there is. You could effectively be paying for surveillance yourself.  6. iCloud hack: Photo theft due to stolen log-in details, not iCloud security issue, claims Apple So some guys stole naked photos of celebrities and put them online and after much criticism of Apple's iCloud, the Cupertino firm hit back. It claimed that the ‘hackers' bypassed the users' iPhone log-in credentials, rather than gaining access to them through a security weakness in the iCloud online storage service. And as if the celebs involved needed to feel any worse, one could read in between the lines of Apple suggesting that they had been hacked in the simplest way possible. "To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification," the firm concluded. Talk about kicking someone when they're down... 5. Bristol City Council to migrate IT infrastructure to the cloud in £1.5m deal The council used the G-Cloud framework to procure the services of Eduserv, and according to Steve Pendleton, service manager of commissioning and supplier relationship management at the council, the move to a cloud infrastructure will allow Bristol to reduce costs while continuing to deliver a good level of service to citizens. 4. East Midlands Ambulance Service NHS Trust loses data cartridge with 42,000 patient forms Citizens may value the confidentiality of their health data more than any other type. So when 42,000 copies of patient forms go missing, it is understandably seen as a bit of a crisis. The Trust's chief executive Sue Noyes insisted that the service takes the confidentiality of information it records and stores "very seriously". However, the data cartridge is yet to be found, and worse still, because of its size, the Trust believes that there is a possibility that it may still be on the organisation's premises. Clutching at straws, perhaps? 3. Dropbox and Google storage models 'a loser's game' while Microsoft lags 'eight years behind' Box says VP of engineering In what has been described as a $30bn-a-year-market, Box's VP of engineering Sam Schillace said that there is plenty of room for innovation, something that he suggested the likes of Dropbox and Google were failing to do. The outspoken Schillace told Computing that Dropbox and Google were merely asking ‘How cheaply can I give you hard disks?', and added "That's a loser's game, right? That's going to go to negative margin, if it isn't already". But his comments about Microsoft were even more pointed, stating that Microsoft's outlook on cloud-hosting its document creation and collaboration services was "eight years behind what [he] was doing at Google" - which in itself was over two years ago. Ouch. 2. Weekend protest at GCHQ over mass surveillance Microsoft is not the only one sitting up and campaigning for its rights (or others' rights) on privacy. Last weekend, a protest against online surveillance kicked off at the headquarters of spy agency GCHQ in Cheltenham. The protest had been organised by the We Are Anonymous Group, and hundreds of people were expected to show their support of civil livery groups that have questioned whether GCHQ's powers of internet surveillance and its assumed right to capture, store and share citizen's data are legal. 1. iCloud celebrity photo hack: Are we too quick to trust storage? Before Apple had hit back at claims that its technology was to blame for the theft of hundreds of private photos belonging to celebrities (see story 6), and before its CEO Tim Cook promised to improve the security of its iCloud services, the main question being asked in the industry was whether people are too quick to trust cloud storage. The truth is that many users don't realise how cloud storage systems like Apple's iCloud work, nor, as many industry experts told us, are they aware of how much control they are letting go of when they send data to a third party service. From an enterprise point of view, it's highly likely that employees are using Cloud or other consumer cloud services to store data, and many will be urgently looking at their training and education policies to ensure that it is not they that will be standing naked before the authorities.
Australian telecommunications company Telstra has reported that government requests for details about phone and internet communications has increased by 3,000 in the past six months. Telstra received 39,395 access requests from Australian government agencies from January to June 2014, up from 36,053 for the previous six months, according to the firm’s latest transparency report. Between 1 July 2013 and 30 June 2014, Telstra responded to 84,949 data access requests, but this figure does not include lawful requests for information by national security bodies, because reporting on these figures is prohibited by law. Australian law also prohibits telecommunications companies from disclosing which government agencies have requested access to customer information or telling customers if their information has been accessed by government agencies. "Like all telecommunications companies that provide services in Australia, we are required by law to assist Australian government agencies for defined purposes, such as investigating and solving crimes,” Telstra's report said. Government data requests and the law According to Telstra, “customer information” typically includes details that appear on a phone bill, such as the customer’s name, address, service number and connection dates – but can include other information, such as a customer’s date of birth and previous address, the report said. Carriage service records relate to use of telecommunications services, including call records, SMS records and internet records. These records include information such as details of a called party, and the date, time and duration of a call. Internet session information includes the date, time and duration of internet sessions as well as email logs, but does not include URLs. “The government has stated URLs are considered to be content and, as such, they will only request access to this information under a warrant or other court order,” the report said. Telstra said it discloses customer information in accordance with the law, and will reject any government request that is invalid or lacks a warrant if it seeks information that requires one. “One important difference in the law enforcement environment in Australia compared to other countries is that agencies can undertake pre-warrant checks to make sure they are targeting their warrants accurately. This reduces the instances of mistakes leading to a rejection of a warrant,” Telstra said. Moves to transparency The company received 75,448 pre-warrant check requests in the past year, according to the report. The report comes as the Australian federal government pushes for a mandatory data retention scheme to force telecommunications companies to retain personal data from phone and web users, according to The Guardian. Australian telecommunications providers began publishing transparency reports in early 2014 in response to growing public concerns about government communications data access requests, the paper said. Referring to data access requests by non-Australian agencies, the report said: “Telstra is an Australian company with a global footprint. Wherever Telstra operates, we have to comply with the laws of the land.” But outside Australia – across all the other countries in which Telstra Global operates – the company received less than 100 requests for customer information in 2013 to 2014. Worldwide civil liberties concerns There has been growing concern worldwide about governments tracking communications data after whistleblower Edward Snowden revealed mass internet surveillance by US and UK intelligence agencies. These concerns in the UK were inflamed in mid-July 2014 by the government passing the controversial Data Retention and Investigatory Powers Act. The legislation was passed only after the government secured multi-party support by promising to include a raft of safeguards. As the legislation was passed, civil liberties groups called for greater transparency after figures obtained under the Freedom of Information Act showed that the government paid almost £65m to communications service providers to retain communications data over a six-year period. At the time, Emma Carr, acting director of Big Brother Watch, said: “It is clear that communications service providers are being paid with one hand and silenced with another. If the government wants to force communication service providers to retain citizens’ data, then this must go hand in hand with greater transparency.” Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK