Home Tags Chief executive

Tag: chief executive

FDA lashes out at Mylan for dismal quality control at HIV...

Facility making HIV drugs ignored bad quality control data, regulator says.

Corsham Institute announces Rachel Neaman as first CEO

Thursday 6th April 2017 Corsham Institute (Ci) is delighted to announce the appointment of Rachel Neaman as its first Chief Executive Officer.
She will take up the post on 1 May 2017. Neaman is currently a consultant at the Tech Partnership, the networ...

Combination of Accelya and Mercator Completes, Creating a Leading Global Solutions...

John Johnston appointed Chief Executive Officer of the combined group; Jose Maria Hurtado appointed Chief Financial OfficerCombined company benefits from complementary products and global footprintEnhanced product and technology capabilitiesBarcelona, Dubai, March 20, 2017 – Accelya, a leading provider of financial and commercial solutions to the airline industry, and Mercator, a global provider of product-enabled solutions to the travel and transportation industry, today announced the successful completion of their combination, creating a leading global technology-enabled solutions... Source: RealWire

Olygas Technology Joins Aspect Partner Network To Extend CTRM Capabilities

Houston, TX March 15, 2017 – Aspect and Olygas Technology have entered into a premium partnership with a strategic vision to further expand Aspect’s cloud trade and risk management solution throughout the Middle East and Sub-Saharan Africa. Olygas Technology is a recognized consultancy in the region, unlocking actionable intelligence and opportunities for clients with local and global assets.Olisa Udezue, Chief Executive Officer at Olygas Technology says: “Working with Aspect falls in line with our strategic... Source: RealWire

Yahoo to give Marissa Mayer $23 million parting gift after sale...

Mayer will leave as what remains of Yahoo becomes Altaba holding company.

Jeff Bezos says NASA should return to the Moon, and he’s...

“It’s time for America to go back to the Moon and this time to stay.”

Court ruling stands: US has no right to seize data from...

Enlarge / Satya Nadella, Chief Executive Officer of Microsoft, speaks at the Microsoft Annual Shareholders Meeting in Bellevue, Washington, on November 30, 2016.Jason Redmond, Getty Images reader comments 23 Share this story An evenly split federal appeals court ruled Tuesday that it won't revisit its July decision that allowed Microsoft to squash a US court warrant for e-mail stored on its servers in Dublin, Ireland.

The 4-4 vote by the 2nd US Circuit Court of Appeals sets the stage for a potential Supreme Court showdown over the US government's demands that it be able to reach into the world's servers with the assistance of the tech sector. A three-judge panel of the 2nd Circuit had ruled that federal law, notably the Stored Communications Act, allows US authorities to seize content on US-based servers, but not on overseas servers.

Because of how the federal appellate process works, the Justice Department asked the New York-based appeals court to revisit the case with a larger, en banc, panel—but the outcome fell one judge short. Peter Carr, a Justice Department spokesman, said the agency was reviewing the decision and "considering our options." Those options include appealing to the Supreme Court or abiding by the ruling. In its petition for a rehearing, the government said Microsoft didn't have the legal right to defend the privacy of its e-mail customers, and that the July ruling isn't good for national security.

The authorities believe information in the e-mail could help it investigate a narcotics case. "The Opinion has created a regime where electronic communication service providers—private, for-profit businesses answerable only to their shareholders—can thwart legitimate and important criminal and national security investigations, while providing no offsetting, principled privacy protections," the government argued. Some of the members of the appeals court agreed with the government, but there weren't enough votes from the full court to rehear the case with all of its judges. In his vote to rehear the case, Judge Dennis Jacobs noted in his dissent that it doesn't matter where the data is stored, as Microsoft can retrieve it to honor the US-based warrant. "But electronic data are not stored on disks in the way that books are stored on shelves or files in cabinets," he wrote, in a dissent joined by three other judges. Dozens of organizations and companies have lodged briefs in the case on behalf of Microsoft.

They include the US Chamber of Commerce, Amazon, Apple, Cisco, CNN, Fox News Network, Gannett, and Verizon. Microsoft did not immediately comment on the ruling.

But right after the July ruling, Microsoft's president and chief legal officer said the outcome "provides a major victory for the protection of people’s privacy rights under their own laws rather than the reach of foreign governments.
It makes clear that the US Congress did not give the US government the authority to use search warrants unilaterally to reach beyond US borders."

eProseed to support 11th MENA Regulatory Summit

eProseed will participate as a Supporting Partner in the 11th MENA Regulatory Summit on February 5th & 6th in Dubai, United Arab Emirates.

