This week’s massive data leak award goes to: Equifax with almost 150 million accounts informations out in the wild!
The breach Equifax reported Thursday, however, very possibly is the most severe of all for a simple reason: the breath-taking amount of highly sensitive data it handed over to criminals. By providing full names, Social Security numbers, birth dates, addresses, and, in some cases, driver license numbers, it provided most of the information banks, insurance companies, and other businesses use to confirm consumers are who they claim to be. The theft, by criminals who exploited a security flaw on the Equifax website, opens the troubling prospect the data is now in the hands of hostile governments, criminal gangs, or both and will remain so indefinitely.It’s the failure to patch a two-month-old critical bug in Apache Struts that led to the massive breach. See what the people from Apache had to say about it. As a result, Equifax is no looking at a multibillion-dollar lawsuit and their security and information executives have been fired (well, they “stepped down”).
I hope this will be more secure than Equifax. Nice initiative, though.
Today, the U.S. Digital Service and 18F are excited to announce the launch of login.gov, a single sign-on solution for government websites that will enable citizens to access public services across agencies with the same username and password.
A new Stanford study found that the nation’s tech elite are extremely liberal on most issues — except when it comes to regulation.
Over all, the study showed that tech entrepreneurs are very liberal — among some of the most left-leaning Democrats you can find. They are overwhelmingly in favor of economic policies that redistribute wealth, including higher taxes on rich people and lots of social services for the poor, including universal health care. Their outlook is cosmopolitan and globalist — they support free trade and more open immigration, and they score low on measures of “racial resentment.”
Technology / AI / Blockchain
While the rest of the world struggles to regulate ICOs, China had decided to ban them altogether (causing Bitcoin to drop almost 20% in the process).
It is looking like a new era is coming for ICOs, at least those in China for now. In the U.S., the SEC has issued official warnings around the risks of ICOs, also known as token sales, but the Chinese government looks set to beat it to implementing regulation around the rapidly growing fundraising option. A notice from a committee led by China’s central bank today announced an immediate ban on ICO funding (…) the committee has prepared a list of 60 exchanges which will be subject to inspection and a report. In the meantime, there will be an ICO freeze in China.
China will set a deadline for automakers to end sales of fossil-fuel-powered vehicles, becoming the biggest market to do so in a move that will accelerate the push into the electric car market.
The world’s second-biggest economy, which has vowed to cap its carbon emissions by 2030 and curb worsening air pollution, is the latest to join countries such as the U.K. and France seeking to phase out vehicles using gasoline and diesel. The looming ban on combustion-engine automobiles will goad both local and global automakers to focus on introducing more zero-emission electric cars to help clean up smog-choked major cities.
Development / Design / DIY projects
Build your own Tesla like car computer with a Rasberry Pi.
Want to build or improve a search experience? Start here.
Here’s your guide to managing secrets and keys with Version Control Systems.
Although it is important to save your code in source control, it it is equally important for some project assets to be kept out of your repository. Certain data like binary blobs and configuration files are best left out of source control for performance and usability reasons. But more importantly, sensitive data like passwords, secrets, and private keys should never be checked into a repository unprotected for security reasons.
A collection of (mostly) technical things every software developer should know.
Bits and pieces
A lot of cybersecurity content this week. A critical Bluetooth Flaws Put Over 5 Billion Devices At Risk Of Hacking. See how you can have fun Boeing’s 787 In Flight Entertainment System. If you’re serious about security, check out this article about understanding the prevalence of web traffic interception. And finally, learn more about Mastercard’s Internet Gateway Service and its Hashing Design Flaw.