Your smartphone knows your location well enough to send a car to where you’re standing in a busy city, map a morning run through the woods, or navigate inside an airport.

But if you call 911 from that same mobile phone, emergency responders will only have a vague sense of where to send an ambulance, fire truck, or police car.

The difference in distances can be the difference between life and death.

Apple is rolling out a new feature in its next iPhone software update to send emergency responders instant, precise location information in the US. The update, coming in iOS 12 later this year, calculates a caller’s location based on data collected from WiFi access points, nearby cellular towers, and GPS.

The tricky part isn’t finding out where a caller is — Apple has been using its hybrid location technology since 2015 — but relaying that information to a fragmented and aging 911 system built for landlines.

Of the 240 million calls made to 911 each year, more than 80% are from mobile devices, according to NEMA.

Apple is working with a startup called RapidSOS, which specializes in sharing a cell phone’s location information to the major programs used by the 6,300 emergency response departments across the US. RapidSOS offers its integration as a free software update to existing 911 dispatch systems.

http://money.cnn.com/2018/06/18/technology/apple-911-location/index.html

OTTAWA–Canada’s electronic spies have been given almost total responsibility for defending the federal government’s computer networks against cyber attacks and hacks.

Under the Liberal government’s updated cyber security plan, released Tuesday, the Communications Security Establishment (CSE) will become a “one-stop shop” for defending federal networks and systems.

The federal government has announced the establishment of a new Canadian Centre for Cyber Security. Public Safety Minister Ralph Goodale says the centre will provide expert support to governments, businesses and individuals. (The Canadian Press)

“(We’ll) be defending Government of Canada networks, unlike (our assistance) to the private sector where we’ll typically be providing advice and guidance,” Scott Jones, the head of CSE’s IT Security branch, told the Star.

“It’ll be an integrated defence for any Government of Canada organization.”

Currently the responsibility to protect the federal government’s networks is shared by multiple agencies. CSE already has an IT security role, in addition to its mandates to spy on foreign governments and individuals and assist domestic law enforcement.

Article Continued Below

But under the Liberals plan, CSE’s cyber security division would be transformed into the Canadian Centre for Cyber Security. The plan means an influx of cyber security staff at the spy agency, and $155.2 million over five years to get the centre up and running.

https://www.thestar.com/news/canada/2018/06/12/canadas-spy-agency-expands-its-cyber-security-role.html

 

As part of efforts to bolster the nation’s readiness to deal with health disasters and emergencies – natural and man-made – Congress is considering beefing up the focus on healthcare sector cybersecurity issues in legislation to reauthorize the Pandemic and All-Hazards Preparedness Act, which was enacted in 2006.

A Wednesday hearing of the House Energy and Commerce Committee’s Subcommittee on Health focused on bipartisan draft legislation, the Pandemic and All-Hazards Preparedness Reauthorization Act of 2018 introduced by Rep. Susan Brooks R-Ind., and Rep. Anna Eshoo, D-Calif.

The legislation seeks to beef up the nation’s ability to prepare for and respond to health threats from infectious diseases, bioterrorism, chemical attacks, radiological emergencies and cybersecurity incidents.

https://www.databreachtoday.com/congress-considers-ways-to-beef-up-healthcare-cybersecurity-a-11060

Facebook said Thursday that a software bug made some private posts public for as many as 14 million users over several days in May.

The problem, which Facebook said it has fixed, is the latest privacy scandal for the world’s largest social media company.

It said the bug automatically suggested that users make new posts public, even if they had previously restricted posts to “friends only” or another private setting. If users did not notice the new default suggestion, they unwittingly sent their post to a broader audience than they had intended.

Erin Egan, Facebook’s chief privacy officer, said the bug did not affect past posts. Facebook is notifying users who were affected and posted publicly during the time the bug was active, advising them to review their posts.

The news follows recent furor over Facebook’s sharing of user data with device makers, including China’s Huawei. The company is also still recovering from the Cambridge Analytica scandal, in which a Trump-affiliated data-mining firm got access to the personal data of as many as 87 million Facebook users.

http://vancouversun.com/pmn/business-pmn/facebook-made-some-private-posts-public-for-as-many-as-14m/wcm/7d218096-36fb-47fd-8311-93d2094b02db

“Really, some cyber experts don’t go to sleep without putting their key into a metal container,” said Moshe Shlisel, a veteran of the Israeli Air Force and now CEO of GuardKnox Cyber Technologies. “It’s called a Faraday Cage. You block the electromagnetic field.”

