Tag Archive for: calls

New National Cybersecurity Strategy Calls for ‘Fundamental Shifts’ in Cyber ‘Roles, Responsibilities, and Resources’

/in


The new National Cybersecurity Strategy vows to build “a more defensible and resilient digital ecosystem” through “generational investments” in cyber infrastructure, increased digital diplomacy and private-sector partnerships, regulation of critical sectors, and allowing software firms to be held liable if their products hold the door open for hackers.

“This National Cybersecurity Strategy establishes a clear vision for a secure cyberspace,” Homeland Security Secretary Alejandro Mayorkas said. “The Department of Homeland Security continuously evolves to counter emerging threats and protect Americans in our modern world. We will implement the president’s vision outlined in this strategy, working with partners across sectors and around the globe to provide cybersecurity tools and resources, protect critical infrastructure, respond to and recover from cyber incidents, and pave the way for a more secure future.”

The new long-anticipated strategy, which builds on previous cybersecurity executive orders and replaces the 2018 National Cyber Strategy, was expected to be more aggressive on regulations to better protect vulnerable sectors as well as on offensive actions to go after independent and nation-state hackers.

“We must make fundamental changes to the underlying dynamics of the digital ecosystem, shifting the advantage to its defenders and perpetually frustrating the forces that would threaten it,” the strategy states. “Our goal is a defensible, resilient digital ecosystem where it is costlier to attack systems than defend them, where sensitive or private information is secure and protected, and where neither incidents nor errors cascade into catastrophic, systemic consequences.”

The strategy says it is driven by “a new phase of deepening digital dependencies,” growing complexity of software and systems, artificial intelligence “which can act in ways unexpected to even their own creators,” accelerating global interconnectivity, digital operational technology, and advanced wireless technologies, Internet of Things (IoT), and space-based assets that make “cyberattacks inherently more destructive and impactful to our daily lives.”

Offensive…

Source…

US agency calls Apple, Google App Stores ‘harmful’

/in


Apple appears to have been given yet another set of reasons to expand its legal team as the US National Telecommunications and Information Administration (NTIA) calls for antitrust action to force Apple and Google to make big changes to their mobile app store business models.

What’s the problem?

NTIA is the principal advisor on telecommunications and Internet policy to the Biden administration. It argues that the way things are run at present may be “harmful,” arguing that Google’s and Apple’s “gatekeeper” positions may harm consumers by raising prices and reducing innovation.

Among a raft of criticisms, the agency argues that some restrictions favor some apps over others. “In some areas, such as in-app payments, it is unclear how the current system benefits anyone other than Apple and Google,” NTIA says.

While it does concede the existing status quo has provided a range of benefits to app developers and users, the regulators still want to force both ecosystems to open up to greater competition.

The criticism does at least pay some lip service to Apple’s strong arguments concerning security and privacy and how its stores provide both, but on the strength of 150 conversations seems to think those should become a “feature” (see below).

It’s about ‘fairness’

Following President Biden’s Wall Street Journal piece in which the president called for a bipartisan approach to reeling in the Big Tech firms and how they use personal data, this is the icing on the cake of criticism from regulators worldwide concerning both companies’ business practices.

Source…

Security researchers show how to eavesdrop on mobile phone calls by measuring the ear speaker’s tiny vibrations

/in


While it’s possible that malware on your smartphone could record your calls, it’s an increasingly difficult technical proposition. Instead, researchers from Texas A&M University and colleagues have demonstrated that it’s possible to eavesdrop on phone calls by measuring the tiny vibrations of the ear speaker using a phone’s built-in accelerometers and then decoding that data remotely to determine what was said. They call the method EarSpy. From Security Week:

They conducted tests on the OnePlus 7T and the OnePlus 9 smartphones — both running Android — and found that significantly more data can be captured by the accelerometer from the ear speaker due to the stereo speakers present in these newer models compared to the older model OnePlus phones, which did not have stereo speakers.

The experiments conducted by the academic researchers analyzed the reverberation effect of ear speakers on the accelerometer by extracting time-frequency domain features and spectrograms. The analysis focused on gender recognition, speaker recognition, and speech recognition[…]

When it comes to actual speech, the accuracy was up to 56% for capturing digits spoken in a phone call.

EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers(arXiv)

Source…

Caller Identification: India’s new in-house solution to curb fraud calls

/in


The Telecom Regulatory Authority of India (TRAI), the government’s telecom authority, would implement a caller identification system similar to other caller ID applications on the app store within the next three weeks. The new system will employ KYC verification to guarantee that callers’ identities are real and aren’t forged with synthetic identities.

Why KYC verification is the best suited Identity Verification

While TRAI’s new caller identity service would function similarly to other caller ID applications on the app store, the government intends to position it as a competitor to the apps, for which India has the largest market with over 220 million active users.

Other caller ID applications on the app store usually keep a database of callers based on data given by consumers and were plainly targeted. A repository that is KYC-compliant would reduce fraud and proxy calls. According to the chairwoman, the “system would permit name-appearance on a phone screen, in line with KYC performed by telecom providers in compliance with DoT standards.”

Read here to know how KYC Verification works to prevent fraud

Although the system appears to be a failsafe, it is still feasible to obtain a new mobile connection using the identity of someone else — which might be a barrier to maintaining openness under the telecom regulatory body’s planned caller identity verification system.

How KYC Verified Caller ID will help reduce fraud calls

According to the source, the anonymous caller identity technique would also have a ripple effect, causing a clean-up of data on crowdsourcing applications with the aid of KYC. Experts feel that including KYC in the caller identification system will also help reduce spam and fraudulent calls.

Learn about the benefits of KYC and why India needs digital identity verification

KYC Verification Solution from IDcentral

IDcentral’s KYC Solution employs intelligent AI and precisely trained ML algorithms to assist enterprises in providing the most trustworthy digital experience possible using Identity Verification. While conforming to KYC/AML standards, IDcentral’s eKYC verification enables seamless and exceptionally satisfying customer experiences….

Source…