Security News for the Week Ending November 6, 2020

TikTok Ban – Remember That?

Well now that the election is over – at least the voting part – we can get back to the important stuff like whether our kids can create 30 second dance videos on TikTok. The President signed a memo a couple of months ago to add trade pressure on China by banning TikTok in the US, but a Federal judge signed a preliminary injunction putting the memo on hold. The government has asked the DC Circuit to overturn that injunction but there are other restrictions like hosting the TikTok software on US cloud servers that go into effect on November 12th, so assume this subject will heat up over the next week or so. Credit: Law360

Feds Seize $1 Billion in Bitcoin from Silk Road

The feds shut down the Silk Road online crime bazaar in 2013 and convicted its founder, Ross Ulbricht in 2015. He was sentenced to two life terms plus 40 years. Now, this past week, the feds transferred 69,000+ Bitcoin out of a wallet that has been quiet since 2015. Is Ross trying to make a deal? Those Bitcoin are worth not quite a billion dollars. Now the feds have to convince a judge that the money is proceeds subject to forfeiture. If they do, the feds will likely auction off the cryptocurrency and put the proceeds in its piggy bank and, possibly, the piggy banks of other agencies that helped take Ulbricht down. Credit: ARS Technica

How Fast is Our 5G

I know that 5G is not a security issue – except that how we use 5G WILL make it a security issue. Right now, the 3 big carriers continue to roll out some form of 5G nationally and they are succeeding. It is important to understand what they mean by 5G. It does NOT mean that if you spend $1,000 or $1,500 on a 5G phone (although there are a couple of low price models), you should expect really fast speed on your phone. It means that the carriers are layering the 5G protocols on top of the existing 4G infrastructure.

So how fast is our 5G? PC Magazine does tests every few months and has released a new set of tests. They say that our 5G average speed is slower than Saudi Arabia, South Korea, Australia, Canada, Switzerland, United Kingdom and Germany. That is not impressive and is not likely to change for a number of years for several technical reasons. Read the details at PC Magazine.

Jackson, Mississippi Integrating Your Ring Camera into their Surveillance Network

To be clear, they are doing it with the owner’s permission. They are partnering with two companies who claim to be able to suck up your Ring camera data and feed it into the police department’s surveillance network. Obviously, if the city can get the benefit of thousands of surveillance camera feeds without paying for them AND they can really digest the data, then that may help them stop crime. If the cameras point towards the street and record people that are not on your property, YOU may be committing a crime (depending on the state), but since the cops want your data, they are unlikely to complain. On the other hand, the person who is captured on your video which is fed to the police may sue you. Just sayin’. While Ring has made a big deal of trying to get you to give your video feeds to your local police, this is not one of their projects. Credit: Vice

Attention Those 220 Million Web Sites That Use Let’s Encrypt

This is probably not a big deal but still worth mentioning. When Let’s Encrypt first came out it borrowed a friend’s root signing certificate since the browsers did not trust it. Years ago it became trusted when it issued its own root certificate. Now that original signing certificate is expiring and if your computer or phone does not have their new certificate, you will get an error message when browsing to one of the 220 million web sites that use Let’s Encrypt. NOTE that only affects old operating systems and old browsers that use those operating system’s certificate stores (this may be the reason why Chrome is moving away from using the OS certificate store). This doesn’t become a problem until September 2021, but IT managers should make a note of it because they will likely get at least a few calls. Credit: The Register

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code