720-891-1663

Security News for the Week Ending January 20, 2023

New York Gov Signs Right to Repair Law

While industry lobbyists have done their best to water down New York’s right to repair law (and they were relatively successful at it), it is a start. It goes into effect in July, 2023 and while it excludes electronics used in government and schools, has other ridiculous requirements and gives hardware makers too much power, it is a start. These changes come slowly. This is version 1 for New York and we are already seeing companies like Apple providing parts on a national basis. They know they have lost this war, but they are going to fight it battle by battle. Credit: Vice

When Are Folks Going to Realize that Vendors are the Weak Link?

This time is it Nissan and one of their contract software developers that they gave live customer data to. Why would you give them live data to test with instead of synthetic data? Nissan received notice of the breach last June and figured out that data was compromised by September, so why are they just filing a notice now? So many wrong moves, it is hard to comprehend. Credit: Bleeping Computer

Even Bitcoin Developer is not Immune From Losing All Coins

Luke Dashjr, an early Bitcoin developer, lost over 200 Bitcoin (currently worth around $4.5 million) due to, he says, a compromise of his PGP encryption key. He says he doesn’t know how he was compromised, but the hacker quickly drained his crypto wallet. He “tagged” law enforcement (I guess that means on Twitter), but he has not received a response from anyone. Seems to me that if I lost $4+ million, it would be worth ‘dropping a dime’ and calling the feds. That’s just me. He was storing his own Bitcoin wallet and not using an exchange. if I was doing that, the wallet would be offline and stored in a locked safe. Just shows that even if you are smart enough to be one of the early Bitcoin developers, you can do really dumb things. Credit: The Crypto Basic

Netflix Plans to Crack Down on Account Sharing

While Netflix is worried about losing subscribers, it still has 200+ million paying customers. It also has more than 100 million users using borrowed passwords (also known as IP theft, which is a felony). Now they plan to deal with it, which could cause some users to cancel their accounts. Or not. They may use IP addresses, device IDs or account activity to do the deed. They also plan to add an option for a few bucks to allow sharing. Stay tuned. Credit: Cybernews

Which States Might Enact Privacy Legislation This Year?

Currently there are 5 states that have enacted second generation privacy laws (CA, UT, CO, VA and CT). But who else is considering it and what is your plan for following these new laws. The POTENTIAL additions are Indiana (SB 5), Iowa (HB 12), Kentucky (SB 15), Maryland (HB 33), Mississippi (HB 467), Oklahoma (HB 1030), Oregon (SB 619) and Tennessee (SB 73). Remember, this is only January, so more are likely. How many will become law? That is an unknown, but likely some will become law, growing the number from 5 to ?. Credit: Trueyo

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *