Alerts, Apple, Best Practices, Google, Hacks, iOS, Legal, News Bites, Privacy, Safety, Security Practices

Security News Bites for the Week Ending May 5, 2023

May 5, 2023 CyberCecurity Leave a comment

Government Contractors Affected by TikTok Ban Too

The White House issued a memo in February requiring the removal of TikTok from federal information systems as required by the consolidated appropriations Act of 2023. How this affects contractors is that it also includes IT “used by a contractor under a contract with the executive agency that requires the use” of that IT, whether expressly or “to a significant extent in the performance of a service or the furnishing of a product.“ Of course, OMB is not clarifying this – likely on purpose, but if you don’t remove TikTok, you do so at your own risk. Credit: Holland & Knight law firm

Google and Apple Work Together to Stop Airtag Stalking

Google and Apple have submitted a proposed spec to combat tag stalking, mostly Apple AirTags. Industry will have 3 months to comment and the companies plan to release the spec by the end of the year. Then it will need to be implemented in some future OS update and finally, users will need to have a supported phone. So, nothing anytime soon, but in the next few years, things will improve. This follows the tech industry’s mantra – move fast and break things. … And then, when it looks like there are too many lawsuits, work to fix it. Credit: Cybernews

Google to Remove “Secure” Icon in Chrome

The old padlock icon, which the industry wants you to believe means that the website is secure, is going the way of the dodo-bird in Chrome 117. The icon never meant the site was secure. What it did mean is that the link is encrypted, but necessarily by the company you thought it was encrypted by. The new icon will just tell you that the link is encrypted. Credit: Bleeping Computer

Expect More of This: Pornhub Says If You Are in Utah, You Cannot Access the Site

Different companies will deal with this differently, but don’t be surprised if the Internet becomes far less open. Wikipedia has already said that they may block all of the UK due to age verification requirements. Now, Pornhub has already blocked the state of Utah. If you go to the site and you are in Utah, you will get a message telling you that you can’t visit the site and to ask your state legislator to change the law. Maybe no one cares if you can visit some porn site from Utah (note that most porn sites are ignoring the law – come sue me if you can find me), but it is a tale of things to come. I anticipate this will continue and expand as companies decide the cost, hassle and risk of complying with various laws is not worth it. Who loses will be you and me. Credit: Vice

National Guard to the Cyber Rescue!

This is awesome. Not only do overwhelmed and underskilled government entities get free cyber help after an attack, but the Guardspeople get real world experience dealing with cyberattacks. In this case, the victim was the Raleigh (NC) Housing Authority who got hit by a ransomware attack. While this is seriously not good, the head of the Authority called the governor (and the FBI) and the governor activated the National Guard’s cyber team. The Housing Authority got the benefit of the expertise of 7 cybersecurity pros to help them figure out what happened and what to do. This is an excellent use of resources. Of course, a better use would be the improve government agency cybersecurity practices, but that one is much harder. Credit: WRAL