e dot dot dot
a mostly about the Internet blog by

October 2019
Sun Mon Tue Wed Thu Fri Sat
   
   


Hey Doordash: Why Are You Hiding Your 'Security Notice' From Google Just Days After You Revealed A Massive Security Breach?

Furnished content.


As you might have heard, late last week, delivery company DoorDash admitted via a Medium post that there had been a large data breach exposing info on 4.9 million users of the service. The breach had actually happened months earlier, but was only just discovered earlier this month.

We take the security of our community very seriously. Earlier this month, we became aware of unusual activity involving a third-party service provider. We immediately launched an investigation and outside security experts were engaged to assess what occurred. We were subsequently able to determine that an unauthorized third party accessed some DoorDash user data on May 4, 2019. We took immediate steps to block further access by the unauthorized third party and to enhance security across our platform. We are reaching out directly to affected users.
The information accessed included names, emails, delivery addresses, order histories and phone numbers. Salted and hashed passwords were accessible too, but assuming Doordash didn't mess up the salting/hashing, those should still be safe. Some customers also had the last four digits of their credit cards revealed.All in all a somewhat typical breach that happens these days. However, as TechCrunch cybersecurity reporter Zack Whittaker noticed, somewhere right around the time the breach went up, DoorDash told Google to stop indexing its "SecurityNotices" page via robots.text.
He also notes that DoorDash doesn't seem to be going out of its way to alert people to the breach -- pointing out that there's nothing on DoorDash's front page, or on its various social media accounts. Just the blog post on Medium (and, if I'm not mistaken, Medium posts can end up behind a paywall in lots of cases). That's pretty lame. My guess is that since DoorDash says it's "contacting" customers impacted by the breach, it felt it didn't need to do wider outreach. But... that seems like a huge cop out. Notifying people of such a breach is kind of important.And, also, yanking your "securitynotices" directory from Google (even if it currently appears blank) seems super suspicious. Why do that except to hide information from people searching for info about your security issues? A breach of this nature is bad, but it happens to so many companies these days that I don't think this kind of breach leads to much trust lost from customers. However, proactively trying to keep things quiet about this... well... that's the kind of thing that raises eyebrows and destroys trust.Of course, in a bit of perfect timing to distract from all of this, DoorDash happily announced today that it's now delivering for McDonald's, so get your Big Macs quick and ignore any lingering concerns about security...

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 01-Oct-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Welcome To A World Of 500-Megapixel Cameras, And Surveillance Systems Able To Zoom In On Small Objects A Kilometer Away

Furnished content.


Here on Techdirt, we love digital technology. We love how Moore's Law and its equivalents help drive continual innovation and open up interesting new uses and possibilities. But powerful technology is just a tool, and like any other tool it can be used in good and bad ways. Which brings us to this latest piece of high-tech wizardry: a 500-megapixel cloud-based camera system with built-in AI, developed in China. The English-language Global Times, which is closely aligned with the views of the Chinese government, explains one possible use of such a system:

For example, in a stadium with tens of thousands of people, the camera can shoot a panoramic photo with a clear image of every single human face, the report said.When integrated with AI, facial recognition, real-time monitoring and cloud computing technology, the camera can detect and identify human faces or other objects based on massive data and instantly find specific targets, according to the report.
The article notes that the camera's impressive capabilities could be applied to "national defense, military and public security". Well, yes, now you come to mention it, they probably could. But it would be wrong to think that only China is active in this field. The Japanese company Fujifilm is also working on surveillance systems with extreme specifications:
The SX800, the first to be launched in this initiative, is a long-range surveillance camera with 40x optical zoom to cover the focal length range from 20mm to 800mm. When combined with the digital zoom of up to 1.25x, the camera can reach the focal length equivalent to 1000mm in long-range surveillance. This means it can capture the vehicle registration plate on a car at about 1km away. Fujifilm's proprietary image stabilization mechanism accurately controls camera shake without any time lag.
It's easy to imagine how 500-megapixel cameras, or surveillance systems that can zoom in on details a kilometer away, might be abused by governments or companies to carry out new levels of covert surveillance. Moreover, there's no sign yet of any slowdown in the constantly increasing power of digital technology. It's only a matter of time before there are 5-gigapixel cameras, or surveillance systems that can zoom in on details ten kilometers away.As well as producing more powerful systems at the top end of the market, Moore's Law and its equivalents mean that yesterday's leading-edge technology often becomes something found routinely on tomorrow's smartphones. Here's further evidence of that trend:
Samsung Electronics, a world leader in advanced semiconductor technology, today introduced 108 megapixel (Mp) Samsung ISOCELL Bright HMX, the first mobile image sensor in the industry to go beyond 100 million pixels.
The 108-megapixel component was jointly developed with the Chinese company Xiaomi, which said: "We are very pleased that picture resolutions previously available only in a few top-tier DSLR cameras can now be designed into smartphones." Smartphones with 100-megapixel cameras is an exciting prospect, but also one that is bound to bring with it new problems, as Techdirt will doubtless be reporting in due course.Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 01-Oct-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



October 2019
Sun Mon Tue Wed Thu Fri Sat
   
   







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (2)
 - Annoyances  (0)
 - Career_Advice  (1)
 - Domains  (0)
 - Downloads  (4)
 - Ecommerce  (2368)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (1)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (3559)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (1526)
 - Programming  (0)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (536)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (1)
     - Magazines  (0)
     - Online_Articles  (4)
 - Resume_or_CV  (1)
 - Reviews  (1)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (1)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (1)
          - The_Rest  (0)
          - USA  (1)
 - Woodworking  (1)


Archives
 -2019  October  (27)
 -2019  September  (46)
 -2019  August  (52)
 -2019  July  (55)
 -2019  June  (49)
 -2019  May  (49)
 -2019  April  (81)
 -2019  March  (94)
 -2019  February  (91)
 -2019  January  (15)
 -2018  December  (44)
 -2018  November  (43)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com