In a world in which people are increasingly willing to trade privacy for convenience, facial recognition seems to be a new frontier. And the foremost pioneers on that frontier now appear to be the folks at Dubai International Airport.
The lack of clear information about what Microsoft does with the data that Windows 10 collects prevents consumers from giving their informed consent, says the Dutch Data Protection Authority (DPA). As such, the regulator says that the operating system is breaking the law.
It's not just Intel facing a legal firestorm over its handling of the Spectre and Meltdown CPU design flaws – AMD is also staring at a growing stack of class-action complaints related to the chip vulnerabilities.
At least four separate lawsuits have now been filed against the California-based processor slinger, alleging violations ranging from securities fraud to breach of warranty, unfair competition, and negligence. The cases, all submitted to a US district court in San Jose, include:
Minister for Home Affairs Peter Dutton has reignited the Coalition's push to access encrypted communications, touting decryption as fundamental in fighting terrorism, ahead of the Australia-ASEAN Special Summit next month.
Addressing the National Press Club on Wednesday, Dutton labelled "ubiquitous encryption" a "significant obstacle" to terrorism investigations.
"I am confident that the government has given our agencies the best tools to do the job, but as terrorists -- and other criminals -- evolve their tactics, so must we," he said.
The US Securities and Exchange Commission on Wednesday issued new guidance on how and when public companies should disclose cybersecurity risks and breaches.
The "interpretive guidance" document (PDF) urges informing investors of risks in a timely fashion, including vulnerabilities that have not yet been targeted by hackers. The guidance also says executives should refrain from trading in the company's stock while in possession of nonpublic information about significant cybersecurity attacks.
In the four or so years since it launched, end-to-end encrypted messaging app Signal has become the security community's gold standard for surveillance-resistant communications. Its creators have built an encryption protocol that companies from WhatsApp to Facebook Messenger to Skype have all added to their own products to offer truly private conversations to billions of people. And it's done so as a non-profit with, at any given moment, a tiny staff that includes just two or three full-time coders. Now imagine what it might accomplish with actual Silicon Valley money behind it.
Customers of cryptocurrency exchange Coinbase are still virtually in the dark regarding mysterious withdrawals made from their bank accounts that, in some cases, have apparently left some unlucky punters broke and facing overdraft fees.
Last week, netizens watched money drain out of bank accounts connected to Coinbase profiles thanks to phantom transactions. On Thursday, Coinbase, a San Francisco upstart, apologized, and claimed it was not at fault, adding that "the erroneous credit and debit charges are the result of Visa reversing and recharging transactions."
We remember our history through objects.
The North Korean–linked hacking group known as Reaper is expanding its operations in both scope and sophistication, and it has now graduated to the level of an advanced persistent threat.
According to FireEye, the threat actor has carried out long-term targeting of North Korea’s interests in South Korea since 2013, but it’s now focusing on multinational campaigns using advanced capabilities. For instance, the group recently exploited a zero-day vulnerability in Abode Flash Player, CVE-2018-4878, which represents a concerning level of technical sophistication.
Getting through an airport without a passport or boarding pass may only seem possible in the nostalgic memories of 20th-century travelers, but an initiative at Customs and Border Protection could make that bygone convenience a modern reality.