Home Tags Starbucks

Tag: Starbucks

IDG Contributor Network: Are Linux users weird?

Are Linux users weird? Let’s face it, Linux users have often been portrayed in the media as being a little…er…different than macOS or Windows users.

But now a writer at Network World is convinced that the days of Linux users being viewed as eccentric are finally coming to an end.Bryan Lunduke reports for Network World: Back to the Starbucks from a few days back.

There I was, writing an article about GNOME—my laptop properly adorned with EFF, openSUSE and FSF stickers.
I look up to gaze around the room (gotta give those eyes a screen break every so often), and I see a woman working at another table. Her laptop had stickers, too—Arch Linux and EFF.To read this article in full or to leave a comment, please click here

How—and why—you should use a VPN any time you hop on...

One of the most important skills any computer user should have is the ability to use a virtual private network (VPN) to protect their privacy.

A VPN is typically a paid service that keeps your web browsing secure and private over public Wi-Fi hotspots.
VPNs can also get past regional restrictions for video- and music-streaming sites and help you evade government censorship restrictions—though that last one is especially tricky. The best way to think of a VPN is as a secure tunnel between your PC and destinations you visit on the internet. Your PC connects to a VPN server, which can be located in the United States or a foreign country like the United Kingdom, France, Sweden, or Thailand. Your web traffic then passes back and forth through that server.

The end result: As far as most websites are concerned, you’re browsing from that server’s geographical location, not your computer’s location. We’ll get to the implications of a VPN’s location in a moment, but first, let’s get back to our secure tunnel example. Once you’re connected to the VPN and are “inside the tunnel,” it becomes very difficult for anyone else to spy on your web-browsing activity.

The only people who will know what you’re up to are you, the VPN provider (usually an HTTPS connection can mitigate this), and the website you’re visiting. A VPN is like a secure tunnel for a web traffic. When you’re on public Wi-Fi at an airport or café, that means hackers will have a harder time stealing your login credentials or redirecting your PC to a phony banking site. Your Internet service provider (ISP), or anyone else trying to spy on you, will also have a near impossible time figuring out which websites you’re visiting. On top of all that, you get the benefits of spoofing your location.
If you’re in Los Angeles, for example, and the VPN server is in the U.K., it will look to most websites that you’re browsing from there, not southern California. This is why many regionally restricted websites and online services such as BBC’s iPlayer or Sling TV can be fooled by a VPN.
I say “most” services because some, most notably Netflix, are fighting against VPN (ab)use to prevent people from getting access to, say, the American version of Netflix when they’re really in Australia. For the most part, however, if you’re visiting Belgium and connect to a U.S.
VPN server, you should get access to most American sites and services just as if you were sitting at a Starbucks in Chicago. What a VPN can’t do While VPNs are an important tool, they are far from foolproof. Let’s say you live in an oppressive country and want to evade censorship in order to access the unrestricted web.

A VPN would have limited use.
If you’re trying to evade government restrictions and access sites like Facebook and Twitter, a VPN might be useful.

Even then, you’d have to be somewhat dependent on the government’s willingness to look the other way. Anything more serious than that, such as mission-critical anonymity, is far more difficult to achieve—even with a VPN. Privacy against passive surveillance? No problem. Protection against an active and hostile government? Probably not. HideMyAss A VPN service provider such as HideMyAss can protect your privacy by ensuring your internet connection is encrypted. The problem with anonymity is there are so many issues to consider—most of which are beyond the scope of this article. Has the government surreptitiously installed malware on your PC in order to monitor your activity, for example? Does the VPN you want to use have any issues with data leakage or weak encryption that could expose your web browsing? How much information does your VPN provider log about your activity, and would that information be accessible to the government? Are you using an anonymous identity online on a PC that you never use in conjunction with your actual identity? Anonymity online is a very difficult goal to achieve.
If, however, you are trying to remain private from prying eyes or evade NSA-style bulk data collection as a matter of principle, a reputable VPN will probably be good enough. Beyond surveillance, a VPN also won’t do much to keep advertisers from tracking you online. Remember that the website you visit is aware of what you do on its site and that applies equally to advertisers serving ads on that site. To prevent online tracking by advertisers and websites you’ll still need browser add-ons like Ghostery, Privacy Badger, and HTTPS Everywhere. How to choose a VPN provider There was a time when using a VPN required users to know about the built-in VPN client for Windows or universal open-source solutions such as OpenVPN. Nowadays, however, nearly every VPN provider has their own one-click client that gets you up and running in seconds.

There are usually mobile apps as well to keep your Android or iOS device secure over public Wi-Fi. Of course that brings up another problem.
Since there are so many services to choose from, how can you tell which ones are worth using, and what are the criteria to judge them by? First, let’s get the big question out of the way.

The bad news for anyone used to free services is that it pays to pay when it comes to a VPN.

There are tons of free options from reputable companies, but these are usually a poor substitute for the paid options.

Free services usually allow a limited amount of bandwidth usage per month or offer a slower service.

Tunnel Bear, for example, offers just 500MB of free bandwidth per month, while CyberGhost offers a free service that is significantly slower than its paid service. CyberGhost Everybody loves free services; but when you want to use a VPN, the free version usually isn’t the best deal. Then there are the free VPNs that use an ad-supported model, which in my experience usually aren’t worth using at all. Plus, free VPNs are usually anything but; in lieu of payment they may be harvesting your data (in anonymized form of course) and selling it as “marketing insights” to advertisers. The good news is VPNs aren’t expensive. You can usually pay as little as $5 a month (billed annually or in blocks of several months) for VPN coverage. We won’t get into specific VPN service recommendations in this article; instead, here are some issues to consider when shopping around for a VPN provider. First, what kind of logging does your VPN provider do? In other words, what information do they keep about your VPN sessions and how long is it kept? Are they recording the IP addresses you use, the websites you visit, the amount of bandwidth used, or any other key details? All VPNs have to do some kind of logging, but there are VPNs that collect as little data as possible and others that aren’t so minimalist. On top of that, some services discard their logs in a matter of hours or days while other companies hold onto them for months at a time. How much privacy you expect from your VPN-based browsing will greatly influence how long you can stand having your provider maintain your activity logs—and what those logs contain. TunnelBear TunnelBear is one of the author’s favorite VPNs, but there are many good choices on the market. Second, what are the acceptable terms of use for your VPN provider? Thanks to the popularity of VPNs with torrent users, permissible activity on specific VPNs can vary.
Some companies disallow torrents completely, some are totally fine with them, while others won’t stop torrents but officially disallow them. We aren’t here to advise pirates, but anyone looking to use a VPN should understand what is and is not okay to do on their provider’s network. Finally, does the VPN provider offer their own application that you can download and install? Unless you’re a power user who wants to mess with OpenVPN, a customized VPN program is really the way to go.
It’s simple to use and doesn’t require any great technical knowledge or the need to adjust any significant settings. Using a VPN You’ve done your due diligence, checked out your VPN’s logging policies, and found a service with a great price and a customized application. Now, for the easy part: connecting to the VPN. Here’s a look at a few examples of VPN desktop applications. TunnelBear, which is currently my VPN of choice, has a very simple interface—if a little skeuomorphic. With Tunnel Bear, all you need to do is select the country you want to be virtually present in, click the dial to the “on” position, and wait for a connection-confirmation message. SaferVPN works similarly.

From the left-hand side you select the country you’d like to use—the more common choices such as the U.S., Germany, and the U.K. are at the top. Once that’s done, hit the big Connect button and wait once again for the confirmation message. SaferVPN With SaferVPN, all you need to do is choose the country you wish to have a virtual presence in. HMA Pro is a VPN I’ll be reviewing in the next few days.

This interface is slightly more complicated, but it’s far from difficult to understand.
If you want to select your desired virtual location click the Location mode tab, click on the location name, and then choose your preferred location from the list. Once that’s done click the slider button that says Disconnected. Once it flips to Connected,you’re ready to roll. There are numerous VPN services out there, and they all have different interfaces; but they are all similar enough that if you can successfully use one, you’ll be able to use the others. That’s all there is to using a VPN.

