Search This Blog

Showing posts with label Technology News. Show all posts

Religion Biased Algorithms Continue to Depict How Facebook Doesn't Believe in Free Speech


Facebook's brand image has taken a critical hit long ago falling from the top ten global brands list, the brand value has gone down by remarkable margins as the platform fell short in living up to its own standards and promises and continued making headlines for censure. Amid big scandals like Cambridge Analytica, data leaks, congressional scrutiny, the social media giant has constantly been under the radar for preferring certain gender, ethics groups, and race over others as seen in the company's allegedly flawed ad-serving algorithm. 

Owing to its discriminatory ways, Facebook became a subject of critics' accusations in October 2019 when the social media giant faced a class-action lawsuit for charges of bias against gender and age. To substantiate, with the use of several advertising experiments, researchers from Northeastern University, the University of South California demonstrated in a study that Facebook has been discriminatory in ad targeting for years now and indeed has an automated advertising system delivering ads to selected audiences. 

It's a well-established fact that algorithms are biased and Facebook has been no exception to it. To give you an idea, in 2019, the tech giant faced legal charges by the US government for allowing advertisers to deliberately target ads on the basis of religion, race, and gender – businesses could exclude people of a certain race, age  or gender from viewing housing ads, a blatant violation of Fair Housing Act. While settling its case, the company said that it won't be allowing the businesses to targets ads in discriminating ways, however, the issues were never truly addressed given the recent biases in Facebook's actions. 

'The Enlightened souls(https://6enlightened.blogspot.com/) is a spiritual group posting content regarding enlightenment, spirituality, ancient spiritual practices, goddess worship and etc., the spiritual website became one of the latest victims of Facebook's biased ad-targeting algorithms. 
Religion bias in particular as Facebook removed one of their ads containing images of the goddess 'Kali' along with other goddesses labeling it as sexual content. 
Later, Facebook was seen to be running a Netflix ad about a show wherein the girl was almost naked. The findings are critical of Facebook's claims regarding 'changed Ad tools' wherein the tech giant promised to amend its ways of managing the advertisements and preventing discrimination against certain groups, gender, religion, or age. 

Disappointed by Facebook's never-ending bias and existing issues despite the changes made by the company, 6enlightened made the decision of cutting Facebook off and using Twitter as the only social media.

FACEBOOK SHOULD STOP SUPPRESSING FREE SPEECH 

Given a whopping 2.5 million people use at least one of the Facebook's app, the social media platform should be more responsible in its advertising ways, however, unfortunately, the platform doesn't appear to believe in free speech but in censorship that they have actively practiced – evidently so for years now.

Telegram has withdrawn its appeal against the ban on issuing Gram tokens


The company appealed the court decision in March, but then the founder of the messenger, Pavel Durov, announced the termination of work on the blockchain project

Telegram has withdrawn an appeal against a court order banning the distribution of Gram tokens as part of proceedings with the US Securities and Exchange Commission (SEC). The decision was supported by both parties, the withdrawal was carried out using the standard form based on rule 42.1 — "leaving without consideration".

The appeal was sent in March after a court banned Telegram from issuing Gram tokens.  The court ruled in favor of the SEC, which argued that the Gram tokens were unregistered securities. The court also ruled that Telegram cannot issue tokens even outside the United States since this will give US citizens the opportunity to buy these tokens outside the country as well.

The founder of Telegram in an American court said that people outside the US can vote for their presidents and elect their own parliaments, but they are still dependent on the US when it comes to technology and finance.

On May 12, the founder and CEO of Telegram Pavel Durov announced the termination of work on the blockchain project. He accused the US court of sentencing the TON project before it could be successfully implemented. Investors were offered to return 72% of their investment or sign a loan agreement with a return of 110% in a year.

After that, TON investor Vladimir Smerkis said that the majority of ICO participants are inclined to file a lawsuit against Durov. Smerkis allowed an option in which the Telegram team will need to make concessions to investors and reconsider the option of paying out funds.

Let's remind that on April 1, Federal Judge of the Southern District of New York, Kevin Castel, rejected Telegram's request to clarify the possibility of distributing Gram tokens bypassing American investors.

Russia puts cryptocurrency under a ban


Russian parliamentarians have developed a package of bills that assume administrative and criminal responsibility for the use of cryptocurrencies. Experts believe that such measures can lead to the destruction of the blockchain industry in Russia.

