A senior advisor to the U.S. Food and Drug Administration (FDA) tossed cold water on speculation that the Agency might try to police mobile health and wellness applications, saying the FDA couldn’t possibly scale up to meet the challenge of policing the hundreds of new apps appearing every month. Correction: The article was changed to clarify Mr. Patel’s comments. He was not responding to a direct question about the FDA setting up an office to regulate mobile health applications. He was commenting on the possibility of creating a platform to evaluate and rate mobile health applications. Also, he said “It’s not do-able,” not “it’s not possible.” We apologize for any confusion created by the article. – PFR July 10, 2014. The sheer pace of innovation in the mobile health application space and the numbers of such applications already available on mobile marketplaces like the iTunes App Store and Google Play mean that many mobile health applications will escape scrutiny by federal […]
Tag: Government
DHS Warns Energy Firms Of Malware Used In Targeted Attacks
The Department of Homeland Security warned firms in the energy sector about new, targeted malware infecting industrial control systems and stealing data. DHS’s ICS CERT, the Industrial Control Systems Computer Emergency Response Team, said it is analyzing malware associated with an ICS-focused malware campaign. The malicious software, dubbed “Havex” that was being spread by way of phishing emails and so-called “watering hole” attacks that involved compromises of ICS vendor web sites. DHS was alerted to the attacks by researchers at the security firms Symantec (which dubbed the malware campaign “Dragonfly”) and F-Secure (“Havex”) -a remote access trojan (or RAT) that also acts as an installer (or “downloader”) – fetching other malicious applications to perform specific tasks on compromised networks. One of those additional payloads is a Trojan Horse program dubbed Karagany (by Symantec) that has been liked to prior attacks on energy firms. According to Symantec, the malware targeted energy grid operators, major electricity generation firms, […]
Is HyperCat An IoT Silo Buster? | ZDNet
Steve Ranger over at ZDNet has an interesting write-up on HyperCat, a UK-funded data sharing open specification for Internet of Things devices. The new specifications has the backing (or at least interest) of major players and could become an alternative to proprietary standards such as Apple’s HomeKit or Google Nest. HyperCat is described as an “open, lightweight, JSON-based hypermedia catalogue” that is designed to “expose information about IoT assets over the web.” The goal is to provide a set of open APIs and data formats that startups and other smaller firms can use to built ecosystems of connected objects. Smart devices are typically developed using common technologies and platforms: RESTful APIs, JSON (Javascript Object Notation) for data formatting and HTTP (or secure HTTP) as the main communications protocol. However, the Internet of Things is badly “silo’d” – meaning that interoperability between IoT devices happens only when those smart devices happen to use the […]
UEFI: Security, BIOS and the Internet of Things
One of the notable trends in recent years has been the drive, among malicious actors, to compromise devices in new- and hard-to-detect ways. An area of interest and exploration is malicious software that can attack a computer’s BIOS – the small bit of code that runs when a computing device is first powered on. BIOS malware is so powerful because it offers adversaries the possibility of getting a foothold on systems prior to an operating system and the security features- and applications that run there. Successful BIOS attacks give attackers almost total control over the system they are installed on. BIOS malware isn’t a new idea. In fact, it has been around since the late 1990s, when the Chernobyl Virus was identified. That virus could wipe a machine’s BIOS, a well as the contents of its hard drive. But BIOS threats have been getting more attention lately. Proof of concept malware appeared as recently […]
FTC Wants To Be Top Cop On Geolocation
The Federal Trade Commission (FTC) is asking Congress to make it the chief rule maker and enforcer of policies for the collection and sharing of geolocation information, according to testimony this week. Jessica Rich, Director of the FTC Bureau of Consumer Protection, told the Senate Judiciary Committee’s Subcommittee for Privacy, Technology that the Commission would like to see changes to the wording of the Location Privacy Protection Act of 2014 (LPPA), draft legislation designed to spell out consumer protections pertaining to the location data. Rich said that the FTC, as the U.S. Government’s leading privacy enforcement agency, should be given rule making and enforcement authority for the civil provisions of the LPPA. The current draft of the law instead gives that authority to the Department of Justice (DOJ). The LPPA legislation (PDF) was proposed in March by Sen. Al Franken, and co-sponsored by Senators Coons (D-DE) and Warren (D-MA). It proposes updating the Electronic Communications […]