The summit will cover the main topical challenges faced by the regulatory authorities and the GRC community, a debate in which eProseed has a pivotal role to play as the publisher of FSIP, a comprehensive financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

The 11th MENA Regulatory Summit will take place in Dubai, UAE, in association with the Dubai Financial Services Authority (DFSA) and under the patronage of H.E.
Sultan bin Saeed Al Mansouri, the UAE Minister of Economy.

Formerly known as the GCC Regulators' Summit, the event has been renamed in an effort to ensure the utmost involvement of the governance, risk and compliance (GRC) community across the MENA (Middle East and North Africa) region, and to expand the dialogue to neighboring countries that share the same topical risk challenges and regulatory outlook.

eProseed logo

"With increasing demands from many international regulatory bodies, financial supervisory authorities are required to monitor the compliance of their financial institutions against numerous new national and international requirements.
In the MENA region, the recent macroeconomic developments have also triggered an unprecedented demand for collection of high precision data at high frequency from all financial institutions to support a better risk based supervision", comments Geoffroy de Lamalle, Chief Executive Officer of eProseed.

MENA: an increasing role in global compliance and combating financial crime
The 11th MENA Regulatory Summit will be attended and supported by regional and international regulators, financial services professionals, law practitioners, advisors and market players.

The participants will highlight the recent macroeconomic developments in the MENA region including the US election, Brexit aftermath, regional regulatory responses to the financial crisis, the digital revolution in financial services, block chain technology, and crowd funding.

The speakers will set the landscape for international anti-financial crime trends, FATF perspective on terrorist financing and emergent types of financial crimes, and the dangers of withdrawal of correspondent banking relationships. Panelists will also discuss trade-based money laundering and trade finance activities, compliance culture, business conduct, business ethics, and compliance conflicts.

eProseed, the Solution Provider for Financial Supervision
Leveraging the proven expertise in developing and implementing end-to-end business solutions based on Oracle's world-class software technology stack and a close collaboration with major Financial Institutions and Regulators, eProseed has developed eProseed Financial Supervision Insight Platform (FSIP), an end-to-end financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

"In essence, eProseed FSIP is a comprehensive, highly agile, and plug-and-play financial supervision solution, enabling efficient and pro-active collection of high precision data at high frequency from all financial institutions, as well as automating and integrating all regulatory and supervisory functions in one single software solution", says Geoffroy de Lamalle.

About eProseed
eProseed is an ICT services provider and a software publisher. Honored with 8 Oracle ACE Directors and 14 Oracle Excellence Awards in the last 7 years, eProseed is an Oracle Platinum Partner with in-depth expertise in Oracle Database, Oracle Fusion Middleware and Oracle Engineered Systems.

eProseed’s portfolio of business applications and business accelerators is built on state-of-the-art, reliable technologies and sound knowledge of today’s challenges, developed and maintained with the highest standards in mind.

Comprehensive training and support are provided by eProseed’s experts for both applications and underlying technologies.

Headquartered in Luxembourg, in the heart of Europe, eProseed has offices in Beirut (LB), Brussels (BE), Dubai (AE), London (UK), New York (USA), Porto (PT), Riyadh (SAU), Sydney (AU), and Utrecht (NL).


Alexandra Toma
Email: alexandra.toma@eproseed.com
Phone: +40 767 670 566

Donald Trump takes oath of office—what to expect from an unexpected...

