Qualcomm inks a deal with JLC Infrastructure and Ignite for smarter cities: Qualcomm is now focusing on smart cities and selling its technology to municipal buyers with a new partnership with JLC Infrastructure and Ignite. Qualcomm has a history of trying to bring its chips into new markets by signing deals with partners already in the sector and trying to build reference designs. This indicates that Qualcomm may finally see a market in smart cities. Along with the partnership news, JLC also said it will allocate $75 million to build out projects developed with Qualcomm and Ignite. So JLC is definitely making a significant bet on smarter cities. (Qualcomm) — Stacey Higginbotham
How to get the OT team to care about IT security? There are a lot of crappy webinars out there right now, many of which are just thinly disguised sales pitches, but there are also a lot of really useful ones. CyberX recently hosted one that had some good insights, on how to help get information technology (IT) and operational technology (OT) teams on the same page by using cybersecurity. Yes, CyberX, which provides OT security, had an agenda, but its panelists, which included Paul Brager, director of OT security programs at Baker Hughes, and Niyo Little Thunder Pearson, cybersecurity team lead with energy utility company ONE Gas, also shared some pearls of wisdom. For teams trying to get their OT folks on board, the most useful tidbit was probably the fact that applying some kind of security system can help improve the bottom line by pointing out places where the system may not be configured correctly or is simply inefficient. Also, be prepared to hear OT say no at first. Not only will the IT team have to devote hours to understanding the OT environment, it must get the OT folks to understand how the security landscape has grown more sophisticated. Check out the replay or just the notes. (CyberX) — Stacey Higginbotham
Big tech hits the pause button on facial recognition: Earlier in the week, IBM took a stand for racial injustice with a strongly worded letter to Congress laying out its values and condemning the use of facial recognition. Big Blue said it was no longer offering such software or services for sale to law enforcement, and some of its largest peers quickly followed suit. Amazon announced a minimum one-year pause on selling its Rekognition service to police, and the very next day, Microsoft made a similar statement, saying that until federal laws are passed to regulate the use of facial recognition tech by law enforcement, it will not sell its service either. There are certainly caveats associated with some of these pledges, but it’s a win for personal privacy, at least for the moment. (Reuters) — Kevin C. Tofel
IFTTT cuts the cord on Wink: As if between its inability to deliver a mature product and the PR disaster it created around its move to a subscription-only plan Wink wasn’t facing enough challenges, things just got even worse for the company. IFTTT has disconnected Wink and will no longer support it going forward, which means you can no longer use IFTTT to connect Wink to third-party products for automation. I was already leery of the company’s future when it decided to start charging $5 a month for continued usage, but this move from IFTTT might be the final nail in Wink’s coffin for many of those who, up until now, have been relatively satisfied customers. (Android Police) — Kevin C. Tofel
Smart devices suddenly not working? Check those certs! A few weeks ago, Roku streaming devices suddenly stopped working for no apparent reason. It turns out the product’s root security certificates had expired. Not so coincidentally, at the same exact date and time, the issue also reared its head on Stripe’s mobile processing services. Now researchers are warning that other connected devices, such as those in your home, may soon suffer the same fate. Expect software updates to abound as that old webcam or smart TV approaches a certificate expiration date. (Bleeping Computer) — Kevin C. Tofel
Why you don’t want to be within 500 feet of any crime: Google Maps is probably the de facto standard when it comes to finding your way to destinations. It may also become a standard in solving crimes, even though the data from it can pin the blame on innocent bystanders. Using a geofence warrant, Virginia law enforcement found 19 people within 500 feet of a bank robbery using personal location data stored by Google Maps. There was only one bank robber, so which of the 19 potential suspects was the perpetrator? Do the police now have the right one? This situation raises plenty of privacy issues that aren’t likely to be solved anytime soon. Check out the article and stay tuned to see how the future of geofence warrants may be affected (OneZero) — Kevin C. Tofel
Transcend raises $25M to expand data privacy in business: The 2017 startup Transcend snagged $25 million in Series A funding this week to bring its embedded data privacy solution to businesses. I say embedded because, unlike many security solutions that use some external service, Transcend supplies a “data privacy infrastructure that integrates into a company’s databases and applications, automatically handling requests end-to-end with no human intervention required.” The data privacy infrastructure company already has a customer in RobinHood, the commission-free online investment service. (Transcend) — Kevin C. Tofel
Oh look, billions of connected devices can be exploited! We’ve previously talked about how the TELNET protocol lacks modern security and shouldn’t be used in connected devices these days. I’d add the UPnP protocol to that as well, even though it simplifies the process of device discovery on your network. A new UPnP exploit found this week suggests that billions of connected devices are at risk due to a bug in the header value of the UPnP SUBSCRIBE function. What’s the worst-case scenario? Just an open port that attackers could use to infect devices on your home network. Yikes! (Tom’s Guide) — Kevin C. Tofel
Leave a Reply