Illegal structures demolished earlier this week in 5 Cays

first_imgFacebook Twitter Google+LinkedInPinterestWhatsApp Facebook Twitter Google+LinkedInPinterestWhatsAppReportedly placed under pressure by the planning department, owners of some 6 acres of property in the Five Cays community were forced to start demolition of illegal structures earlier this week. Reports are the Planning Department served the owners of the land with notices to clear their property of some 50 structures. Eight frames have already been mowed down causing raging reactions by those who feel they are justly residing at the site. Word is a January 8, eviction notice has been given by landowners to the occupants which is owned by James Cox and his family; news break understands that sections of the land have been rented since 1998 and rent runs from $50- $200 depending on the size of the parcel occupied. Related Items:last_img read more

Govt not spying on Bahamians says AG Bethel to Jamaica

first_imgFacebook Twitter Google+LinkedInPinterestWhatsApp Related Items:#argumentheatsuponspybill, #Bahamasspybill, #magneticmedianews Facebook Twitter Google+LinkedInPinterestWhatsApp#Bahamas, October 23, 2017 – Nassau – While arguments on the so called, ‘Spy Bill’ are heated even now, The Bahamas Government is defending itself from social media rumors that there is already some sort of spying happening.   The Jamaica Observer had the Attorney General and Legal Affairs Minister, Carl Bethel denying the charge.AG Bethel said that he is aware of an anonymous and untrue posting being circulated on social media which purports to warn users of alarming alleged monitoring of social media.    Bethel added, “the Government of The Bahamas and its Law Enforcement Agencies are not engaged in the collection of any form of what is called “meta data” on the private social postings of residents of our Country.”It was further explained that law enforcement agencies can only act if there is a crime reported.“Any interception of any form of private communications can only take place in respect of a specific allegation of the commission of a crime under Bahamian Law.”#MagneticMediaNews#argumentheatsuponspybill#Bahamasspybilllast_img read more

Four couples to win surprise proposal and dream wedding in The Bahamas

first_imgFacebook Twitter Google+LinkedInPinterestWhatsApp Facebook Twitter Google+LinkedInPinterestWhatsApp#Bahamas, November 21, 2017 – Nassau – The Bahamas Ministry of Tourism Romance Department has launched a unique social media competition, in a joint initiative with Paparazzi Proposal.   Online entrants, using the hashtag, #sayyesinthebahamas, can now register until December 15, 2017 to be one of the lucky winners of a dream wedding in, of course, The Bahamas.The couples entering the competition must submit a photo and a 100-word story on why they hope to have their surprise wedding take place in the pristine islands of The Bahamas.   A panel of judges will decide, the winning couples will be flown into four amazing islands says the planners:  Abaco, Exuma, Nassau and Paradise Island.Freda Malcolm, Director of Romance for the Ministry said, “We are excited about the opportunity of sharing our romantic destination with these couples while highlighting the wide array of wedding programs available within our diverse and beautiful country.”The Bahamas has the distinction of being named in 2015 as the World’s Leading Wedding Destination.#MagneticMediaNews#sayyesinthebahamas Related Items:#magneticmedianews, #sayyesinthebahamaslast_img read more

Subcommittee Chairman Appears to Favor Consolidation Plan for Exchanges Commissaries

first_img Dan Cohen AUTHOR After gaining support among top DOD leaders, a plan to consolidate the military’s commissary and exchange systems now may be favored by a key lawmaker responsible for personnel policy.Rep. Joe Heck (R-Nev.), chairman of the House Armed Services Military Personnel Subcommittee, has been reviewing the report of the Military Compensation and Retirement Modernization Commission, which in January called for consolidating DOD’s three exchange services with the Defense Commissary Agency into a single Defense Resale Activity.The commission concluded the move would generate $426 million in annual savings by fiscal 2020 by combining many of the activities’ back-end office and support functions such as logistics and staffing. The extent of Heck’s support may become clear on Thursday when his subcommittee marks up its portion of the FY 2016 defense authorization bill, reported Stars and Stripes.The Pentagon, meanwhile, appears to be moving ahead with the consolidation plan at the same time it has proposed slashing funding for commissaries by $322 million in FY 2016 and by $1 billion the following year. The department’s FY 2016 budget request calls for U.S. commissaries to be operated more like a business, forcing the grocery stores to reduce customer discounts. DOD’s cost-saving reforms also would trim staff, store hours and the days stores are open.Opponents of the proposed commissary reforms — including advocates for military shoppers, and manufacturers and suppliers doing business with base stores — last week told the armed services committees that DOD’s plan “will destroy the commissary benefit” and “severely impact young families and fixed-income retirees,” according to the story.Significantly reducing the commissary benefit will eliminate tens of thousands of “much needed jobs for the military community,” according to the April 16 letter from the Coalition to Save Our Military Shopping Benefits.last_img read more