"People who currently own cryptocurrency will be forced to get rid of it before the law comes into force, or risk "going underground", and this is a loss or risk," said Dmitry Kirillov, a senior tax lawyer at Bryan Cave Leighton Paisner. Based on the amendments, mining or exchanging 3.5 bitcoins will lead to criminal liability.

Penalties are provided for any use of digital assets, from the organization of a crypto exchange and mining farm, attempts to pay with cryptocurrency on the Internet.  Fines range from 500 thousand rubles ($7,000) for individuals and up to 2 million rubles ($28,000) for legal entities.

Founder of the stable cryptocurrency platform Stasis.net Gregory Klumov called the new amendments "putting nails in the coffin of financial innovation and technological progress."
"In fact, it is proposed to build a new iron curtain in the digital economy with their own hands," said Yuri Pripachkin, president of the Russian Association of Cryptoeconomics and Blockchain.

Currently, in the Russian Federation, in addition to software, the hardware is being actively developed - means for storing tokens, cryptocurrencies. Many young specialists from the Russian Federation are already involved in this industry, and experts are worried that the adoption of this bill will put an end to the innovative economy.

Earlier, E Hacking News reported that, according to First Deputy Chairman of the Bank of Russia, Blockchain is not a panacea, and cryptocurrency is not money. So, the Central Bank of Russia is not going to change its negative attitude to these assets.

Co-founder of Qiwi Solonin provided Durov a loan of $17 million


Sergey Solonin, one of the founders of the Russian payment service Qiwi Group, decided to re-loan his investment in the blockchain project of Pavel Durov, the founder of Telegram and Vk, Telegram Open Network (TON), giving him a loan. In 2018, he invested $17 million in this project.

Recall that in 2018, the co-founder of Qiwi invested $17 million in TON. At that time, 175 investors participated in the project, who invested a total of $1.7 billion. The founder of the blockchain project stated that any project based on TON developments or using this name will not be related to Telegram.

On May 12, Durov announced the closure of the TON blockchain platform project and the Gram cryptocurrency blaming the American court. The TON blockchain platform was supposed to start working in October 2019, but then the U.S. Securities and Exchange Commission (SEC) initiated legal proceedings, demanding to recognize that the Gram cryptocurrency is securities, and therefore could not be registered in a simplified form, according to American law. Due to litigation, the launch of TON was postponed several times.

Before closing the project, Durov offered investors based outside the United States two options for choosing: to withdraw 72% of the funds invested in TON and Gram or to receive 110% of the originally invested amount by April 30, 2021. Only one option was offered to US residents - to return 72% of investments.

"Most of the investors with whom I spoke will take 72% of the initial investment," said Durov.
"I decided to re-loan his investment. Pavel has a smart team, I hope they will come up with something," said Mr. Solonin.

Solonin expects that the Telegram founder will be able to find new sources of income or a way to finance the company further within a year.

The “Real-Time Find and Replace” Wordpress Plugin Updated To Address A High Severity Vulnerability



So as to address a high severity vulnerability, the “Real-Time Find and Replace” WordPress plugin was updated as of late in order to forestall the exploitation to infuse code into sites.

The plugin, accessible as open source and has over 100,000 installations is intended to permit WordPress site admins to dynamically supplant HTML content from themes and different plugins with the content on their personal preference before the page is served to users.

The vulnerability recognized by the name of 'Cross-Site Request Forgery (CSRF)' prompting Cross-Site Scripting (XSS), could have permitted an attacker to infuse malignant JavaScript code on a target site, yet just by fooling the administrator into performing explicit actions, such as clicking a link.

The core of the plugin's 'functionality' for including the find and replace rules in the function far_options_page, which didn't confirm the integrity of a request's source, since it didn't utilize nonce verification, WordPress Security Company Defiant had discovered.

 By supplanting an HTML tag like <head> with noxious JavaScript, an attacker would ensure that their code executes on about each page of the targeted site. Utilizing the infused code, the attacker could make another administrative account; steal session cookies, or direct clients to a malevolent site.

Defiant detailed the vulnerability to the plugin's developer on April 22 and the security flaw was tended to the same day.

The security company Defiant says, “Any attacker capable of tricking a site owner into executing an unwanted action could replace any content or HTML on a vulnerable site with new content or malicious code. This replacement code or content would then execute anytime a user navigated to a page that contained the original content. ”

“In the most up to date version, a nonce has been added along with a check_admin_referer nonce verification function to ensure the legitimacy of the source of a request,” Defiant explained further.

