Researchers at Duo Labs bought a "stack" of OEM laptops and audited the preinstalled shovelware they came with, looking specifically at the security implications of the default settings.
They found a hot mess. Hardware companies are still installing man-in-the-middle certificates, even after Lenovo and Dell were pilloried in the press for doing just this.
There are a host of other problems, though. Most interesting is that McAfee's "security" software emits a tracking beacon that appears to be gathering data for targeted advertising. Remember, it used to be that if you weren't paying for a product, you were the product; but today, even if you pay for the product, you're still the product.
One particular finding: McAfee is using web bugs that can be used to track and serve advertising to users. In our opinion, this is the only purpose these web bugs serve. In addition, it is against security best practices to trust third party sites and allow them to load content. It puts users at risk and benefits only the vendor and advertisers.
Bring Your Own Dilemma: OEM Laptops and Windows 10 Security
[Mark Loveless/Duo Labs]
Philips has acquired Luciom, a French startup that makes Li-Fi products, which allow for very fast network connections over short distances by flickering an LED at speeds that are too fast to register on the human eye, and which can ever work in the dark by operating at low dimness settings the human eye perceives […]
Many insurers offer breaks to people who wear activity trackers that gather data on them; as Cathy “Mathbabe” O’Neil points out, the allegedly “anonymized’ data-collection is trivial to re-identify (so this data might be used against you), and, more broadly, the real business model for this data isn’t improving your health outcomes — it’s dividing […]
As the US government ramps up its insistence that visitors (and US citizens) unlock their devices and provide their social media accounts, the solution have run the gamut from extreme technological caution, abandoning mobile devices while traveling, or asking the government to rethink its policy. But Maciej Cegłowski has another solution: a “travel mode” for […]
Although there will never be a consensus about the best way to make coffee, any coffee connoisseur will agree that controlling the grind of your beans and balancing water temperature are the keys to a tasty cup. Since your plastic coffee pot doesn’t really allow for that kind of customization, going back to the French […]
Not all hackers are malicious information thieves—white-hat ethical hackers work with technology companies to ensure the security of their computer systems and user data. With all of today’s high-profile data breaches, ethical hackers are in considerable demand. To learn these critical skills and break into the high-paying cyber security field, try taking the courses in this […]
Making people aware of goods and services in the digital age requires an array of new strategies from social media and email to number-crunching tools like Google Analytics. To get a handle on the techniques used to capture attention and convert traffic into dollars in a crowded online environment, the Full-Stack Marketer Bundle offers 22 hours of training to get […]