FRANCE Warns Microsoft to stop collecting Windows 10 users Personal data

We have heard a lot about privacy concerns surrounding Windows 10 and accusations on Microsoft ofcollecting too much data about users without their consent.

Now, the French data protection authority has ordered Microsoft to stop it.

France's National Data Protection Commission (CNIL) issued a formal notice on Wednesday, asking Microsoft to "stop collecting excessive data" as well as "tracking browsing by users without their consent."

The CNIL, Commission Nationale de l’Informatique et des Libertés, ordered Microsoft to comply with the French Data Protection Act within 3 months, and if fails, the commission will issue a sanction against the company.

Moreover, the CNIL notified Microsoft that the company must also take "satisfactory measures to ensure the security and confidentiality" of its users' personal data.

The notice comes after a series of investigations between April and June 2016 by French authorities, revealing that Microsoft was still transferring data to the United States under the "Safe Harbor" agreement that a European Court court invalidated in October last year.

Allegations on Windows 10

The CNIL's list of complaints about Windows 10 does not end there, as it goes on to read:

• Microsoft is collecting data on "Windows app and Windows Store usage data," along with monitoring apps its user's download and time spent on each app, which according to the CNIL, is irrelevant and "excessive" data collection.
• Microsoft is also criticized for its lack of security, since there is no limit set on the number of guesses for entering the four-digit PIN used to protect your Microsoft account.
• After Windows 10 installation, Microsoft also activates a user's advertising ID by default, which enables Windows apps as well as other third-party apps to monitor user browsing history and to offer targeted ads "without obtaining users' consent."
• Windows 10 does not give you any option to block cookies.
• And as I mentioned above, Microsoft is transferring its users' personal data to the United States under the "Safe Harbor" agreement.

 In a statement, the CNIL said: "It has been decided to make the formal notice public due to, among other reasons, the seriousness of the breaches and the number of individuals concerned (more than ten million Windows users on French territory)."

Microsoft Response on the CNIL Notice

Microsoft has responded to the notice, saying the company is happy to work with the CNIL to"understand the agency's concerns fully and to work toward solutions that it will find acceptable." 

What's more interesting is that Microsoft does not deny the allegations set against it and does nothing to defend Windows 10 excessive data collection, as well as fails to address the privacy concerns the CNIL raises.

However, the tech giant does address concerns about the transfer of its users' personal data to the U.S. under the "Safe Harbor" agreement, saying that "the Safe Harbor framework is no longer valid for transferring data from European Union to the United States."

The company says it still complies with the Safe Harbor agreement up until the adoption of Privacy Shield.

"Microsoft has in fact continued to live up to all of its commitments under the Safe Harbor Framework, even as the European and US representatives worked toward the new Privacy Shield," says Microsoft. "We're working now toward meeting the requirements of the Privacy Shield."

Windows 10 Privacy concerns seem to be a never ending topic. Over the last year, Microsoft has annoyed users with a number of weird practices around Windows 10, including aggressive upgrades and transferring too much information about users back to Redmond.

Since there is the promise of a statement about privacy next week, let's see what happens next. You can read Microsoft's full statement, courtesy of David Heiner, vice president and deputy general counsel, on VentureBeat.

This Tiny Computer Runs on Radio Waves Powered wirelessly & hasn't battery

No matter how smart and fast your devices would be, the biggest issue is always with the battery technology.

Whenever you go to buy any electronic gadget — smartphone, laptop, or any wearable — the most important specification isn’t its processor speed or its camera quality but its Battery Backup, which is not getting better any time soon.

What if you could eliminate the very thing entirely?

Well, that's exactly what the electrical engineers from the University of Washington has developed.

A team of researchers from the University of Washington’s Sensor Lab and the Delft University of Technology has developed a new gadget that doesn’t need a battery or any external power source to keep it powered; rather it works on radio waves.

So, this means you have to turn on your radio every time to keep this device charged. Right?