Enlarge / Donald Trump takes the oath of office Friday, becoming the 45th president of the United States.reader comments 330 Share this story Donald J. Trump won the US presidency in November on a campaign that repudiated both his opponent and the Obama administration. Today he took the oath of office and became the nation's 45th president—despite the political pundits and polls predicting victory for his Democratic rival, Hillary Clinton. The Republican's ascendancy from billionaire real estate mogul to the world's most powerful elected official promises to usher in a new era, one that includes a remaking of the Supreme Court and alterations of US policy when it comes to space, broadband, healthcare, manufacturing, immigration, cyber defense, the environment, and even foreign relations (from diplomacy to the reliance on foreign labor enjoyed by companies like Apple). All of these potential changes only seem more imminent due to the fact that the newly inaugurated Trump, and his Vice President Mike Pence, enjoy a GOP-controlled House and Senate. "The time for empty talk is over. Now arrives the hour of action," Trump said after he was sworn in by Chief Justice John Roberts. Moments later, Trump added: "We stand at the birth of a new millennium, ready to unlock the mysteries of space, to free the earth from the miseries of disease, and to harness the energies, industries and technologies of tomorrow. A new national pride will stir ourselves, lift our sights and heal our divisions." Space: The final frontier As president-elect, Trump already named several key posts in his administration. But one pick that is still to come has star-gazers sitting uneasy—we don't currently know who will lead NASA and replace Charles Bolden. Clearly, this leaves NASA in an uncertain orbit, especially insofar as its human spaceflight programs go. And thus far, there have been no clearly announced NASA policies concerning what comes next from either President Trump or his space transition team. To be sure, many of NASA's human spaceflight initiatives face serious questions. As Trump's presidency begins, recurring issues with the Russian Soyuz launch vehicle have left the agency unable to say when its next astronaut will go into space. Its much-anticipated private space taxis remain more than a year from flight. And questions remain about the viability of its big-ticket programs, the Space Launch System rocket and Orion spacecraft. All that said, there is currently a leading choice to become NASA administrator, Republican Congressman Jim Bridenstine of Oklahoma. Bridenstine has been a proponent for the privatization of satellite data and, if appointed, is likely to favor private solutions for NASA spaceflight operations. The death of net neutrality Enlarge / Warning: Data transfer in progress. Yuri_Arcurs/Getty Images While the future of the nation's space exploration remains at a crossroads, it's clear that change is even more afoot for US broadband policy. Internet Service Providers are already chomping at the bit to undo Web browsing privacy rules adopted in October by the Federal Communications Commission, which under Trump's rule will shift from being controlled by Democrats to Republicans. Seizing on Trump's victory November 8, Republicans in Congress asked the FCC to halt any controversial rulemakings until after the inauguration and warned that any action taken in the final hours of the administration could be overturned. All the while, the Trump transition team has reportedly been pushing a plan to strip the FCC of its role in overseeing competition and consumer protection. What's more, as FCC chief Tom Wheeler steps down today, the FCC enjoys a GOP majority that has promised to gut net neutrality rules "as soon as possible," a move that's backed by many ISPs. And Trump's rumored pick to head the FCC and replace the departing Wheeler, Republican Ajit Pai, says net neutrality's "days are numbered." At stake is a net neutrality order the FCC adopted in 2015 prohibiting ISPs from blocking or throttling traffic or giving priority to Web services in exchange for payment. The order also set up a complaint process to prevent "unjust" or "unreasonable" pricing and practices. The threat of complaints to the FCC helped put an end to several disputes between ISPs and other network operators over network interconnection payments, which improved Internet service quality for many subscribers. Obamacare on life support Make no mistake, the Trump administration and GOP lawmakers intend to gut the Affordable Care Act, Obama's centerpiece legislation also referred to as Obamacare. Trump's pick for health secretary, six-term GOP Rep. Tom Price, has already used a scalpel and carved out some of the most detailed plans to repeal and replace the ACA—among several plans being floated by Republicans. Trump has repeatedly said, pre- and post-election, that he wants to gut Obamacare, which Obama signed in 2010. An estimated 20 million people gained health insurance under the Affordable Care Act. According to the Congressional Budget Office, as many as 18 million people would lose coverage alongside premiums rising by up to 25 percent under Price's proposed repeal legislation. Hospitals maintain that Price's plan could cost them $165 billion and unleash an "unprecedented public health crisis." Again, that's just Price's proposal. As far as official replacement legislation, the Trump administration has yet to publicly embrace or propose a plan, despite saying that the Republicans have one. The GOP's mystery plan is advertised to cover more people than the ACA while improving care and lowering costs. However, Democrats and healthcare experts are skeptical, and Americans nationwide are anxious