European Court of Human Rights Rules Against Weakening Encryption
The European Court of Human Rights (ECHR) issued a landmark ruling that bans governments from forcing companies to weaken end-to-end encryption for mass surveillance purposes. The court held that while authorities can monitor suspects’ communications without undermining wider security, general encryption backdoors present too great a privacy risk.
The decision deals a major blow to controversial EU legislation proposing “client-side scanning” backdoors that would have let police search digital devices for illegal content. Critics argue this chat control plan would have made all European encrypted communications fundamentally insecure. Digital rights groups have hailed the ECHR judgement as an unprecedented win for privacy in the region.
India Moves to Block ProtonMail After Bomb Threat
The Indian government ordered the encrypted email provider ProtonMail to be blocked nationwide after unknown actors used it to email hoax bomb threats to schools in Chennai. While the perpetrators remain at large, authorities moved to restrict access to the Swiss-based service because its end-to-end encryption makes tracing messages impossible.
Digital rights organizations have accused India of overreach by targeting an essential communication tool, not the criminals abusing it. ProtonMail denies any wrongdoing, but is working urgently with Indian officials to get the block rescinded. The case follows earlier local bans on virtual private networks and encrypted messaging apps amid wider government efforts against online anonymity.
source: Indian government moves to ban ProtonMail after bomb threat
SpaceX to De-Orbit 100 Starlink Satellites
SpaceX has proactively announced plans to decommission almost 100 early Starlink internet satellites that have an unspecific design flaw that could cause them to fail later. Although the satellites currently function properly, SpaceX determined there is an increased long-term probability of losing communication or control over them as they age on orbit.
Rather than wait years to see if issues emerge, SpaceX will deliberately deorbit the impacted satellites over the next 6 months before they can contribute to the growing space debris problem. Still, with thousands more Starlink satellites active and awaiting launch, user internet service will be unaffected by the phase out. Experts applaud the voluntary action as responsible stewardship.
source: SpaceX will de-orbit 100 Starlink satellites with unidentified flaw
BMW Data Exposure Highlights Cloud Misconfigurations
Security researchers discovered that automaker BMW inadvertently left an internal cloud data storage bucket configured for public access. The exposed bucket contained highly sensitive credentials, certificates, access tokens, keys related to various BMW IT systems and cloud services.
While BMW quickly privatized the storage bucket once notified of the mistake, security analysts note the company should have also changed the revealed passwords and revoked the leaked credentials. As software increasingly moves to the cloud, simple but dangerous configuration errors like this can lead to huge data leaks. It follows a similar major Mercedes-Benz data exposure last month.
source: BMW security lapse exposed sensitive company information, researcher finds