Information Technology

Getty Images/iStockphoto
Political candidates should formally commit to treating campaigning as a mode that’s distinct from engagement with citizens when in government, a report from the Australian Strategic Policy Institute (ASPI) says. “A healthy online public sphere requires political will,” ASPI’s latest report [PDF], Influence for hire: The Asia-Pacific’s online shadow economy, says.”Transparency about government funding of public messaging when in office would allow citizens and civil society to engage with trust in the digital public sphere. “Political representatives should commit to not using networks of inauthentic, fake, or repurposed social media accounts to manipulate political discourse.”But it isn’t just political, with ASPI recommending for platforms to take on some of the accountability.”Platforms could implement country-specific oversight committees to manage prominent account bans, to ensure the consistent application of content moderation policies to capture inauthentic behaviour, and to participate in mandatory transparency reporting,” ASPI says.There is also a case for government and industry to work together to develop policies and initiatives that offer digital entrepreneurs pathways beyond low-cost content-farm work and that reward ethical content creation.

“The influencer economy could be encouraged to self-regulate through the development of codes of conduct,” the report says.According to ASPI, commercial influence-for-hire services will continue to proliferate for as long as there’s a market for them and cheap digital labour to deliver their services. ASPI said this creates risks for societies that aspire to meaningful democratic participation and opportunities for foreign interference. “A manipulated information environment doesn’t serve democracy well,” it added. “It’s particularly harmful to societies that are emerging from historically more authoritarian forms of governance, have weak democratic governance, fragile civil societies, or any combination of those factors.”In line with testimony provided recently by Facebook, ASPI said there was growing evidence of states using commercial influence-for-hire networks — PR firms.It pointed to research [PDF] from the Oxford Internet Institute that found 48 instances of states working with influence-for-hire firms in 2019-20, an increase from 21 in 2017-18 and nine in 2016-17.”A surplus of cheap digital labour makes the Asia-Pacific a focus for operators in this economy,” ASPI added.While currently, much of the responsibility for taking action against the covert manipulation of online audiences falls to the social media companies, ASPI said solutions must involve responsibility and transparency in how governments engage with their citizens.”The technology industry, civil society, and governments should make that alignment of values the bedrock of a productive working relationship,” it said. “Structures bringing these stakeholders together should reframe those relationships — which are at times adversarial — in order to find common ground.”Further recommendations made by ASPI to ensure that the information environment and digital economy best align with democratic forms of governance, include multi-stakeholder “whole-of-society” approaches, which would require a revisit of the existing “adversarial approach” between governments and the companies that provide the infrastructure for the digital economy. “Democracies and industry must partner to fund capacity-building programs that bolster civil society organisations in emerging democracies in the Asia–Pacific region. Civil society organisations can work to apply transparency to state manipulation of the information environment,” it wrote.It has also suggested the creation of an Asia-Pacific centre of excellence in democratic resilience could provide a vehicle for public-private multilateral partnerships designed to maintain the health of the region’s online public sphere. ASPI has been calling for the establishment of an independent statutory authority to oversee operations of all social media platforms that operate down under.”We suggest an independent statutory authority that is empowered to observe and report on how the incentives, policies, algorithms, and enforcement actions of social media platforms are operating, with the ultimate goal being to maximise benefits and reduce harm for society and its citizens,” ASPI wrote in a to the Senate Select Committee on Foreign Interference through Social Media last year.ASPI hopes for such an authority to be granted explicit insight into how content is filtered, blocked, amplified, or suppressed, both from a moderation and algorithmic amplification point of view.”Crucially, these obligations should be placed on all social media operating in Australia, including those companies that originate from authoritarian regimes and those fringe platforms servicing niche communities — not just the dominant Western platforms such as Facebook, Twitter, Instagram, and Snapchat,” it said.”These transparency and oversight measures would go some way towards countering the default incentive towards sensational, provocative, and potentially polarising content.”RELATED COVERAGEDisinformation for hire: PR firms are the new battleground for FacebookFacebook’s head of security policy has testified before an Australian Parliamentary inquiry that his company has witnessed an increasing use of marketing firms or PR agencies that are essentially hired to run disinformation campaigns.Australia warned to not ignore domestic misinformation in social media crackdownCommittee has been warned against outsourcing the job of deciding what is true or false in an Australian context to a handful of private US companies.Countering foreign interference and social media misinformation in AustraliaDFAT, the Attorney-General’s Department, and the AEC have all highlighted what measures are in place to curb trolls from spreading misinformation across social media. More

