Connect with us

Technology

Marriott and Starwood hotels will have to get better at data security

Published

on

Marriott and Starwood hotels will have to get better at data security

The Federal Trade Commission announced on Friday it finalized an order (pdf) requiring Marriott International and subsidiary Starwood Hotels to improve their digital security, reports BleepingComputer. The FTC charged the companies with lax security practices that resulted in three big breaches detected in 2015, 2018, and 2020, “affecting more than 344 million customers worldwide,” leaking passport details, payment cards, and other info.

The shortest breach lasted 14 months before it was detected, while the longest one saw attackers maintain access for four years, starting in 2018. The beefed-up security programs they’ve agreed to establish include creating policies to only keep information for as long as it’s needed and publishing a link allowing US customers to request the deletion of information tied to their email address or loyalty account.

Hotels have been one of many key targets for hackers, with one breach last year catching FTC Chair Lina Khan among the many people left waiting to check in when a ransomware attack forced MGM Resorts to fall back on using pen and paper.

The FTC announced its charges in October, accusing the companies of having “deceived consumers” with false claims of “reasonable and appropriate data security.” Their alleged failures included having bad password and firewall practices and not patching outdated software and systems. The same day the FTC revealed the charges, the Connecticut Attorney General’s office announced Marriott had agreed to a $52 million settlement.

Beyond improving their security, the companies are now forbidden “from misrepresenting how they collect, maintain, use, delete or disclose consumers’ personal information; and the extent to which the companies protect the privacy, security, availability, confidentiality, or integrity of personal information.” Other requirements include that they keep compliance records and submit to FTC inspections. The order will stay in effect for 20 years.

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Technology

2024: a good year for earbuds

Published

on

2024: a good year for earbuds

The year 2024 has been another very good one for wireless earbuds. We’ve reached a point where every tech giant is firing on all cylinders. Apple’s AirPods Pro, Samsung’s Galaxy Buds 3 Pro, and Google’s Pixel Buds Pro 2 are each fantastic in their own right and fairly comparable in the features they offer. Are there advantages depending on which you pick? Sure. Samsung’s new voice controls are super convenient. Google wins out on comfort. And Apple’s new hearing health features really level up what we expect from consumer earbuds. But in terms of everyday performance, they’re all within spitting distance of each other. 

As for over-ear headphones, Sonos introduced its long-rumored Ace headphones this year. Their marquee trick, TV Audio Swap, is the ability to receive audio from a Sonos soundbar for private listening — a good example of a brand trying to muster a unique selling point in a competitive market, while Apple, Samsung, and Google are laser-focused on interplay within their own respective ecosystems. (Of course, Sonos’ headphones were all but forgotten in the avalanche of controversy brought on by the company’s overhauled mobile app.)

The splash of yellow from Nothing’s Ear (a) earbuds is a fun departure from the norm.

But this year has reinforced that you don’t need to spend big to find great value. Apple brought active noise cancellation to its less expensive AirPods 4. With the Nothing Ear and budget-priced Ear (a), Nothing proved yet again that it can compete with long-established earbud makers — and outdesign many of them. Style-wise, it’s hard to choose between the flashy yellow of the Ear (a) or Beats’ candy red Solo Buds, but Nothing gives you more for your money than Apple’s brand. 

2024 also saw Jabra make an exit from the consumer earbuds market. The company spent years producing worthy alternatives to the AirPods and other products back during the early waves of true wireless earbuds, but Jabra lost its momentum and failed to meaningfully stand out with its more recent Elite earbuds. The Elite 10 Gen 2 are excellent by all accounts but hard to recommend when they represent the end of the line.

Advertisement

As for where the category is headed, earbuds are quickly evolving into devices with a purpose that extends well beyond audio consumption. Apple’s AirPods Pro 2 now offer a powerful trifecta of hearing health features: you can wear them as hearing protection, take a test to gauge your own hearing loss, or use the earbuds as clinical-grade over-the-counter hearing aids. I’d expect we’ll see other industry heavyweights like Sony, Samsung, and Google bring similar capabilities to their own future buds — perhaps as soon as next year. 

Apple’s AirPods Pro 2 can now function as clinical-grade hearing aids for people with mild to moderate hearing loss.

Fitness tracking is another area where we’ll continue to see earbuds offer new advantages. Heart rate tracking is becoming relatively common, and the next-generation Powerbeats Pro, due early in 2025, are rumored to include the useful feature.

As for the new year, Sony’s long-popular 1000X series is due for a refresh. The 1000XM6 earbuds (and headphones) seem like a lock for 2025. I think the same is true of the next AirPods Pro; Apple will reportedly release a redesigned third-gen pair sometime next year. On the other hand, with Samsung and Google having both released new models in the last six months, I wouldn’t expect much from them in the near future. 