Version 4.0.2 or newer of the Real-Time Find and Replace plugin includes a patch for the bug, and users are advised to update the plugin as soon as possible to ensure their WordPress websites are protected.

Digital passes will be introduced in 21 regions of Russia


The Ministry of Communications announced on April 22 that digital passes following Moscow will be introduced in 21 regions. On April 27, the Department plans to start the same in another 14 regions of Russia.

Recall that digital passes began to operate in Moscow and Moscow region on April 15. More than 900 thousand permanent digital passes were issued, and about 400 thousand one-time passes are issued daily.

Moscow Mayor Sergei Sobyanin announced last Saturday about additional changes in access control in Moscow due to the situation with coronavirus.

Since April 22, the rules have been tightened by introducing automated surveillance of cars and fines for their unregistered owners. Cameras for the photo-video recording of traffic violations will track the presence of a special pass. Car owners, in order not to get a fine for violation of the pass regime, must include the car's license plate in the digital pass. Cars that are not included in digital passes will automatically be considered violators.

In addition, control over travel by public transport was introduced. Trips on public transport can now only be made if you have a digital pass with a Troika transport card linked to it.
The Moscow Transport Department reported that 15% of motorists drove on the capital's roads without special passes on April 22, while more than 4 million motorists in Moscow have already linked their car numbers to a digital pass.

In addition, about 2.5 thousand people were unable to use the metro in Moscow due to the lack of a pass linked to the card.

The Ministry indicates that a specialized mobile app is used to check passes. The digital pass is valid only upon presentation of an identity document.

Earlier, E Hacking News reported that the system of electronic tracking of people is being introduced into mass use in Moscow right now. And the epidemic is a good reason for such actions.

Pavel Durov: the world will not be the same after the COVID-19 pandemic


Pavel Durov, the Creator of the social network Vkontakte and the Telegram messenger, said that the world can expect a “civilizational shift passing through generations” after the coronavirus pandemic. He wrote about this in his Telegram channel.

The entrepreneur called the spread of the coronavirus "a threat to our entire species." "When the pandemic ends, the world will not return to normal. It depends on us whether the new world will be a better place than the one that we leave behind,” wrote he.

Durov believes that isolation is a chance for everyone to create a "better version of themselves", as well as for technology to prove its value.

The messenger's founder said that this month Telegram verified and started promoting 17 channels of the Ministries of Health in different countries of the world. He also noted that Telegram is not a company that can be considered to cooperate with government agencies, but in this particular case, an exception was made to help governments spread information about coronavirus. The list of channels supported by Messenger also includes the official channel of the Russian operational headquarters for fighting the virus.

In addition to this, Telegram will later present a project that eases the problem of learning during self-isolation, Durov added. He promised to reveal more information about the project in the next few days.

In January, Durov spoke about why using the WhatsApp messenger is dangerous. He noted that users prefer to save backup copies of their conversations on cloud storage when changing their devices, which are not encrypted. Also, the source of danger can be backdoors (secret vulnerabilities intentionally built by developers).

Russia to develop a video platform similar to Zoom


The Ministry of Digital Development, Communications and Mass Media of the Russian Federation will develop a similar Zoom platform for video communication by the beginning of the new school year. This was announced on Saturday by Minister of Education Sergey Kravtsov.

"Together with the Ministry of Digital Development, Communications and Mass Media, we are developing a new domestic product Digital educational environment, which will use only domestic developments, only domestic software, including a video platform similar to Zoom and Skype," said the Minister.

The Minister stressed that such a platform is necessary in order to exclude problems related to the instability of foreign systems from the educational process. Kravtsov noted that, for example, the use of Zoom was abandoned in Singapore, because there was "unauthorized access to the education process".

Recall that on March 14, in order to prevent coronavirus, it was recommended to transfer students to distance learning.

Note that the daily audience of the Zoom app in the world in March 2020 compared to December 2019 increased by 20 times.

In addition, Moscow senator Vladimir Kozhin drew the attention of the state to threats posed by Russians in self-isolation. He was talking about a huge array of personal data that now has to be transmitted online for various purposes. The senator believes that this information can become the goal of cybercriminals and lead to serious damage to citizens and businesses.

He proposed "to develop and adopt a number of amendments to the Criminal Code of the Russian Federation in the shortest possible time, seriously toughening the responsibility for such crimes."

Earlier, E Hacking News reported that users of the Zoom video conferencing service have become targets of hackers. Scammers create Zoom-disguised websites and malware to steal their personal data.

