"All three strains of the spyware slipped into the [..] store before being spotted and removed"
Meaning they got in. It's fine that they were removed, but it would have been better that they not get in.
Time for another roundup of all the security news that's fit to print and that we haven't covered yet. T-Mobile US says hackers broke into customer info T-Mobile US prepaid account holders got unwelcome news this week when their wireless carrier admitted on Friday it was compromised by miscreants who would have been able to …
Absolutely agree. But I think you will find that "techies" who like to play at God when dealing when a user is having problems, are utterly useless at doing what they are supposed to do. I.E. preventing the problems happening in the first place.
Cue bullshit reasons for not being able to to the job properly and the downvotes (like I give a fuck)
20 odd hours and no downvotes so far. But be assured, they're coming as soon as the Sunday AM hangovers fade and eyes can focus. FWIW, I sort of agree with you but let's be fair here. The problem isn't that the "techies" are poor at preventing security problems. It's that they don't know the job they have signed on for is pretty much impossible.
I don't disagree with the original sentiment, but I bet it won't go over well because you're leaving out the other side of the coin. Every time a tech person does prevent a problem, nobody knows. Every time a user's action could lose them their files but something the IT department put in place prevents the loss, people continue on. But every time files are lost, whether the IT department could have done anything about it, they get the blame. Think of it this way: if a plumber does work well on your pipes, you won't need to call them in a while. But when your pipes break, you don't immediately blame the plumber; you just call them to come fix it. IT doesn't get that level of respect most of the time.
No payment card data nor social security numbers nor passwords were lifted by miscreants who broke into the outfit's systems, apparently, though the company is still expecting some of the info to be weaponized.
"Sorry, but our insurance policy does not allows us to say that we lost your SSN, passwords and card details. But we can admit that they got everything else."
Pay hackers to insert training materials into PG&E's intranet? California's wind turbines seem like a waste since PG&E has forgotten how to string wires so they don't break in a gentle breeze. I live next to a pair of jumpers between the middles of two perpendicular wire strings that break literally every November. There's even a line of clamps there from previous broken jumpers.
Fire icon, of course.
"Due to the sheer amount of personal information included, combined with the complexities identifying the data owner, this has the potential raise questions on the effectiveness of our current privacy and breach notification laws"
- last few lines of the linked https://www.dataviper.io/ story.
The genie has long-since left the bottle.
It goes without saying that the risks of building a database of that size far exceed any legitimate societal* benefit.
But without a seismic shift in how we process and share data, there's nothing can be done to prevent people building these. Laws are practically worthless.
*societal (as opposed to a handful of marketeers' narrow interests)
Uber says it is beginning trials of a program that will allow riders and drivers to record their conversations.
Is this something that requires consent of both? Hmmm.... Looked up the cited article:
The company plans to test it in the United States “soon,” according to the email, but the timeline for rolling it out is still unclear and may be difficult. “Laws in the United States around consent to being recorded can vary from state to state, but we hope to be able to make this available nationally,” the email said.
Uber has never let mere laws stand in their way... or safety, for that matter. Why not just do full video and sound recording of every ride with a consent notice being required before each ride, every time? Maybe a requirement their
employees independent contractors have to post a statement in their cars letting passengers know as much would be a good follow on to that. Laws surrounding dashcams and audio recording in cars are not so complicated that they can't be understood by a lay person. For example: https://www.carbibles.com/are-dash-cams-legal/ . I wonder if this is just Uber being Uber and waiting until they feel they can skirt the law that is in some way to their advantage.
Biting the hand that feeds IT © 1998–2020