Category: Uncategorized

A 5-minute high-definition music video can easily take up a space of more than 45 megabytes but an mp3 file of the same length, say, at a bitrate of 128 kbps, may just consume 5 megabytes of mobile storage, that is 9 times lesser.

If your mobile storage is running out due to keeping many video files, it’s time to convert them into audio to save space when you just want to play or share music files without needing videos.

To do that, many converters are available for you but Video to MP3 Converter offered by AccountLab is one of the most popular with more than 10 million downloads from the Google Play Store.

The Converter is very easy to use for average users with a slider to adjust the sound quality without bothering the terms of VBR and CBR. For more demanding users, it provides a selection of various bitrates for sound encoding in advanced mode.

As a bonus, the app also incorporates a video cutter and an audio cutter, both are easy to operate.

The app available on Android devices is free to download and use with supporting ads  Read More

Read the Full Article here: >Gizmos Freeware Reviews

An Internet of Things (IoT) solution offers a multitude of business benefits from decreased operational costs to new revenue streams. But it also comes with a host of security considerations, including an ever-changing array of regulatory compliance requirements, demanding expert navigation and acute attention to detail.

Below I’ve listed some of the critical questions to ask when deploying a secure IoT solution. To learn more about IoT security, be sure to register for the IoT in Action event in San Francisco on February 13.

How secure are your things?

For starters, the actual devices must be secure. In the next few years, a new wave of innovation will drive down costs and inundate the market with internet-connected devices in every price range, from electronic toys to manufacturing sensors. In anticipation of this, my Microsoft colleagues have identified The seven properties of highly secure devices. I have listed out each of these properties below, along with the fundamental questions you must ask:

1. The hardware-based root of trust: Does each device have a unique identity that is inseparable from the hardware?
2. Small trusted computing base: Is most of the device’s software outside its trusted computing base?
3. Defense in depth: Does your device software have multiple layers of protection built-in?
4. Compartmentalization: Are you using hardware-enforced barriers to stop failures from propagating to other components?
5. Certificates-based authentication: Do your devices use certificates (vs. passwords)?
6. Renewable security: Can the device’s software be updated automatically to a more secure state?
7. Failure reporting: Do you have a solution in place to report software failures to the manufacturer?

How secure are your connections? 

More to the point, when you’ve got a bunch of devices talking to each other over the internet, how will you safeguard data confidentiality and integrity? When choosing an IoT monitoring and connection solution, make sure that it is using industry-proven data encryption. Solutions like the Azure IoT Suite secure the internet connection between the IoT device and IoT hub using the Transport Layer Security (TLS) standard.

Another question to ask is how you will prevent unsolicited inbound connections from wreaking havoc on your devices? Make sure that only devices are allowed to initiate connections and not the IoT hub. And speaking of the IoT hub: make sure that the one you’re using has the capability of maintaining a per-device queue – meaning that it can store messages for devices and wait for the devices to connect. For more on this topic, be sure to read IoT security from the ground up.

How secure is your cloud solution?

Is your cloud provider following rigorous security best practices? When choosing a cloud provider, make sure you pay careful attention to how they are handling the following areas.

1. Network traffic segregation: Is IoT traffic segregated from other network traffic using an IoT gateway or other means?
2. Monitoring: How is network traffic being monitored? How will you know if any credentials are compromised or if unmanaged devices are accessing your cloud services?
3. Security controls: How well do you know your cloud provider’s SLA (service-level agreement)? Which security controls are being maintained by your provider and which will you need to address internally?
4. Encryption and security key management: Does your IoT solution allow you to define access control policies for each security key? Is data in the cloud encrypted?

Have you registered for IoT in Action in San Francisco, CA on February 13, 2018?

These questions only scratch the broad surface of IoT security. To learn more about securing your IoT solution, register for this free, one-day event. You’ll hear from the researchers behind The seven properties of highly secured devices and see an IoT solution come to life before your eyes. You’ll also get insights into how Microsoft addresses IoT security through its Azure solutions. Plus, connect with partners who can help you bring your IoT solution from concept to reality. View the full agenda.

The post The Key IoT Security Questions You Need To Ask appeared first on ReadWrite.

Read the Full Article here: >ReadWriteWeb

For some ATM thieves, swiping card data involves too much patience — they’d rather just take the money and run. The US Secret Service has warned ATM makers Diebold Nixdorf and NCR that "jackpotting" hacks, where crooks force machine to cough up large sums of cash, have reached the US after years of creating problems in Asia, Europe and Mexico. The attacks have focused largely on Diebold’s front-loading Opteva ATMs in stand-alone locations, such as retail stores and drive-thrus, and have relied on an combination of malware and hardware to pull off heists.

In previous attacks, the thieves disguised themselves as technicians to avoid drawing attention. After that, they hooked up a laptop with a mirror image of the ATM’s operating system and malware (Diebold also mentioned replacing the hard drive outright). Security researcher Brian Krebs understands American ATMs have been hit with Ploutus.D, a variant of "jackpotting" malware that first launched in 2013. The mirror image needs to be paired with the ATM to work, but that’s not as difficult as you might think — the intruders used endoscopes to find and press the necessary reset button inside the machine. Once done, they attached keyboards and used activation codes to clean out ATMs within a matter of minutes.

NCR hasn’t been explicitly targeted in these attacks, but it warned that this was an "industry-wide issue" and urged caution from companies using its ATMs.

It’s definitely possible to thwart attacks like this. The Secret Service warned that ATMs still using Windows XP were particularly easy targets, and that updating to Windows 7 (let alone Windows 10) would protect against these specific attacks. Diebold also recommended updating to newer firmware and using the most secure configurations possible. And both organizations recommended physical security changes, such as using rear-loading ATMs, locking down physical access and closely watching for suspicious activity like opening the machine’s top.

The catch, of course, is that ATM operators either haven’t been diligent or may have a hard time justifying the updates. It’s telling that victim machines have been running XP, a 16-year-old platform whose official support ended in 2014 — the odds aren’t high that companies will keep their ATMs up to date, let alone replace them with more secure models or institute advanced defenses. You may not see a widespread attempt to combat jackpotting in the US until the problem becomes too large to ignore.

Via: Reuters

Source: Krebs on Security

Read the Full Article here: >Engadget

Google’s parent company Alphabet today announced the launch of Chronicle, a new cybersecurity company that aims to give companies a better chance at detecting and fighting off hackers. "Chronicle is graduating out of Alphabet’s X moonshot group and is now a standalone company under the Alphabet umbrella, just like Google," TechCrunch reports. From the report: Stephen Gillett, who joined X from Google Ventures and was previously the COO of Symantec, will be the new company’s CEO. To get started, Chronicle will offer two services: a security intelligence and analytics platform for enterprises, and VirusTotal, the online malware and virus scanner that Google acquired in 2012. Gillett writes that the general idea behind Chronicle is to eliminate a company’s security blind spots and allow businesses to get a better picture of their security posture. "We want to 10x the speed and impact of security teams’ work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find," writes Gillett. "We are building our intelligence and analytics platform to solve this problem." What exactly this new platform will look like remains to be seen, though. Gillett notes that it will run on Alphabet’s infrastructure and use machine learning and advanced search capabilities to help businesses analyze their security data. Chronicle also says that it will offer its services in the cloud so that they can "grow with an organization’s needs and don’t add yet another piece of security software to implement and manage."

Read more of this story at Slashdot.

Read the Full Article here: >Slashdot: News for nerds, stuff that matters