Microsoft has unveiled a new ransomware detection feature for its Azure customers that will send alerts to security teams when the system observes actions “potentially associated with ransomware activities.”In a blog post, Microsoft’s Sylvie Liu said Azure worked with the Microsoft Threat Intelligence Center to create Fusion detection for ransomware. Microsoft’s Fusion technology uses machine learning to find potential attacks in progress and alert security teams.The system will send alerts when it sees ransomware activities at “defense evasion and execution stages during a specific timeframe.”Liu explained that the system will send messages like “Multiple alerts possibly related to Ransomware activity detected” in the Azure Sentinel workspace. The alerts will explain what happened and on which devices or hosts the actions were seen. The Fusion system will correlate data from Azure Defender (Azure Security Center), Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Cloud App Security and Azure Sentinel scheduled analytics rules. A report from cybersecurity firm BlackFog released on Monday found that ransomware attacks on government organizations and schools are continuing to increase in 2021, both of which deploy thousands of Microsoft machines. Liu cited a report from PurpleSec that estimated ransomware attacks in 2020 caused $20 billion worth of damage and increased downtime by 200%

“Preventing such attacks in the first place would be the ideal solution but with the new trend of ‘ransomware as a service’ and human operated ransomware, the scope and the sophistication of attacks are increasing — attackers are using slow and stealth techniques to compromise network, which makes it harder to detect them in the first place,” Liu said. “When it comes to ransomware attacks, time more than anything else is the most important factor in preventing more machines or the entire network from getting compromised. The sooner such alerts are raised to security analysts with the details on various attacker activities, the faster the ransomware attacks can be contained and remediated.” In July, Microsoft’s 365 Defender Research Team revealed three vulnerabilities in Netgear routers that could have led to data leaks of a full system compromise. The vulnerabilities were patched earlier this year.   More

A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 countries. The trojan — named FlyTrap by Zimperium researchers — has been able to spread through “social media hijacking, third-party app stores, and sideloaded applications” since March. Zimperium’s zLabs mobile threat research teams first identified the malware and figured out that it uses social engineering tricks to compromise Facebook accounts. The malware hijacks social media accounts by infecting Android devices, allowing attackers to collect information from victims like Facebook ID, location, email address and IP address as well as cookies and tokens tied to your Facebook account.”These hijacked Facebook sessions can be used to spread the malware by abusing the victim’s social credibility through personal messaging with links to the Trojan, as well as propagating propaganda or disinformation campaigns using the victim’s geolocation details,” the Zimperium researchers wrote. “These social engineering techniques are highly effective in the digitally connected world and are used often by cybercriminals to spread malware from one victim to another. The threat actors made use of several themes that users would find appealing such as free Netflix coupon codes, Google AdWords coupon codes, and voting for the best football (soccer) team or player.”The researchers attributed the malware to groups based in Vietnam and said they are able to distribute it using Google Play and other app stores. Google was sent a report about the malware, verified it and removed all of the applications from the store. But the report notes that three of the applications are still available on “third-party, unsecured app repositories.”