Moreover, hackers appeared in Networks that offer to issue digital passes for moving around the city on social networks.

Google Doubling Down On Efforts to Protect Android Users


With the rise in the in-application subscription scams on Android, Google subsequently announced the introduction of new Play Store policies intended to forestall such scams in the near future.

The American multinational technology additionally pledged to provide Android users with direct assistance in the form of notifications when a trial is going to turn into a paid subscription, or a subscription is going to renew consequently.

The new policies announced that demand application developers offer clear info about the obligations associated with subscription models and free trials, and provide a simple and easy way through which users can cancel subscriptions. These latest policies are a small part of a more extensive Google campaign, aimed especially at ensuring the privacy and security of Android users.

The newly announced policies focus mostly on fleeceware, a form of application that 'manipulates' trial periods and membership models to defraud victims. This kind of application usually burdens the user with complex terms and conditions, further enshrouding unjustifiable subscription commitments.
As a component of the new prerequisites, developers must distinguish with enough clarity between features accessible free of cost and those accessible only to paying subscribers. Thus, Google will convey an admonition to users when a free trial is set to end or when a subscription longer than three months is because of turn over.

The firm will likewise give warnings if a user endeavors to uninstall an application attached to an on-going subscription.

The new policies are said to take effect on June 16, so users should take particular consideration whenever handling of in-application subscriptions on Android in the meantime.

Apart from this, the company took the initiative to remind developers that its new assessment procedure will produce results in August, which will require developers to gain approval from Google before requesting location data from the end-user.

Further Play Store 'tweaks' are likewise in the pipeline, which will reportedly address issues related to illusive content and applications.

Lithuania accused the Russian media of misinformation


Lithuania has published an annual report submitted by the Ministry of Defense, in which it accused the Russian media of misinformation.

According to Lithuanian experts, the number of complex cyberattacks in the Baltic Republic has increased, which were more advanced both in terms of technological solutions and in terms of content.

According to them, some Russian publications form a negative image of Lithuania, and its image is not true.

The Ministry noted that the image of Lithuania as a hostile and unreliable state is being created. Russian Media uses content that incites war and national hatred, as well as falsified facts, video editing, and deliberately distorted statements.

According to the Ministry of Defense, the flow of such information increases during significant events in foreign policy and within the country in order to form a negative image of Lithuania in the West.

It should be noted that Russian journalists are regularly hindered from performing their professional duties in the Baltic States. Russian Foreign Ministry spokeswoman Maria Zakharova said that Russian media in the Baltic States are being persecuted for historical truth.

It is interesting to add that on April 16, Lithuanian Vice Minister of Defense Edwinas Kerza stated that the routers used in Lithuania to distribute wireless Internet are made not in China, but in Russia, and send user data to servers in the Russian Federation.

"They were common, and still widely distributed, because they are budget-class routers that are quite productive, that is, fast and inexpensive… And as we have established, although they were supposed to be produced in Taiwan, they are actually produced in Russia," said Kerza.

It is reported that the model that attracted such close attention to the Lithuanian military has already been removed from the sale. The security services are concerned that, according to the Vice Minister, up to 90% of routers in the country are of Russian origin, and potentially spy on Lithuanian citizens.

Best Practice Tips for Password Administration from Tech Security Insiders



Passwords have been an industry-standard as well as industry headache for a considerable length of time and their administration henceforth has become the misery of end-users and IT administrators, yet there are alternatives to take advantage of the experience and reduce their headaches.

And so here are several industry experts discussing the challenges of and solutions to passwords.


  1. Matt Davey, COO at 1Password, an online password management provider; 
  2. Daniel Smith, head of security research at Radware, a security solutions provider; 
  3. Rick McElroy, principal security strategist at VMware Carbon Black, a virtual security platform; Matt Wilson, chief information security advisor at BTB Security, a security solutions provider; 
  4. And Ben Goodman, CISSP and senior vice president of global business and corporate development at identity platform provider ForgeRock.


The first issue discussed was the current challenges faced with passwords, Matt Davey was of the view that “Even though for many years we've relied on passwords to securely access the apps and services we use daily, both at home and at work. Today, as many of these services move to the cloud and breaches become bigger and more frequent, password authentication is even more critical, particularly for enterprises.”

Whereas Matt Wilson says, “Since the dawn of the first password we've struggled with largely the same issues; selecting strong, unique, passwords, remembering and storing them, and changing them periodically. People pick bad passwords and share them across multiple accounts for a very simple reason: It's easier to remember.