about the fate of their coverage. For now, no matter which proposed Republican plan is examined, the result would be Americans losing coverage. Nevertheless, Republicans have already begun legislative proceedings to dismantle the ACA. Elsewhere under Price's leadership, federal funding for Planned Parenthood is likely to go by the wayside. Planned Parenthood, one of the nation's leading providers of women's healthcare and the largest provider of sex education, has long been a target of the GOP because Planned Parenthood provides abortions. (The organization is the nation's leading provider of abortions.) Legislation backed by Price in 2015 and approved by the House and Senate had defunded Planned Parenthood, but it was vetoed by President Obama. A 1976 law bans federal funds to pay for abortions. Abortions, however, make up only about three percent of Planned Parenthood's work, with the rest focusing on women's health issues. The organization runs more than 650 health centers around the country, serving around 2.5 million patients a year. And it depends on federal funding for many of those health initiatives. In 2014, for example, federal lawmakers gave Planned Parenthood roughly $553 million—about 43 percent of its overall funding. However, in terms of increasing access to healthcare, Trump has promised prescription drug prices are in his crosshairs. "I'm going to cut down on drug prices," he told Time, a statement that has Big Pharma and its Wall Street backers on edge. But even Trump's drug policies aren't without controversy. The new president has repeated the debunked suggestion that vaccines can induce autism. Taking a bite out of Apple, automakers Enlarge / NEW YORK, NY - December 14: (L to R) Donald Trump, Peter Thiel and Tim Cook, chief executive officer of Apple, Inc., listen during a meeting with technology executives at Trump Tower last month. Drew Angerer/Getty Images One of Trump's key election and post-election points has been jobs, specifically the idea that US companies must stop outsourcing and bring manufacturing jobs home. A year ago, Trump proclaimed in a speech at Liberty University that he would "get Apple to start building their damn computers and things in this country, instead of in other countries." But Apple's business model is based on cheap, foreign manufacturing labor in China. So whether Apple will face any consequences for not adding manufacturing jobs to US roles is anybody's guess. The company has previously squared off with Trump—roughly one year ago during the San Bernardino iPhone controversy. Then-candidate Trump urged a boycott of Apple products until Cupertino complied with a court order requiring the company to assist authorities in unlocking an iPhone used by one of the two killers involved in a San Bernardino mass shooting. But Apple held its ground and fought the order, before watching as the FBI dropped the case without courts compelling Apple to assist. (The FBI was ultimately able to unlock the phone with the assistance of Cellebrite, an Israeli forensics firm.) Another major target of Trump's jobs rhetoric has been the auto industry. And whether it's been attributed to Trump's words, actions—or not to Trump at all—carmakers have been aligning with Trump. This month, after Trump attacked General Motors on Twitter, GM said it would bring back thousands of outsourced information technology jobs in addition to investing $1 billion at several US-based manufacturing plants. GM said the plan has been in the works for some time, but Trump was quick to claim influence. GM was actually the second big automaker with jobs news in January. Earlier, Ford said it would invest $700 million in a Michigan plant to build more electric cars instead of making vehicles in Mexico. Ford chief Mark Fields said the move, among other things, was a "vote of confidence" in the "positive business climate" created by the incoming Trump administration. Even with GM and Ford pledging actions that align with Trump's views, Trump doesn't appear done. Just days ago, he insinuated that he'd heap big tariffs on carmakers and "others" for manufacturing overseas. "Car companies and others, if they want to do business in our country, have to start making things here again. WIN!" Trump tweeted. Up against the wall Enlarge Toksave One way to protect American jobs, apparently, is to build that infamous wall to seal the southern US border from Mexico. It was a part of Trump's campaign, and he has continued to repeat the sentiment. There's been plenty of talk about a wall post-November, including whether it would work and who would pay for it. In actuality, the wall is just a very visible portion of the Trump administration's overall approach to immigration. There's another plan already afoot by a bipartisan group of lawmakers that could have a even greater—and quicker—impact. It's a proposal about building a different sort of barrier, one altering the H-1B visa program that allows many foreign workers to fill US tech-sector jobs. Trump has told tech executives he wants to alter the H-1B program. And one newly proposed plan would make it substantially less attractive to use H-1B workers to replace American candidates. The "Protect and Grow American Jobs Act," introduced last week by Rep. Darrell Issa (R-Calif.) and Scott Peters (D-Calif.), would increase the wages of workers who get H-1B visas. If the bill becomes law, the minimum wage paid to H-1B workers would rise to at least $100,000 annually—up from $60,000. If that measure doesn't sound extreme, consider that a senior Trump official is mulling whether the US should sell visas to the highest bidder. National defense and the cyber strategy When Trump talks, Wall Street and the defense industry listen. Boeing's shares took a beating after Trump tweeted on December 6 that "Boeing's costs are out of control" when it comes to the company's promised new 747 Air Force One ("Cancel order!" Trump continued). As a result, just days ago, Boeing CEO Dennis Muilenburg said he and Trump have "made some great progress" in reducing the cost. Enlarge What's more, Trump dropped a separate Twitter bomb last month on Lockheed Martin, writing, "Based on the tremendous cost and cost overruns of the Lockheed Martin F-35, I have asked Boeing to price-out a comparable F-18 Super Hornet!" Lockheed's stock also went south in the aftermath. And last week, Lockheed CEO Marillyn Hewson, said she was close to striking a deal with Trump to get the fighter jets at "the lowest possible price." As far as national defense goes, Trump is demanding more muscle in both the virtual and physical world. He wants more troops, ships, and planes. He also wants the expansion of the US nuclear and ballistic missile arsenal and the end of defense budget sequestration. That's in stark contrast to Obama, who cut troops and requested defense spending that was less than what was spent during the Reagan administration. In addition to the physical force, Trump has pledged a new focus on offensive "cyber" capabilities "to deter attacks by both state and non-state actors and, if necessary, to respond appropriately." Trump even named former New York Mayor Rudy Giuliani as his so-called "cyber czar." “As a deterrent against attacks on our critical resources, the United States must possess the unquestioned capacity to launch crippling cyber counter-attacks,” Trump said in a speech in October. "This is the warfare of the future. America's dominance in this arena must be unquestioned." Sean Gallagher, Ars' military analyst, wrote Wednesday: That sort of aggressive posture is not a surprise. But the policies that will drive the use of those physical and digital forces are still a bit murky. Considering the position Trump has taken regarding the North Atlantic Treaty Organization (NATO) and his attitudes toward Russia, Trump's statements may hint at a desire for a Fortress America—armed to the teeth and going it alone in every domain of conflict. What climate change? Matt Hintsa In December, Trump told Fox News Sunday host Chris Wallace that he was "open-minded" about climate change. "And nobody really knows. It's not something that's so hard and fast," Trump said. Of course, the Intergovernmental Panel on Climate Change has concluded, with 95 percent statistical confidence, that "human influence has been the dominant cause of the observed warming since the mid-20th century.” Yet Trump has said that the climate consensus generated by the international scientific community is little more than a plot by the Chinese to hamper other economies. Trump's thinking has likely spurred him to pick fossil-fuel-friendly Oklahoma Attorney General Scott Pruitt to lead the Environmental Protection Agency. In 2013, Pruitt testified (PDF) before the House Energy and Commerce Committee that he felt the EPA was overstepping its authority in pursuit of an “anti-fossil fuel agenda.” What's more, Pruitt unsuccessfully pursued legal challenges against an EPA decision forcing Oklahoma to comply with stricter haze pollution standards to two coal power plants, cross-state pollution rules, standards for mercury emissions, the 2015 clarification of water bodies covered by the Clean Water Act, and the Obama administration’s Clean Power Plan to limit greenhouse gas emissions. Pruitt also filed a lawsuit against the Department of the Interior and the Fish and Wildlife Service alleging collusion with environmental groups who had themselves sued to force protection of endangered species. With that, lawmakers have seized on Trump's pro-business and not-so-friendly environmental picks to oversee key government agencies. Rep. Rob Bishop, (R-Utah), who is the chairman of the House Natural Resources Committee, said he "would love to invalidate" the Endangered Species Act if he could muster enough support. Republican lawmakers have complained that the law has been used to improperly stymie drilling, mining, and land development. And while the EPA just increased auto fuel efficiency goals, they, too, could be overturned by a willing president and Congress. Trump has also tapped Rep. Ryan Zinke, a Republican of Montana and a staunch coal supporter, to run the Department of the Interior. Zinke has repeatedly targeted decisions by the Obama administration to regulate or limit fossil fuel production on federal lands. He opposed the temporary moratorium on new coal leases as well as regulations meant to reduce methane emissions from oil and gas wells. And speaking of fossil fuels, Trump has nominated former Exxon Mobil chairman Rex Tillerson to be the nation's secretary of state. Texas Gov. Rick Perry has been named to head the Department of Energy, which sets energy policy and runs an array of national laboratories. Though the Department of Energy performs some vital functions—like overseeing the nation’s nuclear weapons and managing aspects of nuclear energy technology including the handling of waste—Perry infamously once called for its demise. (During his appointment hearing this week, Perry quickly walked that stance back: "In fact, after being briefed on so many of the vital functions of the Department of Energy, I regret recommending its elimination.") As Ars science writer Scott K. Johnson wrote of Perry: After confirmation by the Senate, Perry will oversee an expected effort to reduce funding for research and development of renewable energy technology in favor of fossil fuels. Perry sits on the board of Energy Transfer Partners, a