disclosure

(get it in RSS or Atom)

New Russian law aims to curb online anonymity and free speech

duma-250

Russia just passed amendments to anti-terrorism laws, requiring popular bloggers and social media posters to register with a government agency and abide by a raft of rules covering what they say online...

Europeans to get told about data breaches - sometimes

Europeans to (sometimes!) get filled in on data breaches

The EC has published new breach disclosure rules that exempt companies from disclosure if they're using encryption. It's an odd loophole, given how data handling can be bungled, encryption or no.

Name.com suffers breach, credit card data accessed, encryption in place (phew!)

Domain registrar and web hosting company Name.com, part of the Demand Media group, has suffered a data breach.

Crooks have apparently made off with data up to and including credit card numbers...but it sounds as though everything was encrypted, which is a silver lining.

Java hacker boasts of finding two more unpatched holes

Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again.

The Polish researcher is publicly bragging about two brand-new vulnerabilities he's found even since Oracle's most recent patch just a week ago.

Mobile apps for kids collecting and sharing information with third parties

kidwithphone250

The second of two FTC reports on kids' mobile apps shows that the industry hasn't improved with regards to privacy, with many apps sharing personal information with third parties, all without notifying parents or asking for their permission.

PayPal starts bounty program for security bugs

PayPal starts bounty program for security bugs

If you've found a security issue with PayPal, you could receive a monetary reward for informing the firm responsibly.

Safeguards for ethical hackers spurned by Australian government

Australia spurns ethical hacker protection

The Australian government has thumbed its nose at legal safeguards for ethical hackers, according to security researcher Alana Maurushat.

Industry professionals say they went out of their way to submit proposals for recent reviews of cybercrime laws, but the government decided to reject them all.

Facebook to start paying security bug bounties

Facebook to start paying security bug bounties

Facebook is the most recent company to come to the bug-bounty party, officially announcing that "to show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs."

Payouts start at US$500. Tempted?

Dear Earth, Last month I took a paternity test!

Dear Earth, Last month I took a paternity/drug test!

Of all the information you've entrusted to others, which would you consider the most embarrassing to see popping up on the internet?

How about the date of your latest paternity test?

FLAMING RETORT - Three words for RSA. Promptness. Clarity. Openness.

FLAMING RETORT - Three words for RSA. Promptness. Clarity. Openness.

It's no good having mandatory data breach disclosure laws if all they teach us is to admit we had a breach. We also need to convey information of obvious practical value to all affected parties.

Three words. Promptness. Clarity. Openness.

Google versus Microsoft - handbags at dawn

Google versus Microsoft - handbags at dawn

By some accounts, Microsoft and Google are at each other's throats over the disclosure of vulnerabilities.

What went wrong?