Technology

We’ve typed thousands of words to help you find the ideal clacky—or thocky—mechanical keyboard for your refined taste.

Here are your major deadlines to complete and mail in or electronically transmit your 2024 federal tax return.

• CISA is requiring organizations in critical sectors to update their security
• MFA, vulnerability management, and data encryption will be enforced
• These changes will help mitigate the potential theft of data by state-sponsored and nation state actors

The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a set of proposed security requirements aimed at reducing risks posed by unauthorized access to American data.

The move is due to concerns about the vulnerabilities exposed by recent cyberattacks, state-sponsored hacking campaigns, and the misuse of personal data by hostile nations.

The proposal aligns with Executive Order 14117, signed by President Biden earlier in 2024, which seeks to address gaps in data security that could compromise national interests.

Strengthening protections against foreign threats

The proposed requirements focus on entities that handle large-scale sensitive data, particularly in industries such as artificial intelligence, telecommunications, healthcare, finance, and defence contracting.

Companies operating in these fields are seen as critical targets due to the nature of the data they manage, with the US telecommunications industry recently being hit by a huge attack.

CISA's primary concern is that data from these organizations could fall into the hands of “countries of concern” or “covered persons” - terms used by the U.S. government to refer to foreign adversaries known for engaging in cyber espionage and data breaches.

These new security standards aim to close loopholes that could expose sensitive data to state-sponsored groups and foreign intelligence actors.

Businesses will need to keep an updated inventory of their digital assets, including IP addresses and hardware configurations, to stay prepared for potential security incidents. Companies will also be required to enforce multi-factor authentication (MFA) on all critical systems and require passwords that are at least 16 characters long to prevent unauthorized access.

Vulnerability management is another key focus, and organizations must remediate and address any known exploited vulnerabilities or critical flaws within 14 days, even if exploitation has not been confirmed. High-severity vulnerabilities must be fixed within 30 days.

The new proposal also emphasizes network transparency, and companies are required to maintain accurate network topologies to enhance their ability to identify and respond to security incidents.

Immediate revocation of access for employees following termination or changes in role is mandated to prevent insider threats. Additionally, unauthorized hardware, such as USB devices, will be prohibited from connecting to systems that handle sensitive data, further reducing the risk of data leakage.

In addition to system-level protections, CISA’s proposal introduces robust data-level measures aimed at minimizing the exposure of personal and government information. Organizations will be encouraged to collect only the data that is essential for their operations and, where possible, mask or de-identify it to prevent unauthorized access. Encryption will play a vital role in securing data during any transaction that involves a “restricted entity,” ensuring that even if data is intercepted, it cannot be easily deciphered.

A critical requirement is that encryption keys must not be stored alongside the data they protect, particularly in regions identified as countries of concern. Furthermore, organizations will also be encouraged to adopt advanced privacy-preserving techniques, such as homomorphic encryption or differential privacy, which allow data to be processed without exposing the underlying information.

CISA is seeking public feedback on the proposed requirements to refine the framework before it is finalized. Interested stakeholders, including industry leaders and cybersecurity experts, are invited to submit their comments via regulations.gov by entering CISA-2024-0029 in the search field and following the instructions to provide input.

Via BleepingComputer

You might also like

• Google has blocked a huge network of pro-China propaganda news websites
• Take a look at the best antivirus
• These are the best password managers

Streaming is more popular than ever and these affordable devices from Roku, Google and Apple can get you watching Netflix, Hulu and the rest with ease.

These VPNs work well for multiple devices with generous or even unlimited simultaneous device allowances, plus apps for nearly all of your electronics.

For most rural households, Hughesnet and Viasat are an essential lifeline. Both providers offer similar coverage, but which is better for your home?

Two regions in the left hemisphere of the brain, which are crucial for language, are different in people who are good at reading and are likely to be shaped by the habit.

• The "product introduction phase" has started
• Design changes are predicted for the iPhone 17 Air
• Apple still exploring the idea of an iPhone Fold

It could be the most interesting model in the iPhone 17 series, and it could be the slimmest iPhone ever – and now the iPhone 17 Air (or is it the iPhone 17 Slim?) has officially entered production, according to a new report.

As per DigiTimes (via MacRumors), the iPhone 17 Air has now officially entered the "product introduction phase" at Foxconn, the Taiwanese manufacturer that puts together a lot of gadgets for Apple.

It means pilot production runs can begin, alongside design validation and prototype testing. It's a precursor to mass production on the device getting underway, which puts it on course for a debut in September next year.

