Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label internet access. Show all posts
Technology
internet access Mobile Security Online Safety Sensitive data Technology

Why Limiting Online Access Risks More Than Teen Safety



In the age of increasing online presence, especially amplified by the COVID-19 pandemic, the safety of young people on the internet has become a prominent concern. With a surge in screen time among youth, online spaces serve as crucial lifelines for community, education, and accessing information that may not be readily available elsewhere.

However, the lack of federal privacy protections exposes individuals, including children, to potential misuse of sensitive data. The widespread use of this data for targeted advertisements has raised concerns among young people and adults alike.

In response, teens are voicing their need for tools to navigate the web safely. They seek more control over their online experiences, including ephemeral content, algorithmic feed management, and the ability to delete collected data. Many emphasise the importance of reporting, blocking, and user filtering tools to minimise unwanted encounters while staying connected. 

Despite these calls, legislative discussions often seem disconnected from the concerns raised by teens. Some proposed bills aimed at protecting children online unintentionally risk limiting teens' access to constitutionally protected expression. Others, under the guise of child protection, may lead to censorship of essential discussions about race, gender, and other critical topics.

Recent legislative efforts at the federal and state levels raise concerns about potential misuse. Some proposals subject teens to constant parental supervision, age-gate them from essential information or even remove access to such information entirely. While the intention is often to enhance safety, these measures could infringe on young people's independence and hinder their development.

In an attempt to address harmful online outcomes, some bills, like the Kids Online Safety Act, could fuel censorship efforts. Fear of legal repercussions may prompt technology companies to restrict access to lawful content, impacting subjects such as LGBTQ+ history or reproductive care.

In some cases, laws directly invoke children's safety to justify blatant censorship. Florida's Stop WOKE Act, for instance, restricts sharing information related to race and gender under the pretext of protecting children's mental health. Despite being blocked by a federal judge, the law has had a chilling effect, with educational institutions refraining from providing resources on Black history and LGBTQ+ history.

Experts argue that restricting access to information doesn't benefit children. Youth need a diverse array of information for literacy, empathy, exposure to different ideas, and overall health. As lawmakers ban books and underfund extracurricular programs, empowering teenagers to access information freely becomes crucial for their development.

To bring it all together, while teens and their allies advocate for more control over their digital lives, some legislative proposals risk stripping away that control. Instead of relying on government judgment, the focus should be on empowering teens and parents to make informed decisions. 


 

Read more »
Ransom Attack
Cyber Security E-commerce Firm Government Sites internet access Jailbreak Tool Ransom Attack

 New Mexico Jail went on Lockdown due to Cyberattack

 

The Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico, went on lockdown five days after the new year. In the wake of a ransomware attack, an Albuquerque jail lost access to its video feeds and its automatic door mechanisms were rendered ineffective. As a result, inmates have been confined to their cells as technicians work to restore service. The jail's internet connection has been knocked out by a ransomware attack, putting most of their data systems, security cameras, and automatic doors inoperable. While MDC personnel worked to get everything back up and running, inmates were confined to their cells. 
 
"Most county buildings are closed to the public," officials said shortly after the incident in a statement. "However, given the circumstances, county personnel are working remotely and will assist the public as much as possible. County system vendors are notified, and are working to resolve the problem and restore system functionality." 

The Metropolitan Detention Center in the state lost access to some of its most important security technologies, such as camera feeds and automated jail doors. For obvious reasons, the county was compelled to lock down the whole jail, confining all of the inmates to the cells for the time being. 

Ransomware is becoming one of the most serious dangers to both commercial companies and government institutions around the world. As more official and commercial businesses are conducted online, ransomware attacks, in which a hacker steals data from the victim or takes control of a computer system until a ransom is paid, are becoming more widespread. 

A township spokeswoman, Tia Bland, said workers had some luck getting MDC cameras to work over the weekend. Officials at the facility expressed optimism that additional progress would be made on Monday. Beginning Monday at 8 a.m., public access to the county headquarters at Alvarado Square will be restricted. Following this, companies and organizations are under a lot of pressure to pay up not only to get the company's data unlocked but also to avoid enraged clientele and authorities who issue severe warnings about giving money to criminals.
Read more »
Vulnerabilities and Exploits
bgan firmware internet access satellite communication Vulnerabilities and Exploits

Multiple Vulnerabilities found in SATCOM internet access terminal Cobham EXPLORER 710



CERT/CC researchers found multiple vulnerabilities as they examined Satcom terminal Cobham EXPLORER 710 as an extension of IOActive’s findings in 2014. These new vulnerabilities could affect both the device and firmware.

These frailties could give attackers unauthentic access to sensitive information, control of the device, create or implant backdoor, DoS attack and more.

Cobham EXPLORER 710 is a portable satellite terminal, broadband global area network (bgan) through telephony. The device provides internet connection through satellite communications setting new standards for size, speed and features.

 EXPLORER 710 is a sophisticated communication tool for broadcasting, streaming and other IP based industry applications with a speed of 1 Mbps and higher. It is used in various sectors as Commercial aerospace, military defenses, space systems, SATCOM and more.

 The sat-com terminal, firmware version 1.07 is affected with 6 vulnerabilities listed below-

  • CVE-2019-9529 – Authentication Failure 

This failure arises due to the web portal having no authentication by default, this could lead to any attacker connected to the device to gain access to the portal and perform changes.

 • CVE-2019-9530 – Unrestricted Directory Access

There are no restrictions on access to the webroot directory, creating a liability as hackers can read, access or download any file in the webroot directory.

 • CVE-2019-9531 – Authentication Failure to port 5454 

This vulnerability allows attackers to connect to port 5454 through Telnet and execute 86 Attention (AT) commands, and gain illegal access.

 • CVE-2019-9532 – Text Data Exchange 

The web application portal passes the login password in cleartext, it could easily give way to miscreant to intercept the password.

  • CVE-2019-9533 – Default Login Credentials

The root password is the same for all devices, this could allow to reverse-engineer the password in all available versions.

 • CVE-2019-9534 – Validate Failure

According to CERT/CC researchers, "The device does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."

Apart from the above gaps in security, the researchers also discovered some configuration issues, missing security headers and problems in default wifi password ( being same as same as serial number) which are gravely dangerous to the device and leave it susceptible to cross-site scripting and clickjacking.

 The researchers said they currently don't have any practical solutions to these problems.
Read more »
Subscribe to: Posts (Atom)