Copying code from vehicle key fobs is easy. Tech thieves can do it from outside your home or a motel. Then they can steal a vehicle or just gain access without owners realizing they’ve been violated.

Cybersecurity companies, including the team at GuardKnox, are working with the Detroit Three and automakers globally to create protections that deter hackers who covet new cars and the data stored in them.

 

https://www.seattletimes.com/business/why-you-should-keep-your-car-keys-in-a-metal-coffee-can/

Making statistically informed guesses about Americans’ political beliefs and pet issues is a common business these days, with dozens of firms selling data to candidates and issue groups about the purported leanings of individual American voters.

Few of these firms have to give your data. But Cambridge Analytica is required to do so by an obscure European rule.

How You Can Request Your Data From Cambridge Analytica:

1. Visit Cambridge Analytica’s website here and fill out this web form.
2. After you submit the form, the page will immediately request that you email to data.compliance@cambridgeanalytica.org a photo ID and two copies of your utility bills or bank statements, to prove your identity. This page will also include the company’s bank account details.
3. Find a way to send them 10 GBP. You can try wiring this from your bank, though it may cost you an additional $25 or so — or ask a friend in the UK to go to their bank and get a cashier’s check. Your American bank probably won’t let you write a GBP-denominated check. Two services I tried, Xoom and TransferWise, weren’t able to do it.
4. Eventually, Cambridge Analytica will email you a small Excel spreadsheet of information and a letter. You might have to wait a few weeks. Celeste LeCompte, ProPublica’s vice president of business development, requested her data on March 27 and still hasn’t received it.

https://www.propublica.org/article/how-to-wrestle-your-data-from-data-brokers-silicon-valley-and-cambridge-analytica#143274

Owners of Quebec-based ticket reseller 514-BILLETS have agreed to offer $10 rebate coupons to 7,500 clients in the first application of Canada’s anti-spam law involving unsolicited messages sent to mobile phones.  The Canadian Radio-television and Telecommunications Commission alleged that 514-BILLETS violated the law by sending text messages without the consent of recipients.  It also alleged the ticket reseller didn’t identify the person who sent the messages or provide information so that recipients could contact the sender.

 The 514-BILLETS service primarily resells tickets for sporting and cultural events.  It is owned by two numbered companies — 9118-9076 QUEBEC INC. and 9310-6359 QUEBEC INC. — which have agreed to pay $75,000 in rebates and $25,000 to the federal government to settle the case.

 The CRTC said the companies will also appoint an officer responsible for making sure the organization complies with Canada’s anti-spam law, which lays out the conditions for sending electronic communications.  “Today’s announcement demonstrates our comprehensive approach to reduce unsolicited communications sent to Canadians, whether via email or text message,” said Steven Harroun, CRTC chief compliance and enforcement officer.

http://digital.timescolonist.com/epaper/viewer.aspx

TORONTO — Yahoo’s parent company has dropped a controversial new term of service that would have required its Canadian users to share data from their friends and contacts, including phone numbers, with the U.S.-based multinational group.

The Office of the Privacy Commissioner confirmed Tuesday that the company known as Oath, which owns Yahoo, Tumblr, AOL, Huffington Post and other businesses, had agreed to remove the clause following complaints.  People who used the Yahoo email service provided with their Rogers accounts were among the first to complain about the clause, which was within Oath’s recently revised terms of service.  Terms of service, in general, outline the legal obligations of the provider and the user. In the case of Oath, which operates on a global scale, there were sections specific to different countries and regions.

Rogers Communications Inc. issued a statement Tuesday saying it knows some customers had concerns about Yahoo’s clause related to personal contacts “so we are pleased it was removed.”  “We are working with our customers to address their questions and help them use Yahoo’s opt-out settings to customize their email preferences,” the Toronto-based cable, internet, wireless and media company said in a statement.

The privacy commissioner’s office in Ottawa said Tuesday it has launched an investigation involving Rogers, Yahoo and Oath.  A statement from Oath on Tuesday said that section of the terms of services “made clear to our users” that the consent was required “when they chose to have Yahoo Messenger invite their friends to the app.”  “Upon further review, we’ve removed this section of our terms of service as the functionality does not currently exist in our product offerings.”

Oath’s statement also said that it didn’t use the contact information for advertising purposes.

http://www.timescolonist.com/yahoo-and-parent-oath-remove-canada-specific-clause-from-terms-of-use-1.23286941

 

 

Almost a third of Canadian businesses unknowingly divulged sensitive information — including customer data — to phishing scams in 2017.

