Weekend Reads 050219

To say that Kubernetes provides no security features would be wrong. Kubernetes provides some functionality designed to help secure a containerized application. But it would be equally wrong to call Kubernetes a container security tool. Kubernetes’s ability to secure containers is strictly limited. —Sonya Koptyev

There is no denying the impact of the European Union General Data Protection Regulation (GDPR), which went into effect on May 25, 2018. We were all witness — or victim — to the flurry of updated privacy policy emails and cookie consent banners that descended upon us. It was such a zeitgeist moment that “we’ve updated our privacy policy” became a punchline. —Daniel Barber

One of the fascinating parts of my job is seeing how different groups in email have radically disparate points of view. A current example is how much value senders put on spamtraps compared to ISPs and filtering companies —Laura Atkins

I loosely define capability decay as things that happen when security teams go backwards, and the specific ways — the decay modes — in which this may happen (this is my inner physicist speaking). —Hinne Hettema

On April 12 the FCC issued a new Notice for Proposed Rulemaking in Docket 19-71 that will use 5G as the justification for another giveaway to the wireless carriers. —Doug Dawson

A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. —Swati Khandelwal

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores. —Krebs

Two western academics have examined the issue of Huawei’s true ownership in an unclassified analysis paper “Who Owns Huawei,” which was obtained by the Washington Free Beacon. —Reuben F. Johnson