720-891-1663

Security News Update for the Week Ending August 4, 2023

Section 702 of the Foreign Intelligence Surveillance Act Will Expire

Every five or six years, section 702 of FISA expires. Congress continues to do this because it doesn’t trust the government to restrain itself. Section 702 enables limited bulk data surveillance which some constraints on viewing data of Americans vs. foreigners. In case you haven’t noticed, neither the left nor the right trusts the government right now, which will make getting it renewed harder. The government says that keeping 702 is really important and it may well be. There definitely are some wins from 702 such as identifying the Colonial Pipeline attackers and getting the ransom back. Still, that doesn’t make either side trust the government. There will be some new controls if 702 is renewed. Alternatively, the fight will allow it to expire. Credit: The Register

Tesla Jailbreak Unlocks Paid Features

Tesla cars are susceptible to a nearly irreversible jailbreak of their onboard infotainment systems that would allow owners to unlock a bevy of paid in-car features for free. The stolen perks can run the gamut from better bandwidth to faster acceleration and heated seats, according to a team of academic researchers. This includes free self-driving mode. Currently, the hack requires physical access, some technical expertise and $100 in parts. CURRENTLY. The researchers say it is almost impossible to block without replacing the CPU. Credit: ZD Dark Reading

More ByteDance Privacy Issues

TikTok isn’t ByteDance’s only problem. CapCut is a video editing app that ByteDance owns. Among the data that CapCut gathers is facial scans. Facial scans are important because in Illinois, facial scans are considered biometric data and Illinois has a very strong biometric data protection law. Now they are facing a lawsuit under that law. The lawsuit says that users are not notified of its data practices and one of the plaintiffs, who is a 7th grader, was able to use the app without setting up an account, accessing a privacy policy with terms of use or obtaining parental consent. Credit: The Record

EU Manufacturers Do Not Have to Report Vulnerabilities to the EU – Sort Of

EU manufacturers thought they were going to have to report ACTIVELY EXPLOITED vulnerabilities to the EU Agency for Cybersecurity, which is an EU managed organization. Instead they will have to report to the Computer Security Incident Response Team in their country. If the CSIRTS talk to each other, then functionally this won’t matter. If, in practice, they don’t talk to each other, that will be a different matter. Credit: The Record

The Blockchain of Everything – Maybe Not a Great Plan

People are already getting worried that, within the next decade, quantum computers could wreak havoc on the math around Bitcoin. When it comes to the current blockchain, what if some quantum computer suddenly appears, generates 2,016 empty blocks in 1 minute and disappears. That, apparently, would increase the difficulty of Bitcoin mining by 20,160 times. All of the traditional miners in the world would have to work for 140 days instead of 10 minutes to find the hash value of a single block. No Bitcoin transactions would go through the blockchain during those 140 days. Are you sure that the Blockchain is a good idea? Credit: Cybernews

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *