STE WILLIAMS

SANTA CLARA, Calif., Sept. 24, 2013 /PRNewswire/ — Silicon Valley Bank, financial partner to the innovation sector, found the majority of technology and healthcare companies view cyber security as a serious threat to both their data and business continuity, and only one-third are completely confident in the security of their information in a survey of more than 200 technology company executives.

The full report, “Cyber Security Impact on Innovation,” was part of a discussion led by Silicon Valley Bank between Silicon Valley-based CEOs and Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator on September 20. The group discussed the impact of cyber security threats and attacks on growing and established technology companies.

“The survey shows us the threat of a cyber attack is not just hype. A surprising number of technology companies we heard from say the threat to their IP and their business is very serious,” said Bob Curley, Managing Director of corporate finance for Silicon Valley Bank. “Companies in the tech sector, particularly software companies, are feeling exposed, and increasingly having to expend resources to manage cyber attacks, rather than investing in the growth of their business. That’s a huge impact on a growing company, and eventually the economy overall.”

Nearly all (98 percent) of companies are maintaining or increasing their cyber security resources and of those, half are increasing resources devoted to online attacks this year. Resources are most likely to be invested in monitoring, preventative policies, training and staffing rather than in preventative infrastructure, indicating they are planning for when, not if, they are attacked.

While most respondents were moderately confident in the security of their information, they were less confident in their partners’, vendors’ and clients’

security measures. Most respondents are storing their data privately, showing a lower appetite for storing their information in the public cloud. Software companies were the exception with 59% using the public cloud, versus more private behavior by hardware, healthcare and cleantech companies.

Forty-six percent of companies, whose main offering is not security, include cyber security functionality in their product and 8% more plan to add a cyber security component to their core offering.

The study, based on a survey of 216 executives of technology-based companies, is the first in a series of pulse surveys of Silicon Valley Bank’s clients intended to give similar firms adequate benchmarks to compare themselves against as they build and run their businesses.

October is National Cyber Security Awareness Month sponsored by the Department of Homeland Security. Individuals and businesses are encouraged to learn more about protecting their data. To that end, Silicon Valley Bank will host a webinar on Fraud Prevention at the end of October. Registration information will be available at http://www.svb.com/events.aspx later this month.

About Silicon Valley Bank

Banking the world’s most innovative companies and exclusive wineries, SVB’s diverse financial services, knowledge, global network, and world class service increase our clients’ probability of success. With $23 billion in assets and more than 1,600 employees, we provide commercial, international and private banking through 34 locations worldwide. Forbes Magazine ranks us among America’s Best Banks and Fortune considered SVB one of the best places to work. (Nasdaq:

SIVB) www.svb.com.

Article source: http://www.darkreading.com/government-vertical/survey-shows-majority-of-tech-executives/240161672

REDWOOD CITY, California, September 24, 2013 – AVAST Software, maker of the most trusted antivirus in the world, today announced that Jumpshot is now part of AVAST. Jumpshot’s simple, clever solution optimizes customers’ PCs in one easy step. The technology comes in the form of an animated team of minions who remove junk files, unnecessary toolbars, and files that slow down a PC’s performance. The process of cleaning up and enhancing a computer’s performance thus becomes effortless and entertaining. AVAST will integrate and make the technology available to its users by the end of the year.

“Home PC users care about two things: Keeping their data safe and running at peak performance. Today, AVAST protects more consumer devices from malware than any other security company. With the addition of Jumpshot’s top-notch technology, we give our users not only the best protection in the industry, but also the opportunity to have the most efficient and fastest running computers,” said Vincent Steckler, Chief Executive Officer at AVAST. “With the minion theme and user engagement, optimizing your PC performance couldn’t be more fun.”

Jumpshot was created in Austin, Texas, in 2010 and launched on the crowd-funding site Kickstarter in July 2012, by former security research managers David Endler and Pedram Amini. Having served as PC tech consultants to their friends and family, their goal was to build a product to help less tech-savvy PC users optimize and tune up their PC performance, cleaning it from unpleasant toolbars and junk software. They turned their goal into reality by creating Jumpshot, which – with one-click activation or the insertion of their USB stick into a computer – begins scanning the PC. While this is being done, each minion explains its specific task, providing friendly and easy-to-understand feedback on the clean-up work they have done. In addition to this, users can win “Karma” points for all the “Grime” (unwanted and harmful files) the minions have removed.

