Bipartisan bills before Congress targeting Big Tech
What is it?
Two bills attempting to reduce the power of Internet monopolies are currently being debated in the United States Congress: S. 2992, the American Innovation and Choice Online Act, and S. 2710, the Open App Markets Act.
Both bills are substantial and complex. One of the main intentions of the bills is to open the Apple App store and Google Play to competitors so that those two tech giants have some competition and also to create a way to enforce the new regulations.
What does it mean?
This legislation targets only the most prominent online platforms—namely Apple, Alphabet (Google’s parent company), and Meta (previously Facebook). Note that it’s unclear, based on the definition below, if Microsoft is included.
The bill, in its current form, targets “covered platforms,” which it defines as:
(1)at least 50 million monthly active users (or 100,000 business users);(2) annual market capitalization or U.S. net sales exceeding $550 billion, AND
(3)that serve as a “critical trading partner” for its business users.
The American Innovation and Choice Online Act would give several government agencies, including the FTC and DOJ, antitrust authority over covered platforms and the power to impose fines for breaking the new regulations.
Also read: Stay ahead of cyber-attacks with a software bill of materials (SBOM)
NIST announces first quantum computing resistant cryptographic algorithms
What is it?
NIST has announced four new quantum computer-resistant cryptography algorithms. Quantum computing, while still in its infancy, could one day make current encryption methods meaningless. Companies utilizing cryptography—like banks, governments, and hospitals—will want to monitor these algorithms and their implementation closely.
One of the four algorithms, CRYSTALS-Kyber (a nod to Star Wars), will be used for web transactions and secure e-mail. The other three—CRYSTALS-Dilithium (an homage to Star Trek), FALCON, and SPHINCS+—will be used for digital signatures, which are used to verify identities when signing contracts, sending digital money, or accessing secured files.
What does it mean?
Public key cryptography, used to secure most current computer systems, relies on complex math problems—like integer factorization—that even the most powerful supercomputers can’t solve. But quantum computers are designed to tackle complicated problems with hundreds of variables such as protein folding, supply chain traffic, and gene sequencing. As a result, quantum computers have the potential to unravel some of humanity’s most pressing problems. However, with that potential for good also comes the potential for great harm.
Quantum computers could potentially render current cryptography useless, exposing thousands of businesses and critical systems to security breaches. Consequently, these four algorithms rely on math problems that will prove difficult for both classical and quantum computers.
To get involved in developing guidance for migrating to post-quantum cryptography, see NIST’s National Cybersecurity Center of Excellence project page.
Also read: I just met a vuln named Follina
Lockdown mode coming to Apple iOS 16
What is it?
There are several mercenary technology companies, most notably the NSO Group, which sell Zero Day exploits to various governments and terrorist groups around the world for profit. These exploits can break into fully patched and up-to-date iPhones and Android phones—turning what was a secure phone into an instant bugging device with a high-quality microphone and camera that the unsuspecting targets are likely to carry around with them all the time.
In response to this threat, Apple has developed a feature in its latest operating system for its mobile devices that turns on a “lockdown” mode. However, this mode turns off a lot of convenience features on iPhones and iPads. Apple describes the mode as “an extreme, optional protection that should only be used if you may be personally targeted by a highly sophisticated cyber-attack.”
Rest assured, the vast majority of people who use iPhones don’t need the lockdown mode. The people who are the targets for these kinds of attacks from the NSO Group are heads of state, human rights leaders in authoritarian regimes, reporters, and other humanitarian leaders.
What does it mean?
Again, most people who use iPhones don’t need to use lockdown mode. But for folks working in secure areas of government or businesses concerned about corporate espionage, lockdown mode offers a secure way to interact with their phones without compromising security.
Also read: Information privacy and information security: Is there a difference?
Future-proof security technologies from OnX
Navigating the ever-changing world of security technologies can be challenging for the most adept CIOs. The bills circulating in the USA’s Congress could change how we view and download our apps. The new quantum encryption algorithms make plain the future threats of quantum computing. And lockdown mode from Apple shows us just how advanced cyber-attacks from bad actors have become.
OnX Canada‘s history of securing client data can help your company secure its future. Mobile Device Management (MDM) can significantly increase your security today while planning to incorporate quantum encryption tomorrow. We can help you stay ahead of future threats.
Get in touch today to learn how to future-proof your security technology.