The Latest in IT Security

Companies like Google and Facebook got the news early, and were already patched when Monday’s news broke, while others, like Amazon and Yahoo, were left scrambling to protect themselves. How did Facebook find out while Yahoo was left out of the loop? Antitrust laws do not stand in the way. From a certain angle, it seems like picking favorites — so much so that the FTC issued a statement this morning making it clear that antitrust laws do not stand in the way of legitimate sharing of cybersecurity threat information. But there’s a complicated etiquette for sharing this information within the in the industry, generally known as responsible disclosure. The idea is to share bugs among service providers before the exploits become public knowledge, which means separating out the good guys from the bad guys.