Marcel Brown: September 12th, 1962. In a speech given at Rice University, President John F. Kennedy gives his famous “We choose to go to the Moon” speech, in which he uttered the famous phrase ” I believe that this nation should commit itself to achieving the goal, before this decade is out, of landing a man on the moon and returning him safely to earth.” It took just under 7 years before man set foot on the Moon in July of 1969.

Edwin Kwan:  Users reported on Reddit on Friday that when they log into Wyze’s web viewer, their web feeds disappeared and they had access to other people’s camera feeds instead. The company revealed that they had been aware of a security vulnerability for three years.

Kadi McKean: In the ever-evolving landscape of digital privacy, one product category stands out as a poster child for disregard: cars. Cars have officially earned the problematic honor of being the worst reviewed product category in terms of privacy.

Katy Craig: U.S. Senator Jim Risch, along with bipartisan support, has introduced the Small Business Cyber Resiliency Act. If passed, this legislation could be a significant step forward in protecting the often vulnerable small business sector from cyber threats.

Hillary Coover: Elon Musk’s company, X, formerly Twitter, is tightening its grip on data scraping by updating its Terms of Service. Starting on September 29th, X will ban all data scraping and crawling activities without “prior written consent.”

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Wyze Suffers Broken Access Control

Wyze camera owners had a surprise last week when their web camera feeds disappeared and were replaced with feeds from other people’s cameras.

This is Edwin Kwan from Sydney, Australia.

Users reported on Reddit on Friday that when they log into Wyze’s web viewer, their web feeds disappeared and they had access to other people’s camera feeds instead. They were able to see the inside of other people’s houses and all the events for their cameras.

The company confirmed they had an issue with the online camera portal, which they attributed to a web caching issue. It affected a small number of users using the web browser, but did not affect those using the mobile apps. They say that the web portal was shut down once the issue was identified and the issue has now been resolved.

Last year, the company revealed that they had been aware of a security vulnerability for three years that allowed attackers to gain access to their version 1 model cameras. However, rather than informing their customers about the issue or fixing it, the company decided to quietly discontinue the cameras.

Resources
Wyze Status Update
– https://support.wyze.com/hc/en-us/articles/360015979872-Service-Status-Known-Issues
The Verge:
– https://www.theverge.com/2023/9/8/23865255/wyze-security-camera-feeds-web-view-issue

 

Kadi McKean
It’s Not Just A Vehicle; It’s A Data Mine on Wheels

In the ever-evolving landscape of digital privacy, one product category stands out as a poster child for disregard: cars. According to a recent report by Mozilla, cars have officially earned the problematic honor of being the worst reviewed product category in terms of privacy.

In an era where our lives are increasingly intertwined with technology, from smartphones to smart homes, we’ve witnessed a relentless invasion of our privacy. Yet it’s the automobile, a symbol of freedom and mobility, that has turned out to be the most invasive of them all.

Mozilla’s investigation delves into the world of connected cars, uncovering a disconcerting lack of transparency and control over personal data. These modern marvels, equipped with GPS, cameras, and a variety of sensors, have become rolling data gold mines for automakers and tech giants alike.

As we drive, our cars collect an astonishing array of information, from our location and driving habits, to the songs we listen to, and even the conversations we have inside the vehicle. 84% of car brands share this treasure trove of data with third parties, creating a complex web of privacy concerns.

It’s not just about who’s watching us, but also how they are using our data. It’s not merely a question of convenience; it’s a matter of safeguarding our fundamental rights to privacy and autonomy. However, the statistic that disturbs me most is that 92% of drivers have little to no control over their personal data- meaning, you don’t have the right to delete your personal data.

Mozilla’s report highlights real-world implications. We learn about the unsuspecting driver who had their car data used against them in a court case, or a parent who unknowingly exposed their child’s data by syncing a smart car seat. These anecdotes remind us that the consequences of privacy infringements are personal, affecting individuals in profound ways.

What’s interesting is this report doesn’t just stop at finger pointing, it calls for change. Mozilla calls upon automakers to be transparent about data collection and sharing, to give users real control over their data, and to prioritize privacy in their designs. It urges regulators to step up and establish clear rules to protect consumers from the Wild West of automotive data collection.