As attackers have developed and refined their toolsets, they've increased their capabilities to attack our accounts. Their speed of attack, the volume of guesses, the ability to mask their location/identity, and the "intelligence" they've developed to make better guesses make protecting our accounts more difficult than ever before.”

The second topic of discussion was the remedies and as per Daniel Smith, “Password hygiene is one of the biggest problems that both organizations and individual users face today. One of the easiest ways to combat and remedy the issue with password hygiene is through the use of a password manager and the use of multi-factor authentication.

Using a password manager naturally encourages users to not reuse passwords, and there are plenty of user-friendly options available to both consumers and the enterprise. Multi-factor authentication simply creates an extra step for accessing any account, and can be the barrier needed to stopping unwanted access.”

But when the last question was addressed i.e. what will replace the password problem in the future. Rick McElroy was quick to answer by referring to the current state of pandemic observed by the world, he says, “Short term, it looks like hand and fingerprint biomarkers, two-factor authentication with a mobile device and, in a post-COVID-19 world, facial recognition will be rolled out faster than ever. At some point in the future, DNA will probably be used to verify identity in the medical field but may not be applied to say a laptop and windows login currently.

Long term, I could see a future where a combination of measurements like a heartbeat and brain waves could be used. These types of identification systems are already being beta tested on battlefields to ensure the right criminals and insurgents are being arrested and to protect innocent lives. I would not be shocked to see that deployed at some point in the future.”

And lastly, Ben Goodman was of the opinion that, “Passwords should become a thing of the past. Today, organizations can solve the challenges that come with passwords by leveraging technology that can provide a passwordless user journey.

By adopting a passwordless approach, organizations provide users with frictionless, secure digital experiences. With the use of biometrics or push notifications, organizations can bring the same effortless authentications users have experienced on their smartphones, with technologies like FaceID from Apple or Samsung's Ultrasonic Fingerprint scanner, to every digital touchpoint while ensuring security.”

And since as a feature of an intelligent authentication strategy, passwordless authentication empowers future-proof access so as to improve the customer experience and guaranteeing security by pushing suspicious users to 'additional verification'.

So it is clearly evident from this above discourse that organizations don't have to wait for any further to comprehend and solve password issues: If only they choose the correct arrangement, passwordless verification is conceivable even today.

Critical Security Vulnerability Patched By VMware


VMware Inc. a publicly-traded software company recently fixed a critical security vulnerability that permitted the malicious attackers to access sensitive data.

The vulnerability as indicated by them resides in the VMware Directory Service (vmdir) which is a part of vCenter Server version 6.7 on Windows and virtual appliances. Known and tracked as CVE-2020-3952, it is evaluated as critical and gets a CVSSv3 score of 10.

In certain conditions, the vmdir doesn't actualize appropriate security controls, which permits attackers with network access to get to the sensitive data.

By utilizing the obtained information the attacker can compromise vCenter Server or various other services that rely upon vmdir for authentication.

In March VMware tended to high severity privilege escalation and DoS in the Workstation, Fusion, VMware Remote Console and Horizon Client and furthermore published KB article 78543 for additional details if a vCenter Server 6.7 deployment is influenced in any way.

 It is recommended for the user on the off chance that they are utilizing vCenter Server version 6.7, to update with 6.7u3f to fix the aforementioned critical vulnerability.


Here is the example log to check with influenced deployments.

2020-04-06T17:50:41.860526+00:00 data vmdird t@139910871058176: leg tendon MODE: Heritage  

VMware lastly mentioned that “Clean installations of vCenter Server 6.7 (embedded or external PSC) are not affected.”

First Deputy Chairman of the Bank of Russia: Blockchain is not a panacea, and cryptocurrency is not money


First Deputy Chairman of the Bank of Russia Olga Skorobogatova said that blockchain is perfect for letters of credit and guarantees because it solves the problem of trust. However, this is not a universal technology for all occasions.

According to her, many people overestimate the advantages and prospects of blockchain technologies. As negative aspects of cryptocurrencies, the banker noted their high level of volatility, lack of guarantees for saving investments, and the possibility of their use for money laundering and terrorist financing.

This position of the Central Bank of the Russian Federation was one of the reasons for the delay in the adoption of the bill on digital financial assets, which should become the main legislative act regulating the cryptocurrency industry. Recently it became known that the adoption of the law is being postponed due to the coronavirus pandemic.

