A Review of the Best News of the Week on Identity Management & Web Fraud
Sign In With Apple’ Protects You in Ways Google and Facebook Don’t (Wired, Jun 04 2019)
Apple’s new single-sign-on scheme has benefits that its competitors seem unlikely to match.
Watchdog says FBI has access to about 640M photographs (WTOP, Jun 04 2019)
A government watchdog says the FBI has access to about 640 million photographs — including from driver’s licenses, passports and mugshots — that can be searched using facial…
Facebook lawyer argues you should have ‘no expectation of privacy’ (Graham Cluley, Jun 03 2019)
Next time someone connected to Facebook tries to convince you that it’s now really serious about privacy you know they’re pulling your leg.
One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
G Suite users will have ‘confidential’ Gmail mode set to ON by default (Naked Security – Sophos, Jun 03 2019)
Google announced that on 25 June 2019, Gmail’s confidential mode will be switched on by default as the feature becomes generally available.
CBP’s Airport Facial Recognition ‘Is Not a Surveillance Program’ (Nextgov, Jun 03 2019)
As the public grows wary of facial recognition, the head of CBP’s biometric entry and exit initiative says the agency is using the tech responsibly.
Firefox aims at Google with Enhanced Tracking Prevention (Naked Security – Sophos, Jun 06 2019)
The latest version of Firefox, 67.0.1, features a fully-fledged version of Mozilla’s Enhanced Tracking Protection (ETP) privacy system.
Over Half of UK Firms Failing on Privacy Compliance (Infosecurity Magazine, Jun 03 2019)
GDPR top-of-mind for CEOs, according to Thomson Reuters
Beyond Biometrics: The Future of Authentication (SecurityWeek, Jun 03 2019)
As organizations become more and more digitally connected, concerns about secure access seem to loom larger than ever. With more users connecting to more resources, how can organizations ensure people requesting access are who they say they are?
Why We Keep Coming Up With Such Unsafe Passwords (WSJ, Jun 04 2019)
We get emotionally attached to the way we create our passwords. And then we get defensive when we’re asked to change that routine.
How to Get the Most Benefits from Biometrics (Dark Reading, Jun 05 2019)
Providing an easy-to-use, uniform authentication experience without passwords is simpler than you may think.
Gang charged with $19 million iPhone scam (Naked Security – Sophos, Jun 06 2019)
It was a well-oiled business, with Top Dogs fencing devices, forgers cooking up fake IDs with stolen PII, and runners ripping off phones.
How First Citrus Bank got rid of employee passwords (CSO Online, Jun 04 2019)
“We deployed it to everyone in our organization, using the biometrics inherent in their devices, whether Android or iPhone,” says Joe Kynion, the community bank’s cybersecurity lead.
CCPA: Making Sense of California’s Strict New Data Privacy Law (Jumio, Jun 06 2019)
Is your business ready for January 1, 2020? This is the date when the California Consumer Privacy Act, or CCPA, is slated to take effect. It’s expected to be the strictest data privacy law in the U.S., and will require data privacy protections and requirements similar to or broader than those imposed by GDPR.
Access Security Trends: Microsoft’s Moving Away From Password Policies to More Usable, Effective Security (The Duo Blog, May 08 2019)
Microsoft announced they’re dropping password-expiration policies requiring periodic password changes in the draft release of their security configuration baseline settings for Windows 10 and Windows Server (version 1903). Expiring passwords means forcing the end of their use, and periodic password changes means making users change them every set number (60, 90) of days.