Should we consider this a “war warning?”
FBI
Attribution of 'VPNFilter' Attack Raises Questions
Information
shared by the FBI on the
massive VPNFilter attack in which more than half a million
devices have been compromised raises some interesting questions about
the connection between Russia-linked hacker groups.
… The
malware can intercept data passing through the compromised device, it
can monitor the network for communications over the Modbus SCADA
protocol, and also has destructive capabilities that can be leveraged
to make an infected device unusable.
Many
of the hijacked devices are located in Ukraine and a separate command
and control (C&C) infrastructure has been set up for devices in
this country. Researchers also spotted code similarities to the
BlackEnergy malware and pointed out that there are only a few weeks
until Ukraine celebrates its Constitution Day, which last year
coincided with the destructive NotPetya attack. All this has led
experts to believe that VPNFilter may mean Russia is preparing for a
new attack on Ukraine.
This will be interesting to watch.
Vermont
passes first first law to crack down on data brokers
… Data brokers in Vermont will now have to
register as such with the state; they must take standard security
measures and notify authorities of security breaches (no, they
weren’t before); and using their data for criminal purposes like
fraud is now its own actionable offense.
If you’re not familiar with data brokers, well,
that’s the idea. These companies don’t really have a
consumer-facing side, instead opting to collect information on people
from as many sources as possible, buying and selling it amongst
themselves like the commodity it has become.
… Vermont’s new law, which took effect late
last week, is the nation’s first to address the data broker problem
directly.
There is bad legislation and then there is really,
relly bad legislation.
EU
censorship machines and link tax laws are nearing the finish line
… On
the topic of copyright, you NOW have the chance to have an influence
– a chance that will be long lost in two years, when we’ll all be
“suddenly” faced with the challenge of having to implement upload
filters and the “link
tax” – or running into new limits on what we can do using the
web services we rely on.
In stark contrast to the GDPR, experts
near-unanimously agree that the copyright reform law, as it stands
now, is
really bad.
… Their
latest proposal would still force
internet platforms to implement censorship machines
– and makes a
total mess out of the planned extra copyright for news sites
by allowing each member state to implement it differently.
… The German government is standing in the way
of an agreement over which kinds of snippets of news content should
fall under the “link tax” and thus become subject to a fee when
shared: They insist that whether
a snippet constitutes an original intellectual creation by its author
or not should not be a criteria.
… You don’t need to filter, but we’ll sue
you if you don’t
The Bulgarian Presidency agrees with the
Commission’s goal to force
internet platforms to monitor all user uploads to try
and detect copyright infringement, even though that will necessarily
lead to takedowns
of totally legal acts of expression. But they realise that
putting that in plain writing violates existing EU law and the
Charter of Fundamental Rights.
Their “solution”: Make platforms directly
liable for all copyright infringements by
their users, and then offer that they can avoid that unreasonable
liability if they can show they’ve done everything in their power
to prevent copyrighted content from appearing online – namely, by
deploying upload filters (Article
13, paragraph 4). Which remain totally optional, of course!
Wink, wink, nudge, nudge.
Tools to protect (or amuse) my Computer Security
students.
How to see
everything Amazon Echo has recorded on you
… If you're curious what Amazon Echo smart
devices have recorded while in your home — as I was — you can use
the Alexa app to find out.
(Related)
Amazon’s
Alexa May Be Listening — But This Trick Can Stop Her
… USA
Today reports that a fool-proof way of ensuring your privacy
is simply not to set up the feature that allows Echo to make calls.
This is an opt-in feature, a similar variation of which is available
for Google Home users.
The new Privacy Policy, according to XKCD.
Technology or typo?
No comments:
Post a Comment