Archive for December, 2012

Over 150 new Illinois laws go into effect in 2013

There are more than 150 new Illinois laws going into effect in the new year.

Among those laws:

-Bosses will no longer be able to demand access to employee’s social media accounts.

-Parents who allow underage drinking will face stricter penalties — not only at their home, but also on property under their control, like a boathouse, cabin or barn.

-Illinois residents will no longer be able to possess, sell, trade or try to sell a shark fin.

-Relatives who help a fugitive run from police will face criminal charges. Until now, they have been exempt from prosecution.

There are several changes to the state’s firearms owner identification program. Anyone convicted of misdemeanor domestic violence, and those found to be mentally ill will not be issued FOID cards, or they will have their cards revoked.

For a full list of new laws, download the PDF below courtesy of Illinois Senate President John Cullerton:

New Illinois Laws for 2013

View Source

Woman charged with murder in NY subway shove

A woman who told police she shoved a man to his death off a subway platform into the path of a train because she has hated Muslims since Sept. 11 and thought he was one was charged Saturday with murder as a hate crime, prosecutors said.

Erika Menendez was charged in the death of Sunando Sen, who was crushed by a 7 train in Queens on Thursday night, the second time this month a commuter has died in such a nightmarish fashion.

Menendez, 31, was awaiting arraignment on the charge Saturday evening, Queens District Attorney Richard A. Brown said. She could face 25 years to life in prison if convicted. She was in custody and couldn’t be reached for comment, and it was unclear if she had an attorney.

Menendez, who was arrested after a tip by a passer-by who saw her on a street and thought she looked like the woman in a surveillance video released by police, admitted shoving Sen, who was pushed from behind, authorities said.

In this image provided by the New York City Police Department, a composite sketch showing the woman believed to have pushed a man to his death in front of a subway train on Thursday, Dec. 27, 2012 is shown. / AP PHOTO/NEW YORK CITY POLICE DEPARTMENT

“I pushed a Muslim off the train tracks because I hate Hindus and Muslims ever since 2001 when they put down the twin towers I’ve been beating them up,” Menendez told police, according to the district attorney’s office.

Sen was from India, but police said it was unclear if he was Muslim, Hindu or of some other faith. The 46-year-old lived in Queens and ran a printing shop. He was shoved from an elevated platform on the 7 train line, which connects Manhattan and Queens. Witnesses said a muttering woman rose from her seat on a platform bench and pushed him on the tracks as a train entered the station and then ran off.

The two had never met before, authorities said, and witnesses told police they hadn’t interacted on the platform.

Police released a sketch and security camera video showing a woman running from the station where Sen was killed.

Menendez was arrested by police earlier Saturday after a passer-by on a Brooklyn street spotted her and called 911. Police responded, confirmed her identity and took her into custody, where she made statements implicating herself in the crime, police spokesman Paul Browne said.

The district attorney said such hateful remarks about Muslims and Hindus could not be tolerated.

“The defendant is accused of committing what is every subway commuter’s worst nightmare,” he said.

On Dec. 3, another man was pushed to his death in a Times Square subway station. A photo of the man clinging to the edge of the platform a split second before he was struck by a train was published on the front page of the New York Post, causing an uproar about whether the photographer, who was catching a train, or anyone else should have tried to help him.

A homeless man was arrested and charged with murder in that case. He claimed he acted in self-defense and is awaiting trial.

It’s unclear whether anyone tried — or could have tried — to help Sen on Thursday.

Mayor Michael Bloomberg on Friday urged residents to keep Sen’s death in perspective as he touted new historic lows in the city’s annual homicide and shooting totals.

“It’s a very tragic case, but what we want to focus on today is the overall safety in New York,” Bloomberg told reporters following a police academy graduation.

But commuters still expressed concern over subway safety and shock about the arrest of Menendez on a hate crime charge.

“For someone to do something like that … that’s not the way we are made,” said David Green, who was waiting for a train in Manhattan. “She needs help.”

Green said he caught himself leaning over the subway platform’s edge and realized maybe he shouldn’t do that.

“It does make you more conscious,” he said of the deaths.

