The postings on this site are my own and don't necessarily represent my employer's positions, strategies or opinions.
208 stories
·
2 followers

Comic: Xfinitesimal

1 Comment
New Comic: Xfinitesimal
Read the whole story
teh_g
66 days ago
reply
This hit too close to home.
Roseville, CA
Share this story
Delete

VPN servers seized by Ukrainian authorities weren’t encrypted

1 Share
A tunnel made of ones and zeroes.

Enlarge (credit: Getty Images)

Privacy-tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them.

The Ontario, Canada-based company said earlier this month that two servers hosted in Ukraine were seized as part of an investigation into activity that had occurred a year earlier. The servers, which ran the OpenVPN virtual private network software, were also configured to use a setting that was deprecated in 2018 after security research revealed vulnerabilities that could allow adversaries to decrypt data.

“On the disk of those two servers was an OpenVPN server certificate and its private key,” a Windscribe representative wrote in the July 8 post. “Although we have encrypted servers in high-sensitivity regions, the servers in question were running a legacy stack and were not encrypted. We are currently enacting our plan to address this.”

Read 8 remaining paragraphs | Comments

Read the whole story
teh_g
80 days ago
reply
Roseville, CA
Share this story
Delete

Contractor that ruined 15M doses of J&J vaccine hiked price of another by 800%

1 Comment
The Emergent BioSolutions plant, a manufacturing partner for Johnson & Johnson's COVID-19 vaccine, in Baltimore, Maryland, on April 9, 2021.

Enlarge / The Emergent BioSolutions plant, a manufacturing partner for Johnson & Johnson's COVID-19 vaccine, in Baltimore, Maryland, on April 9, 2021. (credit: Getty | Saul Loeb)

Things are not looking good for Emergent BioSolutions, the contract manufacturer that ruined 15 million doses of Johnson & Johnson’s one-shot COVID-19 vaccine and millions more doses of AstraZeneca’s COVID-19 vaccine at its production facility in Baltimore.

The Food and Drug Administration on Wednesday released a searing inspection report of the facility, finding a slew of significant violations and failings.

Meanwhile, federal lawmakers have opened a multi-pronged investigation into whether Emergent used ties to the Trump administration to get billions of dollars in federal contracts despite a history of failing to complete contracts, inadequately training staff, persistent quality-control issues, and an “unjustified” 800% price increase for an anthrax vaccine.

Read 15 remaining paragraphs | Comments

Read the whole story
teh_g
176 days ago
reply
I hope these guys didn't ruin doses that made it into people's arms.
Roseville, CA
Share this story
Delete

AT&T lies about Calif. net neutrality law, claiming it bans “free data”

1 Comment
Longtime AT&T executive John Stankey speaks on stage in front of a sign that says

Enlarge / Longtime AT&T executive John Stankey, who became CEO in July 2020, speaks onstage at the HBO Max WarnerMedia Investor Day on October 29, 2019, in Burbank, California. (credit: Getty Images | Presley Ann)

AT&T lied about California's net neutrality law yesterday when it claimed the law requires AT&T to stop providing "free data" to mobile customers.

In reality, the California law allows AT&T to continue zero-rating HBO Max, its own video service, as long as it exempts all competing video services from data caps without charging the other video providers. But instead of zero-rating all video without collecting payments from its competitors in the online-video business, AT&T decided it would rather not exempt anything at all.

"Unfortunately, under the California law we are now prohibited from providing certain data features to consumers free of charge," AT&T claimed in its announcement that it is ending the "zero-rating" program that exempts some content from data caps. "Given that the Internet does not recognize state borders, the new law not only ends our ability to offer California customers such free data services but also similarly impacts our customers in states beyond California," the AT&T announcement also said.

Read 20 remaining paragraphs | Comments

Read the whole story
teh_g
209 days ago
reply
I wish companies couldn't flat out lie about what a law says.
Roseville, CA
Share this story
Delete

No, Cellebrite cannot 'break Signal encryption.'

2 Shares

Yesterday, the BBC ran a story with the factually untrue headline, “Cellebrite claimed to have cracked chat app’s encryption.” This is false. Not only can Cellebrite not break Signal encryption, but Cellebrite never even claimed to be able to.

Since we weren’t actually given the opportunity to comment in that story, we’re posting this to help to clarify things for anyone who may have seen the headline.

Read more...

Read the whole story
teh_g
296 days ago
reply
Roseville, CA
Share this story
Delete

Study shows which messengers leak your data, drain your battery, and more

1 Comment
Stock photo of man using smartphone.

Enlarge (credit: Getty Images)

Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked.

Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted. Among the worst offenders, according to research published on Monday, were messengers from Facebook, Instagram, LinkedIn, and Line. More about that shortly. First a brief discussion of previews.

When a sender includes a link in a message, the app will display the conversation along with text (usually a headline) and images that accompany the link. It usually looks something like this:

Read 9 remaining paragraphs | Comments

Read the whole story
teh_g
353 days ago
reply
Kind of interesting to see how different messaging services handle data.
Roseville, CA
Share this story
Delete
Next Page of Stories