Despite the rejection of cryptocurrencies, Olga Skorobogatova spoke positively about stablecoins.
“We believe that this is a more reliable type of crypto-assets since they are provided with real assets and give users certain guarantees,” she said, adding that in order to protect consumers, it is necessary to effectively regulate this sector at the global level.

The Central Bank is actively collaborating with other regulators regarding stablecoins and coins such as Libra. According to Skorobogatova, many Central Banks are actively studying the possibility of creating a national digital currency, and the Central Bank of the Russian Federation is no exception in this regard, but at this stage, the authorities have more questions than answers.
In particular, she does not yet see what real benefits the digital currencies of the Central Banks (CBDC) will bring to the economy, people and business.

It is worth noting that the beginning of the pandemic of coronavirus infection served as a kind of trigger for the introduction of remote voting. This was recently stated by the political party United Russia" For this purpose, an electronic voting system based on blockchain technology has been developed. Experts believe that this will reduce the negative effect of the quarantine regime, which has somehow slowed or stopped the political activities of most other parties, not only in Russia but also in the world.

'Paranoid' Blocks your Smart Speakers from Spying on you


Smart speakers have proven to be one of the most versatile gadgets of the era, the high-tech AI companions can do everything from playing music to ordering a meal with just the sound of your voice. They come with virtual assistants ready to answer all your queries, other features include reminding you of appointments, telling about the weather and news along with helping you to control your smart home devices.

Amazon's Echo and Google's Nest are two of the widely employed smart speakers. However, these devices also raise security concerns in regard to the voice captured by the speakers but in order to avail services of a voice assistant that as a matter of fact operates on voice commands, you can't block it from listening to your voice.

To make the experience easier and safer, a new device known as 'Paranoid' is made to enter the tech space, it is designed to block your Amazon Echo or Google Home smart speaker from listening to your voice until you say the word, "Paranoid" which is the device's wake word. After saying the word, the gizmo allows your smart speaker to listen.

Another thing to take notice of is the simplicity in the operations of Paranoid, it's extremely easy to use, it simply needs to be connected to the smart speaker in order to block it from spying upon you –meanwhile,  it still allows the speaker to be voice-activated. In order to activate it, all you have to do is to say "Paranoid" every time before you say "Okay, Google!" or "Alexa!"

The device comes in three different variants, The Home Button, Home Wave, and Home Max. It has no antenna, no SIM card slot, no Bluetooth, no Wi-Fi and no kind of wireless capability. As per its website, the makers claim that their device is "hack-proof".

The Home Button is the simplest model, it is placed on Amazon Echo's mute button and presses it manually. The second one, the Home Wave is designed to jam the microphones on your smart speakers and the most sophisticated one, the Home Max requires you to send your Amazon Echo or Google Home Devices to Paranoid headquarters stationed at Edmonton, Alberta. There, experts will attach your speaker's microphone cable to an external Paranoid device by cutting off the original cable. After the completion of the process, your smart speakers will be sent back to your address.

All the three models of Paranoid can be purchased from its official website; the original charges of the device and services are $49, however, as of now it will cost only $39.

Facebook, Twitter and Telegram will stop working in Russia due to the weak Runet


Participants of the Zoom conference on the digital future of the country said that the transition to remote work and mass online training became forced testing of Russian Internet services and platforms, most of them failed the tests. The meeting was attended by leading representatives of the Internet industry and experts in digital technology.

It turned out that neither schools nor universities are ready for the online format. "My three children and I experienced the whole "charm" of distance learning: all day we do not so much do tasks as solve technical problems with non-working cameras, communications," said Natalia Kaspersky, President of the Info Watch group of companies.

Ilya Massukh, a member of the software expert Council at the Ministry of Communications and Mass Media, expressed the opinion that Russia is not yet ready to replace "live" services with digital ones. He added that the servers of the Pension Fund of the Russian Federation fell on April 1. "Even these servers, which are designed for heavy load, did not pass the test."

Recently, Moscow authorities reported that they would monitor the movements of citizens through the introduction of QR codes and even developed a special application for this. According to them, now the introduction of QR codes is necessary to monitor compliance with the self-isolation regime. But experts are confident that when the pandemic ends, it will be necessary to re-introduce personal data protection.

It is interesting to note that the Deputy of the State Duma Anton Gorelkin proposed to prioritize the traffic of domestic sites and services for the time of self-isolation. In case of overload of communication networks due to the transition of citizens to remote work, the quality of access to Facebook, Twitter and Telegram and other services that do not comply with the requirements of Russian law will decrease (Facebook and Twitter do not transfer the data of local users to Russia, and Telegram is blocked for not transmitting the FSB encryption keys). The Ministry of Communications and Mass Media and the Federal Antimonopoly Service confirmed receipt of proposals.

