Authorities can't force people to unlock their biometrically secured phones or other devices, ruled a federal judge in California. "The Government may not compel or otherwise utilize fingers, thumbs, facial recognition, optical/iris, or any other biometric feature to unlock electronic devices," Magistrate Judge Kandis A. Westmore wrote. Passcodes already are protected by the Fifth Amendment.

A new year means a fresh start, but it doesn't mean that old threats will go away. In fact, in the world of cybersecurity things could get far worse before they get better. Cybercrime continues to increase, as it allows nefarious actors to operate at a safe distance from victims -- and more importantly, law enforcement. Cybercrime often doesn't get the same attention as other types of crimes.

E-commerce fraud is an ongoing problem for online merchants and credit card companies. It has been growing at twice the rate of e-commerce sales. Identity theft traditionally has been one of the most common sources of e-commerce fraud, but online merchants increasingly have been suffering more from chargeback fraud, which requires them to absorb the costs of disputed credit card transactions.

BlackBerry this week introduced its new Security Credential Management System. SCMS -- a free service for the public and private sectors -- could encourage efforts to develop autonomous and connected vehicle pilot programs. BlackBerry undertook development of this technology to provide the critical infrastructure for vehicles and traffic lights to exchange information securely.

Supermicro CEO Charles Liang has informed the company's customers that a leading third-party investigations company found "absolutely no evidence of malicious hardware" on its motherboards. The investigation was undertaken in response to a recent claim that bad actors had inserted spy chips in the firm's motherboards on behalf of the Chinese People's Liberation Army.

Google is not working on a bespoke search engine that caters to China's totalitarian tastes, and it has no plans to develop one, CEO Sundar Pichai told lawmakers on Capitol Hill. "Right now, we have no plans to launch in China," he told members of the U.S. House Judiciary Committee at a public hearing on Google's data collection, use and filtering practices.

Selling location data collected by mobile phones has become a lucrative business, according to a report that noted location advertising sales are expected to reach $21 billion this year. At least 75 companies receive anonymous, precise location data from applications with the location services feature activated. Several of those outfits claim to track 200 million mobile devices in the U.S.

Google hasn't released consumers from its filter bubble -- the package of personalized search results it delivers -- despite having promised to do so, according to study results from DuckDuckGo. Most participants saw results unique to them, the researchers found, which could not be explained by changes in location, time, by being logged into Google, or by Google testing algorithm changes.

The personal data of some 100 million people who have used Quora, a popular question and answer website, has been compromised, the company disclosed. "We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party," wrote Quora CEO Adam D'Angelo in an online post. "We are working rapidly to investigate the situation."

With the holidays fast approaching, are you looking to buy presents online? The holiday season has become synonymous with online shopping. This isn't really surprising as physical stores usually attract crowds of deal hunters. This often conjures up images of throngs of people waiting in line outside the store, some even camping out. This activity is tolerable for some and even fun for others.

The DoJ has revealed an unsealed indictment of eight defendants for crimes related to their involvement in widespread digital advertising fraud. The DoJ alleges the eight individuals were behind two global schemes, 3ve and Methbot, which stole tens of millions of dollars through a scam that used fake Web traffic and fake websites to reap ad view revenue from unwitting advertisers.

I'm a longtime Jaguar fan. I've owned a ton of them over the years, and I've had both good and bad experiences with the cars. Currently I own two -- a 1970 XKE and a 2014 F-Type -- and they are about to get a sibling. I've ordered a new Jaguar I-Pace, which is the first legitimate challenger to Tesla, which surprised the automotive industry much like Apple surprised the mobile phone industry.

The Mozilla Foundation is expanding a campaign begun last year to help consumers buy safe, secure connected toys and mobile gadgets this holiday season. Mozilla's 2018 edition Privacy Not Included buyers' guide offers an assessment of the privacy and security qualities of 70 products, ranging from connected teddy bears and smart speakers to game consoles and smart home gadgets.

Cybersecurity has been becoming a larger and larger concern for organizations. Nowadays, most organizations -- regardless of size, industry, location, or profit vs. nonprofit status -- find themselves directly or indirectly impacted by cybersecurity. Even though the topic itself is increasing in importance, many smaller organizations don't have specialized security expertise on staff.

An apparent prefix leak from an errant router misconfiguration caused Google to lose control of several million of its IP addresses for more than an hour on Monday. During the event, Internet traffic was misrouted to China and Russia from Nigeria. The incident initially sparked concerns that it might have been a hijacking. The mishap made Google services unavailable to many users intermittently.

