Top infosec trends in the social media spotlight this week

Following last week’s news that Twitter was urging its 330 million users to change their passwords after site admins discovered a bug that stored passwords in plain text, it seems the social media site’s proactive approach to data stewardship is being mirrored by Nest, the Google-owned IoT security camera specialist.

A recent blog post by Jeff Wilbur, director of the Internet Society’s Online Trust Alliance, provides details of an email alert sent by Nest to one of his colleagues, encouraging him to update their password and enable two-factor authentication.

Although Wilbur said it’s still not clear exactly how Nest determined that the password had been compromised, the director commended the IoT manufacturer’s actions.

“It appears Nest proactively compared their customers’ passwords to a list of known compromised passwords and sent an alert, even going so far as to suggest that the account might be disabled if the password is not changed,” he stated.

“By following Nest’s lead – conducting proactive password hygiene and utilizing multi-factor authentication – we can all limit ongoing damage caused by passwords compromised in breaches.”

Whilst on the subject of passwords, things didn’t fare so well for Nutella’s PR team this week, after the hazelnut hoarder came forth with some decidedly poor advice:

Unsurprisingly, those in the security community were quick to squash the idea of using ‘Nutella’ as a password:

In government news, the National Security Agency (NSA) and US Cyber Command have cut the ribbon on a new $500 million operations center.

The Integrated Cyber Center (ICC) is one of the first buildings to be completed as part of the NSA and US Cyber Command’s new East Campus at Fort Meade, Maryland.

Scheduled for completion in 2028, the campus will include six buildings and house more than 20,000 personnel.

The opening of the ICC came as the Office of the Director of National Intelligence (ODNI) released its 2017 Statistical Transparency Report.

Among the sea of data included in the report, it was revealed that the NSA collected more than 534 million phone call and text messages records from US telcos last year – up on 151 million records in 2016.

While the ODNI said the 2017 statistics include duplicate records (such as multiple calls made to or from the same phone), Robyn Greene, policy counsel at the non-profit Open Technology Institute, said the intelligence community “hasn’t really provided any additional information” about why there is so much more data being collected.

“It’s terribly concerning because it raises the question of whether or not the program is being conducted in a manner that comports with the spirit of what Congress intended,” Greene said during a podcast earlier this week.

And finally, Tim Cook took to Twitter over the weekend to celebrate the 20th anniversary of the iMac.

Steve Jobs introduced the translucent, all-in-one computer on May 6, 1998, and although Apple certainly hasn’t been immune to security issues over the past two decades, it would be hard to deny the iMac’s legacy – not only for Apple as a company, but for computer design as a whole.

Taking stock of the iMac’s influence over the past 20 years, Jason Snell – former features editor at Macworld – tipped his hat to Steve Jobs’ brainchild, while Mac Rumors jumped on board to explain how the device’s launch became a defining moment in Apple’s storied history.