Posts

Openpath and Allegion offer security solutions across entire customer deployments

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Openpath announces a new cloud-to-cloud integration with Schlage NDE and LE mobile enabled wireless locks from Allegion U.S.

This new integration provides a greater selection of cost-effective security solutions across an organization’s entire deployment and makes Openpath one of the only physical access control providers in the commercial space to natively support a Bluetooth credential with Schlage locks. The integration is easily configured with a mobile device and doesn’t require additional wiring or Openpath hardware.

Leveraging Allegion’s ENGAGE technology, Openpath’s seamless integration with Schlage NDE and LE mobile enabled wireless locks allow organizations to expand their security coverage to include spaces throughout a building where installing and maintaining wired access control was previously cost-prohibitive, such as interior low-traffic spaces, non-wired common areas, storage closets, conference rooms and more.

This is particularly important for large operations with sensitive spaces, such as education and healthcare facilities, where it is necessary to ensure security across virtually every square foot of buildings and campuses without disrupting the day-to-day flow of workers, employees and visitors. Users can unlock and lock the Schlage wireless locks via Openpath’s mobile credentials, key cards, fobs and remote capabilities.

Security teams will be able to view Openpath and Schlage reporting and management logs through a single control panel in the Openpath platform, which can be managed remotely. Authorized users can also activate lockdown or unlock Schlage wireless locks remotely from the Openpath app or Control Center.

Buildings will often only invest in a complete access control system for the perimeter and exterior entries, which leaves the majority of interior spaces unprotected. With buildings transitioning to more flexible schedules and a greatly reduced population on-site, the interior doors become far more important to secure.

This IP Gateway system allows you to easily add access to those doors, as well as manage and track it all remotely, from a centralized platform using a single credential and without added cost. In…

Source…

California Transportation Agency mobile surveillance for entire bus fleet | 2021-05-04

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


California Transportation Agency mobile surveillance for entire bus fleet | 2021-05-04 | Security Magazine




Source…

It’s Long Past Time To Encrypt The Entire DNS

With work, school and healthcare moving online, data privacy and security has never been more important. Who can see what we’re doing online? What are corporations and government agencies doing with this information? How can our online activity be better protected? One answer is: encryption. Strong encryption has always been an important part of protecting and promoting our digital rights.

The majority of your web traffic is already encrypted. That’s the padlock in your URL bar; the the S –for “secure”– in HTTPS. This baseline of encryption is the result of decades of dedicated work by privacy-concerned technologists aiming to safeguard users’ personal information and address pressing demands for data and transaction safety. Web traffic encryption allows us to feel confident when we buy or bank online, access our medical records, and communicate on social media.

Unfortunately, there’s a geyser of internet traffic that remains unencrypted, leaving our personal information still vulnerable to exploitation. Every day through a seamless process, our computers and phones make thousands of lookups through the Domain Name System (DNS). DNS is the way computers and phones find the IP address for any internet resource you want to access, whether it’s a website and all the content it contains, or an online messaging service, or the background connections made through mobile apps.

Thanks to the DNS, you can type in a memorable URL (cnn.com) instead of having to remember a long string of numbers (like 151.101.193.67, one of CNN’s IP addresses) to visit a website.

But while most of your web traffic is encrypted, your DNS lookups probably aren’t. The architects of the DNS system designed it in the 1980s, long before it became apparent that some would exploit this design for their own gain—or that repressive regimes would use it to censor and stifle dissidents.

The privacy concerns are easy to understand. Many of the domains you visit might be descriptive enough to give away what you’re doing on a particular web site or service—whether they are partisan political websites (“this person is a Republican!”), mortgage lenders (“this person wants to refinance!”), health websites (“this person seems to have a medical condition we can monetize!”), or certain websites you’d rather keep private. In other words, someone in the network sitting between you and a certain website might not know what you’re doing on a website—but they know you’re doing it on that website!

This enables the daily commercial exploitation of consumer data. As we speak, corporations can exploit the DNS to track and monetize your online activity. Thanks to the loosening of U.S. federal broadband privacy laws in 2017, Internet service providers (ISPs) like Verizon, ComcastXfinity and CharterSpectrum are allowed to bundle and sell this lookup data to data brokers so they can build better personal and behavioral profiles—which are then rented out to companies that want to target you with personalized ads and appeals. For vulnerable communities, however, this infringement on privacy can lead to deeper erosion of other rights when, for example, analysis of someone’s online history profiles them as being “under-banked”, “financially vulnerable” or as targets for predatory loan offers. It’s a bit like a librarian selling your reading history to a psychologist.