Once victims are convinced to download the app through deceptive designs, the app urges users to engage and eventually asks for people to enter their Facebook account information in order to vote on something or collect coupon codes. Once everything is entered, the app takes victims to a screen that says the coupon has already expired. The researchers explained that the malware uses a technique called “JavaScript injection” which allows the app to open legitimate URLs inside a “WebView configured with the ability to inject JavaScript code.” The app then extracts information like cookies, user account details, location, and IP address by injecting malicious JS code.Zimperium suggests Android users find ways to check if any applications on their device have FlyTrap and noted that these breached accounts could be used as a botnet for other purposes like boosting the popularity of certain pages or sites. “FlyTrap is just one example of the ongoing, active threats against mobile devices aimed at stealing credentials. Mobile endpoints are often treasure troves of unprotected login information to social media accounts, banking applications, enterprise tools, and more,” Zimperium researchers said. “The tools and techniques used by FlyTrap are not novel but are effective due to the lack of advanced mobile endpoint security on these devices. It would not take much for a malicious party to take FlyTrap or any other Trojan and modify it to target even more critical information.”Setu Kulkarni, vice president at NTT Application Security, said FlyTrap was a “nifty combination” of a handful of vulnerabilities and took advantage of the abundance of meta-data open to access, like location, as well as the implicit trust that can be gained by clever yet dubious associations with companies like Google, Netflix and others. “This is not even the most concerning bit — the concerning bit is the network effect this type of trojan can generate by spreading from one user to many. Moreover, as the summary of Zimperium’s findings state — this trojan could be evolved to exfiltrate significantly more critical information like banking credentials,” Kulkarni said. “The what-if scenarios don’t end there unfortunately. What-if this type of trojan is now offered as-a-service or what-if this transforms quickly into ransomware targeting 100s of thousands of users. The bottom line does not change. It all begins with a user who is enticed to click a link. This begs the question – shouldn’t Google and Apple be doing more to address this for their entire customer base?” More

Our digital selves, more and more, are becoming part of our full identity. The emails we send, the conversations we have over social media — both private and public — as well as photos we share, the videos we watch, and the websites we visit all contribute to our digital personas.

There are ways to prevent a government agency, country, or cybercriminals from peeking into our digital lives. Virtual private networks (VPNs), end-to-end encryption and using browsers that do not track user activity are all common methods. Sometimes, however, surveillance is more difficult to detect — and closer to home. Also: Best ethical hacking certifications  This guide will run through what spyware is, what the warning signs of infection are, and how to remove such pestilence from your mobile devices. For those with little time, check out the abridged version below:

What is nuisanceware?

At the bottom of the pile, you have nuisanceware, which often comes in software bundles together with legitimate, free programs. Also known as Potentially Unwanted Programs (PUP), this sort of software may interrupt your web browsing with pop-ups, change your homepage settings by force, and may also gather your browsing data in order to sell it off to advertising agencies and networks.Although considered malvertising, nuisanceware is generally not dangerous or a threat to your core privacy and security.

What is spyware and stalkerware?

Spyware and stalkerware are types of unethical software can result in the theft of data including images and video, and may allow operators — whether fully-fledged cybercriminals or your nearest and dearest — to monitor emails, SMS and MMS messages sent and received, intercept live calls for the purpose of eavesdropping across standard telephone lines or Voice over IP (VoIP) applications, and more.Stalkerware is the next step up from spyware and has become an established term in its own right, coined after a series of investigations conducted by Motherboard.

Whereas spyware rarely singles out individuals, unless it is in the hands of law enforcement or unscrupulous government agencies, stalkerware is software that anyone can buy in order to spy on those closest to them.

Stalkerware enables stealing images and text messages, eavesdropping on phone calls, and covertly recording conversations made over the internet. Stalkerware may be able to also intercept app communications made through Skype, Facebook, WhatsApp, and iMessage. Both terms, spyware and stalkerware, relate to similar malicious software functions. However, the latter is deemed more personal in use. In order to avoid potential legal issues and alienating clients, many spyware solutions providers will market their offerings as services for parents seeking a way to monitor their child’s mobile device usage or for business owners to keep an eye on their staff’s online activities during work hours.  However, anyone willing to pay for the software can acquire it. Retina-X, makers of PhoneSheriff, marketed their spyware software solution, for example, as “parental control for mobile.” PhoneSheriff, developed for the Google Android operating system, permitted location monitoring via GPS, recorded calls, enabled access to text messages, and logged websites visited. The spyware was also able to block contacts, websites, and apps. The company, which also developed TeenShield, SniperSpy, and Mobile Spy, closed its doors after a hacktivist said they would “burn them to the ground.” Retina-X stopped taking orders for the software and offered pro-rated refunds to contracted users. When these types of software are used at home, there are few reasons which do not lean towards toxic relationships. With the evolution of technology, so too has domestic abuse changed. Sometimes, stalkerware is used to monitor partners and spouses covertly, or occasionally with the full knowledge of the victim. Spyware and stalkerware are found less commonly in the enterprise although some software solutions are marketed for companies to keep track of employee mobile devices and their activities. The lines here can be blurry, but if a mobile device belongs to a company and is used by a staff member in full knowledge that it is tracked or monitored, then this may be considered acceptable. In these cases, employees should keep their private lives, social media, and emails on their own smartphone or tablet and off company property.