According to the first Canadian Internet Security Survey conducted by the Canadian Internet Registration Authority (CIRA), this can be traced to a large gap between cybersecurity awareness and personal protection.

“Cybersecurity, whether it be for your home, your business or your corporation, is a prominent subject across all sectors … but the education associated with that is not a one-stop shop. It’s a long, complex process,” said Dave Chiswell, VP of product development at CIRA said in an interview.

While all businesses face cybersecurity challenges as attacks grow more sophisticated, small businesses without the resources to invest in expensive precautions often leave themselves vulnerable to these attacks, Chiswell said.

The report states that 77 per cent of small businesses that own their own domain are concerned about becoming the victim of cybercrime, but 36 per cent of respondents surveyed are not currently investing any money in protecting against cybercrime.

“The vast majority of internet users are uneducated, so there’s lots of low-hanging fruit for bad people on the internet,” Chiswell explained.

According to the general manager of Symantec Canada, Ajay K. Sood, small businesses and individual consumers are “woefully outgunned” when it comes preventing online security breaches.

“It’s not a question of whether you can be breached, it’s a question of whether you’re interesting enough to be breached,” said Sood.

Sood adds that the growing complexity of cybercrime makes preventing these attacks especially difficult for small businesses with limited resources. The simplest attacks, such as email phishing scams, can have devastating consequences for small business owners and consumers who don’t know how to recognize them.

“Phishing is low tech, it’s just sending an email. But it’s also high crime,” Sood explained.

The CIRA report also goes on to state that awareness about cybercrime is growing, but this hasn’t been accompanied by a decrease in attacks as one might expect. Sood explained why increasing awareness is actually likely to be followed by an uptick in successful attacks.

“At the end of the day, as awareness grows of attacks and cybercriminals, the attack surface is also growing. The more people coming into technology, the greater attack surface you have,” he said.

While it’s become increasingly difficult to prevent a cyber attack, both Chiswell and Sood have suggestions for small business owners looking to increase their security.

Chiswell advised business owners to sign up with a security provider that’s well known and trusted. Sood on other hand urged Canadians to train themselves to recognize at least a handful of potential attacks.

For example, Sood explained that phishing emails usually promise users some extreme benefit for opening their email, such as a large sum of money or other reward, and warn of a detrimental consequence for ignoring it.

“Cyber has to be considered a general threat. What I’m really talking about is a culture change,” said Sood.

Canadian small businesses ‘woefully outgunned’ in battle with cybercrime: experts

Senior officials at the White House, including ousted communications director Anthony Scaramucci, were duped by an email prankster after being sent a series of messages that appeared to come from other top aides in the Trump administration, CNN first reported Monday night.  The anonymous prankster, who lives in Britain and tweets using the handle @SINON_REBORN, reportedly posed as White House Chief of Staff Reince Priebus in one of the email chains to Scaramucci shortly after Priebus announced his resignation last week.  “At no stage have you acted in a way that’s even remotely classy, yet you believe that’s the standard by which everyone should behave towards you?” a mock Priebus emailed. “General Kelly will do a fine job.  I’ll even admit he will do a better job than me.  But the way in which that transition has come about has been diabolical.  And hurtful. I don’t expect a reply.  ”Scaramucci replied: “You know what you did.  We all do.  Even today.  But rest assured we were prepared.  A Man would apologize.”  He later went on to tell the prankster (thinking it was still Priebus) to “Read Shakespeare.  Particularly Othello.”  Scaramucci was also sucked into an exchange with a fake Jon Huntsman, the former Utah governor who was chosen last month to be the U.S. ambassador to Russia. The real Huntsman was also tricked by a fake Eric Trump, and the real Eric Trump was emailed by a fake Donald Trump Jr., although the younger son of the president later said he forwarded the messages to authorities.

The prankster was able to successfully pose as President Donald Trump’s son-in-law, Jared Kushner, in an email sent to homeland security adviser Tom Bossert.  The message from a fake Kushner included an invitation to “a bit of a soirée” alongside promises of “food of at least comparible [sic] quality to that which we ate in Iraq.”  “Should be a great evening,” the note ends.  “Thanks, Jared.  With a promise like that, I can’t refuse,” Bossert wrote back, according to the email obtained by CNN.  He also included his personal email address, which CNN redacted.  CNN obtained the emails from the prankster and confirmed their authenticity with the White House. Press Secretary Sarah Huckabee Sanders responded that the White House was investigating the cyber-spoofing.

http://www.huffingtonpost.ca/entry/white-house-aides-tricked-email-prankster_us_59800071e4b00bb8ff391b7e