Security News for the Week Ending July 22, 2022
San Francisco Cops Want Real-Time Access to Private Security Cameras for Surveillance
San Francisco lawmakers are considering a bill that would allow police to use private security cameras for real time surveillance. This bill expands a 2019 city ordinance that requires police to seek authorization before acquiring and deploying surveillance, hence this notice. While it would still require police to ask the camera’s owner for permission (asking is now illegal), it is not clear who they have to ask for cloud based cameras like RING. Amazon, who owns RING, was caught this week giving up customer’s video with out permission or even notification. Credit: The Register
If it is Too Good to Be True …
The DoJ has charged a Florida man with selling more than $1 billion dollars of counterfeit Cisco gear over many years. He used at least 19 companies and 15 Amazon storefronts to dupe customers. The equipment was in fact, Cisco, just not what the customers were sold. What they got was old, discarded gear, made to look like new stuff. Credit: DoJ
Interesting Social Engineering Trick Could Land Victim in Jail
Social engineering is not only a cybersecurity issue. Oklahoma recently implemented a total ban on abortions after the overturn of Roe v. Wade. The Oklahoma Library System warned employees not to help customers looking for information on abortions. Why? Because the law includes penalties of a $10,000 fine and jail time and they are worried that anti-abortion advocates might try to trick employees (socially engineer them) to break the law, just so that they can sue the employees and also sue the library system. The library system’s legal beagles sent out a memo instructing employees and told them that they would be fired if the assisted patrons – because they don’t want to be sued. In some states the person filing the suit can recover the $10,000 plus legal fees. Credit: Vice
Implications of FCC’s Proposed New Broadband Standard
I reported last week that the FCC is proposing to change the definition of broadband to 100 megabits down. What I didn’t understand is that there is serious implications from this. If there are not a lot of choices of carriers for 100 megabits in an area, that will fuel the conversation that broadband is not widely available which allows the FCC to say that net neutrality is required since consumers don’t have a wide choice of broadband options. Credit: Mondaq
EU Has Strict Privacy Laws – Well, Sometimes
An EU committee set up to investigate the use of spyware. NSO Group is only one vendor of spyware, but sold its version of spyware to 14 EU countries. While the committee has only been investigating for a few months, the current thinking is that there is a need for additional effort to prevent abuse of this technology. That is kind of an understatement. Credit: Cybernews