Welcome back to another edition of Tuesday Newsday™. This week we are again looking at good things, bad things, and more dumb things (I'm sensing this is going to be a trend all year). Without any further ado, let's get right into it!
NTP or Network Time Protocol is what allows the synchronization of time across different computer systems and networks. In 2024 we take things like this completely for granted, but the same cannot be said in 1985 when Mr Mills created the NTP, as illustrated by the words of Windscribe back-end engineer Marty: "idk shit about NTP bro lmao." Really goes to show you, Davis Mills was truly an unsung hero.
The FTC has a serious hard on for data brokers at the moment, which I'm honestly pretty happy about. This time the culprit in question is InMarket Media, a Texas-based (of course they are in Texas) data aggregation company that specialized in collection/analysis of location data. Hopefully, the FTC continues on their war path against location data brokers and they completely rid the world of this scummy industry.
A security researcher in Germany has been slapped with a €3000 fine for finding and reporting a vulnerability in an e-commerce database that was exposing almost 700,000 customer records. Here's a summary of the events:
- Hendrik H troubleshoots software for IT firm Modern Solution GmbH. He discovers an un-encrypted, hardcoded credential.
- Modern Solution then calls Hendrik H an "ethical hacker", then files a complaint with German police
- Hendrik H is charged with unlawful data access, with courts originally finding him innocent, and upon further escalation to regional courts is told he must pay the fine and court costs.
This really is an unfortunate outcome, as it turns security research into criminal hacking under German law. It will likely also allow companies to get away with subpar security, which ultimately endangers innocent end users.
The HRLSC experienced a "cybersecurity incident" in October 2023, and are just now notifying those affected. Thus far it is not clear where the incident originated from, nor is there a firm timeline on when the HRLSC will be back at full operational capacity.
TL;DR
As promised last week, the chefs have kept up their steady pace of quality internet morsels. Like many things in life, this past week threw the good, bad, and dumb things at us all at once. Discounting the good things, the bad and dumb things can have pretty crazy unintended consequences if left to the forces of nature. One of the best ways to weather the storms digital life throws at you is with an informed, proactive, and comprehensive privacy strategy. A VPN like Windscribe can be one of your frontline defenders from the chaos online life brings.
