Apple Works to Fix Serious Mac Security Bug

If you are a Mac user or have Mac users you support, please take time to mitigate this problem by setting the root password by following the instructions provided by Apple and referenced in these articles.  Hopefully a patch is coming soon.

Uber Shock: Firm Hid Breach of 57 Million Users

Here is a little bit of warm and fuzzy reading for all as we enter into a huge travel season.  Uber was breached.  Bad!  Uber paid the bad guys to cover it up.  Worse!  Ultimately, the expense was passed along to a trusting consumer.  Worst and sadly typical!

I think it might be time to shift to Lyft or maybe even go back to supporting all the hard working taxi drivers out there.  Bad form Uber.  Bad form!

Amazon Creates Classified US Cloud

The thread responses in this post from Bruce Schneier are almost as entertaining as the linked content from the Washington Post.  If you ever doubted that the cloud movement was unstoppable, it is time to reconsider.

On a lighter note, the arguments many will have with HIPAA and PCI consultants over cloud storage of sensitive data should get more entertaining.  “But Uncle Sam gets to do it…why can’t I?”

Google collects Android users’ locations even when location services are disabled

I honestly do not know where to begin with this article.  I believe the most logical place to start is I have no doubt similar problems may exist within devices from other mobile operating systems.  I doubt this is exclusively an Android or Google problem.  That said, it is deeply concerning, especially given the data collection and sharing process going on in the absence of even an active SIM card.

I am not advocating for the mass production of tin foil hats, but I will say this.  If you have your smartphone with you, you are most certainly never alone.

Shadow Brokers cause ongoing headache for NSA

This is a nice recap of where the NSA vs. ShadowBrokers stands at the moment.  I do find it mildly intriguing how damaged the NSA finds itself amidst this constant trickle feed of compromised data and formerly secret exploits.  One telling line in the article references the NSA (and I am paraphrasing) as one of the premier world wide agencies for breaking into computer systems and yet they could not protect their own house.

I do have to agree with Bruce Schneier and others who point to a whistleblower or other insider theory on the breach.  ShadowBrokers wants the NSA to suffer, both functionally and in terms of reputation.