Such subway deaths are rare, but other high-profile cases include the 1999 fatal shoving of aspiring screenwriter Kendra Webdale by a former psychiatric patient. That case led to a state law allowing for more supervision of mentally ill people living outside institutions.

View Source

200 are given six hours of training in handling concealed weapons so they can confront school assailants

Jessica Fiveash sees nothing wrong with arming teachers. She’s one herself, and learned Thursday how to safely use her 9 mm Ruger with a laser sight.

“If we have the ability to stop something, we should do it,” said the elementary school teacher, who along with nearly 200 other teachers in Utah took six hours of free gun training offered by the state’s leading gun lobby.

It is among the latest efforts to arm or train teachers to confront assailants after a gunman killed his mother and then went on a rampage through Sandy Hook Elementary School in Newtown, Conn., killing 20 children and six adults before killing himself.

In Ohio, a firearms group said it was launching a test program in tactical firearms training for 24 teachers. In Arizona, the attorney general is proposing a change to state law that would allow an educator in each school to carry a gun.

The moves to train teachers come after the National Rifle Association proposed placing an armed officer at each of the nation’s schools, though some schools already have police officers. Parents and educators have questioned how safe the proposal would keep kids and whether it would be economically feasible.

Some educators say it is dangerous to allow guns on campus. Among the potential dangers they point to are teachers being overpowered for their weapons or students getting them and accidentally or purposely shooting classmates.

“It’s a terrible idea,” said Carol Lear, a chief lawyer for the Utah Office of Education. “It’s a horrible, terrible, no-good, rotten idea.”
Kristen Rand, the legislative director for the Violence Policy Center, a gun control advocacy organization, said to believe that a “teacher would be successful in stopping someone who has made the decision to engage in a shootout is just not rationale.”

“No teacher is ever going to be as effective as a trained law enforcement officer,” Rand said. Even trained police officers don’t always hit their targets, and arming teachers could put innocent students at risk of crossfire, she said.

Gun-rights advocates say teachers can act more quickly than law enforcement in the critical first few minutes to protect children from the kind of deadly shooting that took place in Connecticut. They emphasized the importance of reacting appropriately under pressure.

“We’re not suggesting that teachers roam the halls” looking for an armed intruder, said Clark Aposhian, chairman of the Utah Shooting Sports Council, the state’s biggest gun lobby. “They should lock down the classroom. But a gun is one more option if the shooter” breaks into a classroom.

The group waived its $50 fee for the training. Instruction featured plastic guns and emphasized that people facing deadly threats should announce or show their gun and take cover before trying to shoot. They cautioned teachers about the liability that comes with packing a gun in public.

“It’s going to be a hassle. It’s another responsibility. You can’t just leave your gun lying around,” Aposhian said. “Not for a minute.”

The teachers at the basic gun training applied for a concealed-weapons permit, submitting fingerprints and a mug shot for a criminal background check.

The class kicked off as an instructor in the “psychology of mass violence” offered various tactics to disrupt an assailant.

The first, the instructor said, was to start with the command: “Stop right there!”

“I wouldn’t hesitate to shoot if the danger was immediate,” said Fiveash, adding that her laser sight would make shooting in tight quarters safer.

English teacher Kevin Leatherbarrow said he often felt threatened while working at an inner-city school in Buffalo, N.Y., where he got a license to carry a pistol. He moved less than a year ago to Utah, where he feels safer. But he said gun violence can break out anywhere.

Read More

The top 10 tech ‘fails’ of 2012

Well, you can’t win ‘em all.

In 2012, we saw big tech advances. Smartphones got bigger. Tablets got smaller. Social media played a role in everything from a presidential election to disaster relief.

But with advances come clunkers.

When you’re in a field that demands near-constant innovation and unprecedented levels of creativity, sometimes even the most successful players are going to shoot and miss.

So, at the risk of playing Scrooge in this season of good will, here we come to wallow in it. Because, let’s face it: The Internet loves a good fail.

Behold the top 10 tech “fails” of 2012, with wishes for happier days ahead to all involved.

Apple Maps

Apple’s unofficial slogan, “It Just Works,” took a beating on this one.

