DJIA: 18,126.12  -36.87 (-0.20%) | NASDAQ: 5,097.976  -8.618 (-0.17%) | S&P 500: 2,120.79  -2.69 (-0.13%) Markets status unavailable

  • Show Article Details

    Crude-oil futures extended gains in Asian trade Friday, helped by a decline in U.S. oil inventories and a softer U.S. dollar. On the New York Mercantile Exchange, light, sweet crude futures for delivery in July traded at $58.39 a barrel, up $0.71 in the Globex electronic session. July Brent crude on London's ICE Futures exchange rose $0.58 to$ 63.16 a barrel.

  • Show Article Details

    There are still a few coal mines in the Chicago area, but no canaries. A figurative one, though--the city's regional manufacturing index--sung "recession" in February, surprisingly dropping to its lowest level in nearly seven years. National surveys and eventually economists began to agree as more data poured in, cementing the regional survey's reputation as a harbinger of change for the broader U.S. economy.

  • Show Article Details

    WASHINGTON-- Congressional staffers are raising more questions about an alleged leak of confidential Federal Reserve information, according to a report Thursday. Bloomberg said that investigators want to know why the Fed didn't report the leak to law enforcement authorities early on and why the U.S. central bank allowed internal probes to lapse without discovering who provided the information to the newsletter owned by Medley Global Advisors. It also appears the Fed...

  • Show Article Details

    * Kocherlakota has wanted easier policy than colleagues since 2012. * 'I hope they are right, and I am wrong,' he says. * Plans retirement in early 2016. Minneapolis Federal Reserve President Narayana Kocherlakota on Thursday said he was disappointed that he has been unable to convince his colleagues to keep monetary policy as easy as he thinks it should be, and delay raising rates until 2016.

