Dozens of Right to Repair bills were introduced across the USA last year, only to be defeated by hardcore lobbying led by Apple and backed by a rogue's gallery of giant manufacturers of every description; one of the most effective anti-repair tactics is to spread FUD about the supposed security risks of independent repairs.
Enter Securerepairs.org, a new nonprofit founded by Paul Roberts, whose experts (including "Harvard University’s Bruce Schneier, bug bounty expert Katie Moussouris, and ACLU technologist Jon Callas") will attend Right to Repair hearings to counter this industry bullshit and explain how "Fixable stuff is secure stuff."
Securepairs.org believes instead in the notion that there’s no such thing as security through obscurity; a robust system will still be secure even if people know how it works. Releasing repair manuals and spare parts shouldn’t undermine an already sound smartphone. The group even takes the idea one step further, arguing that right to repair laws would make devices more safe, by allowing consumers to quickly replace failing parts or update buggy software. For example, John Deere tractors can often only be updated by licensed technicians. Farmers who can't afford to wait have resorted to hacking into their tractors with black market firmware, a far less safe option than, say, using diagnostic tools John Deere could release itself.
Security Experts Unite Over the Right to Repair [Louise Matsakis/Wired]
“Researchers conclude that Zoom uses non-industry-standard cryptographic techniques with identifiable weaknesses and is not suitable for sensitive communications.”
The suddenly popular videoconferencing app Zoom has issued a patch for a vulnerability in its Windows client that allowed attackers to steal the user’s Windows login credentials from malicious chat links. Hi @zoom_us & @NCSC – here is an example of exploiting the Zoom Windows client using UNC path injection to expose credentials for use […]
Everyone is using Zoom for everything from pandemic family gatherings to A.A. meetings to therapy sessions to teaching college classes, but the app has newly revealed and very concerning security vulnerabilities. The contents of thousands of video calls made on the app Zoom were exposed on the open web, and easily available via common web […]
If you’ve never heard of WooCommerce, it’s essential the way small businesses operate in WordPress, the world’s most popular web content management system. With WooCommerce, web entrepreneurs can set up and run an e-commerce store, selling products, accepting payments and safeguarding privacy for both buyers and sellers. As the engine behind 35 percent of all […]
Can’t sit still during the pandemic? You’re not alone. Many folks are using their social distancing time to decompress and zone out on Tiger King, some even pushing back against the idea of being productive. But plenty of others find themselves bored, restless, and in need of projects and goals, somewhere to direct their energy. […]
Even if you don’t miss much else about the office right now, there’s a good chance your home laptop is making you nostalgic for the added efficiency of that pair of monitors on your desk at work to spread out your workflow. There’s no telling how long the new normal may continue to be the […]