The hard part is figuring out which service to use. Once that’s done, connecting to a VPN for added privacy or to stream your favorite TV shows while abroad is just a click away. This story, "How—and why—you should use a VPN any time you hop on the internet" was originally published by TechHive.

How to survive the death of Flash

Seven years ago, Steve Jobs launched the once-popular Abode Flash into a long, slow death spiral when he announced that Flash would not be installed on any of his cutting-edge products, particularly the iPad and iPhone. Jobs argued that Flash was slow, cumbersome, battery intensive, incompatible with touch-screens, and had massive security issues. Since then, Flash has fallen out of favor for a number of very good reasons. First, it remains a serious security concern. Second, around five years ago, Adobe announced that Flash would not be available for mobile devices, which is where Internet users were headed. And third, HTML5 emerged in 2014 as an adequate replacement for Flash as a development platform for multimedia applications such as animation and games. Five years ago, Flash was active on close to 30 percent of all websites. Today, that number is down to less than 8 percent, according to W3Techs, a division of Q-Success Management Consulting. However, Flash is still being used on some of the major sites on the Internet, including the New York Times, salesforce.com, Fox News, Spotify and Starbucks. And while Adobe has recognized that Flash’s best days are behind it, the company is continuing to patch and update the software. And end users continue to download the Flash player plug-in, even though most security pros consider it a serious risk.

Anti-ultrasound tech aims to foil the dog-whistle marketeers

Researchers are finding ways to protect users from cross-device tracking Black Hat EU Marketeers are coming up with ways to invade our privacy in the interests of serving us ads in a way that goes far beyond the dire predictions of films such as Minority Report. Security researchers are already thinking about countermeasures. Cross-device tracking (XDT) technologies allow marketeers to track the user's visited content across different devices to then push relevant, more targeted ads. For example, if a user clicks on an ad while browsing the web at home, advertisers are interested in displaying related advertisements on the user's phone when they visit a shopping centre. One technology aiming to achieve this is ultrasonic cross-device tracking (uXDT), which uses the ultrasonic spectrum as a communication channel to "pair" devices for tracking and ad serving. Pairing happens through a receiver application. Users would consent to this, as in current proximity-marketing apps such as Shopkick, via discounts and other incentives. Firms including Google, Nestlé and Dominos are either investing in uXDT or using providers such as SilverPush, Signal360 and Audible Magic. Researchers at UC Santa Barbara and security firm Lastline have discovered that numerous mobile applications include uXDT advertising frameworks which actively listen for ultrasounds without the informed consent of users, and in some cases without an opt-out option for users. The team further discovered that an attacker can exploit uXDT frameworks to reveal the true IP addresses of users who browse the internet through anonymity networks (for example VPNs or Tor). Hackers might also be able to tamper with the pairing process or affect the results of the advertising/bidding algorithms. For example, an attacker equipped with a simple smartphone could walk into a Starbucks and launch a profile-corruption attack against all customers currently taking advantage of uXDT-enabled apps. The security researchers have developed a browser extension that acts as a personal firewall by selectively filtering ultrasonic beacons and other mitigation tools. It was unveiled during a presentation at Black Hat EU on Thursday. The same team also developed an operating system permission control for Android as part of their research. On a similar theme, former NSA analyst David Venable, now vice president of Masergy, gave a presentation on the advertising industry's use of the Big Data technologies pioneered by intelligence agencies and governments. Venable outlined techniques to prevent selected activities from being associated with someone's true persona, with a focus on making the true persona blend in with the masses. Going off the grid need not be the answer, and in any case might make someone stand out more, Venable told El Reg. “Bad data can lead to bad decisions,” he said. “Biased algorithms reflect the biases of creators, which is why you might want to avoid them.” Venable’s idea is to rethink operational security principles, which normally involve staying under the radar of government agencies and the police, to avoid motor insurance providers and credit reference agencies. “It’s about choosing what information you reveal and mindfulness,” he said. Part of this involves thinking about the apps installed on a smartphone, as well as more subtle defences such as keeping a phone in another room in case an app is recording audio. Venable does not, however, advocate keeping smartphones in the refrigerator before taking meetings, as per Edward Snowden. ® Sponsored: Customer Identity and Access Management

Microsoft thought of the children and decided to ban some browsers

Redmond's Family Settings now block browsers-without-filters by default, but which ones? Microsoft has updated its family filters to block some rival browsers and says it's done so to think of the children. The changes are part of its bid to end the compatibility clashes caused when non-Microsoft browser barons push updates, breaking the restrictive Windows 10 family settings. The Reg understands that clashes allowed Chrome, Firefox, and others to access blocked sites.