pipeline company whose subsidiary is behind the controversial Dakota Access Pipeline. Perry has repeatedly rejected the conclusions of climate science over the years, even claiming that scientists have manipulated data to create the appearance of warming. But while he was friendly to Texas’ petroleum industry, he also oversaw a boom in wind energy in his state. Texas produces more wind energy than any other state, with farmers and ranchers taking advantage of wind turbine leases to add another source of income. Oyez! Oyez! Oyez! Normally, when that phrase is chanted, nine justices of the US Supreme Court have just taken their seats at 10am to begin a day's session of oral arguments. But for nearly a year now, only eight justices have taken the bench. Justice Antonin Scalia died in February, and political infighting blocked Obama's proposed replacement Merrick Garland, setting the stage for Trump to make a pick once he takes office. Trump has said he wants Scalia's replacement to be like the conservative, originalist Scalia. Trump, who is interviewing candidates, said he will announce a pick within two weeks of Inauguration Day. Trump released a list of 21 potential conservative nominees during the campaign. Legal commenter Jeffrey Rosen notes that Trump could have more than one pick: It's possible, of course, that President Trump will have more than one Supreme Court appointment. If liberal Justices Ruth Bader Ginsburg (age 83) or Stephen Breyer (age 78) were to retire during the next four years, we would see a 6-3 conservative majority for the first time since the pre-New Deal era, which ended in 1937. Such a court could have far more dramatic effects than a 5-4 court on constitutional law across a range of areas, for years or even decades to come. More uncertainty to come The policy areas mentioned above only begin to tell the story of potential change under a Trump presidency. Many other areas of US life could be in for radical policy shifts as well. For example, Trump's nominee for attorney general, Sen. Jeff Sessions, a Republican from Alabama, has opposed legalized marijuana. This has the pro-marijuana community on edge—specifically wondering if Sessions would turn a blind eye to the states' experiments with medical and recreational marijuana, as President Obama's administration has done. Marijuana is illegal under federal law and is classified as a controlled substance, which also creates complications for the scientific community hoping to illuminate the substance's effects. During his confirmation hearings, Sessions said that he "won't commit to never enforcing federal law." So far, eight states have voted to legalize the recreational use of marijuana, and 28 states and the District of Columbia have legalized medical marijuana. Trump's views on this particular issue have waffled. In 1990, he said that he favored legalization of all drugs. Years later in 2015, he was quoted in The Washington Post as saying, "In terms of marijuana and legalization, I think that should be a state issue, state-by-state." But he told The O'Reilly Factor last February that "dealers" were going to "load up" on marijuana and sell it around the country if marijuana was legalized in Colorado. He told O'Reilly that he favored medical marijuana but not the recreational use of it. US foreign policy currently stands on equally uncertain grounds. In addition to the wall bordering Mexico, Trump's pick to head the Central Intelligence Agency, Rep. Mike Pompeo, a Republican from Kansas, has also been making headlines. He agrees with Trump in wanting to roll back the Iran nuclear deal that lifted international sanctions against Iran in exchange for that country reducing its uranium stockpiles and centrifuges—which could be used as part of Iran's nuclear ambitions. What's more, Pompeo last year urged a "death sentence" for National Security Agency whistleblower Edward Snowden, who is currently living in Russia. All the while, privacy advocates worry that Trump will exploit surveillance capabilities utilized by the Justice Department, Federal Bureau of Investigation, and the NSA. Enlightened by the Snowden leaks during the Obama presidency, the world at large gained more insight than it ever had about government monitoring of everyday electronic communications. President Obama took advantage of these capabilities, and now privacy advocates worry that Trump might use these vast surveillance powers to punish critics stateside and, like Obama, ignore constitutional rights along the way. Beyond Trump's appointees, others in his administration could make waves, too. First Lady Melania Trump is already on-record as saying that cyberbullying will be her cause. Former First Lady Michelle Obama's main causes were childhood obesity and the promotion of exercise. Vice President Pence will likely influence things as well. Notably, Pence was close to a group of House Republicans who mostly opposed patent reform, and he has infamously campaigned on pro-life platforms. Though Trump has in the past stated that he’s “very pro-choice,” he said during this election that women should be punished for having an abortion. Pence has a consistent record of limiting access to abortion and of restricting women’s healthcare during his time as the governor of Indiana. Whether Trump's rhetoric, tweeting, and appointments thus far add up to gloom and doom or a bonanza likely depends on one's own political beliefs. But up until now, all of this was largely rhetoric under Trump the Candidate and Trump the President-elect. Today is Day One of the nation's 45th presidency, and with it comes a mountain of the unknown. Only one thing seems certain: change of some kind is on the way under President Donald J. Trump.

