Uber admits it breached 57,000,000 accounts, then paid bribed the hackers to cover it up, now they're paying a top ex-NSA lawyer to teach them transparency


Originally published at: https://boingboing.net/2017/11/21/unclear-on-the-concept.html


Somehow this doesn’t really pass the sniff test.


Transparency? Ex-NSA Lawyer? Is it opposite day?


That is quite a statement.


They took $100,000 of company money and gave it to criminals to cover up their incompetence. And somehow Uber’s accountants did not notice this.


I hear that they’re experimenting with self-driving companies.


Can’t make this shit up.
I’m strongly opposed to Uber as such and everything about it - but I can’t deny that Uber’s entertainment value is priceless.


It sounds like Kalanick gave the order. Accounting is probably in a world of shit too for helping with the cover up.


Exactly. It’s the same proposition with VW trying to blame it on a rogue product group. It’s too big, the coverup too elaborate, and too much money exchanged hands between VW and Bosch for it not to be known at the highest levels. We haven’t yet seen how far up it went, but one executive has been arrested already.

Similarly, we may see heads roll, but it could take time.


I was going to say something snarky about Cory’s shallow knowledge of what the NSA does, but on second reading he’s right. That probably is what they are best known for.


Uber says the disgraced employees acted alone when they then paid the hackers who stole the data $100,000 to hush it up.

What does that have to do with anything? If they paid with Uber money, then they were acting on behalf of the company. Lots of companies give trusted employees a lot of autonomy.


I’m sure they did know … and approved. Kalanick would only hire Rugged Individualists like himself for such critical positions, and paying off criminals to protect the image of a Randian tech lord is much better than depending on the mechanisms of “society” (which doesn’t exist anyway).



(╯°□°)╯︵ ┻━┻

Good lord fuck this company.


They do not state whether this lawyer is in any way qualified as a security practitioner

In fairness to the lawyer, it just says the lawyer is going to help “restructure the team”. I’ve worked with a number of lawyers who specialize in the IT/security fields and they often have a very good understanding of the issues. Not enough to call themselves “security practitioners”, but enough that they could probably do a very good job of putting together a team of security practitioners who will provide the real expertise.


This topic was automatically closed after 5 days. New replies are no longer allowed.