Some days, it’s not easy being a data breach researcher and citizen journalist. In time, you somewhat get used to legal threats because you published something a company took exception to, and you shrug when your site gets DDoSed by those who don’t like your criticism of their hacking activities. But when the U.S. Department of…
Category: Commentaries and Analyses
Half to one third of personal data in Bulgaria ‘completely compromised’
The Sofia Globe reports: The scandal in Bulgaria about illicit use of personal data by some political parties to file election registration applications has highlighted the lack of security of official personal identity numbers. Such numbers, commonly known by their Bulgarian abbreviation as EGNs, can be found on the internet, such as on lists of…
TrueCrypt audit: Probe’s nearly all the way in … no backdoor hit yet
John Leyden reports: The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor. iSEC Partners, which was contracted to carry out the audit by the Open Crypto Audit Project (OCAP), found 11 vulnerabilities in the full disk and file encryption…
Breaking down the court’s decision in FTC v. Wyndham Worldwide
Here’s another commentary/analysis of Judge Salas’s ruling on Wyndham’s motion to dismss that is worth noting here, by the law firm of Covington & Burling: They write, in part: The FTC’s data-security authority is still in jeopardy. Although the FTC is the plaintiff in this case, it is really Wyndham that is on the offensive. If…
Part II: Fair Notice or No Notice? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security
As I expected, a slew of law firms posted their analyses and commentaries on Judge Salas’s ruling on Wyndham’s motion to dismiss the FTC’s complaint about its data security. I haven’t linked to most of them, but took note of this commentary by Lance Koonce and Christin McMeley of Davis Wright Tremaine as they take a less FTC-friendly view…
Obama Lets N.S.A. Exploit Some Internet Flaws, Officials Say
David E. Sanger reports: Stepping into a heated debate within the nation’s intelligence agencies, President Obama has decided that when the National Security Agency discovers major flaws in Internet security, it should — in most circumstances — reveal them to assure that they will be fixed, rather than keep mum so that the flaws can…