But Microsoft's not named the browsers kids won't be able to run any more, saying only that "Most commonly used browsers don't have web filtering.

To keep your children safer, we'll automatically block these browsers on their devices." Microsoft previously recommended parents make the Internet even more miserable by blocking the world's most popular browser and grounding their kids to Redmond's IE and Edge offerings. Now the punishment is automatic, Microsoft says in a change notice.

The ban's not irrevocable: parents willing to confront Windows' Family settings can whitelist browsers other than Redmonds'. A handful of family filter bypasses of questionable effectiveness have surfaced in previous months, but all appear to have been crushed by Redmond's latest update. The latest fix and all subsequent patches may be of fleeting relief for parents of primary (elementary) school kids like Jake Sethi Reiner who took to a recent hacker con to discuss 'threat modelling for 11 year olds' in which he broke his dev dad's attempts to control his internet access and cloud server. The cynically-minded could be tempted to suggest this new browser block is part of Redmond's efforts to get users onto Edge, its latest browser. Last month it bribe offered Americans one free terrible coffee a month for using the browser and allowing their keystrokes to be monitored. Yet even with free Starbucks up for grabs, Google's Chrome is the uncontested champion of the web browsing war with some 51.04 per cent of the market according to analyst outfit NetMarketShare.

The service places Microsoft's Internet Explorer in second with 21.76 per cent, Safari with 11.12, Firefox with six percent and the recently-released Edge lagging at 3.91 per cent. ®

Apple must pay Ireland $14.5 billion in taxes, rules European Commission

Andrew Cunninghamreader comments 157 Share this story BRUSSELS—Europe’s competition chief has ordered Ireland to reclaim €13 billion (£11.1 billion/$14.5 billion) in back taxes from Apple. It comes despite the US treasury department warning last week that it would “consider its options” in such an eventuality. Speaking at the European Commission’s headquarters in Brussels on Tuesday, Margrethe Vestager said: “Member states cannot give tax benefits to selected companies—this is illegal under EU state aid rules." The investigation, which started in 2014, has technically not found Apple guilty of wrongdoing. Rather it is a judgment that the so-called sweetheart tax deals Apple received from Ireland constitute illegal state aid. Because the commission can order recovery of illegal state aid for up to 10 years before first request for information, Ireland must now recover the unpaid taxes from Apple for the years 2003 to 2014, plus interest. “This is not a penalty, it is unpaid taxes to be paid,” said Vestager who was scathing about Apple’s activities. “The so-called ‘head office’ did no business.
It had no employees, no premises.

But under the tax ruling the so-called head office was attributed all the company’s profits for sales throughout Europe Africa, Middle East, and India,” she added. “Tax rulings cannot endorse a method that fails to reflect economic activity or reality, for that matter,” the commissioner said. Brussels' officials said that Ireland allowed Apple to pay an effective corporate tax rate of one percent on its European profits in 2003 down to 0.005 per cent in 2014.

These were determined by tax rulings granted in 1991 and 2007.

This tax ruling was terminated in 2015. “It is for the Irish authorities to determine the exact amount—working out the interest due—and the modalities of reclamation,” said Vestager. However she stood by the massive €13 billion figure: “There is no discretion for me to choose, it is based on the facts and I hope that if it goes to court it will be upheld as it is based on facts.” Apple established two companies—Apple Operations Ireland and Apple Sales International—but almost all sales profits recorded by these two entities were attributed to a "head office" that Vestager said “existed only on paper and could not have generated such profits,” adding that the “situation did not correspond to economic reality.” Apple Sales International and Apple Operations Europe did make payments to Apple in the US to fund research and development of around $2 billion a year. The amount Apple must pay could be reduced if the US Internal Revenue Service (IRS) determines that the Irish subsidiaries should dish out a larger amount to Apple US to pay for research and development. How much it might be reduced by is unclear, however. “The details on this can be quite difficult to assess, because this is up to the US authorities,” Vestager said. The commission estimates that around €187 billion of profits are not repatriated to the US. “Therefore, only a small percentage of Apple profits were taxed in Ireland, and the rest was taxed nowhere,” it said. Apple's boss Tim Cook, in a lengthy statement rebuffing the ruling, accused the European Commission of trying "to rewrite Apple’s history in Europe, ignore Ireland’s tax laws, and upend the international tax system in the process." He added: The opinion issued on August 30 alleges that Ireland gave Apple a special deal on our taxes.

