Monday, March 19, 2018

The opposite of Artificial Intelligence is Normal Stupidity but why design it into a device? Something for my Software Architecture class.
People are accidentally setting off Apple’s Emergency SOS alert
If you sleep on your Apple Watch the wrong way, you might get a wake-up call from the police. That’s what happened to Jason Rowley, who tweeted about the incident earlier this week. Using his watch as a sleep tracker, he ended up holding down the crown button to trigger an emergency call to the police, who showed up in his bedroom at 1AM. Rowley told us the police were friendly and helpful, and accustomed to WatchOS misdials like this one.
If you scan through Twitter, you’ll find a surprising number of stories like Rowley’s. It’s a problem for iPhones too, since the same alert can be triggered through the side button. (One Verge staffer triggered an alert after mistaking the power button for the volume controls.) In each case, you’ll get a blaring countdown and have three to five seconds to turn it off before your device calls 911 and texts any emergency contacts you’ve set up.
… The exact sequence of buttons varies from device to device. A Watch will slip into an alert just from holding down the crown button long enough, which seems to be a particular danger if you wear it to sleep. If you’re running the latest iOS on an iPhone 7 or older, you trigger an SOS by tapping the side button five times (apparently a common practice for fidgeters), and more recent iPhones will start the countdown just from holding the button.
Of course, you can fix some of this by turning off Autocall in Settings > Emergency SOS, which will add an extra slider step. But it’s easy to see why you might not want to. Maybe a few accidental 911 calls isn’t so bad compared to the risk of an actual emergency?

It may be out there, so we have to search?
Sidney Fussell reports:
Google was served at least four sweeping search warrants by Raleigh, North Carolina police last year, requesting anonymized location data on all users within areas surrounding crime scenes. In one case, Raleigh police requested information on all Google accounts within 17 acres [??? Bob] of a murder, overlapping residences, and businesses. Google did not confirm or deny whether it handed over the requested data to police.
WRAL reporter Tyler Dukes found four investigations in 2017 where police issued these uniquely extensive warrants: two murder cases, one sexual battery case, and an arson case that destroyed two apartment complexes and displaced 41 people.
Read more on Gizmodo.
[From Gizmondo:
Instead of finding a suspect, and then searching that person’s data, police are searching enormous amounts of data to pinpoint a potential suspect.
… Police in each case were requesting account identifiers, an anonymized string of numbers unique to each device, and time-stamped location coordinates for every device. Police wanted to review this information, narrow down their list, [How? Bob] and then request user names, birth dates, and other identifying information regarding the phones’ owners. This information doesn’t reveal actual text messages or phone call logs. For that information, police would have to go through a separate warrant process.
Disturbingly, if Google has handed over data, it could be under court order not to notify individual users.

I don’t own a phone. Probably makes me a suspect.
Eva Fedderly reports:
A divided 11th Circuit on Thursday upheld the conviction of a Florida man stemming from a warrantless search of his cellphone, holding that such searches do not violate the Fourth Amendment.
The appellant in the case, Hernando Javier Vergara, was returning home to Tampa, Florida following a cruise to Cozumel, Mexico, when he was subjected to a search of luggage by a Customs and Border Protection officer.
Read more on Courthouse News.

Could this happen here?
Reuters reports:
China said it will begin applying its so-called social credit system to flights and trains and stop people who have committed misdeeds from taking such transport for up to a year.
Read more on Reuters.
And now do you wonder whether too many people are too quick to say they have nothing to hide?

For my Computer Security class.
Preventing Business Email Compromise Requires a Human Touch
Human-powered Intelligence Plays a Critical Role in Defending Against Socially Engineered Attacks
The FBI’s Internet Crime Complaint Center (IC3) declared Business Email Compromise (BEC) the “3.1 billion dollar scam” in 2016, an amount which then grew in the span of one year into a “5 billion dollar scam.” Trend Micro now projects those losses in excess of 9 billion dollars.
It’s an understatement to say BEC scams and the resulting damages are on the rise. But with cybersecurity spending across all sectors at an all-time high, how is such an unsophisticated threat still costing otherwise well-secured organizations billions of dollars?
Unlike the numerous types of attacks that incorporate malware, most BEC scams rely solely on social engineering. In fact, its use of trickery, deception, and psychological manipulation rather than malware is largely why BEC continually inflicts such substantial damages. Since most network defense solutions are designed to detect emails containing malware and malicious links, BEC emails often land directly in users’ inboxes. And when this happens, the fate of an attempted BEC scam is in the hands of its recipient.

If it can be done, should my Ethical hackers give it a try? The article gives some tips on how it works…
GrayKey iPhone unlocker poses serious security concerns
… In late 2017, word of a new iPhone unlocker device started to circulate: a device called GrayKey, made by a company named Grayshift. Based in Atlanta, Georgia, Grayshift was founded in 2016, and is a privately-held company with fewer than 50 employees. Little was known publicly about this device—or even whether it was a device or a service—until recently, as the GrayKey website is protected by a portal that screens for law enforcement affiliation.
According to Forbes, the GrayKey iPhone unlocker device is marketed for in-house use at law enforcement offices or labs. This is drastically different from Cellebrite’s overall business model, in that it puts complete control of the process in the hands of law enforcement.
Thanks to an anonymous source, we now know what this mysterious device looks like, and how it works. And while the technology is a good thing for law enforcement, it presents some significant security risks.