What Business Owners Need to Know About Protecting Their Data

first_imgFebruary 1, 2019 With the recent rush toward enhancing consumer data protection due to GDPR and other privacy regulations that have taken effect, businesses have strengthened their platforms toward better protecting and securing user data. But is this enough? What do you need to know as a business owner, entrepreneur or manager?Recent vulnerability reports prove that even major ecommerce and social platforms can easily become an attack vector for cross-site-scripting (or XSS) attacks, and these happen even if the platforms themselves are secure. With vulnerabilities in third-party application providers being used by major customer-facing platforms, there is an increased risk that user data will be exposed to malicious players. This is the risk we all face, unfortunately. Data privacy regimesPerhaps the biggest tech news in 2018 was the enforcement of the European General Data Protection Regulation, which sought to protect European Union citizens’ personal data from being collected and utilized without consent. With the GDPR, any business that handles data on E.U. citizens, or which counts E.U. citizens as among their clients, will need to explicitly inform said users of data gathering efforts, and seek explicit content for doing so.GDPR has had its impact even outside of Europe since any business that provides services to E.U. citizens or residents will need to comply. In addition, there have been numerous privacy-focused regulations that are also in effect worldwide, given the recent consumer and business focus on data privacy, which are all good things that are working to protect us.Even with an increased focus toward enhancing privacy, however, there are still a lot of risks involved when it comes to businesses losing user data to malicious hackers. For one, given the collaborative nature of services (e.g., an ecommerce store utilizing a payment processor or a logistics provider), the weakest link here would be the service that can introduce a potential breach. In this regard, the moment a third-party application puts the user at risk, the entire operation could already be compromised.XSS in a nutshellIn the simplest explanation, XSS attacks are a form of data-injection, wherein malicious client-side code is injected by an attacker into an otherwise legitimate website. This works by injecting code — usually JavaScript — into a website or web app’s output, often working through forms such as search fields, feedback forms, forum text entry fields and even cookies stored on a user’s browser.When an unsuspecting user accesses an affected website, the injected code has the potential to deliver a payload, which can include executing code, stealing data, controlling a user’s session or installing backdoors to a computer system or network.Such attacks are borne by the need for today’s websites to be interactive. With the numerous interactions between browser and server over a single session, XSS can even be used to pull content from a third-party website, use existing cookie data (which can include usernames and passwords), or interact directly with an app’s client-side processes.What platforms have been vulnerable?A recent DOM-XSS (document object model-XSS) exploit has been found on prominent social networking and ecommerce sites including Tinder, Shopify and Yelp, reports VPN Mentor late in 2018, exposing as many as 685 million users globally to data theft.Digging deeper into the potential extent of the risk, the security researchers discovered that the XSS vulnerability included money transfer service Western Union and image sharing service Imgur. Other services affected by the vulnerability were Canva, Letgo, Lookout, Fair, Amazon Music, TicketMaster and Reddit, among others.The weak point is assumed to have originated in a third-party mobile linking platform that unifies user experiences across different devices and channels. The service has an alias subdomain for its partner sites (including the ones listed above), and clicking on links pointing to these subdomains may have rendered users vulnerable to data theft through scripts injected by malicious hackers.What can businesses and users do?The company involved has promptly fixed the potential vulnerability after receiving reports of the XSS risk. However, this precludes the possibility that attackers may have discovered the vulnerability and exploited it to steal data. Therefore, this means that users who have recently or regularly used services detailed above like Tinder, need to double check if their accounts are not compromised. Password changes and browser cache/cookie clearing might be a good idea.For businesses, meanwhile — especially those that run consumer-facing platforms, or even those that utilize websites for employee access — there are several methods to minimize the risks, as explained by ComputerWeekly, associated with XSS. This involves building applications with a tight security development lifecycle. This means constantly building and updating in order to reduce or eliminate security-related errors in design and coding. This also means assuming that all data that is being received by the application can potentially come from an untrusted source, even if it comes from users who are already logged in and authenticated.As such, some changes that can be adopted for entrepreneurs, business owners and managers can include:Not trusting user input blindly. This means constantly validating the input for type, length, format and data range whenever such data goes across trust boundaries;Reducing client-side input, to preclude the possibility of unwanted code or character sets being passed through;Setting a webpage’s character set to the bare minimum (ISO-8859-1), which is enough for English and most European languages;Asking users to re-authenticate before accessing critical services;Immediately expiring login sessions if access from multiple IP addresses is detected;Utilizing vulnerability scanners to keep track of such risks in real-time;And conducting penetration testing before an application or website goes live.The takeawayAs XSS attacks have been all over the headlines, it makes sense to focus on preventing security risk, especially in the light of calls for better data privacy and protection. This is important today, given the fact that most sites will not work without client-side scripting.If this has still gone above your head, make sure to contact your webmaster and have him or her walk you through these important points regarding data protection. Knowing that major social networks and services have actually been at open risk to a big XSS attack, both businesses and users need to be proactive about their security. Free Webinar | Sept 5: Tips and Tools for Making Progress Toward Important Goals Opinions expressed by Entrepreneur contributors are their own. 6 min read Attend this free webinar and learn how you can maximize efficiency while getting the most critical things done right. Register Now »last_img read more