This claim has no basis in fact or in law. We never asked for, nor did we receive, any special deals. We now find ourselves in the unusual position of being ordered to retroactively pay additional taxes to a government that says we don't owe them any more than we've already paid. The commission’s move is unprecedented and it has serious, wide-reaching implications.
It is effectively proposing to replace Irish tax laws with a view of what the commission thinks the law should have been. This would strike a devastating blow to the sovereignty of EU member states over their own tax matters, and to the principle of certainty of law in Europe. Cook added that Apple would appeal against the ruling, adding: "We are confident that the commission’s order will be reversed." He claimed that the iPhone maker had been singled out by Brussels' officials.

Cook said: In Apple’s case, nearly all of our research and development takes place in California, so the vast majority of our profits are taxed in the United States.

European companies doing business in the US are taxed according to the same principle.

But the commission is now calling to retroactively change those rules. Beyond the obvious targeting of Apple, the most profound and harmful effect of this ruling will be on investment and job creation in Europe. Ireland has also said it will appeal against the decision in Europe's courts.

The country's finance minister, Michael Noonan, said he “profoundly” disagreed with the commission’s findings. He said it was “necessary to defend the integrity of our tax system; to provide tax certainty to business; and to challenge the encroachment of EU state aid rules into the sovereign member state competence of taxation.” He added: “It is important that we send a strong message that Ireland remains an attractive and stable location of choice for long-term substantive investment.” Vestager said there were "many ways for countries to encourage companies to invest in Europe.
It is up to Ireland whether they want to challenge [the ruling] or not." However, she also invited other jurisdictions to look at the commission’s findings to see if they believe Apple owes profits elsewhere.
Such a situation could provoke a free-for-all where other member states vie for a slice of the apple. “This is not about transfer pricing, it is about allocation of profits so it is different to the decisions on Starbucks and Fiat,” Vestager told reporters. The US treasury department will also look closely at the decision to evaluate if Apple’s US tax liability is reduced. “This would effectively constitute a transfer of revenue to the EU from the US government and its taxpayers,” warned a treasury white paper last week. Meanwhile, the commission continues to investigate a similar case relating to Amazon's tax structure. This story was updated after publication with comment from Apple CEO Tim Cook. This post originated on Ars Technica UK

IDVector Offers Alternative Approach to VPNs

Security startup IDVector builds ephemeral connections though cloud providers to help provide security and some anonymity for users. Security startup IDVector, which provides an alternative approach to VPNs to help ensure secure access to internet resources, emerged from stealth mode this week.With most VPN technologies, user traffic is encrypted and routed through a gateway, but IDVector's goal is to go beyond a basic VPN by providing additional security assurances and even a degree of anonymity for users, Ben Baumgartner, co-founder and CEO, said. Rather than simply encrypting and then tunneling user traffic through a single gateway, IDVector sets up ephemeral paths through cloud providers. Both shared and private network paths are available on the IDVector system, Baumgartner explained."The paths are ephemeral on-demand, cloud redirection egress nodes," Baumgartner told eWEEK. "When I say ephemeral, I mean the paths are built on cloud assets that are set up and taken down in a short period of time."The shared path option is a set of resources that can be live for up to 12 hours, while a private path might only be live for a few minutes. Users can get access to the IDVector platform either by way of a mobile application or with a USB hardware appliance. Andrew Boyce, co-founder and CTO of IDVector, explained that the company uses Amazon, Rackspace and DigitalOcean cloud resources to enable the shared and private network paths.