No, you don’t need to do this at all, because the device sucks radio waves out of the air and then converts them into electricity.

Wireless Identification and Sensing Platform

Dubbed Wireless Identification and Sensing Platform (WISP), the device is a combination sensor and computing chip that uses a standard off-the-shelf RFID (Radio Frequency Identification) reader to suck in radio waves and convert them into electricity.

Though the WISP is not designed to compete with the chips in your computer or even your smartphone, it has as much processing power as the Fitbit, which is enough to run sensors and transmit data.

The discovery could highly transform the Internet of Things (IoT) world as the WISP is even more low maintenance compared to Bluetooth Low Energy sensor chips being used today.

The next step in making the WISP usability even more convenient and easy is to create Wisent that would allow for wireless programming of the WISP. For this, the team has recently collaborated with the Delft University of Technology.

With the help of Wisent, the WISP can be programmed wirelessly and uses the very same radio waves to communicate.

"So far WISP required cables to reprogramme it, nullifying the advantage of battery-less-ness. Therefore, we present Wisent, a protocol that allows WISP to be reprogrammed wirelessly," said Przemysław Pawełczak, assistant professor at the TU Delft’s Embedded Software group.

"Our vision is to have truly wirelessly reprogrammable software-defined battery-less computers wherever and whenever we want."

For more details, you can head on to the research paper [PDF].

Though the ultimate aim of WISP is in fully realizing the Internet of Things and giving "dumb" objects some smartness, it might even find its way into smartphones as a sort of emergency backup calling module that works even when your phone’s battery is dead.

However, there is no detail on when the WISP will be made available for purchase, or how much it will cost.

Just Opening a MS WORD file can HACK every file on your System

If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it.

Doing so could cripple your system and could lead to a catastrophic destruction.

Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed "Locky," into their systems.

So if you find .locky extension files on your network shares, Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom.

Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.

Microsoft MACROS are Back

It is hard to digest the fact that, in this 2016, even a single MS Word document could compromise your system by enabling 'Macros.'

This is where the point to appreciate hacker's sheer brilliance of tactics.

Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds vicious macro functions).

The concept of macros dates back to 1990s. You must be familiar with this message: "Warning: This document contains macros."

Now macros are back, as cyber criminals discover a new way to get internet users to open Microsoft Office documents, especially Word files that allow macros to run automatically.

How Does Locky Work?

Once a user opens a malicious Word document, the doc file gets downloaded to its system. However, danger comes in when the user opens the file and found the content scrambled and a popup that states "enable macros".

Here comes the bad part:

• Once the victim enables the macro (malicious), he/she would download an executable from a remote server and run it.
• This executable is nothing but the Locky Ransomware that, when started, will begin to encrypt all the files on your computer as well as network.

Locky ransomware affects nearly all file formats and encrypts all the files and replace the filename with .locky extension.

Once encrypted, the ransomware malware displays a message that instructs infected victims to download TOR and visit the attacker's website for further instructions and payments.

Locky ransomware asks victims to pay between 0.5 and 2 Bitcoins ($208 to $800) in order to get the decryption key.

One of the interesting note on Locky is that it is being translated into many languages, which heighten its attack beyond English boundaries to maximize the digital casualties.

Locky Encrypts Even Your Network-Based Backup Files

The new ransomware also has the capability to encrypt your network-based backup files. So it's time for you to keep you sensitive and important files in a third party storage as a backup plan in order to evade future-ransomware infections.

A researcher named Kevin Beaumont along with Larry Abrahms of BleepingComputer initiallydiscovered the existence of Locky encrypted virus.

To check the impact of Locky, Kevin successfully intercepted the Locky traffic yesterday and realized that the cryptovirus is spreading out rapidly in the wild.

"I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of Million PCs will be infected," Kevin said in a blog post.

One hour of infection Statistics:

Among the highly impacted countries include Germany, Netherlands, United States, Croatia, Mali, Saudi Arabia, Mexico, Poland, Argentina and Serbia.