Along with the rollout of the much anticipated iPhone 5 in September, Apple overhauled iOS, the operating system that runs the phone, its iPad and other mobile devices. A much-hyped feature of the change was Apple’s first effort at its own mapping app — after dumping rival Google’s map software.

The result was so bad that a few days later Apple’s CEO was essentially telling customers to use Google Maps.

Entire cities appeared in the wrong place. Landmarks such as the Washington Monument showed up submerged in bodies of water, and big chunks of the globe appeared as roadless wastelands.

“At Apple, we strive to make world-class products that deliver the best experience possible to our customers,” CEO Tim Cook wrote in a rare apology.

“With the launch of our new Maps last week, we fell short on this commitment. We are extremely sorry for the frustration this has caused our customers and we are doing everything we can to make Maps better.”

It was a little more than a month later when Scott Forstall, vice president in charge of iOS, was ousted from the company, reportedly, in part, for not wanting to apologize for Maps.

The company has been gradually improving Maps, but as recently as this month Australian police complained that an Apple Maps glitch could endanger motorists by mislocating a city of 30,000 people in the middle of the outback.

Facebook’s IPO

Facebook CEO Mark Zuckerberg in New York before his company’s initial public offering.

Everybody uses Facebook. And everybody likes to make money. So everybody’s going to gobble up Facebook stock, right?

So went the conventional thinking — at least among those of us who spend more time thinking about mobile phones than mutual funds. But on Wall Street?

Not so much.

It’s hard to remember a stock opening more hyped than Facebook’s when it hit the market in May. The stock began the day worth about $38. Then, after what everyone predicted to be a dynamic day of trading for the social media superstar, it closed at … well … about $38.

It wouldn’t take long for the pinstripe-suit types to decide it wasn’t even worth that. Facebook’s stock bottomed out in September, falling below $18.

Since then, it’s been steadily rebounding and currently sells for about $28.

Facebook says it has solid financial plans for the future. And the stock may well keep climbing, eventually turning a profit for folks who bought early.

But that fateful day in May will be a reminder that Wall Street and Silicon Valley don’t always play well together.


When the man who created Napster and helped launch Facebook talks, the tech industry listens.

And when Sean Parker and partner Shawn Fanning tease something new called Airtime, techies fall all over themselves to see what the next great innovation will be.

But then, at a fancy launch event featuring celebrities such as Alicia Keys and Snoop Dogg, Parker announces that it’s … basically, a random Web chat tool.

Cue the collective, “Huh?”

It didn’t help that, at that fancy event, Airtime crashed over and over again. Or that folks had a hard time seeing how it would be different than Chatroulette (although Parker promised more users would actually be wearing pants).

In October, Parker admitted that Airtme, launched with more than $33 million in backing, had just 10,000 active users. (That’s $3,300 spent per user, if you’re scoring along at home.)

“Running a startup is like eating glass,” he said at the All Things D conference. “You just start to like the taste of your own blood.”


Online coupons

“These aren’t your grandma’s coupons!” the digital generation so brashly declared.

With their mobile apps and irreverent style, daily-deal offerings such as Groupon and Living Social were all the rage as 2012 dawned.

Now? Um, not so much.

Groupon, perhaps the best-known player in the field, watched its value plummet 79% in 2012. Its stock value dropped about three-quarters since opening in November 2011 as high-profile investors washed their hands of it.

And this is the company Google reportedly tried to buy for $6 billion in 2010.

LivingSocial, meanwhile, announced last month it was laying off 400 people. That’s after announcing months of revenue losses.

So what happened? Inbox fatigue made some users stop checking the deals. A glut of offers you don’t care about (pottery classes?) can make your eyes glaze over. And some businesses quit making offers, saying they never saw the promised returns on their investment.

Nexus Q

When Google gets something right, they get it really, really right.

Redefining Web search? Yep. World’s leading mobile system? Check. A car that drives itself? Vroom!

But some of the Big G’s outings in the gadget world have hit with a thud. Enter … the Nexus Q.

The size and shape of a Magic Eight Ball, the Nexus Q is (or was … it’s hard to say) a media streamer that uses Android to play audio and video. It’s also made in the United States, no small thing in a world where virtually all gadgets come from China.

