Language Selection

English French German Italian Portuguese Spanish

Security: Updates, "American Consumer Institute" and US Elections

Filed under
Security
  • Security updates for Friday
  • OPINION: Latest Research Shows Your Android Apps Aren’t As Secure As You Think [Ed: One wonders why Steve Pociask, aka "American Consumer Institute", is so eager to make Android look bad and attribute holes in PROPRIETARY software to "open source".]
  • Dem introduces bill to create federal cybersecurity apprenticeship program

    Under the bill, the programs would be required to offer certain cybersecurity certifications and help connect participants with local businesses or other entities for apprenticeships in hopes to boost the number of qualified workers for federal cyber jobs.

  • The Overlooked Weak Link in Election Security

    More than one-third of counties that are overseeing elections in some of the most contested congressional races this November run email systems that could make it easy for hackers to log in and steal potentially sensitive information.

    A ProPublica survey found that official email accounts used by 11 county election offices, which are in charge of tallying votes in 12 key U.S. House of Representatives races from California to Ohio, could be breached with only a user name and password — potentially allowing hackers to vacuum up confidential communications or impersonate election administrators. Cybersecurity experts recommend having a second means of verifying a user’s identity, such as typing in an additional code from a smartphone or card, to thwart intruders who have gained someone’s login credentials through trickery or theft. This system, known as two-factor verification, is available on many commercial email services.

    “Humans are horrific at creating passwords, which is why ‘password’ is the most commonly used password,” said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., who has pushed for security fixes in the voting process. This means increasingly we need something other than passwords to secure access to our accounts, especially email, which tends to undergird all our other accounts.”

    The email vulnerabilities emerged in ProPublica’s survey of election security in 27 counties encompassing all or part of roughly 40 congressional districts that the Cook Political Report has said are toss-ups. These contests could determine if Democrats take control the U.S. House of Representatives, where the party needs to pick up about two dozen seats to flip the current Republican majority. Of the 12 districts in counties with less protected email systems, Republicans are seeking re-election in 10. The other two are open seats where incumbents are stepping down.

More in Tux Machines

today's howtos

Games: Ashes of the Singularity: Escalation, Humble Monthly and DXVK Updates

FOSS, standard essential patents and FRAND in the European Union

As part of the research project on “The Interaction between Open Source Software and FRAND licensing in Standardisation”, a workshop was organised by the European Commission, Joint Research Centre (JRC) in collaboration with Directorate General Communications Networks, Content and Technology (CONNECT) to present and discuss the intermediate results to date. The workshop took place in Brussels on September 18, 2018. I presented a set of observations from the research on the case studies performed as part of the project that are outlined below. Other speakers where Catharina Maracke on the issue of legal compliance between Open Source and FRAND licenses, Bruce Perens on “Community Dynamics in Open Source”, and Andy Updegrove on “Dynamics in Standardisation”. You may ask what the relevance of this debate is for the wider Free and Open Source Software community. The obvious answer is that to distribute software “without restriction”, the user needs all the usage rights associated with the program. While most FOSS contributors assume that this is naturally the central motivation for anybody to contribute in the first place, there is a long history of attempts to maintain some sort of exclusive control over a piece of FOSS code, possibly using other rights than copyright. Read more

Today in Techrights