What kinds of spyware and stalkerware apps are still out there?

SpyPhone Android Rec Pro: This £143 spyware claims to offer “full control” over a smartphone’s functions, including listening in to the background noise of calls and recording them in their entirety; intercepting and sending copies of SMS and MMS messages sent from the victim’s phone, sending activity reports to the user’s email address, and more.FlexiSpy: One of the most well-known forms of stalkerware out there is FlexiSpy, which markets itself using the slogan: “It takes complete control of the device, letting you know everything, no matter where you are.” FlexiSpy is able to monitor both Android smartphones and PCs and is willing to deliver a device with the malware pre-installed to users. The spyware is able to listen in on calls, spy on apps including Facebook, Viber, and WhatsApp, turn on the infected device’s microphone covertly, record Android VoIP calls, exfiltrate content such as photos, and intercept both SMS messages and emails. At the time of writing, marketing seems to be geared — at least, publicly — towards parents. The first image you see on the service’s website shows a teenager on her handset, with a message, “My dad’s not here. Meet me at 10.”

mSpy: Another stalkerware app which markets itself as a service for parents, mSpy for the iPhone allows users to monitor SMS messages, phone calls, GPS locations, apps including Snapchat and WhatsApp, and also includes a keylogger to record every keystroke made on the target device. PhoneSpector: Designed for both Android and iOS handsets, PhoneSpector claims to offer “undetectable remote access.” While a disclaimer says that the service is designed for parents and businesses seeking to track company-owned devices used by employees only, the implementation of the software is made through common tactics used by malware and phishing campaigns. “All you have to do is text or email the OTA (over-the-air) link to the target device and our automated system will set up data transfer protocol and the necessary info for you to monitor the device,” the company proclaims. “Just tap a few buttons, then login to your online account! You can be viewing texts, calls, GPS and more within a few short minutes!”MobileTracker, FoneMonitor, Spyera, SpyBubble, Spyzie, Android Spy, and Mobistealth are a few more examples of stalkerware which offer similar features, among many, many more in what has become a booming business. It is also worth noting that you can be tracked by legitimate software which has been abused. Whether or not GPS is turned on, some information recovery apps and services designed to track down a handset in the case of loss or theft can be turned against victims to track their location instead.

What are the the warning signs of spyware?

If you find yourself the recipient of odd or unusual social media messages, text messages, or emails, this may be a warning sign and you should delete them without clicking on any links or downloading any files. To catch a victim unaware, these messages — known as phishing attempts — will attempt to lure you into clicking a link or executing software which hosts a spyware/stalkerware payload. Should stalkers employ this tactic, they need you to respond to it. In order to ensure this, messages may contain content designed to induce panic, such as a demand for payment, or they could potentially use spoofed addresses from a contact you trust.There’s no magic button to send spyware over the air; instead, physical access or the accidental installation of spyware by the victim is necessary.In the case of potential physical tampering, it can take mere minutes for spyware to be installed on a device. If your mobile or laptop goes missing and reappears with different settings or changes that you do not recognize, or perhaps has been confiscated for a time, this may be an indicator of compromise.

How do I know when I’m being monitored?

Surveillance software is becoming more sophisticated and can be difficult to detect. However, not all forms of spyware and stalkerware are invisible and it is possible to find out if you are being monitored.Android: A giveaway on an Android device is a setting which allows apps to be downloaded and installed outside of the official Google Play Store. If enabled, this may indicate tampering and jailbreaking without consent. Not every form of spyware and stalkerware requires a jailbroken device, however. There is an app available in the Play Store called Root Checker that can check for jailbreaking on your behalf.This setting is found in modern Android builds in Settings  > Security  > Allow unknown sources. (This varies depending on device and vendor.)You can also check Apps  > Menu  > Special Access  > Install unknown apps to see if anything appears which you do not recognize, but there is no guarantee that spyware will show up on the list.Some forms of spyware will also use generic names to avoid detection. If a process or app comes up on the list you are not familiar with, a quick search online may help you ascertain whether it is legitimate.iOS: iOS devices, unless jailbroken, are generally harder to install with malware. However, the presence of an app called Cydia, which is a package manager that enables users to install software packages on a jailbroken device, may indicate tampering unless you knowingly downloaded the software yourself.If you think your PC may have been infiltrated, check below:Windows: On Windows machines, double-checking installed program lists — possible through the start bar — and running processes under “Task Manager” may help you identify suspicious programs.Mac: On Apple Mac machines, you can do the same by clicking “Launchpad,” “Other,” and “Activity Monitor” to check the status of running programs. You can also reach Activity Monitor quickly through Spotlight.An antivirus scan is also a recommended way to remove spyware and PUP.In the cases of Android and iOS devices, you may also experience unexpected battery drain, as well as unexpected or strange behavior from the device operating system or apps — but in the latter case, many users of stalkerware will try not to play their hand.As with most things in life, trust your instincts. If you think something is wrong, it probably is — and you should take steps to seize control of the situation.

How can I remove spyware from my device?

This is where things get difficult. By design, spyware and stalkerware are hard to detect and can be just as hard to remove. It is not impossible but may take some drastic steps on your part.When removed, especially in the case of stalkerware, some operators will receive an alert warning them that the victim device is clean. In addition, should the flow of information suddenly cease, this is a clear indicator that the malicious software has been eradicated.Run a malware scan: On both mobile and PCs there is a variety of mobile antivirus solutions available which may be able to detect and remove basic forms of spyware. This is the easiest solution available but may not prove effective in every case.Change all of your passwords: If you suspect account compromise, change every password on every important account you have. Many of us have one or two central accounts, such as an email address, which will act as a hub for other accounts and password recovery. Begin there.Enable two-factor authentication (2FA), in which account activity and logins require further consent from a mobile device, can also help protect individual accounts.Consider creating a new email address, known only to you, which becomes tethered to your main accounts.Update your OS: It may seem obvious, but when an operating system releases a new version which often comes with security patches and upgrades, this can — if you’re lucky — cause conflict and problems with spyware. In the same way as antivirus solutions, keep this updated.Protect your device physically: A PIN code, pattern, or enabling biometrics can protect your mobile device from future tampering. If all else fails, factory reset: Performing a factory reset and clean install on the device you believe is compromised may help eradicate some forms of spyware and stalkerware. However, make sure you remember to back up important content first. On Android platforms, this is usually found under Settings  > General Management  > Reset  > Factory Data Reset. On iOS, go to Settings  > General  > Reset.Unfortunately, some stalkerware services claim to survive factory resets. So, failing all of that, consider throwing your device in the nearest recycling bin and starting afresh.

Removal of different brands FlexiSpy removal: FlexiSpy may masquerade on Android devices under the name “SyncManager.” If you find this app on your phone, try to uninstall it directly, and then restart your phone. However, it may also appear under another generic name, and so before deleting any apps, perform a search on the app name first. mSpy: To remove mSpy, instructions are here as long as you have physical access to the device. On the iPhone, you need to access Cydia, search “Installed” and look for “IphoneInternalService.” Press modify and remove. Additional options to try are explained here. So, what are Google and Apple doing about the problem? Both Google and Apple are generally quick off the mark if spyware or other forms of malicious apps manage to circumvent the privacy and security barriers imposed for applications hosted in their respective official app stores.  In July 2019, Google removed seven apps from the same Russian developer from the Play Store. While marketed as employee and child trackers, the tech giant took a dim view of their overreaching functions — including GPS device tracking, access to SMS messages, the theft of contact lists, and potentially the exposure of communication taking place in messaging applications.  When it comes to Apple, the iPad and iPhone maker began a crackdown on parental control apps April 2019, citing privacy-invading functions as the reason for some iOS apps to be removed from the App Store. In some cases, Apple requested developers to remove functions, whereas, in others, the apps were simply removed. The company offers its own parental device control service called Screen Time for parents that want to limit their children’s device usage. Surveillance without consent is unethical and in domestic situations causes a severe imbalance in power. If your sixth sense says something is wrong, listen to it. A physical object is not worth sacrificing your privacy for. Should your device become compromised, take back control of your right to privacy — whether or not this means replacing your handset entirely. More

Bad passwords are easy to remember, but also easy to guess — and that can give an attacker access to your online accounts. That’s why the UK’s National Cyber Security Centre (NCSC) has explained why it is still recommending users pick three random words for a password rather than meeting complex requirements, such as an alphanumeric string, that could permit the creation of bad passwords like “pa55word”. 

ZDNet Recommends

The best password manager

Everyone needs a password manager. It’s the only way to maintain unique, hard-to-guess credentials for every secure site you and your team access daily.

Read More

The NCSC’s past warnings against password complexity requirements have been aimed at admins responsible for protecting IT systems. NCSC has called on organizations previously to ditch password-expiry policies because they encourage users to pick slight variations on existing passwords; Microsoft in 2019 dropped its recommendation for expiring passwords on Windows 10 because the policy was obsolete and unhelpful. See: Cloud security in 2021: A business guide to essential tools and best practicesNCSC is also critical of advice that passwords must be memorized and not stored. NCSC encourages people to store them in a password manager, a browser, or on a piece of paper. The main reason it’s encouraging three random words is to address the fact that people are poor at memorizing things — especially long, complex passwords — and that password manager adoption remains “very low”. Its three random words suggestion is also aimed at those who aren’t aware of or don’t want to use password managers. 

But there are other reasons why NCSC vouches for three random words, including that they produce longer passwords, it’s an easy-to-explain and understands password strategy, and because it’s usable and practical. The other key reason is that three random words help increase password diversity, which makes it harder for attackers to use search algorithms to discover passwords cheaply and then compromise accounts. “Currently, complexity requirements are actively working against password diversity (for all the reasons mentioned above). This has led to a convergence in strategies and a reduction in password diversity,” explains Kate R, the people team lead for NCSC’s Sociotechnical Security Group.”To increase diversity, we need to encourage people to use other password construction strategies (such as ‘three random words’), that use length rather than character sets to achieve the desired strength.”See: This is how fast a password leaked on the web will be tested out by hackers

ZDNet Recommends

While NCSC endorses the use of password managers and believes they also increase password diversity, it’s encouraging three random words until the uptake of password managers is more widespread. The three random words advice roughly aligns with Google’s recommendations for protecting Google Accounts. To make passwords longer but also memorable, Google recommends using a lyric from a song or poem, a meaningful quote from a movie or speech, a passage from a book, a series of words that are meaningful to the user, or creating an acronym from a sentence. NSCS acknowledges there are search algorithms that are optimized for three random words, but Kate R argues that more password diversity raises the cost for attackers since they must try several algorithms. She also notes that NCSC hopes more people will adopt password managers and that this will also increase password diversity, so the three random words recommendation still makes sense until password manager adoption is universal.  More

Carrying around unsecured data on flash drives is a bad idea.

One mistake on your part — or on the part of the weakest link in your organization — and that data can be in the hands of anyone.If that data is sensitive, then you’re going to have some serious headaches, along with the potential for legal troubles and fines.Must read: Apple broke the bad news to iPhone fansFar better to have that data properly secured and encrypted when it’s on a physical device, and as a tool that makes that as simple as possible is the Apricorn Aegis Padlock SSD.This SSD drive is small enough to fit into the palm of your hand or slip into a pocket and comes in capacities ranging from 240GB to a whopping 4TB. Having this range of options is great because it means that you can buy the capacity you need, and no more, which saves money.

