This article is more than 1 year old

Google's home security package flies the Nest, Chocolate Factory pledges software support – for now

Plus: Immigration lawyers for Mountain View breached, SonarQube hack worse than thought, and more

In brief Bad news for those who have bought into the Nest Secure home surveillance system – Google has surprised many by halting further deployments.

The Secure package consists of motion sensors for doors and windows that communicate with the Hub, a modern-day version of the traditional home alarm keypad but with NFC Tag key fobs and smartphone alerts. The Register thought it was a pretty good system, but it's now deader than corduroy flares with satin lining, although it is still being supported.

"We sold out of Nest Secure and won't be making the full system available for sale any longer," the Chocolate Factory said on a support page.

"We are committed to bringing our users the same feature and software support they've always had with Nest Secure, including existing cross-product integrations within the Nest ecosystem. We will also continue to deliver critical security updates and software fixes."

The key question there is for how long? Google is notorious for not supporting Chromebooks and smartphones longer than three years. If you've spent hundreds of dollars rigging your house up with the kit, some certainty would be nice.

No more Nest Secure starter kits are being sold but Google promised "more Nest Detect sensors available for sale in mid-December" if you want the Betamax of home security systems.

Google's immigration lawyers hacked

The US firm of Fragomen, Del Rey, Bernsen & Loewy getting hacked might seem like a run-of-the-mill security breach, but it has raised red flags because the legal biz happens to do Google's immigration work.

The Chocolate Factory is a firm believer in hiring the best talent from around the world and so it was somewhat unfortunate for the outfit to confirm [PDF] that its servers had been illegally accessed by an unknown "third party" and the I-9 employment eligibility verification forms of Google staff past and present compromised.

The I-9 form is packed full of all the lovely information identity thieves love. However, the legal eagles didn't give any more details on the type of data lost or the number of records accessed.

SonarQube hack may be much worse than first thought

The FBI has admitted that it and other US government agencies lost source code thanks to poorly secured SonarQube use.

In August, potentially damaging source was leaked online after users of the code-checking platform were found to have left data exposed. The leaker, Swiss computer consultant Tillie Kottmann, told The Reg that it came from platforms that either didn't have the built-in authentication mechanisms turned on or were otherwise misconfigured.

A leaked TLP: WHITE briefing, an FBI service to national corporate security teams, warned that Intel wasn't the only organization to get hit in the code leak. SonarQube customers beware – code fixing can bear unpleasant gifts.

Russian Fancy Bear hackers going after think tanks – report

The Fancy Bear hacking crew, six of whom were indicted earlier this month on hacking charges, have been accused of probing political organizations in the run-up to the US elections on November 3.

Reuters reports Microsoft has warned the US government that the ursine undercover security undoers have been active at the Center for American Progress, the Council on Foreign Relations, and the Washington-based Carnegie Endowment for International Peace.

This may be why Redmond is so keen for the Netlogon patch to be installed so quickly. It's one of the top flaws the NSA is warning about, so get busy. ®

More about


Send us news

Other stories you might like