Previously, Anton Gorelkin was the author of an initiative to limit the share of foreign capital in significant Internet resources to 20%, which forced Yandex to change the company's management structure.

WhatsApp's Latest Feature will Let Users Verify Forwarded Messages on Google


Owing to the lockdown due to the outbreak of the global pandemic Covid-19, people are once again resorting to their go-to messaging app – WhatsApp to spread misinformation in the name of information. Notably, WhatsApp has continued to be the most favorite platform for the circulation of fake news which also caused a number of untoward incidents in India.

It's mainly because of the rampant forwarding of messages created to promote individuals' or organizations' vested interests. While, public fear, unawareness, and lack of knowledge have a huge role to play in the equation of fake news and the consequences it had on the society, WhatsApp has constantly stood up to the issue and ensured to eliminate the flaws in its software.

The app has a massive reach across the globe with more than 2 billion active users and in an attempt to curb this circulation of misinformation, WhatsApp is reportedly working on a new feature that would allow users to verify the forwarded messages, helping them separate authenticated news from the fake ones.

As per sources, the tool will appear as a magnifying glass icon placed beside the forwarded messages on a user's WhatsApp, when the user will tap on the icon, a pop-up will appear asking him if he would like to search the message on the web, it will enable the user to directly upload the forwarded message on Google and verify the authenticity of the news.

“We are working on new features to help empower users to find out more information about the messages they receive that have been forwarded many times. This featuring is currently in testing, and we look forward to rolling it out in the near future.” WhatsApp told.

In a previous update, WhatsApp introduced a 'forwarded' label at the top of forwarded texts to make identification easier for the users.

The new feature by WhatsApp has already been sent out for testing and will be made available shortly for all the Android users and subsequently for the iOS users.

Russian payment systems will switch to using domestic cryptographic information security tools by 2031


Russian payment systems will switch to using domestic cryptographic information security tools by 2031

Existing payment systems in Russia will have to switch to the use of cryptographic information protection tools of domestic production. This was announced by Ivan Kosyakin, chief engineer of the information security Department of the Bank of Russia, during his speech at the scientific and practical conference "Ruscrypto 2020" held in the Moscow region.

Thus, according to him, Russia's sovereignty in the field of information security for the needs of the banking sector will be increased. So, to achieve this goal, functional technical requirements for payment systems with a terminal core, hardware security modules, payment cards were approved in 2019.

In turn, as noted by Elena Mareeva, Deputy Director for scientific and technical development of Practical Security Systems, in January of this year, requirements for cryptographic information protection tools were approved, according to which automatic security modules used in payment systems must comply with the requirements of Federal Executive authorities and the Bank of Russia, as well as the provisions of international standards.

Moreover, on June 25, 2019, it became known that the technical Committee for standardization "Cryptographic information protection" (TC 26), which is managed by the FSB, has prepared draft recommendations on the use of domestic cryptographic algorithms in key protocols used to protect information on the Internet.

One of the documents contains a set of recommendations on the use of Russian cryptographic algorithms "Magma" and "Grasshopper", developed by the FSB.

According to Russian legislation, domestic crypto-algorithms must be used in information security media certified by the FSB and mandatory for use by state agencies in their electronic document management, and from 2024, according to the requirements of the Central Bank of the Russian Federation, they will become mandatory for use in payment systems.

Members of TC 26 claimed that the use of Russian algorithms will improve the security of data transfer. According to Smyshlyaev, director of information security at Crypto-PRO (part of TC 26), the Russian crypto sets of the TLS1.2 protocol, approved in 2018, unlike foreign ones, guarantee control of the amount of data encrypted on one key.

Google Stops Displaying Security Warnings in Microsoft Edge, No Longer Recommends Switching to Chrome


Google has stopped advising Microsoft Edge users to switch to Chrome for a more secure experience as the browser extensions crafted for Google's Chrome web browser are also suitable for the new Microsoft's new Edge browser based on Chromium.

It appeared like Google stoked the flames of browser wars when it subtly encouraged Edge users to shift to Chrome by displaying warnings of potential security threats. The alert displayed by Google read that it "recommends switching to Chrome to use extensions securely". A developer at Edge revealed that the new Microsoft Edge is designed to effectively safeguard its users from malicious extensions, that said, Edge already had Windows Defender Smart Screen and Unwanted Application protection built-in.