The deployment automation piece of IDVector is enabled by way of the open-source Ansible configuration management tool. The idea of using cloud resources to build a VPN service for security access isn't entirely unique.
In December 2015, privately held startup Dispel launched its service providing private cloud connections and systems to enable user privacy.Beyond just providing encrypted paths through the internet using ephemeral hosts, IDVector has built additional capabilities to help users stay secure. The USB hardware IDVector Pro device, for example, includes its own hardened Linux stack that provides more security for initial network access than a traditional integrated network interface card provides.Additionally, the Pro device has the ability to randomize the media access control (MAC) address of a user's device."You go to Starbucks, and the thing they use to track you, to make sure you accept the WiFi usage agreement is your MAC address, which also happens to be a great way to also learn how often you go to Starbucks," Boyce said. "The IDVector Pro will create a completely fictitious MAC address every time you connect."IDVector is backed by cyber-security incubator Kyrus Tech, which has had previous success helping to launch security firm Carbon Black.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.

HP Sure View Blocks Prying Eyes

The 3M-developed feature will be available soon on the EliteBook 1040 and 840 laptops. Hackers don't need high-tech digital coding tools to steal your identity—they just need decent eyesight. The new phenomenon of "visual hacking" means anyone at a nearby Starbucks table or library desk can poach information from your computer screen.
So HP Sure View is a new 3M-developed feature for the HP EliteBook 1040 and 840 laptops that's intended to protect against visual hacking with the press of a button. Tap the F2 key to transition into privacy mode, which reduces up to 95 percent of the screen's visible light when viewed at an angle, making it difficult for anyone other than you to read the display.
"The addition of HP Sure View to our PC security solutions helps address the risks associated with visual hacking and gives customers the freedom to work more confidently and productively in public spaces with the touch of a button," Alex Cho, vice president and general manager of HP's commercial PCs, said in a statement. A recent 3M-sponsored study by the Ponemon Institute tipped a 90 percent visual hacking success rate—a frightening proposition for businesses whose employees take their work outside of the office. HP Sure View is set for a September launch on the HP EliteBook 1040 Full HD touch and non-touch versions, as well as the HP EliteBook 840. For more, check out PCMag's roundup of the Best Password Managers and How to Avoid Getting Hacked While Traveling.

US sends nastygram to European Union over alleged Apple tax dodging

EnlargeSnow White, Disney Films reader comments 47 Share this story Apple's battle with the European Union’s competition watchdog has been backed by the US government, which on Wednesday waded into the complaint over the iPhone maker's tax arrangements. The US treasury warned in a white paper that Brussels' ongoing investigation into Apple’s tax deal with Ireland could “create an unfortunate international tax policy precedent.” On Thursday, the European Commission responded that there was “no bias” against US companies. After two years of investigations, antitrust chief Margrethe Vestager is expected to issue a decision on allegations of tax dodging by Apple in the autumn. The commission is considering whether the company used so-called “transfer pricing arrangements” to move profits around in order to avoid tax.
Ireland is implicated in letting Apple pay a tiny amount of tax.

Technically, this means that it may have benefited from illegal state aid. “Tax rulings may involve state aid within the meaning of EU rules if they are used to provide selective advantages to a specific company or group of companies,” the commission states. But the US treasury warned that Vestager's office was in danger of overstepping its bounds “beyond enforcement of competition and state aid law under the TFEU [Treaty on the Functioning of the EU] into that of a supra-national tax authority.” It said it was considering “potential responses should the commission continue its present course,” adding: “a strongly preferred and mutually beneficial outcome would be a return to the system and practice of international tax cooperation that has long fostered cross-border investment between the United States and EU member states.” Vestager has already ordered the payment of more than €20 million in back taxes from Starbucks and Fiat Chrysler over similar tax deals with the Netherlands and Luxembourg, and Ireland could be instructed to reclaim up to tens of billions of dollars from Apple. The US government's bean counters are worried about the crackdown, however: There is the possibility that any repayments ordered by the commission will be considered foreign income taxes that are creditable against US taxes owed by the companies in the United States.
If so, the companies’ US tax liability would be reduced. To the extent that such foreign taxes are imposed on income that should not have been attributable to the relevant member state, that outcome is deeply troubling, as it would effectively constitute a transfer of revenue to the EU from the US government and its taxpayers. Put another way, the US treasury appears to be saying: "we get to tax our multinationals, not the EU." Apple CEO Tim Cook has always denied any wrongdoing. The commission has also been pursuing a similar investigation against Amazon in Luxembourg and has warned that other cases may be on the way. “A substantial number of additional cases against US companies may lead to a growing chilling effect on US-EU cross-border investment,” the treasury hit back. On Thursday, the commission's spokesperson, Alexander Winterstein, said that it had taken note of the white paper, before drily saying that EU state aid rules have been in place for years. “With regard to the insinuation of bias, let me repeat what commissioner Vestager has been saying, which is that EU law and competition rules apply indiscriminately to all companies operating in Europe, whether they are big companies or small companies, whether they are companies that are European or companies from outside Europe.

