The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday October 10, 2018

The US federal government has just authorized its staff to shoot down any drone they consider a threat.

The US federal government has just authorized its staff to shoot down any drone they consider a threat.

The provision was added to the routine reauthorization act for the Federal Aviation Authority (FAA) – the watchdog that deals with America's skies – and has invited the ire of civil liberties groups who are unhappy at the blanket nature of the shoot-down authorization.

Under the proposed law's "preventing emerging threats" section, a new part has been added that allows a wide range of federal departments to "disable, disrupt, or seize control of" any drone that is thought to pose a "credible threat . . . to the safety or security of a covered facility or asset." The key thing here is a wide range of departments – not just the military.

The act lists a range of increasingly harsh measures that can be taken against an unauthorized drone, ending with "use reasonable force, if necessary, to disable, damage, or destroy the unmanned aircraft system or unmanned aircraft."

The provision is, of course, entirely understandable: the increase in the use and sale of advanced drones does pose a potential threat to government facilities. After all, it didn't take long for someone to think it was a good idea to mount a gun on a drone.

It's not clear what limits and oversight would work best – certainly a requirement to get a warrant is unlikely to work given the fact that drones can appear at any time and unexpectedly – but limiting the grounds for which a drone can be disrupted or destroyed would be one starting point, or granting protections to legitimate drone usage.

As it stands, as soon as the president signs the bill, your flying machine can be taken down by a huge number of federal government employees and there will be pretty much no recourse.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

Google+ is shutting down after it was revealed that Google covered up a data-exposing bug.

Google+ is shutting down after it was revealed that Google covered up a data-exposing bug.

A security bug allowed third-party developers to access Google+ user profile data since 2015 until Google discovered and patched it in March, but decided not to inform the world. When a user gave permission to an app to access their public profile data, the bug also let those developers pull their and their friends’ non-public profile fields. Indeed, 496,951 users’ full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status were potentially exposed, though Google says it has no evidence the data was misused by the 438 apps that could have had access.

According to an internal memo, the company decided against informing the public because it would lead to “us coming into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal.” Now Google+, which was already a ghost town largely abandoned or never inhabited by users, has become a massive liability for the company.

The news comes from a damning Wall Street Journal report.

Google+ will cease all its consumer services while winding down over the next 10 months with an opportunity for users to export their data while Google refocuses on making G+ an enterprise product.

Google also will change its Account Permissions system for giving third-party apps access to your data such that you have to confirm each type of access individually rather than all at once. Gmail Add-Ons will be limited to those “directly enhancing email functionality,” including email clients, backup, CRM, mail merge and productivity tools.

Since the bug and subsequent security hole started in 2015 and was discovered in March before Europe’s GDPR went into effect in May, Google will likely be spared a 2 percent of global annual revenue fine for failing to disclose the issue within 72 hours. The company could still face class-action lawsuits and public backlash.

Source: techcrunch.com

Sent to us by: Garbee

Default passwords such as "admin" and "password" will be illegal for electronics firms to use in California from 2020.

Default passwords such as "admin" and "password" will be illegal for electronics firms to use in California from 2020.

The state has passed a law that sets higher security standards for net-connected devices made or sold in the region.

It demands that each gadget be given a unique password when it is made.

Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.

The Information Privacy: Connected Devices bill demands that electronics manufacturers equip their products with "reasonable" security features.

This can mean a unique password or a start-up procedure that forces users to generate their own code when using the gadget for the first time.

The bill also allows customers who suffer harm when a company ignores the law to sue for damages.

Many recent cyber-attacks have taken advantage of the default and easy-to-guess passwords on the devices found in millions of homes and offices.

In late 2016, Twitter, Spotify, and Reddit were among sites taken offline by an attack that took advantage of poor passwords on lots of net-connected gadgets including webcams and other so-called smart home hardware.

An attack by malware known as VPNFilter is currently targeting home routers and is believed to have infected more than 500,000 devices.

Source: www.bbc.com

Sent to us by: Roy W. Nash

Hyperloop Transportation Technologies Inc. unveiled its first full-scale passenger capsule, offering the world a peek at the future of travel.

Hyperloop Transportation Technologies Inc. unveiled its first full-scale passenger capsule, offering the world a peek at the future of travel.

The capsule, 105 feet (32 meters) long and weighing 5 tons, was shown in Spain and will be moved to Toulouse, France, for additional assembly before it’s used on one of the first commercial tracks, the California-based startup, known as HyperloopTT, said in a statement. Named the Quintero One, the product is made almost entirely out of composite material.

Hyperloop is a technology that gained popularity after Elon Musk touted it in 2013, prompting several companies to join the race to build a high-speed transportation system. It envisages moving passengers in capsules at speeds of more than 750 miles (1,200 kilometers) per hour through low-pressure tubes, in order to reduce friction. The technology will be able to propel trains faster than existing methods such as the Maglev, which uses a levitation technology to lift the train cars above a track to eliminate surface drag.

The Los Angeles area is emerging as a hyperloop center, home to competitors Arrivo and Virgin Hyperloop One. Musk’s Boring Co. also has its base there.

Musk, who also runs Tesla Inc. and Space Exploration Technologies Corp., first unveiled his idea for a hyperloop — a tube-based system to move people from Los Angeles to San Francisco in half an hour — in a 57-page white paper in 2013 because he was disappointed with California’s plans for a high-speed rail system.

In July, HyperloopTT set up a joint venture to build a test system in a mountainous southwest province in China.

Billionaire Richard Branson’s Virgin Hyperloop One held discussions in India, aiming to offer passengers in the futuristic technology fares that are cheaper than local airlines. In February, Branson signed a preliminary agreement in Mumbai for a broad hyperloop framework and mooted a Mumbai-Pune system that would shrink travel time to 25 minutes and save about three hours.

Source: www.bloomberg.com

Sent to us by: Robbie Ferguson