The drive itself is rugged and reliable. The aluminum enclosure complete with the wear-resistant keypad is rated to IP66 dirt, and dust resistant is crushproof to 6,500 lbs, shock and vibration resistant, unaffected by high humidity, and works in extreme temperatures from -40°F to 158°F (-40°C to 70°C).It’s a rugged drive. While on first blush, it might seem like the membrane keyboard is a weak point, having been using these drives for years, I’ve found them to be very reliable.From a security point of view, the Aegis Padlock SSD conforms to FIPS 140-2 hardware data protection and features real-time hardware AES-XTS 256-bit encryption. No host software is required on any device to run access the data so that this drive can run on pretty much any system.In addition to PIN codes for access, you can add an admin PIN, PINs for read-only access, and even a self-destruct PIN. It also features built-in hardware brute-force protection for added security.Another great feature is that this drive is 100% bus-powered, so there are no power supplies to carry and no internal batteries to keep charged up. The drive also features a rugged built-in USB-A cable.This drive is also no performance slouch and is capable of reading and write speeds up to 230MB.

On top of all that, you get a three-year warranty.

Prices start at $177.

ZDNet Recommends More

Google’s Unattended Project Reminder feature has moved to a public preview. It aims to improve cloud utilization and address security issues caused by forgotten old cloud-computing projects that shouldn’t be around anymore. Unattended Project Reminder, a part of Google Cloud’s Active Assist, could be useful in reducing security risks by finding those old initiatives, such as a prototyping project, that no longer require network access, cloud resources, or supported APIs. 

ZDNet Recommends

The best cloud storage services

Free and cheap personal and small business cloud storage services are everywhere. But, which one is best for you? Let’s look at the top cloud storage options.

Read More

Google has developed the feature through 2021 as part of a prototype aimed at cleaning up internal projects that were unattended. See: Google’s new cloud computing tool helps you pick the greenest data centers.According to Google Cloud, Google’s internal security team had the issue of unattended projects on the radar for some time. Hence, the two units started searching for unattended cloud projects within the “google.com” organization.    Despite being a good idea, Google ran into detection problems because it was difficult to use signals — such as API, network and user activity — to tell the difference between an actually unattended project and a project that intentionally has a low level of activity. Risks here include correctly identifying unattended projects and accidentally deleting a component that was essential to a production workload, thus inadvertently causing permanent data loss. But benefits include reducing cloud bills for unnecessary resources and reducing configuration issues, such as open firewalls or privileged service account keys that attackers can exploit to get a hold of your cloud resources for cryptocurrency mining or to steal data.

“These security risks tend to grow over time because the latest best practices and patches are usually not applied to unattended projects,” Googe said.To address these issues, it worked with customers using real-life data to find thousands of unattended projects.Key signals that Unattended Project Reminder uses include API activity (such as service accounts with authentication activity and API calls consumed), networking activity, billing activity, user activity, and cloud services usage (such as active VMs, BigQuery jobs, and storage requests). “Based on these signals, it can generate recommendations to clean up projects that have low usage activity (where “low usage” is defined using a machine learning model that ranks projects in your organization by level of usage), or recommendations to reclaim projects that have high usage activity but no active project owners,” explain Google Cloud product managers, Dima Melnyk and Bakh Inamov. See: Attacks on critical infrastructure are dangerous. Soon they could turn deadly, warn analysts.Insights and recommendations can be sent automatically via email or chat messages to project owners.  Admins have a recovery option for accidentally removed projects: the recovery period is 30 days. However, Google notes some resources, such as Cloud Storage or Pub/Sub resources, are deleted before the 30-day period ends and may not be fully recoverable.French sporting goods retail giant Decathlon used the feature to delete 775 projects. “And no one complained,” said Adeline Villette, Decathlon’s cloud security officer. French utility Veolia and US file storage firm Box trialled the technology to reduce the number of unattended projects they were respectively supporting. More

Image: Google
Google last week announced extending its COVID Card feature to Australia, allowing Android users to access vaccination information on their device. Google said it worked with Services Australia to give “a convenient and secure way to view, save, and show your vaccination status and information, straight from your smartphone”.The information will show in the vaccination passport once a second dose has been administered.According to Google, vaccine information is only stored on the user’s device and not stored by Google.  However, when adding the certificate to Google Pay, users are prompted to confirm they agree to their data being stored offshore.”If you add your COVID-19 digital certificate to Google Pay, others with access to this device will be able to view the certificate. It’s your responsibility to keep your certificate secure,” the prompt says.”By selecting ‘Accept’, you provide consent for the Australian government to share the information contained in your COVID-19 digital certificate with Google for Google Pay who will store it on servers outside of Australia.