Unfortunately, in the grand tradition of Google Wave, nobody really knew what it was when it was released in June. Its release date was pushed back and, eventually, Google just gave everybody who pre-ordered a free one.

The Q has not officially been canned. But on Google’s online store, the never-released gadget is listed as “not available at this time.”

Read More

As the debate over gun control continues to rage in the wake of the Sandy Hook shootings in Connecticut, a suburban New York newspaper fanned the flames by publishing a controversial interactive map listing the names and addresses of gun-permit holders in Westchester and Rockland Counties. The article, “The gun owner next door: What you don’t know about weapons in your neighborhood,” was published by the White Plains-based Journal News and on its affiliated website, The paper noted that the map uses data obtained from a Freedom of Information Act request and cautioned that “being included in this map does not mean the individual at a specific location owns a weapon, just that they are licensed to do so.”

The reaction: This is outright intimidation, says Ben Shapiro at “Publishing the names and addresses of gun owners makes them more vulnerable to robbery when they aren’t at home, since criminals will know where the guns are.” On the contrary, says conservative radio host Tammy Bruce on Twitter, the Journal News’ map “reveals to criminals which homes *are not* protected by firearms.” Regardless of who is put in the most danger by this map, this is “unforgivable,” tweeted Town Hall’s Katie Pavlich. “Time to publish the names and addresses of everyone who works at the Journal News.” Amid the controversy, the newspaper has defended its decision. “We knew publication of the database would be controversial but we felt sharing as much information as we could about gun ownership in our area was important in the aftermath of the Newtown shootings,” said the Journal News’ editor CynDee Royle in a statement. While “any member of the public has a right to inquire about a specific person as to licensure status,” said Journal News reader Mark T. Hoops, a “newspaper does not have the right to ADVERTISE this information WHOLESALE. What you have done is reprehensible.”

View Source

The Defense authorization bill approved by Congress last week would require contractors to tell the Pentagon about penetrations of company-owned networks that handle military data. If President Obama signs the legislation into law, it would make permanent part of a Pentagon test program under which participating contractors report computer breaches in exchange for access to some classified cyber threat intelligence.

What began as a defense industrial base pilot program in 2011 was opened to all interested military vendors in May. In October, reports surfaced that five of the 17 initial contractors dropped out of part of the program in which the National Security Agency shares classified threat indicators with the participants, apparently because they concluded the requirements for participation were too expensive and time-consuming for any enhanced security benefit. At the time, Lockheed Martin Corp. executives who help run the program noted the growth potential of another segment of the program that allows contractors to voluntarily share information about breaches to their networks without revealing identifying information to fellow contractors and the government. Now they say interest in the whole program is increasing.

On Wednesday, Defense officials provided contradictory information about the popularity of the classified service. The number of participants in that component, called the Defense Industrial Base Enhanced Cybersecurity Services, or DECS, has not changed, said Pentagon spokesman Lt. Col. Damien Pickart. “Today, 12 DIB companies continue to receive DECS services,” he said, referring to the same total reported in October.

The new mandate would arrive as Congress and the White House grapple with requiring similar communications across all critical sectors, including the energy, healthcare and defense industries. Obama as early as January is expected to issue an executive order, which doesn’t carry the heft or permanence of law, directing those sectors to report incidents and adhere to new cybersecurity standards.

But the Defense legislation stops short of requiring participation in the industrywide information-sharing program. And it does not address the Pentagon’s end of the deal, in which NSA shares classified warnings of imminent threats.

That second part basically reveals to contractors, or their Internet service providers, digital footprints of malicious software so antivirus scans can block the malware. The program’s regulations state that, in exchange for this intelligence, contractors must disclose breaches they have suffered “within 72 hours of discovery.”

Congress’s measure only states that contractors are mandated “to rapidly report” to the Defense Department each “successful penetration of the network or information systems” carrying military data.

Earlier last week, Lockheed Martin executives said the whole voluntary program has flourished since the October reports of dropouts. The executives said they are not concerned about those departures and anticipate the program will grow.

It is believed the departing defense contractors, some of whom specialize in cyber defense, felt NSA’s intelligence was no more valuable than their own detective work.

