Brit infosec's greatest threat? Thug malware holding nation's devices to ransom – report The National Crime Agency and newly formed National Cyber Security Centre joint report on cybercrime unsurprisingly names ransomware as the top internet menace. The report notes that ransomware is a “significant and growing” risk, with file-encrypting malware poses a threat to a greater range of kit beyond PCs. Smartphones, …
Created with Microsoft® Word 2016: On opening, this document attempts to connect to a number of URLs, a bit of a security risk.
http://www.w3.org/1999/02/22-rdf-syntax-ns#
http://ns.adobe.com/pdf/1.3/"
http://ns.adobe.com/xap/1.0/"
http://ns.adobe.com/xap/1.0/mm/"
http://purl.org/dc/elements/1.1/"
Point is, they got away with it for a long time, and when they got caught, I don't think the penalty was really all that severe compared to their annual revenues. I'd consider that a pretty GOOD example of gaming the system costing less than doing it right the first time, which means things don't get done right. And that's a company that manufactures something that basically forces you into a jurisdiction. What about one where the good can be made any old where and the people in charge can just disappear overnight?
It's an international problem so it'll need an international response. So basically we're fucked since it'll take 20yr to get an agreement that won't be worth the paper it's written on and is ignored by China and Russia..
Maybe make it a criminal act to sell a product that is insecure or incapable of being secured?
Maybe catch the moon in a jar.
more of us need to wean ourselves off the idea that we 'need' to have every ridiculous brain dead bit of tech that cynical marketeers push at us because: 'oooh it's shiny', 'but everybody has one', and all the other bullshit justifications we come up with for 'consuming' yet another piece of unnecessary crap.
If us with the sort of knowledge and experience say NO, NO and NEVER to this sort of crap loudly enough AND when our friends and reliatives buy this shit and turn to us for help, we say 'No Deal. Get rid of that thing first, take it back to company that sold it and demand your money back", we have no hope in hell in stopping this invasion.
We don't have much hope without the lawmakers getting involved and even in the USA the FCC has decided to turn a blind eye to this problem.
None of this stuff (even if it has a 'homekit' stamp of approval) will get installed on my network EVER.
Different in a business. DPA and the GDPR would mean that a company would be liable for any crap technology it put in causing a leak of personal information. GDPR will come in before Brexit, will it stay in after?
Lawyer colleague of mine spoke with a Tory MP recently and was told that they can't wait to do away with DPA etc to free up businesses from unnecessary red tape. SO you can be sure your elected member have you best interest at heart. As long as you are one of the millionaire buddies.
"Lawyer colleague of mine spoke with a Tory MP recently and was told that they can't wait to do away with DPA etc to free up businesses from unnecessary red tape."
Yet another thing they haven't worked out. GDPR is coming. If UK companies want to do business with Europe that involves transfer of person data then the UK is going to have to have legislation in place that complies. Or is their no limit to the extent to which leavers are prepared to harm the UK's economy?
Carrot
Release drop in secure authentication methods for popular processors so no excuse for brain dead hard coded accounts or passwords.
Approval mark confirming you can sell in main stores, has passed basic security tests.
Stick
No mark means liability for developer and mfg. No mark means you buy at owners risk.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