Whenever a user visited the Chrome Web Store via the new Microsoft Edge, Google displayed a message in yellow at the top of the webpage recommending users to switch to Chrome in order to use extensions with added safety. However, seemingly, as soon as Google realized that greeting users with a warning message which clearly implied that Microsoft Edge is less secure of a browser is not making them look good, the tech giant softened and decided to take the alert down. Not only that, Google went a step ahead and replaced the previously displayed warning with a fresh one that tells users that now they can add extensions to Microsoft Edge from the Chrome Web Store.

However, still, officially only a few extensions are supported by Microsoft Edge as the installation of all these extensions for the first will seem to be a bit complex. Users need to enable 'allow extensions' from other stores via the settings page. On attempting to do that, Microsoft warns that it doesn't verify extensions downloaded from third-party stores and cautions that doing the same may cause performance issues in Edge. Then it suggests users get verified extensions from Microsoft Edge add-ons site. As soon as the users allow extensions by clicking on 'Allow', they will be able to add extensions to Edge from Chrome Web Store.

OCA Launches First Open Source Language to Connect Security Tools


On Monday, The availability of OpenDXL Ontology - the first open-source language for connecting cybersecurity tools via a common messaging framework has been announced by the Open Cybersecurity Alliance (OCA). The OCA comprises of like-minded individuals, cybersecurity vendors, thought leaders, end-users from across the globe with the mission of finding solutions to the problem of interoperability via tooling, coding and employing procedures and technology they all agree upon. The Project has IBM Security and McAfee as its initial contributors.

As the open-source code is made freely accessible in the cybersecurity ecosystem, OpenDXL Ontology allows any tool to acquire the ability to interoperate and communicate with various other technologies on its own by employing this language. Once this language is released, the need for custom integrations between individual products will be effectively eliminated, reducing the number of engineering resources spent on integration. These saved resources can be efficiently redeployed for other parts amounting to higher value functionality.

OpenDXL, also known as The Open Data Exchange Layer is an adaptive messaging system utilized by more than 4,100 vendors and enterprises to communicate and share intelligence to make accurate and informed security decisions. Any level of integration has to face a common challenge of accuracy and timeliness; when a product is refreshed, it requires all its integrations to be refreshed too. Now, the number of integrations a product will have depends upon the size of the product. More and more integrations given away for free of cost or a very low cost in the open-source space leads to a lot of dead code and hence creates a complex scenario.

In regard of that, the OCA claims that the release of the OpenDXL Ontology now provides, “ a single, common language for these notifications, information, and actions across security products that any vendor can adopt in order to communicate in a standard way with all other tools under this umbrella. This provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change.”

While putting the whole idea into perspective, Brian Rexroad, Vice President of Security Platforms at AT&T, told “With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical,"

“OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.” he further added.

Russian software will be installed on smartphones and smartwatches in the summer


Russian maps, search, antivirus and audio-visual services should be installed from July 1 on all new smartphones, tablets and smartwatches, according to the draft resolution on amendments to the law on consumer protection. Previously, in the "law against Apple" mandatory software pre-installation from July was only for smartphones.

The concept of the bill, which was proposed by the Federal Antimonopoly Service in January, provided for the installation of Russian programs on smartphones from July 1, 2020, on tablets and wearable devices - from July 1, 2021, on computers - from July 1, 2022. Later it became known that set-top boxes and Smart TVs should also comply with the new requirements from July 1, 2023.

However, the wording “wireless equipment for domestic use, having a touch screen and having two or more functions” appeared in the project, such electronics should meet the requirements from July 1, 2020. The Director of Public Relations of transport company RATEK Anton Guskov explained that devices with touch screens that perform more than two functions are smartphones, tablets and smartwatches.

The project also introduces requirements for programs: in order for an application to be included in the list of possible Russian alternatives, it must have a monthly audience of at least 100,000 users and the same number of installations. In addition, according to the bill, the device manufacturer may not preinstall Russian software if it has received refusals from all Russian manufacturers of the relevant programs, or such programs are not compatible with the device's OS.

These requirements, instead of encouraging small Russian manufacturers, will provide protection from competition for large software companies, said Guskov. He believes that legal uncertainty and vague language in the requirements in technology requirements could lead to a collapse in the consumer device market.

Recall that on December 2 last year, Russian President Vladimir Putin signed a law prohibiting the sale of equipment, including smartphones and computers, without preinstalled Russian software.