Cough Up The Bandwidth
via Kieren McCarthy, writing at El Reg, reports of a contemplated bill (H.B. 1426) before the State of Texas' House of Representatives ostensibly making data throttling on mobile networks during a declared emergency illegal.
My two-bits is to include incarceration as a penalty, and you'll see some fast action and/or nationalization of the offending company's circuits for (at least) the duration of the emergency plus 45 days... (this would parallel the federalization of our nation's railroads during wartime - last used in the 20th century, during World War II) What'll it be there, Pard? At any rate, this is all speculation...)
DoD Report: Stryker Vehicles Hacked During NATO Exercises
The Department of Defense's (DoD) Office of the Director of Test and Evaluation (DOT&E) has issued a report detailing vulnerabilities in the Stryker Dragoon warfighting platform. Recommendations from the DOT&E are to 'Correct or mitigate cyber vulnerabilities for the platform and government-furnished equipment.'
Recommendation: Immediately remove all affected rolling stock from active utility until the requisite. contemplated investigation is completed along with full remediation and/or mitigation (Call in the DoD OIG as well). Thoroughly investigate all systems with or without connectivity, and test for vulnerabilities ranging from standalone sabotage to electronic warfare perspectives (including 'cyberattacks', network attacks, physical attacks, radio-telephony attacks and coherent light incursion, inclusive of stand-alone, one-off opportunistic aggressor-delivered attacks) utilizing both automated and non-automated code review, network packet analysis, operating system examination, et cetera. All of this accomplished with the full rigor that can be brought to bear on this problematic deployment by the most powerful defense organization on Earth. Time to get this platform squared-away before letting our Nation's most valueable assets (our warfighters) loose on these lethal machines - of which, may prove to be significantly more lethal to us than to any particular aggressor enemy. - MH
BSides Tampa 2019, Wes Widner's 'The Sound Of Evil' →
BSides Tampa 2019, Brian Etchieson's 'Beyond Lockpicking' →
Illinois Supreme Court Has Ruled No Proof Of Harm Needed In Biometric Privacy Violations
The ruling of the Illinois Supreme Court, based on Illinois Compiled Statutes 740 ILCS 14/ - The Biometric Information Privacy Act is the foundation for this bit of privacy related good news. The key here within the Illinois Supreme Court's ruling and opinion, is the requirement to prove harm is no longer required. Look for a large number of cases brought forward based on this ruling - the tech giants might very well cease their ridiculous collection, storage and sale of biometric data, heretofore, without informed consent and recourse. Here's
Privacy Charade: Cisco Lines Up In Privacy Parade
News, via Cyrus Farivar, writing at Ars Technica, of Cisco Inc. (Nasdaq: CSCO) linining up in the Privacy Parade (or in the case of other participants, the Privacy Charade...). Enjoy!
Did You Check The Post-It Under The Keyboard?
via Dan Goodin, Security Editor at Ars Technica, writing of the apparent lack of access governance surrounding a locked crypto-wallet (of course it's locked - Virginia, it's a cryptocurrency wallet...right?) has caused a 'digital exchange' to 'lose' $137 Million Simoleans. Oops.