data protection – SSL and internet security news

The Conviction of Uber’s Chief Security Officer

November 7, 2022 infossl

courts, cover-ups, cyberattack, cybersecurity, data breaches, data protection, Security technology, uber, Uncategorized

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, … Read More “The Conviction of Uber’s Chief Security Officer” »

Leaking Passwords through the Spellchecker

September 26, 2022 infossl

browsers, data protection, leaks, passwords, Security technology, Uncategorized

Sometimes browser spellcheckers leak passwords: When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck features be enabled. Depending on the website you visit, the form data may itself include PII—including but not limited to Social Security Numbers (SSNs)/Social Insurance Numbers (SINs), name, … Read More “Leaking Passwords through the Spellchecker” »

More Log4j News

December 16, 2021 infossl

data protection, patching, Security technology, Uncategorized, vulnerabilities, zero-day

Log4j is being exploited by all sorts of attackers, all over the Internet: At that point it was reported that there were over 100 attempts to exploit the vulnerability every minute. “Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability, over 46% of those attempts were made by … Read More “More Log4j News” »

ProtonMail Now Keeps IP Logs

September 10, 2021 infossl

anonymity, courts, data collection, data protection, e-mail, privacy, Security technology, Uncategorized

After being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.” Powered by WPeMatico

Colorado Passes Consumer Privacy Law

July 15, 2021 infossl

data collection, data protection, privacy, Security technology, Uncategorized

First California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws. Powered by WPeMatico

The Problem with Treating Data as a Commodity

February 26, 2021 infossl

data protection, laws, privacy, reports, Security technology, Uncategorized

Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not … Read More “The Problem with Treating Data as a Commodity” »

Virginia Data Privacy Law

February 18, 2021 infossl

courts, data protection, laws, privacy, Security technology, Uncategorized

Virginia is about to get a data privacy law, modeled on California’s law. Powered by WPeMatico