Language Selection

English French German Italian Portuguese Spanish

Senate moves toward new data security rules

Filed under
Security

In a flurry of activity before Congress prepares to skip town for an August recess, three different congressional committees considered similar legislation at the same time on Thursday morning.

The Senate's Commerce Committee voted unanimously to accept a bill introduced earlier this month by Sen. Gordon Smith, R-Ore. It would give the Federal Trade Commission the power to create an information security program that provides "administrative, technical and physical safeguards," and set guidelines for notifying people threatened by a data security breach.

The committee adopted a package of about a dozen amendments, including a compromise suggested by Sen. Barbara Boxer, D-Calif., that would cut, from 90 days to 45 days, the maximum number of days a company has to notify individuals of a breach. But even those guidelines are just broad suggestions, Smith said. "As soon as they know, they need to notify."

Senators also voted to accept an amendment proposed by Sen. Bill Nelson, D-Fla.--which would prohibit the sale and display of Social Security numbers except in special circumstances--but indicated it might be tweaked before it is final. Also, the bill will not go to a floor vote until some of its provisions are negotiated with members of the Senate Banking Committee, said Sen. Ted Stevens, R-Alaska, who chairs the Commerce Committee.

Meanwhile, the Senate Judiciary Committee pushed back its plans Thursday to vote on a trio of personal data security bills.

The committee had been scheduled to vote on the lengthiest and most far-reaching proposal, titled the Personal Data Privacy and Security Act. Sen. Arlen Specter, R-Penn., and Sen. Patrick Leahy, D-Vt., introduced the measure in late June, shortly after MasterCard announced that an intruder may have pilfered information from 40 million credit card accounts.

At the same time on Thursday, a U.S. House of Representatives Energy and Commerce subcommittee convened a hearing about its own draft of data protection legislation.

Full Story.

More in Tux Machines

Open source COM runs mainline Linux on Microchip SAMA5D2 SiP

Microchip unveiled an open source, mainline Linux ready “SAMA5D27 SOM” module based on a SiP implementation of its Cortex-A5-based SAMA5D27 SoC with 128MB RAM. The 40 x 38mm module is also available with a SOM1-EK1 dev board. Long before it was acquired by Microchip Technology, Atmel has been producing a line of Linux-focused, Cortex-A5 based SAMA5 SoCs, but the only Atmel-branded SAMA5 boards were its open-spec Xplained development boards developed with Newark Element14. The SAMA5 family was always a side business to Atmel’s MCU line, with very little integration between the two. With its ATSAMA5D27-SOM1 (SAMA5D27 SOM1) module, which uses a system-in-package (SiP) implementation of Microchip’s SAMA5D27 SoC, Microchip is starting to bridge the gap between the SAMA5 product line and its much larger RTOS/MCU business. Read more

Purism's Linux Phone to Use Convergence for a Unified Experience Across Devices

For Purism, the company that sells quality computers using a Linux-based operating system and are intended to protect user's privacy and freedom, designing a convergent Linux phone is a long-term goal to unify the mobile experience across various devices. Purism's François Téchené shares some initial details on how the company plans to use convergence for their short and long-term design goals of Librem 5, the Linux smartphone that raised more than $2 million on Kickstarter last year, saying they're looking to unify the human experience across different device you might own. Read more

Leftovers: ExeeLinux Show/Unleaded Hangouts, Linux Foundation's CNCF/Akraino and More

  • What’s Holding Linux Back – Unleaded Hangouts
    What’s Holding Linux Back? Obviously we’ve seen some growth, but it does feel like there may be some things that hold Linux back a bit. We discuss.
  • ExeeLinux Show 18.9 | Mr. Desktop & Mr. Server Ep. 9 – PDisks
    ExeeLinux Show 18.9 | Mr. Desktop & Mr. Server Ep. 9 – PDisks
  • How Kubernetes became the solution for migrating legacy applications
    In 2015, Google released Kubernetes as an open source project. It was an implementation of Google's internal system called Borg. Google and the Linux Foundation created the Cloud-Native Computing Foundation (CNCF) to host Kubernetes (and other cloud-native projects) as an independent project governed by a community around it. Kubernetes quickly became one of the fastest growing open source projects in history, growing to thousands of contributors across dozens of companies and organizations. What makes Kubernetes so incredible is its implementation of Google's own experience with Borg. Nothing beats the scale of Google. Borg launches more than 2-billion containers per week, an average of 3,300 per second. At its peak, it's many, many more. Kubernetes was born in a cauldron of fire, battle-tested and ready for massive workloads.
  • Akraino, a New Linux Foundation Project, Aims to Drive Alignment Around High-Availability Cloud Services for Network Edge
    Akraino will offer users new levels of flexibility to scale edge cloud services quickly, to maximize the applications or subscribers supported on each server, and to help ensure the reliability of systems that must be up at all times. While several open source projects exist to help solve pieces of the puzzle, nothing currently meets the need for an edge infrastructure solution. Integration of existing efforts in this new project will help deliver ease of use, hardened reliability, unique features, and performance for carrier, provider, and IoT networks.
  • Absolute 15.0 Beta 4 released
    Based on Slackware64-current Another beta... with all the kernel updates, glib and such -- trying to make things easier on beta testers :-)
  • State of Wisconsin Investment Board Has $33.92 Million Stake in Red Hat Inc (RHT)

Security: Updates, Nintendo 'Hackers', Microsoft Windows Back Doors, and FlightSimLabs Malware

  • Security updates for Tuesday
  • Hackers Release Video Of Nintendo Switch Running A Linux Distro
    When it comes to porting software to potentially unsupported devices, hackers are quite comfortable to push themselves beyond the boundaries set by the manufactures.
  • Epidemic of cryptojacking can be traced to escaped NSA superweapon [Ed: It's a Microsoft Windows issue. All versions of Windows (ME onwards) have NSA back doors]
    It all started when the Shadow Brokers dumped a collection of NSA cyberweapons that the NSA had fashioned from unreported bugs in commonly used software, including versions of Windows. The NSA discovered these bugs and then hoarded them, rather than warning the public and/or the manufacturers about them, in order to develop weapons that turned these bugs into attacks that could be used against the NSA's enemies.
  • Flight Sim Company Embeds Malware to Steal Pirates’ Passwords

    Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.