![]() ![]() After less than a month of development, the tech is due out on Friday. ![]() Apple's and Google's "contact tracing" app project-now called "exposure notification"-started as a small endeavor, codenamed "Bubble," spearheaded by a handful of employees at Apple, CNBC's Christina Farr reports. As Jeffrey Vagle, an assistant professor of law at the Georgia State University College of Law, notes in a perspicacious piece for the security blog Just Security, businesses all too often fall prey to bad incentives, optimizing for growth rather than security.Ĭontact lenses. In their breakneck quests to attract large followings, tech companies often disregard safety measures and proper audits, a decision that juices growth but ultimately hurts users in incalculable ways. And perhaps most strangely, the report entirely omits a review of Apple’s FaceTime, a service frequently praised by security experts. John Scott-Railton, a security researcher, griped in a tweet that the report took Zoom’s claims of implementing end-to-end encryption at face value, despite his research indicating otherwise. Facebook’s innumerable privacy breaches garner no mention. The NSA makes no attempt to rate code bugginess, nor the prevalence of exploitable vulnerabilities any discussion of Zoom “zero-days” or Microsoft Teams GIF attacks are out of scope. ![]() SMS texting fails on pretty much all fronts. GoToMeeting has no multi-factor authentication option. Cisco Webex, Zoom, Slack, and Skype for Business have suboptimal data deletion policies. Google G Suite and Microsoft Teams lack end-to-end encryption and do not use open source code. Some of the grading criteria: Does the service use end-to-end encryption, which blocks eavesdroppers and snoops? Does it have multi-factor authentication, an option that securely locks down user accounts? Is the technology based on publicly inspectable, open-source code, which is considered more secure than inscrutable proprietary software? Every other service has at least one deficiency, in the eyes of the NSA. In a statement accompanying the report, it said, “By following the practical guidelines, users can draw down their risk exposure and become harder targets for malicious threat actors.” The NSA’s highest marks went to Facebook’s WhatsApp, Signal (whose code WhatsApp uses), and rival chat app Wickr. The National Security Agency recently released an assessment of 13 of the most popular commercial video chatting tools. government considers the remote-working trend to be a matter of national security. Virtual conferencing software-most notably Zoom, despite many recently uncovered vulnerabilities-is surging, as this newsletter has noted often. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |