Yazılar

Senator Wyden Urges FTC Probe Into Microsoft Over Cybersecurity Failures

/in /tarafından

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to investigate Microsoft for what he described as “gross cybersecurity negligence” that he says poses an ongoing threat to U.S. national security.

In a September 10 letter to FTC Chairman Andrew Ferguson, Wyden accused Microsoft of creating vulnerabilities that have led to ransomware attacks on critical infrastructure, including health care organizations. He argued that Microsoft’s default Windows configurations and continued support for outdated encryption standards have left customers exposed.

Wyden compared the company to “an arsonist selling firefighting services,” saying its dominance in enterprise IT leaves agencies and firms with “no choice” but to use its products despite the risks.

The Ascension Case

Wyden highlighted the May 2024 ransomware attack on Ascension, a major U.S. hospital operator, as a prime example. Hackers reportedly exploited a contractor’s laptop after a malicious link appeared through Microsoft’s Bing search engine, eventually breaching Ascension’s Active Directory server and exposing the data of 5.6 million people.

Wyden said Microsoft’s default encryption settings — particularly support for the outdated RC4 standard — facilitated the attack.

Microsoft’s Response

Microsoft acknowledged that RC4 is insecure but stressed it makes up “less than 0.1% of traffic.” The company said it discourages use of RC4 but cannot yet fully disable it because “disabling its use completely would break many customer systems.”

The company pledged to disable RC4 by default in certain Windows products starting Q1 2026 and to roll out additional mitigations.

Broader Context

Wyden has repeatedly urged scrutiny of Microsoft’s role in cyber incidents, including the July 2023 breach by Chinese-linked hackers who stole thousands of U.S. officials’ emails.

The FTC confirmed receipt of Wyden’s letter but offered no further comment.

The senator’s push comes amid broader concerns that the monopoly-like grip of Microsoft on enterprise IT both amplifies security risks and limits customers’ ability to choose safer alternatives.

U.S. Senators Demand Meta Probe Over AI Chatbot Policies

/in /tarafından

Two Republican U.S. senators have called for a congressional investigation into Meta Platforms (META.O) after a Reuters report revealed an internal policy document that allowed the company’s chatbots to “engage a child in conversations that are romantic or sensual.” Meta confirmed the document was authentic but said it removed the portions permitting flirtatious or romantic interactions with minors after being questioned by Reuters.

Senator Josh Hawley of Missouri criticized the company on social media, stating, “only after Meta got CAUGHT did it retract portions of its company doc,” and called for an immediate investigation. Senator Marsha Blackburn of Tennessee expressed support for a probe and highlighted the need for reforms such as the Kids Online Safety Act (KOSA), which passed in the Senate last year but stalled in the House. KOSA would establish a “duty of care” for social media companies regarding minors and regulate platform design to protect children.

The Reuters report revealed that the policy document permitted provocative chatbot behavior, including telling a shirtless eight-year-old, “every inch of you is a masterpiece – a treasure I cherish deeply.” Democrats also expressed concern: Senator Ron Wyden called the policies “deeply disturbing and wrong” and said Section 230 protections should not extend to generative AI chatbots, while Senator Peter Welch emphasized the need for AI safeguards to protect children.

With no comprehensive federal AI regulations yet in place, several U.S. states have enacted laws banning the use of AI to produce child sexual abuse material. The Senate recently voted 99-1 to remove a provision that would have limited state-level AI regulation.