Snyk Acquires FossID

FossID is a software composition analysis tool that scans code for open source licenses and vulnerabilities. It is the third acquisition by Snyk in the past 6 months.

FossID, a software composition analysis tool that scans code for open source licenses and vulnerabilities

Source: Snyk Acquires FossID to Accelerate Worldwide Developer-First Security Adoption | Snyk

Sicherheitsalbtraum: Vernetzte Türklingeln 

Vernetzte Türklingeln: Das Internet der Dinge liefert. Auch zu Weihnachten.

Günstige digitale Videoklingeln weisen schwere Sicherheitslücken wie Authentifizierungsprobleme auf und werden teils schon mit Softwarefehlern geliefert.

Aus dem heise.de Artikel.

Palantir founding member of Gaia-X

Palantir is an US based company specialising in Big Data, with a very particular focus on decision making for governental and corporate situations. The companies products have inspiring names like Gotham or Metropolis and have sparked ethical controversies, when it comes to their usage. In particular these two products provides capabilities to military and police, paving the way to what is referred to predictive policing. The company now is a founding member of Europe’s Gaia-X program, which Evgeny Morozov points out, is not compatible with European data sovereignty ideas.

Snyk closes mega funding round

snyk

Snyk closes mega funding round: the London based company offers open-source services and products for modern security. The company announced the funding round on it’s own blog. The company, founded by Guy Podjarny, grew rapidly since it’s founding in 2015. The product addresses modern security needs for a container driven IT world. With open source and developer first approaches it delivers an approach that hits a nerve. Increasing complexity of software development and dependencies to open-source components drives demand. Dependencies to open-source components are a twofold reality: They allow faster development for any product team. At the same time, they bring a level of complexity that requires additional management. This reality created a market for companies like Snyk, but also WhiteSource or BlackDuck, in the security space, with a special focus on software development.

Snyk helps software-driven organizations find and fix vulnerabilities in open source dependencies and container images.

We are truly humbled to announce the closing of our latest funding round—an investment of $200 million led by Addition—to modernize the security industry.

from the Snyk blog.

The funding round is a Series D. Snyk closes mega funding round: With previous rounds, the company expanded internationally before. This recent funding round let’s expect further rapid growth of the brand and product. The size of the funding sets expectations for the near future pace of growth.

Source: Snyk Closes $200M to Modernize Security Industry | Snyk

Peter Schaar
Peter Schaar beim 30. Chaos Communication Congress in Hamburg, 2013, Bild: Wikipedia / Tobias Klenze / CC-BY-SA 4.0.

Kurze Durchsage von Peter Schaar zur Telefonortung wegen Corona: Handy-Ortung war demzufolge keine Idee der wissenschaftlichen Beratungskommission für die Corona-Pandemie. Es war die gesellschaftliche Situation, die es der Politik ermöglicht hat, einen lang gehegten Wunsch umzusetzen. Peter Schaar war übrigens von 2003 bis 2013 Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI).

Update: Ulrich Kelber, der amtierende Bundesdatenschutzbeauftragte, sieht das wohl ähnlich.

‘We’ve created a privacy industry’

‘We’ve created a privacy industry’ was a statement you could often hear when Europe introduced General Data Protection Regulations (GDPR) and the German implementation DatenSchutz GrundVerOrdnung (DSGVO). Already back in 2016 first predictions arrived, that GDPR will boost European software industry and give them a unique selling point. After the regulation became effective in Europe May 25th 2018(!), after a 2 years transition period, perceived only complaints happened. Affected data controllers and processors cited the difficulties implementing these regulations. A BitKom funded survey even indicates the regulation is hurting the European market.

'We've created a privacy industry'
Panel on Internet Security and Privacy

Now, around 1.5years later, the industry seems to have settled on the regulation and business continues as usual. Subjectively perceived, privacy is indeed still an obstacle to decision makers in the market. Even politicians keep on imploring data to be the new oil, demanding a data driven economy and to weakend the underlying ideas of european data protection acts. Meanwhile, the opportunity has moved along. Californian Start-Ups discovered this niche and turn privacy it into value:

Privacy-focused technology companies are offering a variety of services, from personal data scrubbing to business-focused software meant to help companies comply with the law.

Source: ‘We’ve created a privacy industry’: California law fuels wave of startups

Off Facebook Activity

Off Facebook Activity is a tool, that let’s Facebook users see which sites they used outside of Facebook. The tool is as creepy as you would think it would be. Facebook, through it’s like buttons and other embeds, has sheer unlimited insight into personal browsing behaviour.

Facebook Company Logo
Facebook Company Logo / Wordmark

In an attempt by the company to create more transparency, it discloses how much curiosity in a negative sense is driving the social network in trying to understand their audience. And actually sell this gained knowledge to their customers.

The release of Off Facebook Activity a reminder we are living in an increasingly connected world that is watching us. There is entirely no point for any company to collect this type of data outsire of making us a product.

The Washington Post writes about how creepy and scary this feature is, and even more important, how to work with privacy settings. While the article deals with Facebook internal settings alone, the amout of data transferred to Facebook won’t stop. At this point, you may want to consider personal privacy tools like uMatrix (for Firefox or Chrome). Or, to leverage protection for the entire network, e.g. for your family, Pi-Hole is worth taking a look, too.

via: Washington Post

Privacy in the Platform Economy: In the tracking business, access to the customers desktop was in firm hands of Google and Facebook. Until recently!

SnakeOil promises people security to get them install software that’s capable of eavesdropping ssl and all other access to a computers interaction. Quite obvious to see this is a good source to profile a users behavior. A violation of users privacy for the sake of security. You sure all read the fineprint in the anti virus software, right?

Now apparently, somebody in the SnakeOil industry figured that out. A recent leak disclosed Avast Antivirus leverages their market access to almost hald a billion user profiles and devices to package up this insight. “every search” that promises ‘Every search. Every click. Every buy. On every site.’. Of course the target audience is the same as for marketing- and tracking clients.

Source: vice.

See also:

https://twitter.com/josephfcox/status/1221796061678694401