GitHub announces beta version of GitHub Package Registry its new package management

first_imgUpdate: At WWDC 2019, GitHub added support for Swift packages to GitHub Package Registry. Swift packages make it easy to share your libraries and source code across projects and with the Swift community. Last Friday, GitHub announced a new package management service to allow developers and organizations to easily generate “packages” from their code. Called the GitHub Package Registry, this service allows developers to publish public or private packages next to their source code. “GitHub Package Registry is compatible with common package management clients, so you can publish packages with your choice of tools,” Simina Pasat, director of Product Management at GitHub, explains in the official announcement. The GitHub Package Registry is available in limited beta for now. However, it will always be free to use for open source. The new service is currently compatible with JavaScript (npm), Java (Maven), Ruby (RubyGems), .NET (NuGet) and Docker images, with support for other languages and tools to come. Packages hosted on GitHub will include detailed insights such as download statistics and project/package history. Developers can also publish multiple packages of different types for more complex repositories. They can also customize publishing and post-publishing workflows using webhooks and GitHub Actions. GitHub Package Registry has unified identity and permissions meaning packages on GitHub inherit the visibility and permissions associated with the repository. This means, organizations no longer need to maintain a separate package registry and mirror permissions across systems. They can use a single set of credentials across different systems for code and packages, and manage access permissions with the same tools. Developers are generally enthusiastic about the new GitHub Venture. Here are some positive comments from a thread on Hacker News. “This is really outstanding. GitHub Package Registry separates the registry from the artifact storage, which is the right way to do it. The registry should be quick to update because it’s only a pointer. The artifact storage will be under my control. Credentials and security should be easier to deal with. I really hope this works out.” “This is pretty interesting. Github really is becoming the social network that MS never seemed to be able to create. We already use it as our portfolio of work for potential employers. We collaborate with fellow enthusiasts and maybe even make new friends. We host our websites from it. Abuse it to store binaries, too. And now, alongside, source code we can use it as a CDN of sorts to serve packages, for free, sounds pretty great.” “It’s a really nice project overall, having a GitHub Package Registry that supports many different projects and run by a company that today is good, is always nice.” Read Next GitHub deprecates and then restores Network Graph after GitHub users share their disapproval Apache Software Foundation finally joins the GitHub open source community Introducing Gitpod, a one-click IDE for GitHublast_img read more