But officials at Lockheed Martin, which is itself a major cybersecurity player and program participant, said the company is benefiting from the openness.

“We have a strong knowledge base but nobody is above learning from other people,” said Robert F. Smith, vice president of space and cyber for Lockheed Martin. “Everybody is better off when they get more information.”

However, Defense officials on Monday said that only the unclassified information-sharing component, which circulates non-identifying reports about company network penetrations, has attracted new members. That piece of the program has grown from 34 to 70 contractors, with new companies joining weekly, Pickart said. The department has “developed an outreach strategy” to encourage membership in both program elements, he said. But “it is a business decision whether to voluntarily participate or not” in the classified service, Pickart stressed.

The five contractors that left might rejoin if they can lessen the financial burden by applying the protections without an ISP, he added.

Lockheed has been tasked with, among other things, expanding the program to potentially 2,600 defense contractors, although it’s not clear how many of those will participate. On Monday, Lockheed spokesman Ken Darby said in an email that “under the DoD’s direction, we cannot release the number of companies participating in the program.” The total number of companies has grown since May, he reiterated, “and the fact that the total continues to increase demonstrates the value of the program.”

View Source

Russia, India Sign Weapons Deals Worth Billions

Russia and India signed weapons deals worth billions of dollars Monday as President Vladimir Putin sought to further boost ties with an old ally.

Putin and Indian Prime Minister Manmohan Singh hailed cooperation between their countries as officials signed a $1.6 billion deal for 42 Sukhoi Su-30 fighter jets that will be license-built in India from Russian components and a $1.3 billion contract for the delivery of 71 Mil Mi-17 military helicopters.

“We agreed to further strengthen the traditions of close cooperation in the military and technical areas,” Putin said after the signing.

Singh said the talks included discussions on the security situation in the region, including Afghanistan.

“India and Russia share the objective of a stable, united, democratic and prosperous Afghanistan, free from extremism,” Singh told reporters after the talks.

Russia and India have shared close ties since the Cold War, when Moscow was a key ally and the principal arms supplier to New Delhi.

The ties slackened after the collapse of the Soviet Union, but grew stronger again after Putin came to power in 2000, seeking to revive Moscow’s global clout and restore ties with old allies.

While the volume of Russian-Indian trade has risen sixfold since 2000 and is expected to reach $10 billion this year, the growth has slowed in recent years. And even though India remains the No. 1 customer for Russia’s arms industries, Moscow has recently lost several multibillion-dollar contracts to Western weapons makers.

Russia has maintained its strong positions in the Indian market with $30 billion worth of arms contracts with India signed in 2000-2010 that envisaged supplies of hundreds of fighter jets, missiles, tanks and other weapons, a large part of which were license-produced in India. The countries have cooperated on building an advanced fighter plane and a new transport aircraft, and have jointly developed a supersonic cruise missile for the Indian Navy.

But the military cooperation has hit snags in recent years, as New Delhi shops increasingly for Western weapons. The Indians also haven’t been always happy with the quality of Russian weapons and their rising prices.

In one notable example, in 2004 Russia signed a $1 billion contract to refurbish a Soviet-built aircraft carrier for the Indian Navy. While the deal called for the ship to be commissioned in 2008, it is still in a Russian shipyard and the contract price has reportedly soared to $2.3 billion. The target date for the carrier’s completion was moved back again this year after it suffered major engine problems in sea trials. Russian officials now promise to hand it over to India in the end of 2013.

India has also demanded that Russia pay fines for failing to meet terms under a 2006 contract for building three frigates for its navy, the third of which is yet to be commissioned.

Russia recently has suffered major defeats in competition with Western rivals in the Indian arms market.

Last year, Russia lost a tender to supply the Indian Air Force with 126 new fighter jets worth nearly $11 billion to France’s Dassault Rafale. And last month, Boeing won India’s order for a batch of heavy-lift helicopters worth $1.4 billion.

Russia has sought to downplay recent defeats of its arms traders, saying that other weapons deals with India are under preparation.

Read More

The FTC updates rules tied to the Children’s Online Privacy Protection Act, or COPPA, but the changes won’t really affect companies like Apple or Facebook.