  • Show Article Details

    Another week, another dire warning about the technology used to secure online communications. Internet security researchers are warning about a previously undisclosed  vulnerability that affected all modern Web browsers — a weakness that could allow an attacker to snoop or even change communications thought to be secure.The origins of the problem can be traced to the 1990s, when the government waged a policy debate know as the "Crypto Wars" over the digital technologies now widely used to keep online communications safe. But the debate, once counted as a win by privacy advocates, is now raging again — and technologists warn it could have similarly dire consequences.The government classified encryption — a process that scrambles up information so that only those authorized can decode it — as a munition and tried to limit the spread of the most robust forms outside the United States through strict export rules on military technologies. But even though the United States reversed course by the end of the decade, the rules were so ingrained in technologies that make the Web run, they're still causing problems today."The original goal of export controls was to keep strong encryption inside the U.S. — the hope was that by forcing the software industry to use weak encryption we could keep strong security out of the hands of bad guys," said Alan Davidson, who worked on the issue at the Center for Democracy & Technology during the '90s and was the director of New America's Open Technology Institute when interviewed. (He just accepted a position as digital economy director at the Commerce Department.)"But even then the notion of making strong encryption a thing for people in the U.S. that couldn't be accessed by those outside of the U.S. didn't make sense," Davidson said. It created a double standard that left innocent Internet users abroad less secure, he said, and once the encryption genie was out of the bottle, it was impossible to shove back in.And even now, long after the most restrictive export rules on encryption have been lifted, the legacy of that policy is still leaving Internet users around the world less secure, experts say."You mandate people do certain things that are insecure, you're going to have a lot of nasty unintended consequences that last for a long time," said Matt Green, one of the authors of the report that revealed the latest vulnerability, dubbed "LogJam," and a computer science professor at Johns Hopkins University.LogJam, which was first reported by the Wall Street Journal last week, affects the basic design of transport layer security, or TLS, which is widely used to secure things like online payments.  When in use to protect Web traffic, it is often noted with a green lock in a Web browser's address bar. It is a sort of cousin to a similar bug known as FREAK that was disclosed earlier this year by The Washington Post, also based on the work of an international team of cybersecurity researchers. Green helped coordinate the disclosure.Here is how an attack featuring the vulnerability would work: A bad guy on the same network as a user can trick the victim's system into using an unusually short encryption "key" -- the string of characters used to keep traffic private -- when it uses a common method for exchanging  those keys known as Diffie-Hellman.Shorter keys are weaker. And if the server a user connects with is using one of a handful of common set-ups, a prepared attacker would be able to break the encryption in a matter of minutes, according to the researchers — foiling the protection users depend on to keep their data safe.They estimate the bug affected over 8 percent of the top 1 million Web sites, along with some e-mail servers.But the reason those weaker keys exist inside the protocol at all is that the U.S. government forced software makers to put it there decades ago, during the Crypto Wars.The original Crypto WarsFor a long time, digital encryption research and deployment in the United States was dominated by the National Security Agency and the military. But then the first private-sector encryption software started coming out — based on concepts like Diffie-Hellman."The basic idea, as it came together in the late 1970s, was a way that two people who have never met before can agree on a shared encryption key over a public channel," explained Green. That turned out to be hugely important when the commercial Internet was getting started because it provided a way to secure online communications without having to physically transfer a secret key."People building the new commercial internet wanted encryption because the Internet was insecure at its core," said Peter Swire, a professor of law and ethics at the Georgia Institute of Technology and senior counsel at law firm Alston & Bird, who was part of the encryption debate during the Clinton administration. "Without encryption, senders and recipients didn't know what servers in the middle would have access to their communications," he said.So encryption was a huge deal for the Internet. But it also worried law enforcement officials, who feared that criminals or militants in other countries would use the security it provides to prevent the U.S. government from tracking their activities — putting potential victims in greater danger.At one point the NSA promoted a device called a Clipper Chip. It was designed to give the government the ability to decrypt communications with judicial process. Essentially, it was what many cryptography experts call a back door. But researchers discovered vulnerabilities in the technology, and it was never widely deployed.The part of the Crypto Wars that played into this latest security issue are export controls: The government classified encryption technology as military equipment and set a limit on the length of keys software makers could put in products for overseas customers.There was an "excruciating permit process" for companies hoping to export software or hardware with strong encryption, according to Swire. And the end result of export key length restrictions was "that government super computers could try all the keys and open up targeted communication." Essentially, it was a way to ensure a type of brute force back door.Privacy advocates and technologists railed against the policy — and by the end of the decade it looked like they had won. "At the end