A new tool called Lifeseeker could help search and rescue teams find missing people in minutes using their cellphones. The technology acts as a miniature cellphone tower, allowing rescuers to pinpoint cellphone locations within a 3-mile radius, significantly improving the efficiency and success rate of search missions in challenging terrains. The Colorado Sun reports: "As we detect the phone, basically a blotch shows up on the map and as we fly around that area, that blotch gets smaller and smaller and smaller until we can see exactly where they are," said Dr. Tim Durkin, a search and rescue program coordinator for Colorado Highland Helicopters. "That process of detecting, focusing on one specific location takes about a minute -- not really very long at all." Depending on the situation, search and rescue teams can then send in ground crews with the person's location or land the helicopter if there's a clearing nearby and conditions allow for a safe landing, Durkin said. During a test mission in La Plata Canyon northwest of Durango, search crews found the two people they were looking for within two minutes and 14 seconds, Durkin said. The technology, called Lifeseeker, was developed by Spain-based company CENTUM research & technology and is in the process of being approved by the Federal Communications Commission before it can be sold to the state or counties hoping to use it for their SAR efforts, he said. [...] The radio-based technology needs a clear view of the terrain without interference to pick up the signal of the cellphone. If the conditions and terrain are favorable, it can detect a cellphone up to nearly 20 miles away. It takes about three minutes to attach the Lifeseeker unit inside a helicopter when needed for a search and rescue mission, Durkin said. SAR can also use the tool to send text messages to the missing person, for example, advising them to stay in one area if they are hurt or move to a clearing for a helicopter to pick them up. The tool also has a broadcast function that allows SAR to send out a message to a group of people within a certain range, similar to an Amber Alert for a missing child, to warn them of a wildfire or flood, Durkin said.

Read more of this story at Slashdot.

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp. The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

Read more of this story at Slashdot.

Jessica Lyons reports via The Register: The FCC appears to finally be stepping up efforts to secure decades-old flaws in American telephone networks that are allegedly being used by foreign governments and surveillance outfits to remotely spy on and monitor wireless devices. At issue are the Signaling System Number 7 (SS7) and Diameter protocols, which are used by fixed and mobile network operators to enable interconnection between networks. They are part of the glue that holds today's telecommunications together. According to the US watchdog and some lawmakers, both protocols include security weaknesses that leave folks vulnerable to unwanted snooping. SS7's problems have been known about for years and years, as far back as at least 2008, and we wrote about them in 2010 and 2014, for instance. Little has been done to address these exploitable shortcomings. SS7, which was developed in the mid-1970s, can be potentially abused to track people's phones' locations; redirect calls and text messages so that info can be intercepted; and spy on users. The Diameter protocol was developed in the late-1990s and includes support for network access and IP mobility in local and roaming calls and messages. It does not, however, encrypt originating IP addresses during transport, which makes it easier for miscreants to carry out network spoofing attacks. "As coverage expands, and more networks and participants are introduced, the opportunity for a bad actor to exploit SS7 and Diameter has increased," according to the FCC [PDF]. On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers' locations. The FCC has also asked carriers to detail any exploits of the protocols since 2018. The regulator wants to know the date(s) of the incident(s), what happened, which vulnerabilities were exploited and with which techniques, where the location tracking occurred, and -- if known -- the attacker's identity. This time frame is significant because in 2018, the Communications Security, Reliability, and Interoperability Council (CSRIC), a federal advisory committee to the FCC, issued several security best practices to prevent network intrusions and unauthorized location tracking. Interested parties have until April 26 to submit comments, and then the FCC has a month to respond.

Read more of this story at Slashdot.