'Easy' Default Passwords Banned Under UK's PSTI; UK Publishers Pursue Citation Standard
by Grace Dillon on 30th Nov 2021 in News
In today's ExchangeWire news digest: the UK government introduce the PSTI to improve the security of Internet of Things devices; UK publishers back a new protocol designed to resolve instances where their original content has been used without citation; and Jack Dorsey has resigned as Twitter CEO, with CTO Parag Agrawal taking his place.
Heavy fines for easy-to-guess default passwords under UK’s PSTI
A new package of regulations designed to make smart home devices more secure have been introduced by the UK government. The Product Security and Telecommunications Infrastructure (PSTI) Bill will instigate a number of changes, with substantial fines of up to £10m or 4% of gross revenue for non-compliance.
Proposed last year and largely unchanged after a consultation period, the new rules will, amongst other actions, force device providers to give information about security update releases and forbid the use of easy-to-guess default passwords. Of the former, the bill stipulates that device makers must disclose the minimum amount of time needed to action security patches and updates (or state if this information is unavailable) at point-of-sale and beyond, and provide a public point of contact for security researchers. Regarding the latter, the rules state that all passwords set on new devices “need to be unique and not resettable to any universal factory setting.”
The new bill seeks to clamp down on attempted hacks on Internet of Things (IoT) devices, such as smartphones, routers, and speakers, which reportedly reached 1.5 billion in the first six months of 2020. It will apply not only to manufacturers, but to any business that imports tech products into the UK, and will be policed by a regulatory body which will be confirmed once the bill has been passed into law.
UK publishers seek to standardise citation
A collective of UK publishers have given their support to a new protocol that aims to standardise the way that sources are cited online. The framework is centred around an email process which allows registered publishers whose exclusive content has been used without reference to contact those who used it to get them to update the information with a link.
Failure to insert links to sources cuts off a significant proportion of traffic to the original publisher, resulting in a loss of revenue. The protocol, which is being proposed by the trade body the Association of Online Publishers (AOP), seeks to resolve this by providing a single, centralised process for publishers to appeal for their work to be referenced properly.
However, the standard is about more than just remedying the financial impact of missing citations – for some publishers, including Enders Analysis CEO Douglas McCabe, it is “part of a larger narrative about reputable media outlets differentiating themselves from other content production,” and building or restoring trust with readers (per Digiday).
The protocol currently has the support of the members of the AOP’s audience development steering group, as well as that of leading publishers Bauer, Global, and The Sun.
Jack Dorsey steps down as Twitter boss
Jack Dorsey has resigned from Twitter. The social media heavyweight revealed that their founder and now former-CEO will remain on Twitter’s board until his term officially expires at the meeting of stockholders next year.
In a statement, Dorsey, who also founded and serves as CEO of digital payments company Square, said that he decided to step down “because I believe the company is ready to move on from its founders”. The former Twitter boss was ousted in 2008, two years after founding the platform, before returning to the CEO post in 2015. Dorsey’s position came under threat again last year after Paul Singer, founder of key Twitter stakeholder Elliott Management, called on the Square chief to give up one of his CEO positions before the investment firm settled a deal with the social media giant.
Chief technology officer Parag Agrawal has been appointed to take up the reins, a candidate endorsed by Dorsey. With a tenure of over ten years at the company, including four as CTO, Agrawal has been heavily involved in developing the firm’s AI and machine learning strategy and has led initiatives to bring more relevant tweets into users’ timelines. Agrawal was also made responsible for finding a leader for Twitter’s research initiative, Project Bluesky, which sought to codify a set of standards for social media companies.
IoTPublisherRegulationTwitter / XUK
Follow ExchangeWire