NewApp Digest
search bot

confidentiality

Encrypted messaging apps: a persistent challenge in fighting organised crime
AppWizard
October 28, 2024

Encrypted messaging apps: a persistent challenge in fighting organised crime

Approximately 700 officers from the Australian Federal Police executed arrest warrants as part of Operation Kraken, aimed at apprehending Jay Je Yoon Jung, the alleged mastermind behind the encrypted messaging application Ghost, used for organized crime. Ghost facilitated various illicit activities, including drug and weapon trafficking, with around 800 devices globally, 376 identified in Australia. The AFP learned about Ghost through Europol and collaborated with the US FBI and Royal Canadian Mounted Police to access its software. The operation highlighted challenges in disrupting encrypted communications, accelerating law enforcement's technological adoption, and preventing future exploitation by criminals. Australia's encryption laws allow law enforcement to access encrypted communications, sparking a debate on privacy and public safety. Continuous innovation, international collaboration, and training for law enforcement are essential to counter organized crime effectively.
Microsoft Windows Deadline—10 Days To Update Or Stop Using Your PC
Winsage
October 19, 2024

Microsoft Windows Deadline—10 Days To Update Or Stop Using Your PC

A new vulnerability, CVE-2024-43573, has been identified in Windows systems, prompting a third urgent advisory from the U.S. government. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal employees must either implement mitigations or stop using affected products by October 29. This vulnerability is a spoofing issue that could lead to a loss of confidentiality. Approximately 900 million Windows 10 users are at risk as they have not transitioned to Windows 11, and 50 million users are still on older versions. The vulnerability is linked to MSHTML, which can invoke retired Internet Explorer to access malicious URLs. This is the third vulnerability in a series that includes CVE-2024-38112 and CVE-2024-43461, both of which have been exploited in the past months. Users are urged to update their systems promptly to mitigate risks.
Innovative AR Laptop Cancelled to Make way for Microsoft Windows AR Software - XR Today
Winsage
October 9, 2024

Innovative AR Laptop Cancelled to Make way for Microsoft Windows AR Software – XR Today

Sightful has shifted its strategic focus from developing the ‘Spacetop’ AR laptop to creating AR software for Windows, aiming to integrate augmented reality with advanced AI capabilities like Microsoft's Copilot. The company will refund deposits for the Spacetop G1 laptop, which was priced at ,900, as development has been paused. The new software will initially support specific models of Xreal AR display glasses and will launch in early 2025, with no plans for compatibility with other AR glasses. CEO Tamir Berliner noted that the decision was influenced by Microsoft's announcements regarding AI integration in computers. Microsoft is also focusing on software solutions, having discontinued the HoloLens 2 and laid off 20 employees at Sightful as part of a strategic shift to prioritize AR software development.
Why Windows 11 requires a TPM - and how to get around that
Winsage
September 26, 2024

Why Windows 11 requires a TPM – and how to get around that

Microsoft introduced a hardware compatibility test for Windows 11 in 2021, requiring a Trusted Platform Module (TPM) that meets the TPM 2.0 standard. A TPM is a secure cryptoprocessor designed for security tasks and managing encryption keys, enhancing system security by reducing unauthorized access risks. The TPM architecture is defined by the ISO/IEC 11889 standard. TPMs can be integrated as discrete chips, embedded in firmware, or included in CPUs. PCs designed in 2016 or later are likely to have TPM 2.0, as Microsoft mandated its inclusion that year. Older PCs may have TPMs, but those from 2013 or earlier typically use the unsupported TPM 1.2 standard. Some TPMs may be disabled in BIOS settings. The TPM aids in secure boot processes, biometric authentication, and stores BitLocker keys for encryption. Both Windows 10 and 11 automatically initialize the TPM during installation. Upgrading from Windows 10 to 11 can be done with a registry modification if a TPM is present; otherwise, unofficial methods may be needed.
Use Windows like a pro: 11 keyboard shortcuts that are super-handy
Winsage
September 18, 2024

Use Windows like a pro: 11 keyboard shortcuts that are super-handy

- The Snipping Tool in Windows 11 allows users to capture screenshots or screen recordings, with options for different selection types. Command: Windows key + Shift + S. - To minimize all open windows and reveal the desktop, use the command: Windows key + D. - To launch Task Manager and terminate unresponsive applications, use the command: Ctrl + Shift + Esc. - To launch Copilot quickly, use the command: Windows key + C. - To cycle between browser tabs, use the command: Ctrl + Tab; to navigate counterclockwise, use Ctrl + Shift + Tab. - To permanently delete a file without sending it to the Recycle Bin, use the command: Shift + Delete. - To undo the last action, use the command: Ctrl + Z. - To lock your PC, use the command: Windows key + L. - To open the emoji menu, use the command: Windows key + . (period). - To see all open windows and switch between desktops, use the command: Windows key + Tab. - To activate ‘Sticky keys’ for easier command execution, press Shift repeatedly for 5 times.
What is a TPM, and why does Windows 11 require one?
Winsage
September 9, 2024

What is a TPM, and why does Windows 11 require one?

Microsoft launched Windows 11 in 2021, requiring a Trusted Platform Module (TPM) that adheres to the TPM 2.0 standard for enhanced security. A TPM is a secure cryptoprocessor that manages security tasks and encryption keys, reducing unauthorized access risks. The TPM architecture is defined by the ISO/IEC 11889 standard, focusing on cryptographic operations with integrity protection, isolation, and confidentiality. TPMs can be integrated as discrete chips, embedded in firmware, or incorporated into CPUs. Most PCs designed in 2016 or later have TPM 2.0 enabled by default. Intel and AMD have integrated TPM features into their CPUs since then, while older PCs may have TPMs adhering to the older TPM 1.2 standard, which is not supported by Windows 11. Some TPMs may be disabled in BIOS or firmware settings. The TPM processes cryptographic operations and stores private keys, enabling features like Secure Boot, which prevents unauthorized modifications to the operating system, and supports biometric authentication through Windows Hello. It also safeguards BitLocker keys for disk encryption. Both Windows 10 and 11 automatically initialize the TPM during installation. TPM functionality is available on Linux PCs and IoT devices, while Apple devices use a Secure Enclave for similar functions. Users can check their TPM status in Device Manager under Security Devices. Upgrading from Windows 10 to Windows 11 requires a minor registry adjustment if a TPM is present. If a TPM is absent, a utility called Rufus can bypass hardware checks for Windows 11 installation.
WhatsApp will send messages to other apps soon — here’s how it will look
AppWizard
September 6, 2024

WhatsApp will send messages to other apps soon — here’s how it will look

Meta plans to integrate third-party messaging services into WhatsApp and Messenger for users in the European Union, allowing them to manage messages from these applications alongside existing chats. New notification systems will alert users about connecting chats from supported applications. Enhanced messaging features will include reactions, direct replies, typing indicators, and read receipts. Group chat functionalities for collaboration in third-party chats are expected by next year, with support for third-party voice and video calls aimed by 2027. This initiative is driven by the EU's Digital Markets Act, which requires Meta to ensure communication between WhatsApp, Messenger, and other services like iMessage, Telegram, Google Messages, and Signal. Third-party companies must adhere to privacy protocols and utilize the Signal Protocol for message confidentiality, which Meta will make accessible to partners upon request.
Automating ETL to SFTP Server Using Python and SQL
Tech Optimizer
August 24, 2024

Automating ETL to SFTP Server Using Python and SQL

Transferring files, particularly in the ETL (Extract, Transform, Load) process, is suitable for automation, especially when dealing with multiple data sets. A company may outsource analytics to an external supplier, requiring regular data transfers by a data engineer, which can occur daily, hourly, or every 30 minutes based on the contract. The article discusses implementing an SFTP upload for secure file transfer, utilizing Secure File Transfer Protocol (SFTP) and Secure Shell (SSH) for encryption to protect data integrity and confidentiality. The ETL process consists of three stages: Extract (retrieving data), Transform (processing and formatting data), and Load (loading data into a destination system). Automating this ETL process with SFTP can reduce manual effort, minimize errors, and enhance efficiency, allowing organizations to focus more on analysis and decision-making.
Data Doctors: Pros and cons of Windows BitLocker encryption - WTOP News
Winsage
August 16, 2024

Data Doctors: Pros and cons of Windows BitLocker encryption – WTOP News

Microsoft's BitLocker is a built-in encryption tool available in various versions of Windows, providing robust protection for sensitive information. Historically, BitLocker was exclusive to Windows Pro, Enterprise, and Education versions, but with the rollout of Windows 11 version 24H2 on June 18 for Copilot+ PCs, it is now available for Windows Home users as well. Users must know where their encryption key is stored and how to back it up, as upgrading to version 24H2 does not automatically enable BitLocker. The feature is reserved for fresh installations or reinstalls, and Microsoft is easing hardware requirements to allow older systems to utilize BitLocker. BitLocker enhances security by integrating with the operating system and leveraging the Trusted Platform Module (TPM) for secure key storage. However, it can pose challenges for nontechnical home users, particularly in managing encryption keys, as losing access to the key can lock users out of their data. BitLocker may also cause a performance decrease of up to 45%, and troubleshooting issues with the TPM can be complex. Users should ensure they have backups of the encryption key and critical data, as glitches may require the key for access. An automatic backup solution, like Carbonite, is recommended for BitLocker users.
PostgreSQL Vulnerability Allows Hackers To Execute Arbitrary SQL Functions
Tech Optimizer
August 13, 2024

PostgreSQL Vulnerability Allows Hackers To Execute Arbitrary SQL Functions

A critical vulnerability identified as CVE-2024-7348 has been found in PostgreSQL, allowing attackers to execute arbitrary SQL functions, particularly through the pg_dump utility. This vulnerability arises from a Time-of-check Time-of-use (TOCTOU) race condition within the pg_dump process, enabling attackers to manipulate the system if they maintain an open transaction. Affected versions include those released prior to 16.4, 15.8, 14.13, 13.16, and 12.20. Patches for this vulnerability were made available on August 8, 2024. The vulnerability has a CVSS 3.0 score of 8.8, indicating high severity, with significant potential impacts on confidentiality, integrity, and availability.
Search