there was, if not total consensus, a widespread belief by both sides of the aisle and those in the administration that export controls weren't sustainable -- and back doors did more harm than good," Davidson said .In September 1999, while Swire was serving as the chief counselor for privacy at the Office of Management and Budget, the Clinton administration reversed course on export controls. There remain some restrictions on exporting encryption products today, but they pale comparison to the ones in place during the heyday of the Crypto Wars.Unfortunately, the aftershocks of the old restrictions are still being felt by consumers, who live in a less secure digital world now because of them.Even though the export control policy was changed more than a decade and a half ago, researchers are still finding that protocols relied upon by the Internet at large and used in the default settings of some systems retain traces of the restrictions.Because of the rapid growth in processing power available to the public over the past few decades, decryption that once required government super computers is within reach of more run of the mill cybercriminals.  Or, as the researchers who documented LogJam proved, academics.A Crypto Cold War? Revelations from former NSA contractor Edward Snowden suggest the Crypto Wars may not have actually ended. Instead, it seems as though intelligence agencies took the debate underground resulting in a sort of Crypto Cold War that privacy advocates weren't even aware they were fighting.The NSA waged a covert fight against encryption, according to a story based on Snowden documents published in 2013 in partnership between the Guardian, the New York Times (NYT) and ProPublica. As part of that campaign, the agency worked to undermine encryption security standards issued by the National Institute of Standards and Technology, the outlets reported. (NIST has denied it would "deliberately weaken a cryptographic standard.")"That was a huge blow to trust in the system — it crossed a line that many had not expected," said Davidson.But that wasn't all: In 2010 the spy agency had a breakthrough that made "vast amounts" of encrypted data collected by tapping into the Internet backbone "exploitable," according to a document from the NSA's partners at the British intelligence agency GCHQ, published by the Guardian, the New York Times (NYT) and ProPublica.The details of the breakthrough weren't revealed in the documents. But in the paper on LogJam, researchers speculate that the NSA's level of access to computing power and Internet infrastructure means they might be able to use the same type of attack possible against the short keys left behind because of '90s-era export controls against more robust key lengths in use today.Because there are a small number of fixed or standard Diffie-Hellman groups relied upon by many servers today, a nation-state actor like the NSA may be able to pre-compute enough of the information needed to decrypt the data in near real-time, the researchers argue.This particular method, they speculated in the paper, seems to match up with Snowden documents describing how the spy agency is able to break into encryption Virtual Private Networks — a tool used to protect Web traffic from eavesdroppers via encryption — released by German magazine Der Spiegel. Green is quick to note that there is no smoking gun, but said "if you look at those documents and read them in light of what we know about these attacks, it's really consistent."The NSA did not immediately respond to a Washington Post request for comment on this theory.Crypto Wars ReduxNow, thanks in part to the Snowden revelations, the debate over encryption is back in the public sphere. In a bid to regain customer trust, tech companies like Apple and Google (GOOG) are working to automatically encrypt more devices and services in ways that even they can't unlock if faced with a legitimate court order.This has law enforcement officials returning to calls for mandates that tech companies build in ways for the government to access protected communications — albeit with some new twists, such as an idea floated by NSA director Adm. Michael Rogers that would involve splitting up encryption keys in an effort to make them harder for hackers to exploit.But tech companies and encryption experts appear unconvinced — arguing so-called back doors would undermine the security of the users."Whether you call them 'front doors' or 'back doors', introducing intentional vulnerabilities into secure products for the government’s use will make those products less secure against other attackers," a recent letter to President Obama signed by companies like Google (GOOG), Microsoft (MSFT), Apple and Facebook (FB) as well as civil liberties groups and computer security experts said. "We urge you to reject any proposal that U.S. companies deliberately weaken the security of their products."A recent report from the United Nations special rapporteur on the promotion and protection of the right to freedom of opinion and expression echoed those concerns. "States should avoid all measures that weaken the security that individuals may enjoy online, such as back doors, weak encryption standards and key escrows."Meanwhile, the LogJam vulnerability serves as a case study on the long-term chaos that can result from weakening the security of software.Major browser makers and security researchers deliberated for months about how to respond to the issue, according to Green, ultimately deciding on a fix that would leave thousands of Web sites unavailable once enacted. And when the vulnerability was disclosed, only Microsoft (MSFT) had released a patch for the latest version of Internet Explorer already out, although others were at work on their versions.Essentially, cleaning up the fallout from ideas that seemed like reasonable compromises to policymakers at the time in the '90s has turned into a headache that is still still hurting innocent Internet users today.And that is making computer security advocates even more committed to fight against what they see as a revival of the Crypto Wars.  "The reason you saw so many people now coming out against back doors is because we already had this debate — and the lessons from the '90s are still true," Davidson said.This post has been updated to clarify Green's role in the disclosing the FREAK vulnerability. 




  • Show Article Details

    For details of foreign central banks' holdings of U.S. marketable securities held at the Federal Reserve, see: http://www.federalreserve.gov/releases/h41/Current/h41.pdf.

  • Show Article Details

    Welcome to Main Street Morning, The Washington Post’s daily collection of news affecting entrepreneurs, start-ups and small businesses with a special focus on policy and government.Here’s what’s affecting my small business my clients and other entrepreneurs today.WashingtonThe Federal Communications Commission looks to crack down on robocalls and robotexts.The ElectionsElizabeth Warren tells techies to stop making issues wonky and get real.The Economy23 states had unemployment rate decreases in April.Former Fed chief Bernanke sees no risk of a hard landing in China and is bullish on the U.S. economy.U.S. banks increased their profits seven percent in the first quarter.ManagementBig corporation or scrappy startup: what’s the right company culture for you?These are the top five ways to reduce plant shutdowns.An airline food company is ordered to pay living wages to its employees.A few former owners share tips for closing businesses.EntrepreneursThis test tells you whether you’re really cut out to be an entrepreneur.How this entrepreneur went from flat broke at age 37 to self-made millionaire.RetailKohl’s finds a brilliant way to profit from a huge waste. RestaurantsHow salad lunches are killing American leather.A dispute over who gets the last rib at a BBQ restaurant leads to a lady getting stabbed in the eye with a fork.Sales and MarketingFive marketing tips for the entrepreneur without marketing experience.Mobile trackers are infiltrating the food court as firms fight for more shopper data.These are five new ways to market your brand.A Delta pilot orders pizza for a delayed flight.FinanceDocuSign raises more cash from Intel (INTC) and Dell.How private equity investors can win in the crowded healthcare arena.Start-upsAn online auto sales start-up is raising $300 million to expand nationwide.TechnologyAn expense tracking service could be the fastest growing ERP software in the world, according to new research.Data shows that tablets could be falling out of favor.How the Internet of Things can help grain operations.This gadget could transform office meetings.Google (GOOG) pledges funding for 3D-printed prosthetics.Apple exec: “The car is the ultimate mobile device.”OnlineIn five years, 80 percent of the whole Internet will consist of online video.These are 10 online invoicing services for small-business owners.Nine common mistakes that may kill your business online.Social MediaAn artist takes someone else’s Instagram photo — and sells it for $90,000.This is a listing of the most popular social media platforms used by marketers in 2015.Twitter overtakes LinkedIn (LNKD) as the number one social media site for salespeople and is giving advertisers more user data in the hope that they spend more.PeopleFlorida’s Department of Economic Opportunity has decided that an Uber driver is eligible for unemployment because he was, despite Uber’s claim that drivers are independent contractors, previously employed by the ride-hailing startup.Cash FlowHow to run your business on $100 a month.Around the CountryDetroit’s Police Chief tells reporters he wouldn’t gas up in Detroit late at night unless he had to.A concrete business owner in Florida is charged with illegal dumping.Coworking is booming in Chicago (and Dallas too).Google (GOOG) brought $2.76 billion in economic activity to Georgia in 2014.How these businesses located near a Maryland university survive when the students go home.Around the WorldHow big data and the Internet of Things have improved public transport in London.Venezuela has the world’s highest inflation rate.Gene Marks owns the Marks Group  a Bala Cynwyd  Pa.  consulting firm that helps clients with customer relationship management. Follow Gene Marks and On Small Business on Twitter.News we should know about? Email us here.




  • Show Article Details

    Louis Fed President James Bullard said Thursday he wants to see "confirmation" that the economy is bouncing back before raising interest rates. In an interview with Bloomberg Radio said the weak first quarter gross domestic product was "a little suspect" due to seasonal adjustment quirks. "But for policy, I think, we need that confirmation in order to be sure the first quarter number was not as weak as it might initially appear," he said.

  • Show Article Details

    The good news: household income is starting to show some movement. The bad news: most families are still worse off than they were before the Great Recession. That's according to the latest data from Sentier Research, which derives the results from government figures.

  • Show Article Details

    The Federal Reserve should strive to replicate for the next three years the labor market gains seen in 2014, said Narayana Kocherlakota, the president of the Minneapolis Fed on Thursday. In a speech in Helena, Mont., Kocherlakota said such improvement would bring labor market conditions back to their pre-Great Recession levels. "It follows that monetary policy makers should be extraordinarily patient about reducing the level of monetary accommodation," Kocherlakota said.

  • Show Article Details

    A U.S. interest rate hike this year would be a mistake, a top Federal Reserve official said on Thursday, and would represent a missed opportunity to boost employment and too-low inflation in an economy that has plenty of room to grow.

  • Show Article Details

    Renewable energy use in the United States hit its highest level last year since the 1930s. The country used green energy to meet 9.8% of its total energy needs, the Energy Information Administration reported Thursday. It was the highest percent of green energy in 85 years when people relied on wood on a much greater scale to heat their homes.

