courts – SSL and internet security news

The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking

May 24, 2022 infossl

courts, cybercrime, cybersecurity, national security policy, reverse engineering, Security technology, Uncategorized, vulnerabilities

Following a recent Supreme Court ruling, the Justice Department will no longer prosecute “good faith” security researchers with cybercrimes: The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw … Read More “The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking” »

Hackers Using Fake Police Data Requests against Tech Companies

April 5, 2022 infossl

courts, extortion, forgery, hacking, police, scams, Security technology, Uncategorized

Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data. Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request … Read More “Hackers Using Fake Police Data Requests against Tech Companies” »

Merck Wins Insurance Lawsuit re NotPetya Attack

January 25, 2022 infossl

courts, cyberattack, data destruction, insurance, russia, Security technology, Uncategorized

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute. Merck suffered US$1.4 billion in business interruption losses from the … Read More “Merck Wins Insurance Lawsuit re NotPetya Attack” »

San Francisco Police Illegally Spying on Protesters

January 20, 2022 infossl

courts, eff, EPIC, police, privacy, Security technology, surveillance, Uncategorized

Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. The EFF is suing the police: This surveillance invaded the privacy of protesters, targeted people of color, and chills and deters participation and organizing for future protests. The SFPD also violated San Francisco’s new Surveillance Technology Ordinance. It prohibits city … Read More “San Francisco Police Illegally Spying on Protesters” »

Apple Sues NSO Group

November 24, 2021 infossl

apple, courts, exploits, Security technology, spyware, Uncategorized

Piling more on NSO Group’s legal troubles, Apple is suing it: The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. … Read More “Apple Sues NSO Group” »

Textbook Rental Scam

October 20, 2021 infossl

amazon, courts, crime, fraud, scams, Security technology, Uncategorized

Here’s a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned books. They also used various … Read More “Textbook Rental Scam” »

The Missouri Governor Doesn’t Understand Responsible Disclosure

October 18, 2021 infossl

courts, disclosure, overreactions, Security technology, Uncategorized, vulnerabilities

The Missouri governor wants to prosecute the reporter who discovered a security vulnerability in a state’s website, and then reported it to the state. The newspaper agreed to hold off publishing any story while the department fixed the problem and protected the private information of teachers around the state. […] According to the Post-Dispatch, one … Read More “The Missouri Governor Doesn’t Understand Responsible Disclosure” »

Suing Infrastructure Companies for Copyright Violations

October 13, 2021 infossl

It’s a matter of going after those with deep pockets. From Wired: Cloudflare was sued in November 2018 by Mon Cheri Bridals and Maggie Sottero Designs, two wedding dress manufacturers and sellers that alleged Cloudflare was guilty of contributory copyright infringement because it didn’t terminate services for websites that infringed on the dressmakers’ copyrighted designs…. … Read More “Suing Infrastructure Companies for Copyright Violations” »

ProtonMail Now Keeps IP Logs

September 10, 2021 infossl

anonymity, courts, data collection, data protection, e-mail, privacy, Security technology, Uncategorized

After being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.” Powered by WPeMatico

Zoom Lied about End-to-End Encryption

August 5, 2021 infossl

courts, encryption, lies, Security technology, Uncategorized, videoconferencing

The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent. The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District … Read More “Zoom Lied about End-to-End Encryption” »