“Many people wonder why their computer is sluggish, but they are helpless when it comes to identifying the source of the problem. Jumpshot has found a clever solution that gives people a way to clean their computers thoroughly and automatically, in an amusing and straightforward way,” said AVAST Chief Technology Officer Ondrej Vlcek. “The PC tune-up tools market has many players, but we were especially impressed by Jumpshot’s ability to legitimately and dramatically improve PC performance.”

“We’re extremely excited to join AVAST and to offer our solution to their massive customer base,” comments David Endler, CEO of Jumpshot. “AVAST’s and our vision fit perfectly together — providing our customers with easy-to-use yet effective security, to maintain a smooth computer experience.”

ABOUT AVAST:

AVAST Software (www.avast.com), maker of the most trusted antivirus in the world, protects nearly 200 million people, computers and mobile devices with its security applications. In business for over 25 years, AVAST is one of the pioneers in the computer security business, with a portfolio covering everything from free antivirus for PC, Mac, and Android, to premium suites and services for both consumers and business. In addition to being top-ranked by consumers on popular download portals worldwide, AVAST is certified by, among others, VB100, AV-Comparatives, AV-Test, OPSWAT, ICSA Labs, and West Coast Labs.

Article source: http://www.darkreading.com/endpoint/avast-acquires-jumpshot/240161670

BLUE BELL, Pa. — An overwhelming majority of business leaders believe their customers and clients worry about breaches of personal data held by their organizations, according to survey results announced today by Unisys Corporation (NYSE: UIS).

Recent Unisys-sponsored research conducted by IDG Connect found that 91% of business decision makers surveyed were concerned about their customers’ perceptions of their organization’s ability to protect personal data, with 65% of decision makers reporting they believe customers are “very concerned.”

The survey also found that business leaders perceive numerous security threats to their data and IT infrastructures, with nearly three-quarters of those surveyed concerned about attacks on their wireless infrastructure (74%) or network defenses (72%). Nearly two-thirds (64%) said they were concerned about breaches or attacks on their cloud applications and mobile devices.

“Business and technology decision makers are seeing threats from all directions and are looking for new ways to protect their organizations and their clients,” said Steve Vinsik, vice president of global security solutions at Unisys. “This survey shows that a majority of them are looking for new ways to increase the flexibility of their security solutions, manage costs and address evolving security challenges. It also illustrates that security is no longer considered only an IT challenge, but a business challenge as well.”

The survey showed that business decision makers were somewhat more concerned than their technology-focused counterparts about customer anxiety over personal data protection, with 80% of business decision makers reporting they are very concerned about their customers’ perceptions of data protection, versus 69% of technology decision makers.

The results echo findings of the annual Unisys Security Index earlier this year. The Unisys Security Index, which regularly surveys more than 1,000 Americans on various areas of security concern, showed high levels of concern about data breaches among U.S. consumers. Respondents to that survey said they were most worried about data breaches hitting their banks and financial institutions, with two-thirds (67 percent) reporting concern. A majority of Americans surveyed also reported concern about data breaches involving government agencies (62 percent), health organizations (60 percent) and telecommunications and Internet service providers (59 percent).

The recent survey of enterprise executives, conducted for Unisys by IDG in July 2013, went out to more than 100 U.S. business and technology decision makers at organizations with 1,000 or more employees. The survey was designed to identify respondents’ perceptions of network and data security.

Nearly all of the decision makers surveyed expressed an awareness of their organizations’ vulnerability as well as openness to considering alternate cybersecurity approaches, including software-based solutions as opposed to traditional hardware perimeter-based solutions.

About Unisys

Unisys is a worldwide information technology company. We provide a portfolio of IT services, software, and technology that solves critical problems for clients. We specialize in helping clients secure their operations, increase the efficiency and utilization of their data centers, enhance support to their end users and constituents, and modernize their enterprise applications. To provide these services and solutions, we bring together offerings and capabilities in outsourcing services, systems integration and consulting services, infrastructure services, maintenance services, and high-end server technology. With approximately 22,500 employees, Unisys serves commercial organizations and government agencies throughout the world. For more information, visit www.unisys.com.

Article source: http://www.darkreading.com/management/unisys-survey-finds-majority-of-business/240161734

NEW YORK, Sept. 24, 2013 /PRNewswire/ — Finjan Holdings, Inc. (OTC MKT: FNJN) (the “Company”) today announced its subsidiary, Finjan, Inc. (Finjan) has filed a patent infringement lawsuit against Websense, Inc., alleging infringement of Finjan patents relating to endpoint, web, and network security technologies.

The complaint, filed Monday in the U.S. District Court for the Northern District of California, alleges that Websense’s products and services infringe upon four of Finjan’s patents. In the complaint, Finjan is seeking undisclosed damages from Websense.

Recognized internationally as a pioneer and leader in web and network security, Finjan’s decade-long investment in innovation is captured in its patent portfolio including 40 issued and pending patents with worldwide coverage, centered around software and hardware technologies capable of proactively detecting previously unknown and emerging threats on a real-time, behavior-based basis. Finjan has successfully licensed its patents to five major software and technology companies around the world.

For Additional Information: www.finjan.com

ABOUT FINJAN:

Finjan is a leading online security and technology company which owns a portfolio of patents, related to software that proactively detects malicious code and thereby protects end-users from identity and data theft, spyware, malware, phishing, trojans and other online threats. Founded in 1997, Finjan is one of the first companies to develop and patent technology and software that is capable of detecting previously unknown and emerging threats on a real-time, behavior-based basis, in contrast to signature-based methods of intercepting only known threats to computers, which were previously standard in the online security industry.

Cautionary Note Regarding Forward-Looking Statements:

This press release contains statements, estimates, forecasts and projections with respect to future performance and events, which constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended.

Those statements include statements regarding the intent and belief or current expectations of the Company and its affiliates and subsidiaries and their respective management teams. These statements may be identified by the use of words like “anticipate”, “believe”, “estimate”, “expect”, “intend”, “may”, “plan”, “will”, “should”, “seek” and similar expressions and include any projections or estimates set forth herein. Investors and prospective investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, that actual results may differ materially from those projected in the forward-looking statements.

Important factors that could cause actual results to differ materially from our expectations include, without limitation, those detailed in our filings with the Securities and Exchange Commission (“SEC”). Neither the Company nor any of its affiliates undertakes any obligation to update and forward-looking statements for any reason, even if new information becomes available or other events occur in the future.

The Company will continue to file annual, quarterly and current reports, proxy statements and other information with the SEC. The filings with the SEC will contain important information regarding the Company, its business, financial condition, results of operations and prospects. One should assume that information contained in any of the filings with the SEC is only accurate as of the date specified in such filings. The business, financial condition, results of operations and prospects may have changed materially since any such date. One is advised to carefully review the “Risk Factors” set forth in the Current Report on Form 8-K filed with the SEC on June 3rd, 2013.

Article source: http://www.darkreading.com/management/finjan-holdings-subsidiary-files-patent/240161728

PHILADELPHIA, Sept. 24, 2013 /PRNewswire/ — Fiberlink, the leader in cloud-based enterprise mobility management (EMM), has released data that shows

85 percent of enterprise users have a passcode automatically enforced on their smartphone or tablet, and 93% of those users are employing the most basic passcode type. The data could suggest that IT is looking to find a balance between securing corporate data and allowing greater device usability for employees.

A random sampling1 of 1,000 of Fiberlink’s 5,000 customers found that simple passcodes are allowed by IT on the majority of devices:

— 15% of all devices sampled do not have a passcode automatically

enforced via a security policy, while 85% do.

— When a passcode is enforced, a simple PIN (just numbers or letters) is

the most popular type to the tune of 93%. Among devices with

PINs, 73% require a length of 4-5 characters, while 27%

require greater than 5 characters.

— A complex or alphanumeric passcode is enforced on just 7% of

devices.