ProtonMail Gets Own Tor-Accessible .Onion Hidden Service

Users of the encrypted email service ProtonMail looking for an extra layer of security now have the option of accessing their inbox directly through the Tor network. ProtonMail, originally developed by CERN and MIT scientists, announced Thursday it had added its own Tor hidden service. According to a blog post from Andy Yen, the service’s co-founder and chief executive officer, users can access ProtonMail on Tor, assuming it’s been properly configured, at https://protonirockerxow.onion. We have launched a Tor hidden service! Now there's a more secure way to access your encrypted mailbox. @torproject https://t.co/6inDtzC9C5 pic.twitter.com/xTbqX7mrQ7 — ProtonMail (@ProtonMail) January 19, 2017 While ProtonMail is already encrypted by design, Yen points out that users may want to route their traffic through Tor as a means to prevent a hacker from eavesdropping on their connection.

The main goal of launching the hidden service, Yen claims, is a means to make the service more resistant to censorship and surveillance. “Tor applies extra encryption layers on top of your connection, making it more difficult for an advanced attacker to perform a man-in-the-middle attack on your connection to us.

Tor also makes your connections to ProtonMail anonymous as we will not be able to see the true IP address of your connection to ProtonMail,” Yen wrote. According to the blog post, ProtonMail conferred with Roger Dingledine on the .onion site. Dingledine developed Tor and currently serves as the service’s research director and president. As ProtonMail was able to acquire a certificate from the CA DigiCert, the .onion site exists only on HTTPS, meaning users should see a green bar in their browser upon navigating to the site. Developers with the service acknowledge that while the concept of using HTTPS for an onion site may sound redundant to some, it was a necessary step. If Tor was ever compromised, Yen claims having HTTPS enforced by default would protect users.
Vice versa, if a certificate authority was ever compromised, or HTTPS was ever cracked, Tor could help safeguard users. “The notion of HTTPS being compromised is one that we take seriously, considering that there are hundreds of CAs (certificate authorities) that are trusted by default, with many of them under direct government control in high risk countries,” Yen wrote. Yen goes on to say that the way the site is put together should make it more resistant to phishing. The company used some spare computational power it had to “generate millions of encryption keys” which it then hashed to generate a more “human readable hash” for the URL. Yen is still asking users to double check that they’re on the right site – most importantly that it has a SSL certificate issued to Proton Technologies AG – before entering their credentials. Yen points out that the site is experimental, so it may take longer to reach and users’ experiences may vary. Nevertheless, he is still encouraging ProtonMail users who value their privacy to seek it out. It was over two years ago that DigiCert issued an .onion SSL certificate to Facebook for its own hidden service.

The move, at the time, was a milestone; it marked the first time a CA had issued a legitimate SSL certificate for an .onion address. The move was a success. Over the course of 30 days this past summer one million people accessed the site over Tor. Following Facebook’s hidden service news, the CA said it was mulling opening up the way it was issued .onion domain certificates. Jeremy Rowley, then DigiCert’s vice president of business development and legal, said the company believed there was a value in providing SSL and TLS security for Tor, but only if the right security controls were in place.

The company went on to issue HTTPS .onion certificates for Blockchain.info and the Intercept’s SecureDrop installation in the months following.

Brilliant phishing attack probes sent mail, sends fake attachments

Strategy_Doc.PDF from the next cubicle is actually a portal to p0wnage An newly-detected Gmail phishing attack sees criminals hack and then rifle through inboxes to target account owners' contacts with thoroughly convincing fake emails. The new attack uses the file names of sent attachments and applies that name into new attachments that appear to be PDFs but are actually images that, when clicked, send victims to phishing pages. Suitable subject lines stolen from sent emails are applied to the new phishing emails, making the mischievous messages more legitimate. Even the URL to which the attachments point is crafted to appear legitimate, bearing the google.com domain, says WordFence chief executive officer Mark Maunder who reported the attacks. "You are probably thinking you’re too smart to fall for this: It turns out that this attack has caught, or almost caught several technical users who have either tweeted, blogged or commented about it," Maunder says. "It is being used right now with a high success rate … this technique can be used to steal credentials from many other platforms with many variations in the basic technique." The phishing landing page.
Image: WordFence. Users who fall for the attacks can be saved by two factor authentication. One user claiming to be a system administrator at a school says the attacks compromised students and three staff within two hours, using an athletic schedule paired with a subject line to pull off the attacks. This is the closest I've ever come to falling for a Gmail phishing attack.
If it hadn't been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh — Tom Scott (@tomscott) December 23, 2016 Attackers use the data URI scheme to embed a file in the browser location bar which executes once their malicious attachment is clicked, displaying the fake Google login page and google.com address. Keen eyed users may spot the URL prefix data:text/html or the lower resolution Google image in the phishing page. White space separates and hides the URL from the file text which invokes the phishing page in a new browser tab. Maunder says the phishing attacks do not trigger Google's green or red secure and insecure HTTPS security indicators, giving it an appearance of uniformity that makes the attacks highly effective. "In user interface design and in human perception, elements that are connected by uniform visual properties are perceived as being more related than elements that are not connected," he says. He recommends Google change the colour of the data:text/html prefix to amber which would grab user's attention. ® Sponsored: Customer Identity and Access Management