There is absolutely no trace of a bias here,” he added. This post originated on Ars Technica UK

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

‘I vote Trump! free Internet’ A Wi-Fi hack experiment conducted at various locations at or near the Republican National Convention site in Cleveland underlines how risky it can be to connect to public Wi-Fi without protection from a VPN. The exercise, carried out by security researchers at Avast, an anti-virus firm, revealed that more than 1,000 delegates were careless when connecting to public Wi-Fi. Attendees risked the possibility of being spied on and hacked by cybercriminals or perhaps even spies while they checked their emails, banked online, used chat and dating apps, and even while they accessed Pokemon Go. Avast researchers set up fake Wi-Fi networks at various locations around the Quicken Loans Arena and at Cleveland Hopkins International Airport with fake network names (SSIDs) such as “Google Starbucks”, “Xfinitywifi”, “Attwifi”, “I vote Trump! free Internet” and “I vote Hillary! free Internet” that were either commonplace across the US or looked like they were set up for convention attendees. Of the people connecting to the fake candidate name Wi-Fi in Cleveland, 70 per cent connected to the Trump-related Wi-Fi, 30 per cent to the Clinton-related Wi-Fi. With mobile devices often set to connect to known SSIDs automatically, users can overlook the networks to which they are connecting.

Although convenient, this feature is eminently easy to exploit by cybercriminals who set up a false Wi-Fi network with a common SSID. Moreover, web traffic can be visible to anyone on any Wi-Fi network that is unencrypted.

Any Wi-Fi that does not require a password is a risk. In its day-long experiment Avast saw more than 1.6Gbs transferred from more than 1,200 users.
Some 68.3 per cent of users‘ identities were exposed when they connected, and 44.5 per cent of Wi-Fi users checked their emails or chatted via messenger apps.

The researchers scanned the data, but did not store it or collect personal information. Avast learned the following about the Republican National Convention attendees: 55.9 per cent had an Apple device, 28.4 per cent had an Android device, 1.5 per cent had a Windows Phone device, 3.4 per cent had a MacBook laptop and 10.9 per cent had a different device 13.1 per cent accessed Yahoo Mail, 17.6 per cent checked their Gmail inbox, and 13.8 per cent used chat apps such as WhatsApp, WeChat and Skype 6.5 per cent shopped on Amazon, and 1.2 per cent accessed a banking app or banking websites like bankofamerica.com, usbank.com, or wellsfargo.com 4.2 per cent visited government domains or websites 5.1 per cent played Pokemon Go 0.7 per cent used dating apps like Tinder, Grindr, OKCupid, Match and Meetup 0.24 per cent visited pornography sites like Pornhub.com “With Washington heatedly discussing cybersecurity issues virtually every week, we thought it would be interesting to test how many people actually practice secure habits,” said Gagan Singh, president of mobile at Avast. “Understanding the talking points behind these privacy issues is very different from implementing secure habits on a daily basis.

Though it is not surprising to see how many people connect to free Wi-Fi, especially in a location with large crowds such as this, it is important to know how to stay safe when connecting. When joining public Wi-Fi, consumers should utilize a VPN service that anonymizes their data while connecting to public hotspots to ensure that their connection is secure.” ® Sponsored: Global DDoS threat landscape report