Language Selection

English French German Italian Portuguese Spanish

Senate moves toward new data security rules

Filed under
Security

In a flurry of activity before Congress prepares to skip town for an August recess, three different congressional committees considered similar legislation at the same time on Thursday morning.

The Senate's Commerce Committee voted unanimously to accept a bill introduced earlier this month by Sen. Gordon Smith, R-Ore. It would give the Federal Trade Commission the power to create an information security program that provides "administrative, technical and physical safeguards," and set guidelines for notifying people threatened by a data security breach.

The committee adopted a package of about a dozen amendments, including a compromise suggested by Sen. Barbara Boxer, D-Calif., that would cut, from 90 days to 45 days, the maximum number of days a company has to notify individuals of a breach. But even those guidelines are just broad suggestions, Smith said. "As soon as they know, they need to notify."

Senators also voted to accept an amendment proposed by Sen. Bill Nelson, D-Fla.--which would prohibit the sale and display of Social Security numbers except in special circumstances--but indicated it might be tweaked before it is final. Also, the bill will not go to a floor vote until some of its provisions are negotiated with members of the Senate Banking Committee, said Sen. Ted Stevens, R-Alaska, who chairs the Commerce Committee.

Meanwhile, the Senate Judiciary Committee pushed back its plans Thursday to vote on a trio of personal data security bills.

The committee had been scheduled to vote on the lengthiest and most far-reaching proposal, titled the Personal Data Privacy and Security Act. Sen. Arlen Specter, R-Penn., and Sen. Patrick Leahy, D-Vt., introduced the measure in late June, shortly after MasterCard announced that an intruder may have pilfered information from 40 million credit card accounts.

At the same time on Thursday, a U.S. House of Representatives Energy and Commerce subcommittee convened a hearing about its own draft of data protection legislation.

Full Story.

More in Tux Machines

7 Ways Linux Users Differ from Windows Users

To casual users, one person at a keyboard looks much the same as any other. Watch for a while, however, and the differences start to emerge -- and whether they are using Linux or Windows is the least of them. The fact is, Linux users are different from Windows users in attitude as much as their choice of operating system. Originating as a Unix-type operating system and in opposition to Windows, Linux has developed an expectation and a philosophy in direct opposition to those promoted by Windows. Although many new Linux users have come directly from Windows, average Linux users simply do not react in the same way as Windows users. Read more

Security News

  • Sloppy programming leads to OpenSSL woes
  • OpenSSL Fixes Critical Bug Introduced by Latest Update
    OpenSSL today released an emergency security update after a patch in its most recent update issued last week introduced a critical vulnerability in the cryptographic library.
  • The Internet Of Poorly Secured Things Is Fueling Unprecedented, Massive New DDoS Attacks
    Last week, an absolutely mammoth distributed denial of service (DDoS) attack brought down the website of security researcher Brian Krebs. His website, hosted by Akamai pro bono, was pulled offline after it was inundated with 620Gbps of malicious traffic, nearly double the size of the biggest attack Akamai (which tracks such things via their quarterly state of the internet report) has ever recorded. Krebs was ultimately able to get his website back online after Google stepped in to provide DDoS mitigation through its Project Shield service.
  • Trump Offers More Insight On His Cybersecurity Plans: 10-Year-Old Relatives Vs. 400-lb Bedroom Dwellers
    Look, anyone who refers to cybersecurity or cyberwarfare as "the cyber" is probably better off not discussing this. But Donald Trump, in last night's debate, felt compelled to further prove why he's in no position to be offering guidance on technological issues. And anyone who feels compelled to portray hackers as 400-lb bedroom dwellers probably shouldn't be opening their mouth in public at all. With this mindset, discussions about what "the Google" and "the Facebook" are doing about trimming back ISIS's social media presence can't be far behind. Trump did note that ISIS is "beating us at our game" when it comes to utilizing social media. Fair enough.

Servers/Networks

  • Docker Doubles Down on Microsoft Windows Server [Ed: recall "DockerCon 2015 Infiltrated by Microsoft"]
    Docker for Windows debuts alongside a new commercial support relationship with Microsoft. For the most part, the Docker container phenomenon has been about Linux, with the majority of all deployments on Linux servers. But that could soon be changing as Docker Inc. today is announcing the general availability of Docker Engine on Windows Server 2016, alongside a new commercial support and distribution agreement with Microsoft. Docker containers rely on the host operating system for certain isolation and process elements in order to run. On Linux, those elements have always been present as part of the operating system, but the same was not true for Windows, which has required several years of joint engineering effort between Docker Inc. and Microsoft.
  • Hadoop Sandboxes and Trials Spread Out
    We all know that there is a skills gap when it comes to Hadoop in the Big Data market. In fact, Gartner Inc.'s 2015 Hadoop Adoption Study, involving 284 Gartner Research Circle members, found that only 125 respondents who completed the whole survey had already invested in Hadoop or had plans to do so within the next two years. The study found that there are difficulties in implementing Hadoop, including hardship in finding skilled Hadoop professionals.
  • Use models to measure cloud performance
    When I was young, I made three plastic models. One was of a car—a '57 Chevy. Another was of a plane—a Spitfire. And a third was of the Darth Vader TIE Fighter. I was so proud of them. Each one was just like the real thing. The wheels turned on the car, and the plane’s propeller moved when you blew on it. And of course, the TIE Fighter had Darth Vader inside. When I went to work on the internet, I had to measure things. As I discussed in my last post, Measure cloud performance like a customer, when you measure on the internet you need to measure in ways that are representative of your customers’ experiences. This affects how you measure in two ways. The first is the perspective you take when measuring, which I talked about last time. The second way is the techniques you use to perform those measurements. And those techniques are, in effect, how you make a model of what you want to know. Those childhood plastic models turn out to offer some solid guidance after all.
  • ODPi Adds Apache Hive to Runtime Specification 2.0
    Today, ODPi announced that the ODPi Runtime Specification 2.0 will add Apache Hive and Hadoop Compatible File System support (HCFS). These components join YARN, MapReduce and HDFS from ODPi Runtime Specification 1.0 With the addition of Apache Hive to the Runtime specification, I thought it would be a good time to share why we added Apache Hive and how we are strategically expanding the Runtime specification.
  • Ubuntu’s OpenStack on IBM’s Big Iron
    If I were Red Hat I would be looking over my shoulder right now; it appears that Ubuntu might be gaining. In just a few years the Linux distribution has gone from being non-existent in the enterprise to being a powerhouse. This is especially true in the cloud, where it's a dominant force on both sides of the aisle. Not only is it the most deployed operating system on public clouds, its version of OpenStack accounts for over half of OpenStack cloud deployments, used by the likes of Deutsche Telekom, Bloomberg and Time Warner Cable.

Kubernetes News