In this week’s Security Ledger Podcast (Episode #89) we talk with Beau Woods of The Atlantic Council and the advocacy group I Am The Cavalry about the death of 49-year-old Elaine Herzberg, who was struck and killed by an autonomous vehicle operated by Uber. Also: following Facebook’s privacy meltdown with Cambridge Analytica, we’re joined by Konstantinos Komaitis, the Director of Policy Development at the Internet Society about what real social media privacy reforms should look like. And a new Ponemon Institute survey finds companies are convinced that insecure Internet of Things devices will result in them being hacked – but they’re not doing anything to stop it.
Autonomous driving technology has the potential to save many more lives than it takes. But that may not matter if the public becomes convinced that autonomous vehicles are a danger to society.
In our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.
Large US firms may be among the first targets of EU regulators once the General Data Protection Rule goes into effect. (Editor’s Note: this blog post first appeared on Digital Guardian’s Digital Insider blog. You can read the full post here. )
The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code.