The Federal Trade Commission today moved to make a key children’s online privacy law more up-to-date in a world of smartphones and social networks.

The agency has approved amendments to the regulations implementing the Children’s Online Privacy Protection Act, or COPPA, that would require apps and Web sites that target children to obtain parental consent before collecting geo-location information, or photos, videos or audio files that include a child’s image or voice. The law was also expanded to cover services that track kids’ online activity — namely, which sites they visit — and then give the information to third-parties, like advertisers.

“The Commission takes seriously its mandate to protect children’s online privacy in this ever-changing technological landscape,” said FTC Chairman Jon Leibowitz in a statement. “I am confident that the amendments to the COPPA Rule strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities.”

But Apple and Facebook, the biggest companies associated with apps and social media, may not feel much of an effect at all.

The changes, the first since the law took effect in 1998, apply only to sites that specifically target children. They don’t apply to third-party plug-ins — such Facebook’s “Like” button — or ad networks, unless the companies behind them have “actual knowledge” that they are collecting information from a service that’s specifically for children.

The commission defines those who have “actual knowledge” as a third-party that has been told directly its plug-in or advertisement is on a site for children, or if the third-party company recognizes that the site is specifically for kids, according to the updated rules (PDF).

Then there are app platforms like Apple’s App Store, the largest single source of apps in world. Platforms like Apple’s won’t have to make sure they sell apps that follow the new law. But apps made available there are hardly untouchable. On Monday, for instance, Nickelodeon removed a SpongeBob app from the Apple App Store after an an advocacy group filed a complaint with the FTC alleging that the game violated children’s online privacy rights by collecting their e-mail addresses without parents’ permission.

And the rule changes themselves may prove vulnerable to challenge in court or in Congress. “I believe a core provision of the amendments exceeds the scope of the authority granted us by Congress in COPPA, the statute that underlies and authorizes the rule,” commissioner Maureen Ohlhausen wrote in her dissenting statement. “I do not believe that the fact that a child-directed site or online service receives any kind of benefit from using a plug-in is equivalent to the collection of personal information by the third-party plug-in on behalf of the child-directed site or online service.”

The FTC has the support of at least one key figure on Capitol Hill. Jay Rockefeller, a Democrat from West Virginia and the chairman of the Senate Commerce Committee, issued a statement today saying that the changes were “long overdue,” and necessary for a world filled with smartphones, apps and social network. He said he would “determine if Congress should act to make further changes in the law” –

The new rule puts all online companies on notice, no matter who they are, that they are required to comply with the law. Under the new rule, when a children’s website or application allows third-parties to collect information from children, those websites and apps will be liable under COPPA.

Furthermore, those third-parties will also be held liable if they know they are collecting information on websites or apps directed toward children.

The changes come after the FTC released a report last week slamming the app industry for not providing parents enough information about privacy. The report encouraged app companies to develop best practices to ensure parents were educated on privacy options.

The new rules are set to go into effect July 1, 2013.

View Source

Mobile and Mac malware burbles noxiously, data breaches and data mining will cause more havoc with your privacy, and the Web will continue to suffer the ignominy of poorly-written, Swiss-cheesed code as security experts predict lessons from 2012 go unlearned in 2013.

The Internet is slowly changing, and security experts say that today’s security issues will continue to be major players in driving that change. Here are four trends that dominated headlines in 2012, and will continue to play a major role in 2013.

The Internet as governmental tool

The collective realization by governments around the world that the Internet is an excellent network for conducting surveillance, monitoring, espionage, and war, says Finnish computer security firm F-Secure’s Chief Technical Officer Mikko Hypponen, may not come to full fruition in 2013. But the foundation for that change is already underway.

“There will be more operations along the lines of Olympic Games, also from other sources than US and Israel. Later on, we might look back at these first 20 years of the Web as the Golden Days, when the net was still free,” he wrote in an e-mail to CNET. “Olympic Games” is the covert inter-government project that reportedly birthed Stuxnet, Duqu, and Flame.

Information security expert Chris Wysopal agreed that “cyber-warfare” is becoming commonplace. “When there’s a political or actual war event, we’re seeing cyber-attacks parallel that. It does seem to be more pronounced. It’s almost not newsworthy, as if we expect it to happen alongside a political event.”

Take that in for a moment. Government-sponsored, computer-based attacks, as “almost not newsworthy,” he said.

But just because these attacks are becoming more frequent doesn’t mean that they don’t stymie security researchers. Tomer Teller, a security evangelist and researcher at Check Point, said that he was surprised this year by the rise of “precision-targeted attacks.”

“We saw that with Gauss this year, from the Stuxnet family. It had an encrypted payload, and researchers couldn’t decrypt it,” Teller said.

Tim Rains, the director of Microsoft’s Trustworthy Computing division, pointed out that these governmental actions have consequences beyond the nuclear reactors of Iran and other industrial targets.

“Eighty-five percent of the exploits against operating systems tried to take advantage of one of the vulnerabilities that Stuxnet used. A very small fraction of malware uses “zero-days,” so we’re seeing commodity malware writers benefits from the research of professionals,” he said. “It was a trend in 2012, and we’ll continue to see that in the next year.”

More mobile devices, bigger targets

Experts have been talking up mobile security for several years now, and as mobile device proliferation continues, so will the security problems associated with them. Because the problems are mobile and always-connected in nature, the security challenges will become more complex in 2013, experts told me.

Lookout Mobile Security’s senior product manager, Derek Halliday, noted two interesting trends that his company saw in 2012. Lookout predicted and saw in 2012, “only a few dominant kinds of mobile malware,” he said.

Microsoft’s Rains agreed. “[The Looter exploit] is responsible for the second-most highest number of mobile threats we saw.”

Halliday added, “The other thing was how geographic specific these threats were. We were surprised by the stark contrast between the U.S. and say Russia or China. If you try to run a toll fraud application at scale in the U.S., you’ll encounter some problems — a double-opt in message, government intervention,” he said.

Another point Halliday made was that while Android 4.2 is the most secure yet, with numerous security improvements, operating system fragmentation will prevent it from reaching most people until late 2013.

On the other hand, said Wysopal, the impact of mobile malware is definitely growing. “In 2012, half a percent of all mobile users got hurt by mobile malware in the U.S. That’s a million people, not an insignificant number. It’s a trend that is happening slower than expected, but it’s not going to go away.”

The malware problem is likely to remain isolated from Apple’s iOS, according to Hypponen. “There’s still no iPhone malware. Five years after shipping one of the most popular systems, they have no malware problem at all. That’s a major accomplishment by Apple. Job well done.”

Read More

“The only thing that can stop a bad guy with a gun is a good guy with a gun,” claims the NRA’s Wayne LaPierre

In what was supposed to be a “defining moment” for the organization, the National Rifle Association held a rare press event on Friday afternoon — offering its first public comments since last week’s horrifying school shootings in Newtown, Conn., which claimed the lives of 26 victims, including 20 young children. “While some have tried to exploit the tragedy for political gain, we have remained respectfully silent,” said NRA executive vice president Wayne LaPierre. “For all the noise and anger directed at us over the past week, nobody has addressed the most important pressing and immediate question we face. How do we protect our children right now, starting today, in a way we know works?”

The answer, the NRA says, is more guns.

“Think about it. We care about our money, so we protect our banks with armed guards,” LaPierre said. “We care about our president, so we protect him with armed secret service agents.” Yet when it comes to our children, “we as a society leave them utterly defenseless, and the monsters and predators of the world know it and exploit it.”

To avoid future violence in schools, the NRA wants to put armed security in every school under a new National Model School Shield Program, and is calling on Congress to act immediately. “The only thing that can stop a bad guy with a gun,” said LaPierre, “is a good guy with a gun.” (Read Slate’s take on how much this plan might cost.)

LaPierre also called for a nationally instituted database for the mentally ill, and cast aspersions on a supposed “shadow industry” of violent video games and movies like Mortal Kombat (1992) and Natural Born Killers (1994). “Isn’t fantasizing about killing people as a way to get your kicks the dirtiest form of pornography?” he asked.

Two protesters interrupted LaPierre’s speech, and both were removed from the event. Association president David Keene told the media in attendance that there would be no questions at what was originally billed as a press conference.

Read More