Next time you get behind the wheel, remember that your car is not just a vehicle; it’s a data mine on wheels.

This is Kadi McKean in Alexandria, Virginia.

Resources
Mozilla Foundation:
– https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

Katy Craig
Introducing the Small Business Cyber Resiliency Act

U.S. Senator Jim Risch, along with bipartisan support, has introduced the Small Business Cyber Resiliency Act. This bill aims to arm small businesses with top-tier cybersecurity tools and information. Why does this matter? Because small businesses are often the low-hanging fruit for cybercriminals.

This is Katy Craig in San Diego, California.

The bill has several key components designed to fortify the cybersecurity posture of small businesses. First up, it ensures that cybersecurity training and resources are effective, accessible, and relevant. No more one-size-fits-all solutions that don’t really fit anyone.

Next, the bill establishes a Central Small Business Cybersecurity Unit within the Small Business Administration, or SBA. This unit will oversee all cybersecurity efforts targeted at small businesses.
The Act also creates a publicly-available clearinghouse for small business cybersecurity resources. This would be your one-stop shop for all things cybersecurity, from best practices to the latest threat intelligence.

Finally, the bill will review the cybersecurity hygiene of small businesses that went online during the COVID-19 pandemic. Let’s face it, the rush to go digital may have left some gaps in the armor, and this aims to patch those up.

What’s the takeaway? If passed, this legislation could be a significant step forward in protecting the often vulnerable small business sector from cyber threats. It’s a comprehensive approach that aims to level the playing field, giving small businesses the tools they need to stand tall in the face of cyber adversity.

This is Katy Craig. Stay safe out there.

Resources
U.S. Senator Jim Risch
– https://www.risch.senate.gov/public/index.cfm/pressreleases?ID=A39F60D7-657C-4B05-B707-D8FA31A05128

 

Hillary Coover
How Will Elon Musk’s X Reshape the Digital Landscape?

Elon Musk’s company, X, formerly Twitter, is tightening its grip on data scraping by updating its Terms of Service. Starting on September 29th, X will ban all data scraping and crawling activities without “prior written consent.”

Hi, this is Hillary Coover in Washington, DC.

Previously, crawling was allowed if it followed the robots.txt file instructions, but the new terms are unequivocal in their prohibition. X has also restricted access for web crawlers, allowing only Google’s bots to crawl the platform, which raises questions about Twitter’s data access relationship with Google.

Furthermore, X has modified its robots.txt file to prevent crawlers from accessing specific data such as likes, retweets, account likes, media, and photos. This action comes as a response to Twitter’s past struggles with data scraping issues that disrupted user experience.

Elon Musk has been a vocal critic of companies using Twitter’s data for training AI models and has taken legal action in the past, including threats against Microsoft. Their recent privacy policy changes reveal their intent to use public data, including those tweets, for their own AI model training. Additionally, updated policy introduces provisions for collecting biometric data, education, and job history of users.

For more information, check out 505updates.com for a link to the article and the full transcript.

Resources
X Terms of Service:
-https://twitter.com/en/tos
Wired:
-https://techcrunch.com/2023/09/08/x-updates-its-terms-to-ban-crawling-and-scraping/
iPhone Canada:
-https://www.iphoneincanada.ca/2023/09/08/x-data-scraping-crawling-ban-new-terms/

 

Marcel Brown
This Day in Tech History

This is Marcel Brown bringing you some technology history for September 12th.

September 12th, 1958. Researcher Jack Kilby demonstrates the first integrated circuit to other researchers and executives at Texas Instruments. This prototype proves that resistors and capacitors manufactured of the same material can be integrated on a single chip. Integrated circuits are now used in virtually all electronic equipment and have revolutionized the world of electronics.

September 12th, 1962. In a speech given at Rice University, President John F. Kennedy gives his famous “We choose to go to the Moon” speech, in which he uttered the famous phrase ” I believe that this nation should commit itself to achieving the goal, before this decade is out, of landing a man on the moon and returning him safely to earth.” It took just under 7 years before man set foot on the Moon in July of 1969.

That’s your technology history for today. For more, tune in tomorrow and visit my website, thisdayintechhistory.com.
Resources
– https://thisdayintechhistory.com/09/12/