This past month in cybersecurity:
- What the FLoC, Google? How Google is Developing New and Exciting Ways To Track You
- Apple Introduces AirTags
- Coinbase Went Public
- AT&T Launches New Managed Endpoint
- Biden Administration’s Cybersecurity Roadmap
Tracking cookies are on the decline, partly because many browsers now block third-party cookies by default. In response, Google is developing a new way to track users called Federated Learning of Cohorts (FLoC). Instead of using cookies, Google is building FLoC tracking capabilities into the Chrome browser itself and is already trying it out on about 0.5% of its users.
FLoC effectively works by lumping groups of users Google considers similar into buckets called “Cohorts”. Then advertisers can target these groups with ads. Google claims this protects privacy because individual users in the cohort remain anonymous; however, the EFF (Electronic Frontier Foundation), Mozilla, Brave, and many other companies aren’t buying it, citing several issues with Google’s privacy claims (https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea).
The question we should be asking is “How can we stop companies tracking users on the Internet?” not “How can we come up with new ways to track people?”.
Apple recently released a new product called AirTags, which allows users to track the physical location of just about anything. AirTags are small, disc-shaped devices and can be attached to keys, backpacks, laptops, and anything else you don’t want to lose. They use Bluetooth in coordination with everyone on the planets’ iPhones to keep track of where they go. This is an extremely powerful technology and is a great way to keep track of things you don’t want to lose, considering the supporting network of more than 1 billion people who use iPhones.
Naturally, there are several privacy concerns, like 1) using other people’s iPhones to constantly report the location of other AirTags locations and 2) how a stalker or abuser might use an AirTag to track a victim’s location.
The first problem is addressed by using encrypted data and rotating keys so that theoretically, not even Apple could track your AirTags location. The second problem is addressed by features Apple has included to prevent stalking, including alerting victim’s if an AirTag is planted on them.
The jury is still out on how secure these devices are. There have already been some reports of the “stalker” feature taking multiple days to kick in.
The popular cryptocurrency company, Coinbase, went public this past month, trading at $381 per share. Coinbase allows users to buy, trade, and sell various cryptocurrencies. One of its main selling points is its ease of use which is a sticking point for many exchanges.
Such a large crypto exchange going public brings more attention and legitimacy to cryptocurrency holding and trading.
AT&T has launched an endpoint security solution with SentinelOne that aims to secure desktops, laptops, servers, and other company assets on the perimeter of the network. This solution aims to provide intelligent security monitoring to companies that are currently overrun trying to keep up with the vast number of alerts and logs flooding security analysts every day.
The new secretary at the Department of Homeland security gave a speech emphasizing a “vision and roadmap” for the department’s cybersecurity efforts. Some of the main talking points included:
- How important it is for the government to modernize its technology
- Investing in security innovations “inside and outside of government”
- Enabling CISA to assist government at all levels
- Addressing cybersecurity in maritime and transportation systems
- A risk-based approach to cybersecurity, prioritizing improving security in high-risk areas
Thanks for reading! We’ll be back next month with a quick roundup of topics we found interesting.
Did we miss a super important story? Let us know! We’ll do better next time.