FTC Demands Info From PCI Auditors
The Federal Trade Commission has sent an order to nine of the larger companies that do PCI DSS assessments, demanding that the organizations turn over detailed information on how they conduct those audits, how often they actually declare a company non-compliant, and many other details. The PCI standard was created by the major payment card […]
Balancing Privacy and Security in the Backdoor Debate
SAN FRANCISCO–The Apple-FBI debate has brought up many old arguments about wiretapping, surveillance, backdoors, and law enforcement, but while the discussions aren’t new, the technological context is. Cryptographers and privacy experts who are studying the case say that the recent proliferation of encrypted communications and devices has raised the stakes for everyone involved. “Wiretapping didn’t […]
Some Rays of Sunshine on the Security Horizon
SAN FRANCISCO–The cryptographers’ panel at the RSA Conference is not generally noted for its optimism. But amid the usual talk of mass surveillance and breaks in ciphers, several of the panelists sounded downright upbeat about the future of security. The panel, which is just about the last remaining nod to the conference’s roots as a […]
‘This is Not a Case About One Isolated iPhone’
Apple’s lawyers say that not only does the compromised operating system that the FBI wants to install on the iPhone used by a terrorist not exist, but that it would take between six and 10 engineers and other employees as long as a month to create it. That fact, the company argues, along with a […]
Cook: ‘This is Not What Should Be Happening in This Country’
As the deadline for Apple to respond to a court order to help the FBI unlock an iPhone, both sides are upping the level of their rhetoric, with Apple CEO Tim Cook saying “this is not what should be happening in this country.” In an interview Wednesday, Cook said that the company has refused to do […]
Rep. Lieu Asks Comey to Drop FBI’s Demands on Apple
Rep. Ted Lieu has sent a letter to FBI Director James Comey asking the bureau to drop its legal efforts to force Apple to circumvent its own security measures so the FBI can access data on an iPhone used by one of the shooters in the San Bernardino massacre. Lieu (D-Calif.), who has a background […]
What We Know So Far: Apple and the FBI
The public back-and-forth between the FBI and Apple over the company’s refusal to create a custom version of iOS that would let the FBI access encrypted data on an iPhone belonging to one of the shooters in the San Bernardino massacre has produced a huge amount of rhetoric and confusion. The technical details of what […]
Time is Now For an IoT Security Development Lifecycle
TENERIFE–Microsoft engineers, executives, and developers have spent much of the past decade spreading the gospel of the security development lifecycle (SDL), trying to convert people and organizations to the religion of building security into software and other products from the beginning of the process. That effort has succeeded in many ways, and now experts say […]
Welcome to the Golden Age of IoT Hacking
TENERIFE–Nostalgia for the 1990s may be all the rage at the moment (see: The X-Files, The People vs. O.J. Simpson) but when it comes to security, no one is looking to go back 20 years. Sadly, that’s about where the security of many IoT devices belongs, experts say, and there doesn’t look to be much […]