Hackers planted malware on StatCounter to steal bitcoin revenue from Gate.io account holders, according to Eset researcher Matthieu Faou, who discovered the breach. The malicious code was added to StatCounter's site-tracking script last weekend, he reported. The malicious code hijacks any bitcoin transactions made through the Web interface of the Gate.io cryptocurrency exchange.

Do you take your online privacy seriously? Most people don't. They have an ideal scenario of just how private their online activities should be, but they rarely do anything to actually achieve it. The problem is that bad actors know and rely on this fact, and that's why there's been a steady rise in identity theft cases from 2013 to 2017, often resulting in loss of reputation or financial woes.

We rely on our phones to process and store reams of personal digital data. Our digital activities -- from checking bank balances to paying for a product with a tap of the screen, to sending friends and family messages over social media, to accessing work emails remotely -- have turned our phones into a goldmine of personal information. How secure is your mobile device?

Tomorrow a minority of those who are eligible will take time off, drive through traffic, and wait in lines to take part in one of the most artificially annoying obligations of United States citizenship: voting. Many who make that inconvenient trek will treat the process like a multiple choice test they haven't studied for, either voting the party line or guessing at the right answers.

We made it. The holiday shopping season is here once again! This is a great opportunity for you as an e-commerce retailer. If you're like many other merchants out there, the run-up to Christmas is one of the most profitable, and busiest, times of the year. You may need some extra help to handle the surge in traffic and maximize your return. That means hiring seasonal employees.

Theresa Payton, CEO of Fortalice Solutions, is one of the most influential experts on cybersecurity and IT strategy in the United States. She is an authority on Internet security, data breaches and fraud mitigation. She served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff.

Markets grow at the margins. This bit of sage advice was given to me at the start of my analyst career, and it has kept me in good nick for nearly two decades. Of course the focus has drifted over time but that's the point: The CRM market has evolved, and the job of an analyst is to make sense of the evolution. Oracle OpenWorld 2018 held in San Francisco this week is a laboratory for the margin.

When we write the history of the IT era, the big factor that has played an important but not well recognized role will be hardware -- specifically, the Oracle Exadata appliance that puts databases into memory. All of the cloud software starting with the autonomous database on view this week at OpenWorld would be vastly different if the database was still running primarily on disk drives.

Independent software vendors, along with Internet of Things and cloud vendors, are involved in a market transformation that is making them look more alike. The similarities are evident in the way they approach software security initiatives, according to a report from Synopsys. Synopsys has released its ninth annual Building Security in Maturity Model, or BSIMM9.

As if e-commerce companies didn't have enough problems with transacting securely and defending against things like fraud, another avalanche of security problems -- like cryptojacking, the act of illegally mining cryptocurrency on your end servers -- has begun. We've also seen a rise in digital credit card skimming attacks against popular e-commerce software such as Magento.

Every child who's ever played a board game understands that the act of rolling dice yields an unpredictable result. In fact, that's why children's board games use dice in the first place: to ensure a random outcome that is -- from a macro point of view -- about the same likelihood each time the die is thrown. Consider what would happen if someone replaced the board game's dice with weighted dice.

The EU has been stretching its wings. In the shadow of Brexit, it apparently has decided it has the real enemy of the people in its sights: social media companies and Google. France is even more aggressive, suggesting that the EU's "right to be forgotten" law should apply worldwide. Given that it actually does fall within the legitimate purview of government, it is hard not to agree.

There is a well-known joke among security professionals: Q: "What does IoT stand for?" A: "Internet of Threats." Sadly, this joke is our reality. An estimated 20.4 billion Internet of Things devices will be deployed by 2020, according to Gartner, in what some have dubbed "the fourth industrial revolution." These connected devices are being manufactured to streamline everything we do.

Google took on French lawyers at the European Union Court of Justice this week, in an effort to fend off expansion of the EU's "right to be forgotten" judgment. The EU's attempts to broaden the scope of that judgment would be "completely unenvisagable," and it could result in impositions on the values of different countries around the world, Google argued.

Widespread use of unpatched open source code in the most popular Android apps distributed by Google Play has caused significant security vulnerabilities, suggests an American Consumer Institute report. Thirty-two percent -- or 105 apps out of 330 of the most popular apps in 16 categories sampled -- averaged 19 vulnerabilities per app, according to the report. Researchers found critical vulnerabilities in many common applications.