Tag: Government

Software Safety Should Be Treated Just Like Food Safety. Discuss.

It’s easy to agree with statements like “the food we buy in supermarkets should be safe to eat.” After all, who wants go to bat for shoddy growers pushing contaminated lettuce, or distributors sending out botulinum-laced fish and meats? But what about software safety? Suffice it to say that if people ate software applications instead of, say, cinnamon rolls, they’d be dropping like flies. That’s because the code that powers those applications is often riddled with potentially dangerous insecurities. Unlike the food industry, however, there have been only fitful efforts by government and industry to address what everyone recognizes is a widespread problem.   I’ve written elsewhere about the relative lack of a “safety culture” in the software industry compared with industries like civil aviation or even food. (Remember: most of the food recalls and alerts that are issued today are voluntary.) But there’s also a decades-long track record of the government taking […]

Continue Reading

FTC Bows Out Of IOT Conference Amid Shutdown

Attendees at a high-level summit to discuss the fast-emerging Internet of Things in Washington D.C. were informed that a scheduled talk by Federal Trade Commission (FTC) Chairwoman Edith Ramirez would not take place because of a U.S. Government shutdown that began at Midnight. Ramirez was scheduled to address the 2013 M2M & Internet of Things Global Summit on Tuesday morning on “The FTC’s Interest in the Internet of Things,” but conference attendees told The Security Ledger that Ramirez was forced to cancel her talk because of a government shutdown. “Attendees were told she could not give it due to the shutdown,” said Torrey Barrett, a marketing professional attending the event, reported via Twitter. Ramirez was scheduled to speak at 9:00 AM on Tuesday as one of a series of keynote speakers, just after Michael Nelson (@MikeNelson), Microsoft’s Principal Technology Policy Strategist and just ahead of Chris Vein, a former deputy […]

Continue Reading

FDA Will Regulate Some Apps As Medical Devices

In an important move, the U.S. Food And Drug Administration (FDA) has released final guidance to mobile application developers that are creating medical applications to run on devices like the iPhone and Android mobile devices. Some applications, it said, will be treated with the same scrutiny as traditional medical devices.* The statement is the final word from the FDA on the approach it will take when enforcing federal regulations regarding the safety of medical devices to the large and fast-growing category of medical applications. The agency said on Monday that, while it doesn’t see the need to vet “the majority of mobile apps,” because they pose “minimal risk to consumers,” it will exercise oversight of mobile medical applications that are accessories to regulated medical devices, or that transform a mobile device into a regulated medical device. In those cases, the FDA said that mobile applications will be assessed “using the same […]

Continue Reading

Internet of Things Demands New Social Contract To Protect Privacy

Changes brought about by the Internet of Things demands the creation of a whole new social contract to enshrine the right to privacy and prevent the creation of technology-fueled Orwellian surveillance states in which individual privacy protections take a back seat to security and “control.” That, according to an opinion piece penned by the head of the European Commission’s Knowledge Sharing Unit. Gérald Santucci, in an essay written for the web site privacysurgeon.org, argues that technology advances, including the advent of wearable technology and the combination of inexpensive, remote sensors and Big Data analytics threaten to undermine long-held notions like personal privacy and the rights of individuals. The essays says that current approaches to data protection are “largely inadequate” to the task of reigning in the asymmetrical changes wrought by new technology. “Data collection and video surveillance will continue to grow as ubiquitous computing pervades almost all areas of our […]

Continue Reading

APT-For-Hire: Symantec Outs Hidden Lynx Hacking Crew

This site and others have been writing about the “Advanced Persistent Threat” problem, which has generally been treated as a euphemism for the government and military of The People’s Republic of China or – in some cases – Russia, Iran, North Korea or other un-friendlies. Firms like Mandiant have taken pains to separate the concept of APT from run of the mill cyber criminal hacking groups whose motivation is profit, rather than the acquisition of information that can be used to advance geopolitical or economic goals. Cyber criminal groups may well use “advanced” in their attack methods and “persistent” in their efforts to compromise victim networks, but they weren’t “APT.” Now Symantec Corp. has put a fly into that ointment: publishing a report that pulls the covers off an APT group dubbed “Hidden Lynx” that it claims is responsible for some of the most sophisticated and large scale hacks of […]

Continue Reading
1 82 83 84 85 86 98