Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

3/21/2016
10:00 AM
50%
50%

#SaveSecurity Campaign Protests FBI's iPhone Unlocking Request

Fight for the Future will publicly display and read aloud thousands of comments outside the US District courthouse at Apple vs. FBI hearing on March 22.

Fight for the Future, a digital rights group, is all set to raise voices against what it calls the FBI's attempts to force Apple to weaken iPhone security. The group has launched an online campaign #SaveSecurity to collect comments from people worried about the implication of FBI's request for Apple to unlock the phone belonging to a terror suspect in the San Bernardino shootings.

#SaveSecurity has gained support from tech companies and advocacy groups, including Reddit, Google, Wikimedia, CREDO Mobile, Private Internet Access, Thunderclap, Goldenfrog, the ACLU, and the Freedom of the Press Foundation, along with prominent technology experts Bruce Schneier and Cory Doctorow. 

Advocates will hold a press conference before and immediately after the hearing tomorrow, March 22, outside the courthouse. At the same time, protestors will be demonstrating comments collected from #SaveSecurity campaign through a digital display. 

"It is not only about a single phone, but it is a matter of safety and security for millions of people all over the world," said Evan Greer, campaign director of Fight for the Future. He said the group will be present outside the courthouse to ensure that people's voices are heard, because what the government is demanding will put all in danger.

The Digital Rights Group was also behind 50 rapid response protests outside Apple stores and FBI headquarters last month. For more information on the #SaveSecurity, click here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
3/22/2016 | 12:20:52 PM
Surveillance vs. Privacy
This is the quintessential discussion of security vs. privacy. It seems that at this juncture, at least from what I've seen, the argument is more heavily weighted towards advocating privacy. John Oliver does a good job in my opinion backing that stance as well recently on his show Last Week Tonight.

I would like to see the opposite advocacy made, not for this case because what the FBI is requesting isn't feasible to maintain any shread of privacy, but overall. When does surveillance/security supersede the need for privacy?
AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16317
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerabi...
CVE-2019-16318
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.
CVE-2019-16307
PUBLISHED: 2019-09-14
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKe...
CVE-2019-16294
PUBLISHED: 2019-09-14
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
CVE-2019-16309
PUBLISHED: 2019-09-14
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.