  • Show Article Details

    Federal regulators hope to bridge a yawning gap in Internet adoption by expanding a subsidy program for poor Americans that for years has helped millions connect to basic telephone service.Tom Wheeler, the chairman of the Federal Communications Commission, will circulate a proposal to his colleagues Thursday that would radically update the 30-year-old aid program, known as Lifeline, according to FCC officials who spoke on the condition of anonymity because the plan is not yet public.For the first time, the proposal would allow program participants to apply their discounts to standalone high-speed Internet service. Although Lifeline supports broadband when it comes bundled with phone service, it currently does not allow the poor to use the $9.25-a-month subsidy to pay for independent Internet plans.The amount of the monthly credit is unlikely to rise under Wheeler's proposal, an agency official said. Rather, it will focus on expanding choices for low-income consumers so that they aren't limited to buying certain devices or plans. It will also seek to increase the number of telecom and broadband providers that participate in Lifeline.The FCC could approve the measure by as early as its next meeting, on June 18. In so doing, Wheeler would be reinforcing his argument that the Internet is as crucial a tool for connectivity and development as phone service was in the 20th century.[Should the government pay for people's iPhones?]Ninety-nine percent of the wealthy are connected to the Web in some way, according to the Pew Research Center. But poorer Americans lag far behind. Top FCC officials have argued that greater Internet access would help pull these Americans out of poverty."Too many of our citizens are stuck in digital darkness," FCC Commissioner Mignon Clyburn said in a speech last week, "without the primary tool needed for seamless communications for health care, education, civic participation and professional advancement."The lack of connectivity among low-income Americans disproportionately affects minorities and children. As many as 5 million U.S. households with kids do not have access to high-speed Internet at home, driving some to seek out WiFi at fast-food joints just so they can complete their homework.Compared with their wealthier peers, families that make less than $50,000 a year and have kids ages 6-17 are roughly four times as likely to lack high-speed Internet, according to the Pew Research Center.The agency's Democratic commissioners, such as Clyburn, are likely to welcome Wheeler's proposal. But it will provoke a fight with Republicans on the commission who believe that the fund supporting Lifeline and other FCC subsidy programs has grown too large, too quickly.The debate is likely to focus on two key issues, analysts say. First will be how Lifeline recipients can apply their discount to broadband. Wheeler's proposal, which was first reported by the New York Times (NYT), is expected to offer program participants a choice of either phone service, broadband or "a mix of both."Another point of contention is who should be responsible for determining participants' eligibility, and how. Telecom companies are required to perform checks to ensure that no Lifeline recipient is benefiting from the program more than once. But this approach has come under scrutiny amid allegations of waste and fraud in the program, and the FCC has in recent years sought to eradicate it. Providers of phone service have requested that an independent third party be appointed to manage the process, and Wheeler's proposal is likely to address the issue.The coming fight over Lifeline raises inevitable questions over who should help pay for the low-income discounts. The program is funded by fees from telephone companies and consumers. But with the FCC poised to add broadband to the program, it's possible that the agency could ask Internet providers to chip in, too.For the moment, the FCC has explicitly decided not to do so. The agency is waiting for a formal recommendation on the matter from a bipartisan group of state and federal officials known as the Federal State Joint Board on Universal Service. But on the heels of the FCC's net neutrality rules — which technically open the door to fees for Lifeline and other aid programs — industry advocates fear Internet providers would be required to pay up.Read more:Sick of telemarketers and robocalls? The FCC is poised for a crackdown.How the battle for the future of the Web is shaped by economicsIn Kansas City, few poor people, renters sign up for Google Fiber




  • Show Article Details

    Fed would target economic growth rate that includes inflation. WASHINGTON-- The uneven results of the Federal Reserve's monetary policy since the financial crisis should cause new thinking about how to conduct interest rate policy, said St. Louis Fed President James Bullard on Thursday in advocating for a new, controversial target.

  • Show Article Details

    WASHINGTON-- There was good news for the U.S. housing market Thursday morning: A gauge of upcoming sales of existing homes rose last month to the highest level in nine years, the National Association of Realtors reported. But that jump doesn't guarantee large sales growth in coming months. Typically, the pending-home-sales index is a good guide to upcoming closings, leading final sales by a month or two.

  • Show Article Details

    A gauge of pending home sales increased in April for the fourth consecutive month to reach the highest level in nine years, signaling that upcoming deals could pick up, a trade group said Thursday. The index from the National Association of Realtors reached a seasonally adjusted 112.4 in April, up 3.4% from 108.7 in March and 14% from a year earlier. "Realtors are saying foot traffic remains elevated this spring despite limited- and in some cases severe- inventory shortages in many...

  • Show Article Details

    The average rate for a 30- year fixed-rate mortgage rose to 3.87% in the week that ended May 28-- the highest rate since the end of 2014-- from 3.84% in the prior week, according to a Thursday report from federally controlled mortgage-buyer Freddie Mac. Rates rose "following positive housing market data," said Len Kiefer, Freddie's deputy chief economist. A year ago, the 30- year rate was at 4.12%.

  • Show Article Details

    * Pending home sales rise 3.4 percent in April to nine-year high. * Weekly jobless claims up 7,000, below 300,000 for 12 weeks. * Continuing claims up; four-week average lowest since 2000. By Lucia Mutikani. Contracts to buy previously owned U.S. homes rose for a fourth straight month in April to a nine-year high, buoying the outlook for the housing market and the overall economy.