We don't get too much more information about the iPhone 17 Air from this report, but DigiTimes again draws a link to a potential folding iPhone. If Apple can successfully produce a super-thin iPhone, it will help in the development of a folding model too.

Squeezing space

Like this, but significantly thinner (Image credit: Future)

The iPhone 17 Air is rumored to be a mere 6mm thick, which makes it substantially slimmer than the iPhone 16 Plus that it's supposedly replacing – that phone measures a relatively chunky 7.8mm from front to back.

Sources have suggested that the phone is going to come with a single rear camera, placed in the center at the top. The handset might also be too slim to fit a SIM card slot in, so it'll rely entirely on eSIM technology.

There are obvious challenges with making a super-skinny iPhone, such as managing to fit all the necessary circuitry in there without it overheating. No doubt the experience of manufacturing the various iPads will stand Apple in good stead here.

Whatever Apple has got planned for the iPhone 17 Air, it should make an appearance alongside three other iPhone 17 models sometime in September 2025. Before then, we should get the launch of the iPhone SE 4.

You might also like

• The iPhone 17 could borrow a Pixel design idea
• Apple's foldable iPhone is now more than just a concept
• New iPhone 17 chipset, camera, and display leaks

Don't uninstall those rarely used apps. Just securely stash them in the cloud until the next time you need them, and free up space on your phone in the meantime.

The league leaders host the in-from Cottagers at Anfield.

The Gunners host the Toffees as they look to put pressure on leaders Liverpool.

Choose the best home tech gifts for any renter you know — without causing landlord or lease problems by accident.

In the West, where herds of thousands of cattle are common, researchers are seeing cases rise at poultry and dairy operations. More than 50 workers have contracted the virus.

Plus: The US indicts North Koreans in fake IT worker scheme, file-sharing firm Cleo warns customers to patch a vulnerability amid live attacks, and more.

While many people cope with loneliness, older adults are more likely to be impacted, according to a new report.

Looking for the best internet in Columbia, Maryland? You can choose from a variety of high-speed, dependable and budget-friendly internet service providers. Here are CNET's top picks.

• EU citizens share opinions on the use of AI in everyday lies
• Younger citizens are happy to include it in democratic procedures
• Older citizens are more fearful, and wouldn't trust its use in elections

A new report from IE University in Madrid suggests a decent level of support for the implementation of AI in security and surveillance, with many Europeans favoring the use of technologies like facial recognition and biometric data.

However, concerns about AI’s role in elections and public decision-making highlight the complex relationship between trust in AI and fears of manipulation.

According to the study, 75% of respondents support the use of AI technologies by police and military forces. Given Europe’s stringent data privacy laws, such as the General Data Protection Regulation (GDPR), the fear of authorities or AI misusing data is far lower than it would be in the US. GDPR imposes severe penalties for non-compliance, with fines reaching up to 4% of a company’s annual revenue or 20 million euros, whichever is higher.

Fear of manipulation persists

While many Europeans are comfortable with AI’s use in public administration and security, they express significant concern about its impact on elections. The report found that 67% of respondents fear that AI could manipulate democratic processes, particularly by spreading misinformation.

Moreover, nearly a third (31%) of Europeans believe AI has already played a role in shaping their voting decisions, underscoring the growing influence of these technologies in political campaigns.

The public enthusiasm for AI use in some areas like traffic management is high with 79% of respondents supporting its use in optimizing transportation systems. However, opinions shift when AI is applied to more sensitive tasks, such as deciding parole outcomes, with 64% opposing its involvement in judicial matters.

The younger generation, aged 18 to 34, is more open to the idea of delegating political decisions to AI and about 34% of respondents in this age group said they would trust an AI-powered app to vote on their behalf.

Only 29% of individuals aged 35 to 44 would consider using AI to cast their votes. The skepticism becomes even more pronounced among older adults, with just 9% of people aged 65 and above willing to trust AI in the voting process.

Via CNBC

You might also like

• These are the best AI writers
• Take a look at the best firewalls
• Some of the world's biggest tech firms have signed up to the EU's promise for safe AI

Why buy them one or two games when you can give them access to hundreds?

Apple’s AirPods Pro 2 have some added hearing-aid capabilities. How well do they work in practice? I asked my grandmother, who is in her eighties, to try them for a week.

Choose the best internet provider in Jackson, Mississippi, with a little help from CNET’s broadband experts.