Risk

1/28/2008
11:33 AM
Tom LaSusa
Tom LaSusa
Commentary
50%
50%

Happy Data Privacy Day!

We're less than a week away from finding out whether Punxsutawney Phil predicts six more weeks of winter. While we wait for him to make his annual weather forecast, we've got time to squeeze in another holiday. You may not be as familiar with this one -- there's no parades, gift-giving or time off from work. Frankly, it's a shame we have to acknowledge it at all. But it's a testament of the kind of world we live in. Today is Data Privacy Day.

We're less than a week away from finding out whether Punxsutawney Phil predicts six more weeks of winter. While we wait for him to make his annual weather forecast, we've got time to squeeze in another holiday. You may not be as familiar with this one -- there's no parades, gift-giving or time off from work. Frankly, it's a shame we have to acknowledge it at all. But it's a testament of the kind of world we live in. Today is Data Privacy Day.Don't feel bad if it doesn't ring a bell -- you didn't miss the greeting cards between the Valentines and St. Patrick's Day cards. First observed last year in Europe, the event was designed to encourage IT professionals and regular folks alike to become more aware of data protection and what can done to protect it. This year, the United States and Canada have joined 27 European countries to acknowledge the day. All are encouraged to spend some time today (and during the next few days) thinking about data security -- both on a personal and professional level.

Google appears to have taken the lead charge on the celebrations by participating in an international data privacy conference at Duke University in North Carolina. In addition, the company has co-sponsored the creation of educational materials on teen online privacy for parents and educators and offering it to schools country-wide. There's videos to watch on YouTube and privacy booklets being offered. Microsoft, IBM, and others are participating as well, trying to get the word out on how seriously we should be taking data privacy issues.

This is a great idea, but like I said earlier -- it's tragic that we even have to create and recognize a day like this at all. Considering, though, how badly (and I mean God-awful badly) various companies and government branches handled and protected data last year -- it seems like every day should be Data Privacy Day. Every day we should do one thing to remind us that someone is out there, waiting for the right opportunity to steal customer information. Every day one of our co-workers absent-mindedly puts his or her laptop bad down at an airport and walks away. But if it takes an officially recognized day to encourage everyone to try just a little bit harder to be more diligent, then I'll be the first one to pitch some greeting card ideas to Hallmark.

Roses are Red, Violets are Blue, I encrypted all my files, Did You?

Tell us how you could commit to celebrating Data Privacy Day today. It doesn't matter how big or small. Maybe you'll talk to an aging parent about being more careful with giving out their personal information. How about a quick meeting with your staff on security protocols (locking laptops, password protection, etc).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.