“A copy of your certificate may also be stored on servers outside of Australia if you have other cloud applications stored on your device to backup your data.”When asked about the storing of data offshore, Services Australia said the COVID-19 digital certificate would be entirely optional for Australians. “Once provided to the individual, it is their choice as to how they use and store it,” a spokesperson for Minister Linda Reynolds told ZDNet. “This includes accessing the certificate via government apps, or downloading it to their phone, or storing it in their digital wallet.”The spokesperson confirmed the certificate was accessible without using the digital wallet storage option.”We know Australians are increasingly using digital wallets so people can choose to store their certificate in this way, if it suits them,” they continued. “Users are informed that the Apple or Google digital wallet utilises offshore storage before agreeing to use the service.”In its Secure Cloud Strategy, the Digital Transformation Agency (DTA) said entities operating in Australia must comply with Australian Privacy Principles (APP) when storing data on Australians. “The Privacy Act does not prevent an Australian Privacy Principle (APP) entity from engaging a cloud service provider to store or process personal information overseas. The APP entity must comply with the APPs in sending personal information to the overseas cloud service provider, just as they need to for any other overseas outsourcing arrangement,” it said. When asked if it had any concerns with the certificate information being stored offshore, the DTA said it was a question for Services Australia. Google is also yet to return a comment.Users can access their vaccination certificate via the Express Plus Medicare app or via the Medicare portal of the MyGov website, with the option to select “view your COVID-19 digital certificate” and “Save to Phone” to do just that.”For added convenience, you can access your vaccine information even when you’re offline, which means you do not need mobile or Wi-Fi connection,” Google added. “If you have the Google Pay app on your Android phone, you can also access the certificate from the same place where you access your other cards and other passes.”Every time a user accesses their certificate, they will be asked for the password, PIN, or biometric method that has been set up.As of 9pm AEST 8 August 2021, there were just over 4,700 active cases of COVID-19 in Australia, with a total of 36,330 cases since January 2020. Stay-at-home orders continue to be in place around the country, with a majority of the population of New South Wales under lockdown since June 25.In a bid to speed up the process of checking into venues and managing check-in history, the NSW government on Monday announced a new COVID-19 check-in card, as well as updates to the Service NSW app.Minister for Digital and Customer Service Victor Dominello said customers would soon be able to register for a COVID-19 check-in card which they could present to supermarkets and other essential retail businesses to scan as a faster and safer way to complete the self-service webform check-in or paper sign-in currently used by customers without a smartphone.Customers can download and print their COVID-19 check-in card or have a plastic card mailed to them. Their contact details will be  stored within the QR code, which will prepopulate the webform when scanned by the business. As the Service NSW app gives users the option for face biometrics to be used when logging in — a task made difficult with mandatory mask requirements — the government has also extended the log-in period to four hours.   MORE COVID IN AUSTRALIACOVIDSafe uploaded 1.65m ‘handshakes’ and was only used by NSW and VictoriaThe Australian government says its COVIDSafe app identified 2,827 potential close contacts from 37,668 encounters in NSW and Victoria. Only 17 cases in NSW were identified separately to manual contact tracing efforts, however.Auditor finds WA Police accessed SafeWA data 3 times and the app was flawed at launchWA Health released SafeWA check-in information for purposes other than COVID-19 contact tracing, with six requests being made by the police despite government messaging that the information would only be used to support contact tracing.Australia pins clearer idea of who got vaccinated on new portalMore than 100 days since Australia’s vaccine rollout started, the federal government is launching a portal that will provide information on who exactly has received the jab. More