SaferCar App Helps With Child Safety Seats

If you've had a child within the last two decades, you're probably about as frustrated as we are with the complexity of installing child safety seats. Latch or seatbelt? Automatic locking retractor or emergency locking retractor? Belt locking clip or twisted belt stalk? According to Safe Kids USA, properly installed child safety seats reduce risk of injury by 71% for infants and 54% for toddlers in passenger cars.

While the milk crate full of bungee cords or duct tape in the garage might look like a tempting alternative to struggling with installing a child seat, the better option is using the National Highway Traffic Safety Administration's new, free SaferCar app for iPhones, iPads and iPod Touches to find a certified child passenger safety technician near you (NHTSA is working on an Android app). Those who don't have mobile Apple devices can search for a technician on the NHTSA website.

While the app has plenty of other features relating to vehicle safety, it also includes a child seat section. You can easily search for certified technicians near you by clicking "find nearest" or "search by ZIP code" if, for example, you want to help Grandma find a technician near her.

When I searched for a technician, I received a long list with technicians nearest to me at the top. It provides a quick reference for the technician's name, address, availability and phone number, plus the ability to instantly call or map a route to the location.

There are some new technologies coming in the near future to help minimize the difficulty of properly installing child safety seats. Until then, we must rely on trained technicians to teach us how to properly install child safety seats.

Why Every Site Should Be Penetration Tested

Why Every Site Should Be Penetration Tested | Ethical Hacking-Your Way To The World Of IT Security


Penetration testing can get a bad rap due to the unprofessional way in which some people approach it (both clients and testers). Done correctly, it can shine the light on security flaws which are only capable of being exploited by the most dedicated hackers with plenty of time on their hands which is many of them.

Done poorly, it is rushed, and only a cursory attempt is really to crack a box. Some companies have no problem with this, as they only conduct pen tests to appease some regulator, rather than truly safeguard their systems, it's as if they really don't want to know if they can be compromised, as then they will have to incur the expense of actually plugging in the holes.

But do you really think hackers work in this lackadaisical fashion, when they know that each compromised network represents real currency, and not just bragging rights? That's a rhetorical question, of course they don't work this way, especially if they are unemployed and living in an Eastern European country will little other opportunity for employment.

Why Penetration Testing?

Pen testing is generally reserved for network and server configurations, and security for these has been dramatically improved thanks to it. This can lead to a certain amount of complacency among administrators who, having applied every single patch known to mankind, feel that their systems are locked up tight.
The point they miss, however, is that attacks are shifting to different vectors, namely web applications and mobile apps. The Bring Your Own Device (BYOD) trend is exploding, and hackers are furiously developing exploits for smartphones and tablets, which are notoriously under-protected and provide a convenient way of accessing corporate systems through these infected clients.

The threat landscape evolves

To catch a crook, you have to think like a crook, and today's crooks are more ambitious due to the extreme amount of money to be made in cybercrime. There are also increasing political motivations to hacking, and it is not too far-fetched to imagine that attacks in the near future will be used to destabilize the entire economy of a target country by shutting down the computer systems of its major corporations or government offices.

Penetration testing should evolve with these threats, and should be performed at regular intervals. They must also be through, incorporating the latest devices and methodologies such as SMS, phishing, data mining on mobile devices, automatic phone calls and texts, mobile pickpocketing, and whatever else hackers can think of. This is why the best pen testers are former black hats they get it.

Mobile device management should be examined by penetration testers. Lack of an MDM program, whether internally developed or provided by a third party, is one glaring hole that needs to be plugged, as many enterprises allow potentially compromised devices to connect to their Wi-Fi networks without much thought.

In conclusion

Skimping on penetration testing to save a few bucks is dangerous folly, and even worse is to hire someone with no real-world hacking experience due to the false sense of security it will instill in administrators. With the large amount of new threats being developed, and the business and legal expenses associated with compromised systems rising, it pays to establish a regular security audit schedule which includes a thorough pen test by a reputable and effective firm.


About the author: John Dayton’s ultimate dream is to travel the world in his homemade sailboat. When he isn’t working on his boat or writing poignant articles, he’s working with top-notchforensic engineering consultants.

---

Google Gets Top Marks For Protecting User Privacy, Apple Lags Far Behin

Google Gets Top Marks For Protecting User Privacy, Apple Lags Far Behin: reat deal of interest in how your online privacy is managed.   | Timothy Koppe

*

*

EFF Privacy Ranking Chart

If you use the Internet-and lets be honest, we live in a wired (or wireless!) world-then you should have a great deal of interest in how your online privacy is managed. One thing most users don't think about (I know I didn't for a while) is, despite whatever draconian methods we might take to protect our online lives, how well does the company that owns those services protect our privacy?

Thanks to the information collected from the Electronic Frontier Foundation now we have an answer. According to the EFF's most recent report card, Google has ranked as one of the companies when it comes to how hard they try to protect the privacy of their users.

According to the report, Google received starts inn the following categories:
- Requiring a warrant to release user content
- Publishing transparency reports
- Publishing law enforcement guidelines
- Fighting for user privacy rights in court
- Fighting for user privacy rights in Congress

The only category that Google didn't receive a star in was telling users about government data requests.

By comparison, Apple Inc. received one of the EFF's worse marks, receiving stars in no category except fighting for user rights in Congress-which, frankly, isn't that hard to do with all the lobbying that goes on in the current Congress.

Despite its high grades, Google was not the top of the class, with Twitter and Sonic.net receiving stars in every category. Apple can feel thankful it won't be alone in study hall-Verizon and MySpace, received stars at all.