Security hardened, pah! Expert doubts Kaymera’s mighty Google’s Pixel

Kaymera: building on shoulders of a giant, claim The arrival of a security hardened version of Google’s suppoed "iPhone killer" Pixel phone from Kaymera has received a sceptical reception from one expert. Kaymera Secured Pixel is outfitted with Kaymera’s own hardened version of the Android operating system and its security architecture. This architecture is made up of four layers: encryption, protection from malicious downloads, a prevention layer that monitors for unauthorised attempts to access OS functions (such as microphone, camera or GPS), and a detection and enforcement layer that monitors, detects and blocks malicious code or misbehaving apps.
Indecent mobile security experts have questioned whether the technology offers much by way of benefits over that offered by native Pixel smartphones. But professor David Rogers, chief executive of Copper Horse and a Lecturer in mobile systems security at the University of Oxford, questioned what exaclty is new. “Many of the proposed functions are already in-built into Pixel (examples below), so what are the extra benefits Kaymera offers?” For example, Pixel has full device encryption and file-based encryption, backed by TrustZone. Plus, as it's Google’s own phone, Pixel is first in line for patching - an important security defence in itself. “Pixel has many other functions and capabilities built over many years including Position Independent Execution (PIE), Address Space Randomisation Layout (ASLR), SE Linux and so on,” Rogers added. Kaymera responded that its kit offered benefits on this front by enforcing security controls built into Pixel but not actually enforced. Oded Zehavi, Kaymera chief operating offficer, told El Reg: “In places where Google has good enough security, we leverage the existing functionality (in many of the examples given here, the functionality is not actually enforced.
In these cases we enforce and prevent disabling of the security functionality by negligent users or malicious hackers).” Third-parties building on Google security do not have a good track record in this space (including Blackphone) in terms of getting their own code secure and tested properly, including updates.  Rogers is unconvinced that Kaymera will do any better with hardening Pixel than others have done with hardening Android. Zehavi responded that Kaymera devices have been tested to the most rigorous standards by governments around the world. “As a philosophy we always have more than one security layer against any attack vector hence we don’t trust any single security measure including Google security measures.

For example, our prevention layer feeds with fake resources any payload that may overcome the OS hardening and get loaded onto the device,” Zehavi said. Rogers remains unconvinced about the security proposition of the Kaymera Secured Pixel, especially in the absence of NCSC certification or US security certification.
It’s more like “some kind of Chimera rather than a Kaymera,” he cuttingly concluded. “If Kaymera really want to protect against comms interception, low-level malware attacks and so on, they would have to build some kind of firewall and introspection capability,” Rogers said. “To do that they would need access inside the Radio Interface Layer and also to processes and app data.” “Google’s security architecture does not allow this unless you ‘roll your own’ in a big way, creating your own device and modifying the AOSP [Android Open Source Project] code to deliver a bespoke device,” he added. Creating a bespoke device risk undoing Google’s security controls, Rogers warned. “Application sandboxing and isolation there for a reason, including enforcing the Principle of Least Privilege,” he said. The Israeli manufacture said it had been careful to add extra security without breaking Google’s existing controls. Zehavi explained: “Even though we embed our code deep into the AOSP code in layers that are beyond what regular applications can reach, we do not break any existing Google security measures including the sandboxing etc.
Instead, we add extra measures across the board that, as mentioned, leverage the existing mechanism but bring the device to a total different level of security which cannot be achieved via the application layer alone.” Rogers responded: “They admit to using AOSP which I guess means they self-sign the build of the device themselves.

That then comes down to a question of trust in who is digitally signing the product (that gives that signer access to absolutely everything, the radio path, the private data, the lot).“ The Kaymera Secured Pixel is aimed at business and government customers prepared to pay for extra to avoid the security weaknesses associated with the ‘off the shelf’ Android operating system.

The device retains the original Google device’s purpose-built hardware, features and ergonomics. Users can, for example, still use the fingerprint scanner. Kaymera devices are centrally managed via the company’s management dashboard, enabling easy enforcement of security policies on the smartphone. Kaymera’s secured Pixel phone is available immediately. Kaymera was started in late 2013 by the founders of NSO, the surveillance tech provider whose legitimate iPhone spyware malware was used to target the phone of UAE human rights activist Ahmed Mansoor in August 2016.  The spyware caused Apple to rush out emergency software patches, to plug vulnerabiliies in its iOS mobile operating system. The Israeli firm is open about its roots.
If NSO is a ‘poacher’, selling surveillance tools to governments, then Kaymera is the gamekeeper, its pitch runs. “I’m not sure I can buy in to the poacher turned gamekeeper thing here and I would rather trust Google in this case,” Rogers concluded. ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub