Security

Meta hit with €17m fine for “failure to protect people’s information”

Leave a comment

Remember 2015 when an incoming CISO infamously announced he was quitting Yahoo? In retrospect we know he was failing to disclose their breaches, trying to sneak out the back door yet avoid charges of misconduct.

His abrupt departure, after just one year in his first ever attempt to be a CISO, was announced very loudly as an intention to lead Facebook instead, because he said it was the best in the world at protecting people’s information (and soon after promising privacy where there would be none).

In fact his track record delivered the exact opposite, and regulators are not pleased.

Not only did Facebook flounder under this CISO’s outspoken and high-profile yet vapid command — leading to the largest breaches in history — it pushed back at regulators and then failed even to rise above a basic test of “key data protection principles“.

The decision follows an inquiry by the Data Protection Commissioner (DPC) into a series of 12 data breach notifications received by DPC the between June and December 2018,

The regulator found that Meta Platforms Ireland infringed Article 5(2), and 24(1) of the GDPR data protection law, which require organisations to put measures in place to meet key data protection principles.

The DPC found that Meta “failed to have in place appropriate technical and organisational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data”.

In other words, more and more people agree that CISO should probably go to jail.

Today the government is announcing that executives whose companies fail to cooperate with Ofcom’s information requests could now face prosecution or jail time.

Security

Apple macOS 12.3 Quietly Kills 3rd Party “Online Only” Applications

1 Comment

As much as people like to talk up Apple as a privacy advocate, it’s rarely a bright line with an either/or position.

Buried in a macOS 12.3 release (with general availability two days ago) was an important change to the data flow of user files.

Deprecations.

The kernel extensions used by the Dropbox desktop app and Microsoft OneDrive are no longer available. Both service providers have replacements for this functionality currently in beta. (85890896)

That means macOS 12.3 no longer allows opening any files stored in the cloud through third-party applications; users must instead download all files with Apple’s macOS Finder before opening them with any other applications.

That basically kills the entire access model of a product like Dropbox “Smart Sync“, which is built on the premise someone can avoid downloading files to a local system, managing permissions entirely through an app instead.

Stop worrying about hard drive limits. Sync only what you need, and access all your files seamlessly from your desktop or mobile.

There are privacy implications here, as well as control issues, and it will be interesting to see whether Apple can justify the changes within a context of privacy.

On a related note, macOS 12.3 security content also discloses a huge number of major flaws such as “bypass login” and “execute arbitrary code with kernel privileges” and “malicious application may be able to gain root”.

Lots of good reasons to not download files to a local system, let alone give the OS any more access than necessary.

Food, Sailing, Security

Italian Police Seize Russian Oligarch’s 500ft Sailboat (Largest in World)

Leave a comment

A boat builder boasted in 2017 about their 143m ship with gross tonnage of 12.600 that can only go 20 knots:

Her name: SAILING YACHT A. She will draw eyes the world over, as no other superyacht has ever done before.

Apparently this prediction of drawing eyes came true just now. Italian police announced the 530 million euro monstrosity had achieved their full attention.

Italian police have seized a superyacht from Russian billionaire Andrey Igorevich Melnichenko, the prime minister’s office said on Saturday, a few days after the businessman was placed on an EU sanctions list following Russia’s invasion of Ukraine. […] Designed by Philippe Starck and built by Nobiskrug in Germany, the vessel is the world’s biggest sailing yacht, the government said. Melnichenko owns major fertiliser producer EuroChem Group and coal company SUEK.

Technically Melnichenko just resigned in an attempt to find a loophole in sanctions.

EuroChem Group AG, a leading global fertilizer producer, announces that Andrey Melnichenko has resigned his position as Non-Executive Director of the Board of Directors, and withdrawn as main beneficiary, effective March 9, 2022. The move follows Mr. Melnichenko’s inclusion in an EU sanctions list, and was taken to ensure EuroChem is able to continue providing millions of people around the world with nutrients for agriculture, helping to underpin global food security.

Nutrients that underpin global security?

*Cough* bullshit *cough*.

But seriously, this opulent waste of money on a party yacht sinks any claims to Melnichenko or his company giving a crap about global food security.

Source: Nobiskrug

It might be the ugliest sailboat I’ve ever seen. At best it resembles a Chinese Junk.

A trio of 300 ft masts with full battens on a 480 ft lethargic bathtub make no sense to me at all. I’m not kidding about bathtub designs being slow. Surface area clearly increases towards the waterline.

Source: Nobiskrug

It has all the grace and efficiency of a flat tire.

Really it looks like someone took a big container ship and chopped its stern off, then crammed on a cruise ship’s reverse poop deck. Running lights make it even uglier, like an old running shoe from Walmart.

Source: DailyMail

To be fair we’re talking about a fertilizer and coal billionaire who wanted a party boat that could operate on clean wind power instead of fertilizer or coal. Nothing about it sounds right, if you see what I mean, and yet somehow I am certain the Italians will know exactly what to do.

History, Security

Metaverse is a throwback to the Commodore 64

Leave a comment

Recently I wrote a quick note about Apple users believing that removing a monitor from an integrated computer/keyboard was somehow something novel or new.

I was reminded of the amazing and famous Commodore VIC-20 of the 1980s, and how easily people overlook the past.

That got me thinking about another “new” trend in virtual world software. Sure enough, I found current trends may be trying to repeat things from before.

What we take for granted in today’s MMOs — the constant presence of thousands of real humans interacting with us in a virtual space — simply blew the minds of those who first encountered it. And way back when, those encounters depended on the person and technology available. Some folks had access in the ’60s and ’70s to the early form of the internet and email in universities and government offices, but these close encounters of the virtual kind only started to make its way into households in the ’80s (and even then, mostly to those plugged into the geek community). The developers of these programs — the MUDs, the BBSes, CompuServe, etc. — were truly pioneers forging a path while trying to figure things out on the fly. So it amazed me to hear that I’ve been missing out on a key part of MMO history by overlooking Lucasfilm’s Habitat, which wasn’t quite an MMO by modern standards and yet created a graphical virtual world with many of the elements that were adopted into later projects. In our two-week look at Habitat, we’ll see just how eerily similar this 1986 title is to what we know today — even though it came out on the Commodore 64.

Lucasfilm’s Habitat on the Commodore 64.

It was just one of many virtual worlds from long ago that nobody talks about anymore.

Think about this long dead software the next time someone asks what will change when virtual worlds arrive.

How long will it be before we look back at metaverse and laugh about how primitive it was?