Summary:
Adi Shamir, the "S" in "RSA", looks forward to attending the annual RSA conference each year in San Francisco. This year he did not hear anything about his visa applicaiton, so he could not travel from Israel to California to appear in person. He did address the conference via Skype, and he suggested that if researchers could not travel to the US, then events should be held elsewhere. There was widespread speculation about the visa situation. Some people suspected that the US government shutdown had created a large backlog of paperwork. One said that it appeared that "no one is is in charge."

Summary:
Modern hard drives are magnificent pieces of machinery with precision engineering. One group of researchers wondered if the drives might be multi-purpose. Perhaps the delicate electronics could sense more than just the data on the drive. Could ambient sound waves deflect the read heads enough to serve as a sound sensor? The answer, surprisingly, is yes. Although the drive heads do not respond well enough to serve as a reliable microphone, they definitely respond to loud sounds, and that is detectable using extended features of the drive's firmware. Speak softly.

Summary:
An app that was installed on a batch of Nokia phones had a disturbing and unadvertised feature: it sent data about the phone usage to a server in China. All parties involved insist it was an innocent error. [Ed. And it won't happen again (until the next time).]

Summary:
Net neutrality is a policy that the FCC ended last year, after soliciting, and then apparently ignoring, public comments. The FCC maintained that millions of the comments were from fake accounts. A journalist requested the data from the FCC website that allegedly substantiated the claim, but the FCC was not forthcoming. A lawsuit was filed to force the revelation of the data, and a court granted a partial victory to the litigant.

Summary:
Despite the widespread availablity of technology for storing passwords securely, Facebook engineers decided that there was no need to protect passwords inside the company's network enclave. This left the passwords visible to thousands of Facebook employees over a period of many years.

Summary:
There are many people alive today because they carry implanted medical devices in their bodies. The devices have computers and wireless communication capabilities. Unsurprisingly, if they are devoid of standard security protections, they are completely hackable. The Conexus Radio Frequency Telemetry Protocol, which is Medtronic's proprietary means for the monitors to wirelessly connect to implanted devices, has a "raft" of security weaknesses that leave them open to everything from privacy violations to complete reprogramming by anyone within wireless range. Medtronic emphasizes that no device has ever actually been hacked, and that they are responding to US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency' advisory https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01 with all due speed.