:Syslog.gr: - a Site about Computers, Open Source, Security, SysAdmins and more ...

Google defended how it polices third-party add-ons for Gmail in a letter to U.S. senators made public on Thursday, saying that upfront review catches the “majority” of bad actors. A report adds: Google said it uses automated scans and reports from security researchers to monitor third parties with access to Gmail data, but gave no details on how many add-ons have been caught violating its policies. Google’s privacy practices have been under growing scrutiny. The Senate Commerce Committee has a hearing scheduled for Sept. 26 to question Google, Apple, AT&T, Twitter about their consumer data privacy practices. Gmail, the Google email service used by 1.4 billion people, enables add-on developers access to users’ emails and the ability to share that data with other parties as “long as they are transparent” with users about how they are using data and get consent, Google said in the letter. For instance, a program that logs receipts could be allowed to scan Gmail as it searches for receipts.

of this story at Slashdot.

…read more

Source:: Slashdot

The rumors were true. Amazon on Thursday announced a range of new Echo smart speakers and other Alexa-enabled devices. The company first announced the Echo Sub, its answer to voice-enabled premium audio products such as Apple’s HomePod, Sonos One, and Google Home Max. Then there is the Echo Input, a wireless accessory that connects to legacy speakers; the Echo Link Amp and Echo Link, amplifiers with multiple audio inputs and outputs; and Amazon Smart Plug, a connected outlet plug. VentureBeat: They round out Amazon’s existing and refreshed selection of smart speakers (the Echo, Echo Dot, and Echo Plus), smart displays (the Echo Show and Echo Spot), and smart cameras (the Echo Look). The $129.99 Echo Sub, which ships today, features a mesh cloth that comes in several colors, and a 6-inch, 100W down-firing speaker that can be configured in stereo. Two paired Echo Sub speakers can act as a single 2.1 system, with distinct left and right audio channels. That’s one better than current-gen Echo speakers, which support multiroom audio (i.e., the ability to group speakers together by room) but not proper stereo. The $25 Amazon Smart Plug (shipping next month) doesn’t have nearly as many bells and whistles as the Sub, but lets you switch off or on whatever’s plugged into it with a voice command. You can schedule quiet hours, too, and it works independently of a hub — it’s managed entirely through the Alexa app for Android, iOS, and Amazon Fire devices. The Echo Link Amp and Echo Amp are amplifiers through and through — both with Ethernet, coax, optical in, and multichannel capabilities. The Echo Link stars at $200 and will be available later this year, and the Amp starts at $300. Itâ(TM)ll hit store shelves in 2019. Last but not least, the Echo Input, which starts at $34.99, adds music-casting (and multiroom audio) capabilities to legacy speakers.

of this story at Slashdot.

…read more

Source:: Slashdot

Amazon is announcing new products in Seattle. Here’s what things look like from the inside. …read more

Source:: CNet

Tell Alexa to follow your favorite band and you’ll know as soon as new music is released. …read more

Source:: CNet

PlayStation Now lets you download titles to play offline. …read more

Source:: CNet

coondoggie shares a report: In a few months, the internet will be a more secure place. That’s because the Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the internet’s address book — the Domain Name System (DNS). The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or “roll” the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010. During its meeting ICANN spelled out the driving forces behind the need for improved DNS security that the rollover will bring. For example, the continued evolution of Internet technologies and facilities, and deployment of IoT devices and increased capacity of networks all over the world, coupled with the unfortunate lack of sufficient security in those devices and networks, attackers have increasing power to cripple Internet infrastructure, ICANN stated. “Specifically, the growth in attack capacity risks outstripping the ability of the root server operator community to expand defensive capacity. While it remains necessary to continue to expand defensive capacity in the near-term, the long-term outlook for the traditional approach appears bleak,” ICANN stated. The KSK rollover means generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers, according to ICANN. Such resolvers run software that converts typical addresses like networkworld.com into IP network addresses. Resolvers include: internet service providers, enterprise network administrators and other DNS resolver operators, DNS resolver software developers; system integrators, and hardware and software distributors who install or ship the root’s “trust anchor,” ICANN said.

of this story at Slashdot.

…read more

Source:: Slashdot

Alleges CrowdStrike, Symantec, ESET and Anti-Malware Testing Standards Organization collusion

NSS Labs has thrown a hand grenade into the always fractious but slightly obscure world of security product testing by suing multiple vendors as well as an industry standards organisation.…

…read more

Source:: Register

Bitcoin and other cryptocurrencies are “wild west” assets that expose investors to a litany of risks and are in urgent need of regulation, MPs on the Treasury select committee have said. From a report: The committee said in a report that consumers were left unprotected from an unregulated industry that aided money laundering, while the government and regulators “bumble along” and fail to take action. The Conservative MP Nicky Morgan, the chair of the committee, said the current situation was unsustainable. “Bitcoin and other crypto-assets exist in the wild west industry of crypto-assets. This unregulated industry leaves investors facing numerous risks,” Morgan said. “Given the high price volatility, the hacking vulnerability of exchanges and the potential role in money laundering, the Treasury committee strongly believes that regulation should be introduced.”

of this story at Slashdot.

…read more

Source:: Slashdot

CLIP OS 4 and CLIP OS 5 now available to everyone on GitHub, not just French cyber-spies. …read more

Source:: ZDNet

Vulnerability allowed an unauthenticated remote attacker to log in to a device at the time the system initially boots up. …read more

Source:: Threatpost