Moreover, while DNS is an essential point of control for network administrators and service providers, that control can be problematic. On one hand: the DNS enables the implementation of important mechanisms from malware identification, to enforcement of corporate and local policies, to monitoring and testing of different network tools. On the other hand, if you as a user are trying to access some information during a period of social unrest, a government wanting to prevent you from accessing that information could force ISPs to block that content or tamper with the DNS responses your computer gets. Because DNS lookups also expose your IP address and MAC address (the hardware address of your device), they could also gain insight on your device’s location.  

On top of all that, the vulnerability of the DNS system is also a security issue: A 2016 Infoblox Security Assessment Report found that 66% of DNS traffic was subject to suspicious exploits and security threats, from protocol anomalies (48%) to distributed denial of service (DDoS) attacks (14%). The study also showed that the biggest concerns for ISPs were downtime and loss of sensitive data, which translates into users not being able to access the online resources they need, or sensitive data of users’ lookups being leaked or stolen.

Thankfully, new technical protocols for encrypted DNS that directly address these issues are on the rise;. Encrypted DNS protects access to resources and the data integrity of DNS queries by preventing DNS packet inspection and actions trying to tamper with the DNS responses your computer gets. It shields against leaks of user data like IP/MAC addresses and domains, keeping users from being tracked and monitored, and makes it difficult for censoring bodies to be able to intercept and block the content you can access.

Some technology companies and ISPs are already ahead of the curve and working on protecting their users. In 2019, Mozilla published its Resolver Policy for listing DNS-over-HTTPS (DoH) providers in Firefox’s settings options, followed by Comcast launching their Encrypted DNS Deployment Initiative (EDDI), and by Google defining the requirements to list DoH providers in Chrome’s settings.

These are not the only companies starting to take action in protecting users’ online data, but many more need to step up. And for DoH there’s no time like the present: the currently low number of devices using DoH eases the adoption curve for ISPs testing and deploying encrypted DNS services, making the implementation of updates and maintenance easier for early adopters, while, on the other hand, as the number of devices using these services goes up, more edge cases will be discovered and the same functions will become increasingly more difficult.

ISPs that prioritize data privacy can distinguish themselves with customers, partners and civil society. By taking steps to safely deploy secure and encrypted DNS communications to protect their users, ISPs like Comcast have taken the lead and increased goodwill with activists, technologists and vendors. ISPs that don’t adopt privacy-preserving measures will remain subject to increasing public scrutiny and critique. ISPs implementing their own encrypted DNS services will also avoid reliance on third-party implementations and increase DNS decentralization, to everyone’s benefit.

Our global reality has been forever altered in the wake of this pandemic. Many of us are living most of our lives online. Inequities and exploitation that had been ignored have come into sharp focus, and the needs of a society in civil unrest add to the many reasons why the privacy and security of individuals is a right that needs to be enhanced and protected.

More than ever, customers are paying close attention to the companies that respect them, their families and their rights. DNS providers and ISPs must work together on the implementation and deployment of measures that will strengthen DNS. Choosing short-term profit over people is a losing business proposition, and the first movers will reap even larger rewards in consumer trust.

Joey Salazar is a software engineer, open source developer and Senior Programme Officer at Article 19, where she leads the IETF engagement program focusing on policies, standards, and protocol implementations.

Benjamin Moskowitz is the Director of Consumer Reports’ Digital Lab, which conducts rigorous research and testing of connected products and advocates for consumers’ rights online (lab.cr.org).

Techdirt.

Clearview AI’s entire client list stolen in data breach – CNET

  1. Clearview AI’s entire client list stolen in data breach  CNET
  2. Data breach exposes Clearview AI client list  ZDNet
  3. Clearview AI, the controversial facial recognition company, has been breached  Vox.com
  4. Facial recognition app used by more than 600 law enforcement agencies suffers significant data breach  Fox News
  5. Clearview Data Breach Prompts Renewed Calls To Curb Facial Recognition 02/27/2020  MediaPost Communications
  6. View Full Coverage on read more

“data breach” – read more