Please Quit Chrome

Google’s Chrome browser has dominated the planet – both on desktop computers and mobile devices. Furthermore, many other popular web browsers are actually based on the same Google-made Chromium browser engine, including Microsoft Edge and Brave Browser. This gives Google an inordinate amount of influence on web standards, in particular preventing better privacy protections. We need to support privacy-forward alternatives lest they disappear.

In other news: US passes expanded mass surveillance policies instead of curbing them; TikTok ban bill becomes law giving Bytedance a year to sell it; UK’s Investigatory Powers Bill amendment passes; photo-sharing app will use users’ uploaded images to train AI; Health insurers Kaiser and Change Healthcare are hacked; antivirus software service installs malware on user’s systems; FCC fines telecom’s $200M; CISA director pushes for vendor accountability; CISA’s proactive protection programs are making positive impacts; UK becomes first country to enforce strong and strict IoT security requirements; net neutrality is back; Google again delays killing third party cookies.

Article Links

  1. [Electronic Frontier Foundation] U.S. Senate and Biden Administration Shamefully Renew and Expand FISA Section 702, Ushering in a Two Year Expansion of Unconstitutional Mass Surveillance https://www.eff.org/deeplinks/2024/04/us-senate-and-biden-administration-shamefully-renew-and-expand-fisa-section-702-0
  2. [TechCrunch] Biden signs bill that would ban TikTok if ByteDance fails to sell the app https://techcrunch.com/2024/04/24/biden-signs-bill-that-would-ban-tiktok-if-bytedance-fails-to-sell-the-app/
  3. [theregister.com] UK’s Investigatory Powers Bill to become law despite tech world opposition https://www.theregister.com/2024/04/26/investigatory_powers_bill/
  4. [TechCrunch] Photo-sharing community EyeEm will license users photos to train AI if they don’t delete them https://techcrunch.com/2024/04/26/photo-sharing-community-eyeem-will-license-users-photos-to-train-ai-if-they-dont-delete-them/
  5. [TechCrunch] Health insurance giant Kaiser notifies millions of a data breach https://techcrunch.com/2024/04/25/kaiser-permanente-health-plan-millions-data-breach/
  6. [TechCrunch] Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO https://techcrunch.com/2024/04/30/uhg-change-healthcare-ransomware-compromised-credentials-mfa/
  7. [Ars Technica] Hackers infect users of antivirus service that delivered updates over HTTP https://arstechnica.com/security/2024/04/hackers-infect-users-of-antivirus-service-that-delivered-updates-over-http/
  8. [BleepingComputer] FCC fines carriers $200 million for illegally sharing user location https://www.bleepingcomputer.com/news/technology/fcc-fines-carriers-200-million-for-illegally-sharing-user-location/
  9. [cybersecuritydive.com] CISA director pushes for vendor accountability and less emphasis on victims’ errors https://www.cybersecuritydive.com/news/cisa-highlights-vendors-errors/714300/
  10. [therecord.media] More than 800 vulnerabilities resolved through CISA ransomware notification pilot https://therecord.media/vulnerabilities-resolved-through-cisa-pilot
  11. [therecord.media] UK becomes first country to ban default bad passwords on IoT devices https://therecord.media/united-kingdom-bans-defalt-passwords-iot-devices
  12. [WIRED] Net Neutrality Returns to a Very Different Internet https://www.wired.com/story/fcc-net-neutrality-rules-vote/
  13. [Ars Technica] Google delays third-party cookie death again: Now scheduled for 2025 https://arstechnica.com/gadgets/2024/04/google-delays-third-party-cookie-death-again-now-scheduled-for-2025/
  14. Tip of the Week: https://firewallsdontstopdragons.com/its-time-to-quit-chrome/ 

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:01:29: Updates on previous stories
  • 0:02:38: Newsletter DMARC fixed
  • 0:03:34: News preview
  • 0:07:05: U.S. Shamefully Renews and Expands FISA Section 702
  • 0:14:03: Biden signs bill that would ban TikTok if ByteDance fails to sell
  • 0:16:36: UK’s Investigatory Powers Bill to become law
  • 0:20:29: EyeEm will license users photos to train AI if they don’t delete them
  • 0:27:46: Health insurance giant Kaiser notifies millions of a data breach
  • 0:30:42: Change Healthcare hackers broke in using stolen credentials
  • 0:34:42: Hackers infect users of antivirus service that delivered updates over HTTP
  • 0:39:25: FCC fines carriers $200 million for illegally sharing user location
  • 0:42:21: CISA director pushes for vendor accountability and less emphasis on victims’ errors
  • 0:45:27: More than 800 vulnerabilities resolved through CISA ransomware notification pilot
  • 0:48:51: UK becomes first country to ban default bad passwords on IoT devices
  • 0:54:30: Net Neutrality Returns to a Very Different Internet
  • 0:58:12: Google delays third-party cookie death again
  • 1:00:44: Tip of the Week
  • 1:11:31: Looking ahead