The European Commission is preparing a software source code security audit on two software solutions, Apache HTTP server and Keepass, a password manager. The source code will be analysed and tested for potential security problems, and the results will be shared with the software developers. The audits will start in the coming weeks.
The security test is the next phase in the pilot project, involving the IT departments of both the Commission and the European Parliament.
The choice for Apache HTTP Server and Keepass is the result of a public survey. Between 17 June and 8 July, the EU-FOSSA project asked the public to help select the most-appropriate software solution, based on a pre-selection of open source solutions in use at the two European institutes. The survey received 3282 comments, with respondents favouring Keepass and Apache HTTP Server.
Today, EFF joined a broad coalition of other public interest groups at Democratic Leader Nancy Pelosi's office in San Francisco, to present her with a petition carrying an incredible 209,419 signatures with a request to oppose the introduction of the Trans-Pacific Partnership (TPP) during the post-election "lame duck" session of Congress. And with your help, we succeeded! In a letter that she handed us at our meeting, Leader Pelosi wrote:
As Congress and the American people review the finalized terms of the Trans Pacific Partnership (TPP), we must put American workers first to allow our economy to grow and America to succeed. Please be assured that I will oppose the TPP as it is currently written or any deal that attempts to separate commerce from the environment and will work to ensure that our nation's trade policies include increased transparency, more consultation, and stronger protections to create jobs, strengthen human rights, and preserve the environment.
Thank you, Leader Pelosi, for standing up for users to block this undemocratic, anti-user deal. Combined with the stated opposition to the TPP of both presidential candidates, and the likelihood that other House Democrats will follow Leader Pelosi's courageous lead, it is now significantly less likely that the TPP will be introduced during the lame duck session, or if introduced, that it will pass the House.
Even though the Federal Communications Commission has repeatedly said that wireless and landline phone providers are allowed to offer robocall-blocking services to their customers, some carriers have continued to incorrectly insist — and provide misinformation to consumers — that they simply don’t have the authority to deploy this technology. In an effort to make things clear once and for all, FCC Chair Tom Wheeler has sent letters to these companies that there are no regulatory roadblocks stopping them from helping their customers stop annoying — often illegal — automated and prerecorded robocalls.
“Nothing in the Commission’s rules and orders prevents [phone companies] from offering customers robocall blocking technology,” writes Wheeler in letters to the chief executives at AT&T, CenturyLink, Frontier, Sprint, T-Mobile, U.S. Cellular, and Verizon. “I strongly urge you to offer your customers robust call blocking at no cost.”
Between the Do Not Call List and rules prohibiting private robocallers from sending prerecorded messages or texts without having received prior consent, robocalling as a legitimate-but-annoying telemarketing tool has virtually disappeared. Yet complaints about robocalls continue to grow in number, indicating that most of these calls are being placed illegally, often by scammers.
Apple's legal battle over encryption dominated headlines earlier this year, but another tech giant is fighting a quieter legal war over user privacy: Microsoft. It won a major victory last week, when the U.S. Court of Appeals for the 2nd Circuit sided with the company, ruling that a U.S. warrant could not be used to force Microsoft to turn over email data stored in an Irish data center. The decision, which the Justice Department is considering appealing to the Supreme Court, could have major implications for tech companies who routinely move data around the world so it can be backed up or quickly accessed by users.
The Washington Post talked with Microsoft president and chief legal officer Brad Smith about the case and the company's other privacy efforts. This interview has been edited for length and clarity.
If you don’t already have iOS 9.3.3, you better download and install it — quick.
Cisco Talos, a security and research group, recently discovered a bug in Mac and iPhones that allows hackers to steal passwords with a single text message. The researchers at Cisco Talos alerted Apple, and the tech company immediately worked on a patch, which was released this week.
“This is very high severity issue,” Craig Wiliams, head of global outreach at Cisco Talos, told Fortune. “The fact that you have an exploit without any user interaction makes me very concerned.”
Although the iOS update is out, it doesn’t automatically install itself — people who own iPhones have to download and install the update themselves.