Yet Another US Court Says FBI Hacking Is Unauthorized Search, Won’t Suppress Evidence.

Earlier in the year, the FBI revealed that they had taken over a site in the dark web and reeled in hundreds of suspects in a sting operation. Due to the nature of the site (a shadowy community where its content very heavily leaned towards, but not exclusively to, child porn) many people online voiced […] read more

Data Security: Social Engineering Still More Effective Than Zero-Day Hacks.

According to a security company’s 100 penetration attempts, most organizations succumb to five attacks, none of which involve malware or zero-day flaws. The top five attacks, according to darkreading.com: abuse of weak domain user passwords — used in 66% of Praetorian pen testers’ successful attacks broadcast name resolution poisoning (like WPAD) — 64% local admin […] read more

Those NSA Tools Being Auctioned? One Should Blame USB Disks, Apparently.

We don’t hear anymore from the “old school” types of data breaches: lost or stolen laptops, computers that were stolen during a break-in, USB flashdrives that disappeared, etc. The last memorable case – now two years ago – involved a doctor who was tied to a tree by a couple of thugs and ordered to […] read more

Longer Passwords Is The Way To Security.

In a continuation to the post from last week, it looks like it’s not only the FTC’s Chief Technologist that is waging war against the periodic renewal of passwords. The National Institute of Science and Technology (NIST) is apparently onboard as well, and they will also be recommending that something be done about password complexity […] read more

Frequent Password Changes Not A Secure Data Security Practice.

According to the Federal Trade Commission’s Chief Technologist, forcing users to frequently change their password can be counterproductive when it comes to fighting data breaches. Mind you, it’s not the frequency itself that leads to security weaknesses. Rather, it’s what happens at the weakest link in most security systems — individual behavior — that leads […] read more

Sharing Passwords is Hacking, Which is a Federal Crime.

The controversies regarding cyberspace just keep burning brightly. In the past couple of weeks, the Ninth Circuit Court of Appeals ruled that the unauthorized sharing and use of passwords can be deemed as hacking, and thus can be a violation of the Computer Fraud and Abuse Act (CFAA). As noted by motherboard.vice.com and others, this […] read more

US Court Opines General Warrants A-OK for Computer Data.

Arstechnica.com reported about a week ago that the 2nd US Circuit Court of Appeals ruled that “All your disk image are belong to us.” Per the article, 12 out of 13 judges in New York agreed that the government did not violate the Fourth Amendment when it searched through non-responsive data that was collected as […] read more

Time Limits on Smartphones’ Biometric Access: What Is That All About?.

A lot of ink has been spilled over the past couple of weeks on Apple’s Touch ID. First, it was noted that a Los Angeles court ordered a woman to unlock an iPhone by providing her fingerprint. Soon after, it was revealed that Apple appeared to have changed Touch ID’s settings so that it would […] read more

UK Court Says Hacker Can’t Be Compelled To Provide Encryption Password.

Many will read the title above and think this has a bearing on RIPA, the Regulation of Investigatory Powers Act of 2000. It does, but only barely. I’ve got to admit it is a bit misleading. It’s also 100% true… but only because of the degree of farce involved in this matter. According to the […] read more