Simple passcodes make accessing personal applications easier. Alternatively, instituting a containerized solution gives employees easy access to personal data by separating it from corporate data. This helps eliminate the need to enforce overly complex passcodes for basic functionality like phone calls, texting, tweeting, and Facebook status updates.

With containerization, sensitive business information is kept in a trusted workplace on the device. This means corporate email, applications, and documents are separated from everything else, and employees are free to use personal device functionality and data without risk to enterprise data. These containers are then secured with more advanced or complex passcodes and even passwords which authenticate against a corporation’s Active Directory. This approach allows for context- and content-based security where it is needed most:

accessing corporate information.

“We believe this data shows that enterprise IT understands the notion of protecting sensitive corporate data without limiting usability for employees,”

said Jonathan Dale, Director of Marketing at Fiberlink. “The acceptance of simple passcodes is an indication that the enterprise is welcoming the balance between security for security’s sake and solutions that are easy for users to live with. Containerization and smart EMM solutions are the future of security in the BYOD era.”

More information and an infographic about passcodes in the enterprise are available on the Fiberlink blog.

About MaaS360

MaaS360 by Fiberlink is the trusted enterprise mobility management solution to more than 5,000 customers worldwide — from Fortune 500 companies to small businesses. We make working in the mobile era simple and safe by delivering comprehensive security and management for applications, documents, email, and devices. Instantly accessible from the web, MaaS360 is easy to use and maintain, and provides the flexibility organizations need to fully embrace mobility in every aspect of their businesses. Backed by the most responsive support in the industry, we put our customers first by providing them with the best user experience for IT and employees. To learn more go to http://www.maas360.com.

Article source: http://www.darkreading.com/mobile/fiberlink-data-suggests-simple-passcodes/240161727

I get a lot of questions on big data. What is it? How are people using it? How do you secure it? How do I leverage it? I’ve been on the phone with three different journalist in the last couple weeks talking about what security analytics with big data really means. Be it journalists, security professionals, IT or management, big data is relatively new to the main-stream practitioner so the questions are not particularly surprising. What is surprising is just about every new database installation or project I hear about sits atop a big data foundation. The projects focus on data, looking at news ways to mine data for interesting information. From retail buying trends, weather analysis, to security intelligence, these platforms are the direction the market is heading. And it’s because you can Hadoop. Cassandra. Mongo. Whatever. And it’s developer driven – not IT or DBA or security. Developers and information architects specify the data management engine during their design phase. They are in the drivers seat. They are the new ‘buying center’ for database security products.

Since the bulk of the question I get are now focused on big data, I am going to begin shifting coverage a bit to cover more big data topics and trends. And I’ll spend some time addressing the questions that I am getting about security and uses for big data. Yes, I will continue coverage of interesting relational security as I get questions or new trends develop, but as most of you are asking about big data, I’m going to re-balance coverage accordingly.

And to kick it off, today I want to address a specific, critical point: Big data is all about databases. But rather than a ‘relational’ database, which has a small number of defining characteristics, these databases come in lots of different configurations, each assembled to address a specific use case. Calling this trend ‘big data’ is even a disservice to the movement that is underway. The size of the data set is about the least interesting aspect of these platforms. It’s time to stop thinking about big data as big data, and start looking at these platforms as the next logical step in data management. What we call “big data” is really a building block approach to databases. Rather than the pre-packaged relational systems we have grown accustomed to over the last two decades, we now assemble different pieces (data management, data storage, orchestration, etc.) together in order to fit specific requirements. These platforms, in dozens of different flavors, have more than proven their worth and no longer need to escape the shadow of relational platforms. It’s time to simply think of big data as modular databases.

The key here is that these databases are fully customizable to meet different needs. Developers for the last decade have been starting with relational and then stripping it of unneeded parts and tweaking it to get it to work they way they want it. Part of MySQLs appeal in the development community was the ability to change some parts to suit the use case, but it was still kludgy. With big data it’s pretty much ‘game on’ for pure customization. Storage model, data model, task management, data access and orchestration are all variable. Want a different query engine? No problem, you can run SQL and non-SQL queries on the same data. It’s just how you bundle it. Hadoop and Cassandra come with ‘stock’ groupings of features, but most developers I speak with ‘roll-their-own’ infrastructure to suit their use case.

But just as importantly, they work! This is not a fad. These platforms are not going away. It is not always easy to describe what these modular databases look like, as they are as variable as the applications that use them, but they have a set of common characteristics. And one of those characteristics, as of this writing, is the lack of security. I’ll be going into a lot more detail in the coming weeks. Till then, call them modular databases or database 3.0 or whatever; just understand that ‘NoSQL’ and ‘Big Data’ fails to capture what’s going on.

Adrian Lane is an analyst/CTO with Securosis LLC, an independent security analyst firm. Special to Dark Reading.

Article source: http://www.darkreading.com/database/the-big-data-is-the-new-normal/240161775

Legislators in California are working to give teens more control over content they have posted on the web by giving them the ability to push the reset button on their social media profiles.

California Governor, Jerry Brown, received a letter from the CEO of Common Sense Media, James P Steyer, in which it states:

Children and teens often self-reveal before they self-reflect and may post sensitive personal information about themselves – and about others – without realizing the consequences.

Now a unanimously passed Senate Bill will guarantee privacy rights for minors in California as well as an ‘eraser button’ which will allow them to delete their faux pas. This new bill will make the West Coast state the first in the US to require websites to allow under-18s to remove their own content from the site, as well as to make it clear how to do so.

The law does have some limitations though – it only covers content posted by the child making the removal request and so does not cover anything that their friends or family may have uploaded about them. The bill also only requires removal of information from public websites and not from servers.

California’s governor has yet to take a stance on the bill but, as reported in The New York Times, he has until mid-October to sign it, after which it will become law even without his signature. The new law would have an effective start date of January 1, 2015.

The law, designed to protect kids from bullying and embarrassment, also considers the potential harm to future educational or job prospects. This is timely considering how companies are increasingly likely to use the web to run background checks on prospective new employees.

In April this year, a survey by CareerBuilder discovered that 1 in 3 employers reject applicants based on unsavory social media posts. The kind of information that led to their decision included embarrassing photos, evidence of drink or drug use, and lack of good communication skills – i.e. just the type of profile many teens are presenting to the world.

Whether California’s new ‘eraser button’ will help kids bury their indiscretions and avoid having their youthful past determine their adult futures is debatable and Senate Bill 568 is not universally approved of. There is concern that it could lead to other States passing their own laws, thereby leading to a situation whereby website operators would have to navigate a multitude of legislation in order to serve content that may be consumed by minors.

In a letter to lawmakers the non-profit group, the Center for Democracy and Technology, who lobby for internet freedoms said,

We are principally concerned that this legal uncertainty for website operators will discourage them from developing content and services tailored to younger users, and will lead popular sites and services that may appeal to minors to prohibit minors from using their services.

And then there is the question of how a website operator would know they were serving content to a minor and in what state? Presumably that would involve asking for a site visitor’s age and location – someone better hold onto the privacy advocates’ collars!

Follow @Security_FAQs
Follow @NakedSecurity

Image of smartphone courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/FrEMGUIDdys/

5 ways to reduce advertising network latency

Infamous US spy agency the NSA is looking to appoint a Civil Liberties Privacy Officer.

The challenging position is an internal posting, aimed at potential candidates who already work at the top secret spy agency. The new role parcels separate responsibilities of NSA’s existing Civil Liberties and Privacy (CL/P) protection programs in a single job function, as job ad 1039797 explains.

The NSA Civil Liberties Privacy Officer (CLPO) is conceived as a completely new role, combining the separate responsibilities of NSA’s existing Civil Liberties and Privacy (CL/P) protection programs under a single official. The CLPO will serve as the primary advisor to the Director of NSA for ensuring that privacy is protected and civil liberties are maintained by all of NSA’s missions, programs, policies and technologies. This new position is focused on the future, designed to directly enhance decision making and to ensure that CL/P protections continue to be baked into NSA’s future operations, technologies, tradecraft, and policies.

The NSA CLPO will consult regularly with the Office of the Director of National Intelligence CLPO, privacy and civil liberties officials from the Department of Defense and the Department of Justice, as well as other U.S. government, private sector, public advocacy groups and foreign partners.

Key responsibilities include advising NSA director Keith Alexander and the senior leadership team to ensure that all agency activities “appropriately protect privacy and civil liberties consistent with operational, legal, and other requirements.”

Another aspect of the job will include making sure “privacy protections are addressed as part of all internal strategic decision processes related to the agency’s operations, key relationships, tradecraft, technologies, resources or policies.”

The successful candidate ought to be “well known and highly regarded by US privacy and civil liberties protection professionals.” Substantial knowledge of telecommunications and internet privacy is required and legal experience is preferred.

The ongoing Snowden revelations about the NSA’s indiscriminate spying on private communications over the internet make the role particularly challenging. Anyone applying for the role would do well to familiarise themselves with the Electronic Frontier Foundation’s handy guide to decoding NSA doublespeak.

When senior NSA officials maintain that keeping track of phone conversations, for example, doesn’t count as surveillance, then any privacy officer is going to have a difficult job. In fact, we can think of few more difficult jobs since the post of Staff Rabbi to the Spanish Inquisition. ®

5 ways to prepare your advertising infrastructure for disaster

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/24/nsa_privacy_officer/

5 ways to reduce advertising network latency

“The UK government has made a commitment to reintroduce exit checks by 2015. The Home Office will deliver on this commitment,” said the Home Office in July. Actually, it probably won’t, replied deputy prime minister Nick Clegg.

Home secretary Theresa May told Parliament’s home affairs committee in April that exit checks were tied up with the e-Borders scheme. And that tie-up is why, on this issue, it may be advisable to agree with Nick.

The UK dropped paper-based embarkation controls in 1994 for ferries and in 1998 for everyone else, as they were seen as a waste of time and money. However, this left no comprehensive way of checking if people overstay their visas and limits the government’s knowledge of people leaving the country. There have been plans to bring exit controls back since at least 2006. The reason this has not happened appears to be a classic example of government surveillance overreach.

e-Borders, a £1.2bn system usually preceded by the word “troubled”, was set up by the last government to track all international travel in and out of the UK. It was tied closely to the failed identity card scheme: the former would prove your membership of Club Blighty, while e-Borders would be the bouncer that might let you in or out, in return for your name, passport or ID card details, travel, reservation and payment details. These details would be collected by the carrier, handed over 24-48 hours in advance to the government for risk analysis, then kept for a decade for data mining.

For flights this could be achieved relatively easily, given airlines already ask for lots of data beforehand, and that e-Borders was developed from Project Semaphore, a small-scale pilot focused on a few high-risk flights.

Building an impregnable digital wall along the British border presented an immediate problem: the Common Travel Area shared by the UK, the Republic of Ireland, the Isle of Man and the Channel Islands. That could allow people to get around e-Borders through the Republic, but the last government had a solution – it would require ID cards or passports for travel between Great Britain and Northern Ireland.

Leaving aside the introduction of internal passport checks, e-Borders ran into choppy waters even before Labour left office, with arguments over the legality of demanding advance data, given the EU right of free movement for all citizens of member countries. In 2009, Britain solved this by making e-Borders voluntary for those travelling from elsewhere in Europe – rather undermining it, you might think.

After the 2010 election, the coalition government terminated the contract of e-Borders’ original supplier, Raytheon’s “Trusted Borders” consortium, for poor performance – and ditched both ID cards and the idea of GB-NI passport checks. But it retained the e-Borders system, and the idea that it would eventually cover all international travel.

The system has gathered data on 622 million passenger and crew movements since 2005, and is adding more than 148 million movements a year, with data from 141 carriers on more than 4,700 routes. But expanding a system designed to work with the highly controlled, data-rich environment of air travel to other forms of international transport has not been plain sailing. To leave aside maritime clichés temporarily, take the train.

Signal failures

Eurostar does not participate in e-Borders, and the first and only official check on passengers leaving St Pancras International comes from the French police, just beyond the usually empty UK border desks. Such “juxtaposed” border controls – letting Britain run checks on Continental soil, and vice versa – were first introduced at the Channel Tunnel in 1994 for the sake of convenience.

Le Shuttle, the vehicle train between Kent and Pas de Calais – which does not provide data to e-Borders either, although it is considering doing so for freight customers – has controls at both ends, letting travellers clear both borders before they board. Juxtaposed controls were extended to Eurostar in 2001 and some ferry ports in 2003 in an attempt to reduce asylum claims by preventing undocumented people getting to Britain.

So far, so convenient. But as if to make up for the lack of British checks outbound, on the return journey travellers from Brussels or Lille often have to put up with double checks, at the juxtaposed border controls and St Pancras too. This is due to the “Lille loophole”, highlighted by a July report from the independent chief inspector of borders and immigration, John Vine.

Under the Schengen agreement, there are no border controls between 26 European countries including Belgium and France. Britain is not in Schengen, and the juxtaposed British border officials have no right to carry out an immigration check on someone with a ticket from Brussels to Lille. But a Lille loopholer might try to stay on the train on to Britain – hence the double border checks, and Eurostar sometimes carrying out full ticket checks after Lille but before Calais, where over-stayers can be taken off the train while still in France.

Some of Vine’s report was redacted by Theresa May, including details of “an effective process in the UK to identify passengers who had not had their identity or credentials checked prior to boarding the service in Brussels or Lille.” Whether this refers to something whizzy like facial recognition, or to the fact that on double-checked trains the first set of border guards stamp tickets to let the second ones see who has already been checked, is therefore a mystery. Vine is currently working on an inspection of e-Borders itself.

5 ways to prepare your advertising infrastructure for disaster

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/24/uk_surrounded_by_eborder_wreckage/

Get yourself up to date with everything we’ve written in the last seven days – it’s weekly roundup time. Watch the top news in 60 seconds, and then check out the individual links to read in more detail.

Monday 16 September 2013

• PWN2OWN for mobile devices – $300,000 in prizes for stealing data, eavesdropping or making covert calls
• Snowden outs NSA’s “Follow The Money” international banking spies
• “Stop spy on us!” 14 NASA sites hacked

Tuesday 17 September 2013

• Police nab Argentinian teen who hacked money transfer and gambling websites
• Cybercrooks can buy hacked POS device and money-laundering bundle for $2,000
• Oracle Java fails at security in new and creative ways

Wednesday 18 September 2013

• Sophos Techknow – Understanding Vulnerabilities [PODCAST]
• Firefox 24 available now! 17 fixes, 7 critical
• Half of Facebook-quitters leave over privacy concerns
• Justin Bieber imposter jailed after tricking children into stripping in front of webcam
• Who is SophosLabs: Vincent Lynch, Senior Threat Researcher
• One Direction fan serves up puppy purée in Twitter hoax
• Internet Explorer zero-day exploit prompts Microsoft to publish emergency Fix it

Thursday 19 September 2013

• Facebook “Likes” gain constitutional protection for US employees
• Defending against web-based malware: Spot the smoke, don’t wait for fire
• Ahoy, me hearties! Check your almanacks, for today be Talk Like a Pirate Day, arrr!
• UK to trial national emergency alerts via mobile phones – what are the risks?
• US secret court publishes rationale for why spying on everybody is OK
• Phone and tablet unlocking – US government nudges it closer to law

Friday 20 September 2013

• LinkedIn users sue over service’s “hacking” of contacts and spammy ways
• European Commission calls for single privacy law in wake of PRISM snooping
• Win Bitcoins, booze and cash! Be the first to crack the iPhone’s Touch ID fingerprint sensor…
• Facebook apologizes for dating ads featuring photos of suicide victim
• iOS 7 lockscreen hole discovered already – all your private photos could end up online!

Saturday 21 September 2013

• Bank robbers pose as IT guys, rig device to slurp £1.3m from Barclays
• NASA hack blunder, doxer jailed, PAYE cybercrime, $20k iPhone prize – 60 Sec Security [VIDEO]

Sunday 22 September 2013

• Chaos Computer Club claims to have “cracked” the iPhone 5s fingerprint sensor
• Another iOS 7 lockscreen hole opens up – call anywhere in the world for free!

Would you like to keep up with all the stories we write? Why not sign up for our daily newsletter to make sure you don’t miss anything. You can easily unsubscribe if you decide you no longer want it.

Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/E3XluLVv3-U/