Sony’s 1000X series is due for an update in 2025.
Advertisement

For you audiophiles out there, 2025 is likely to see the introduction of more earbuds that can wirelessly stream lossless audio as Qualcomm’s most advanced chips start to proliferate across new products from various brands — potentially including Sennheiser, Bose, and others. As for other features, I’m curious to what extent earbud makers will tap into AI chatbots. Google’s Pixel Buds Pro make it possible to carry on entire conversations with Gemini Live. Will other brands look to provide a similar experience with different AI platforms? 

The new year is certain to get off to a busy start right out of the gate, with headphones and earbuds from dozens of brands expected at CES 2025. Hopefully there’ll be some genuine surprises among the bunch.

Photography by Chris Welch / The Verge

Continue Reading

Technology

Ignoring router security settings puts millions at risk from hidden dangers

Published

on

Ignoring router security settings puts millions at risk from hidden dangers

If you’re like me, your home Wi-Fi is at the center of almost everything you do online, whether it’s online banking, paying bills, booking trips, chatting with friends or streaming movies.

These days, it’s not just your laptop and phone connected to the network, but also things like security cameras, thermostats and even air conditioners are all managed by your router. But be honest, when was the last time you did anything to secure your router? It’s easy to forget about it, especially if it’s working fine. The thing is, a lot of people feel the same way, and a study reveals this “out of sight, out of mind” attitude could be putting millions at serious risk.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Image of a router (Kurt “CyberGuy” Knutsson)

Shocking router security facts you need to know

The 2024 Broadband Genie router security survey has uncovered some startling facts about how internet users approach router security. Over half of respondents (52%) admitted they have never adjusted their router’s factory settings. Even more concerning, 86% of users have never changed their router administrator password. Leaving the default admin password unchanged is like leaving your front door unlocked. It’s an open invitation for hackers to exploit.

Advertisement

Similarly, 72% of respondents have never changed their Wi-Fi password. Default passwords are often easily accessible and can be exploited in seconds by knowledgeable attackers. Firmware updates, essential for patching vulnerabilities and enhancing router functionality, are also largely ignored. An overwhelming 89% of users have never updated their router’s firmware. While newer routers often handle updates automatically, user awareness and action remain vital for those with older devices.

Another glaring issue is the failure to change default network names, such as “SKY12345” or “Linksys-7890.” These identifiers can provide hackers with crucial information about the router model, making it easier to exploit known vulnerabilities. Yet, 89% of respondents have never changed their network name.

Ignoring router security settings puts millions at risk from hidden dangers

Image of a router (Kurt “CyberGuy” Knutsson)

CLEVER TRICK TO MAKE A CONNECTION FASTER ON YOUR WI-FI NETWORK

Most people don’t know who’s connected to their network

Alarmingly, 75% of users have never checked to see who is connected to their network. With an average home now hosting around 12 connected devices, failing to monitor network activity could lead to unauthorized access and potential data breaches. Even more worrying, three-quarters of respondents do not understand why adjusting router settings is important, showing a significant gap in awareness about the risks associated with default configurations.

“In 2022, we ran a similar study and found 48% had never touched their router’s factory settings. It’s concerning that not only has the number come down after two years, it’s got worse,” said Alex Tofts, strategist at Broadband Genie.

Advertisement

“Most concerning is the very high percentage of broadband subscribers who don’t even know why they should be making any of these changes. This exposes a clear knowledge gap, and users need to be educated more about the simple steps they can take to help prevent cyberattacks.”

Ignoring router security settings puts millions at risk from hidden dangers

A woman working on her laptop computer (Kurt “CyberGuy” Knutsson)

HOW TO CHECK IF SOMEONE IS STEALING YOUR WI-FI

6 ways to protect your Wi-Fi router from hackers

Keeping your home network secure is essential to prevent unauthorized access and potential data breaches. Follow these steps to safeguard your Wi-Fi router:

1) Change default passwords: Most routers come with default passwords that hackers can easily find online. To secure your router, change both the admin password (used to access settings) and the Wi-Fi network password. Use a strong password with at least 12 characters, combining uppercase and lowercase letters, numbers and symbols. Avoid simple options like “password123” or personal details such as your name or birth date.

2) Rename your network (SSID): The default network name, or SSID, often includes the router’s brand or model, making it easier for hackers to identify vulnerabilities. Rename your network to something unique that doesn’t reveal personal information. Avoid using names, addresses or other identifiers. Instead, opt for a neutral or creative name that’s easy for you to recognize but hard for others to associate with you.

Advertisement

3) Keep your router’s firmware updated: Router manufacturers release firmware updates to patch security flaws and enhance performance. Check your router’s admin panel regularly for updates or enable automatic updates, if supported. Keeping your firmware up to date ensures you’re protected against the latest threats. If your router is too old to receive updates, it might be time to upgrade to a newer, more secure model.

4) Monitor network activity regularly: Unauthorized devices on your network can slow it down and expose you to risks. Log into your router’s admin settings to view all connected devices. If you see anything suspicious, disconnect it and immediately change your Wi-Fi password. You can also enable MAC address filtering to control which devices can access your network or disable features like WPS (Wi-Fi Protected Setup) that may leave you vulnerable.

5) Enable network encryption: Use the strongest encryption protocol available for your router, preferably WPA3 or at least WPA2. Encryption scrambles the data transmitted over your network, making it much harder for hackers to intercept and decipher your information.

6) Regularly reboot your router: Schedule routine reboots to clear the system memory and refresh all connections, which may disrupt potential malware.

TOP ROUTERS FOR BEST SECURITY 2024

Advertisement

Pro tip: Use strong antivirus software: To further protect your devices from malware and other threats, consider using reputable antivirus software. Antivirus programs can detect and remove malicious software, provide real-time protection and alert you to potential threats. Keeping your devices secure helps ensure your entire network remains safe from cyberattacks.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

Kurt’s key takeaways

Cybercriminals are constantly evolving the ways they target us, which means securing just your phone or laptop isn’t enough anymore. You need to be cautious with anything connected to the internet, whether it’s your router, smart cameras or doorbell. However, the Broadband Genie survey reveals that only a small number of people are aware of the best cybersecurity practices when it comes to protecting their routers. As a basic rule, always remember to change default passwords and rename your router’s network to ensure better security.

What are your biggest concerns when it comes to cybersecurity? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Advertisement

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement

Continue Reading

Technology

Google to court: we’ll change our Apple deal, but please let us keep Chrome

Published

on

Google to court: we’ll change our Apple deal, but please let us keep Chrome

A court found Google liable for unlawfully monopolizing online search, and its remedies are supposed to reset the market, letting rivals fairly compete. Google (obviously) disagrees that it’s running a monopoly, but before it can appeal that underlying conclusion, it’s trying to limit the fallout if it loses.

Google’s justification is that search deals were at the heart of the case, so they’re what a court should target. Under the proposal, Google couldn’t enter deals with Android phone manufacturers that require adding mobile search in exchange for access to other Google apps. It couldn’t require phone makers to exclude rival search engines or third-party browsers. Browser companies like Mozilla would be given more flexibility in setting rival search engines as defaults.

Perhaps the biggest concession is that this agreement would specifically end Google’s long-running multibillion-dollar search deal with Apple. It would bar Google from entering agreements that make Google Search the default engine on any “proprietary Apple feature or functionality, including Siri and Spotlight” in the US — unless the deal lets Apple choose a different default search engine on its browser annually and “expressly permits” it to promote other search engines.

And in a nod to some DOJ concerns about Google locking out rival AI-powered search tools and chatbots, Google proposes it should be disallowed from requiring phone makers to add its Gemini Assistant mobile app in order to access other Google offerings.

The government has proposed ten years of restrictions, but Google’s counterproposal is only three — it argues nothing more is necessary because “the pace of innovation in search has been extraordinary” and regulating a “fast-changing industry” like search would slow innovation.

Advertisement

If the court accepts Google’s streamlined proposal over the DOJ’s, the company could lose out on some lucrative or strategically advantageous deals, but its business would remain intact. It wouldn’t have to spin out its Chrome browser or have the threat of an Android divestment order hanging over it. And it wouldn’t need to share many of the underlying signals that help it figure out how to serve useful search results, so that rivals could catch up and serve as a true competitive pressure, as the DOJ hopes.

Both Google and the DOJ’s proposals are essentially starting points from which the judge can work. But Google is betting it could have an easier time selling a simple proposal that addresses a major, specific problem raised in the trial. It’s positioning the government’s proposals as extreme and reaching beyond the scope of the judge’s earlier decision, perhaps — Google will likely tell the court — even in a way that could get overturned on appeal.

This hasn’t been received well by at least one of Google’s rivals, the search engine company DuckDuckGo. “Google’s proposal attempts to maintain the status quo and change as little as possible,” spokesperson Kamyl Bazbaz said in a statement. Both sides will argue their case in a federal court in Washington, DC beginning on April 22.

Continue Reading
Advertisement

Trending