Social Media as a targeting tool.
US spy lab hopes to geotag every outdoor photo on social media
Imagine if someone could scan every image on Facebook, Twitter, and Instagram, then instantly determine where each was taken. The ability to combine this location data with information about who appears in those photos—and any social media contacts tied to them—would make it possible for government agencies to quickly track terrorist groups posting propaganda photos. (And, really, just about anyone else.)
That's precisely the goal of Finder, a research program of the Intelligence Advanced Research Projects Agency (IARPA), the Office of the Director of National Intelligence's dedicated research organization.
For many photos taken with smartphones (and with some consumer cameras), geolocation information is saved with the image by default. The location is stored in the Exif (Exchangable Image File Format) data of the photo itself unless geolocation services are turned off. If you have used Apple's iCloud photo store or Google Photos, you've probably created a rich map of your pattern of life through geotagged metadata. However, this location data is pruned off for privacy reasons when images are uploaded to some social media services, and privacy-conscious photographers (particularly those concerned about potential drone strikes) will purposely disable geotagging on their devices and social media accounts.
… The Finder program seeks to fill in the gaps in photo and video geolocation by developing technologies that build on analysts' own geolocation skills, taking in images from diverse, publicly available sources to identify elements of terrain or the visible skyline. In addition to photos, the system will pull its imagery from sources such as commercial satellite and orthogonal imagery. The goal of the program's contractors—Applied Research Associates, BAE Systems, Leidos (the company formerly known as Science Applications Incorporated), and Object Video—is a system that can identify the location of photos or video "in any outdoor terrestrial location."

What Do Saudi Arabia, Iraq, UAE, Egypt, Kazakhstan, Turkmenistan, Nigeria, Burma And Bangladesh Have In Common?
They’ve all bought military UAVs from China. I didn’t realize China had advanced so far in military exports.

Looks like a dogpile on Facebook.
Facebook may have violated FTC privacy deal, say former federal officials, triggering risk of massive fines

Probably all social media will have to have a generalized version of this soon. Easy to see how that capability could be misused.
France’s new cyberhate law will require Facebook and Twitter to remove racist content within 24 hours
As part of an ongoing effort to fight rising racism and anti-Semitism, the French government announced today that it will introduce new legislation requiring digital platforms to more swiftly remove offensive content.
In announcing details of the proposed law after months of review, French prime minister Edouard Philippe said France will move to adopt the cyberhate law immediately while also pressing the European Union to adopt a version of the same measures for all members. While only some of the details were revealed, the French proposal mirrors a German law that went into effect this years and threatens fines of up to €50 million ($62 million) if a social network does not take down content identified as hate speech within 24 hours.

Voice Chat App Zello Turned a Blind Eye to Jihadis for Years
Despite warnings and flagged accounts, Zello left accounts with ISIS flag avatars and jihadist descriptions live on its service.

One Way Facebook Can Stop the Next Cambridge Analytica
In a 2013 paper, psychologist Michal Kosinski and collaborators from University of Cambridge in the United Kingdom warned that “the predictability of individual attributes from digital records of behavior may have considerable negative implications,” posing a threat to “well-being, freedom, or even life.” This warning followed their striking findings about how accurately the personal attributes of a person (from political leanings to intelligence to sexual orientation) could be inferred from nothing but their Facebook likes. Kosinski and his colleagues had access to this information through the voluntary participation of the Facebook users by offering them the results of a personality quiz, a method that can drive viral engagement. Of course, one person’s warning may be another’s inspiration.
Kosinski’s original research really was an important scientific finding. The paper has been cited more than 1,000 times and the dataset has spawned many other studies. But the potential uses for it go far beyond academic research. In the past few days, the Guardian and the New York Times have published a number of new stories about Cambridge Analytica, the data mining and analytics firm best known for aiding President Trump’s campaign and the pro-Brexit campaign. This trove of reporting shows how Cambridge Analytica allegedly relied on the psychologist Aleksandr Kogan (who also goes by Aleksandr Spectre), a colleague of the original researchers at Cambridge, to gain access to profiles of around 50 million Facebook users.

Suppose Amazon wants to buy in…
Google plans to boost Amazon competitors in search
Google may be assembling a supergroup of big retail brands to go to war with Amazon over the future of online shopping. Reuters is reporting that the search engine is teaming up with Target, Walmart, Home Depot, Costco and Ulta for the new project. These companies, and any other willing participants, can index their catalogs on Google, which will show up when someone starts searching for stuff to buy. Naturally, rather than receiving an ad fee, Google simply gets a cut of the sales that are subsequently generated.
The report claims that Google is selling its new anti-Amazon tools on the basis that it is utterly dominant in the search world.

Paper – Law, Metaphor, and the Encrypted Machine
Gill, Lex, Law, Metaphor, and the Encrypted Machine (March 12, 2018). Osgoode Legal Studies Research Paper No. 72, Volume 13, Issue 16, 2018. Available at SSRN:
“The metaphors we use to imagine, describe and regulate new technologies have profound legal implications. This paper offers a critical examination of the metaphors we choose to describe encryption technology in particular, and aims to uncover some of the normative and legal implications of those choices. Part I provides a basic description of encryption as a mathematical and technical process. At the heart of this paper is a question about what encryption is to the law. It is therefore fundamental that readers have a shared understanding of the basic scientific concepts at stake. This technical description will then serve to illustrate the host of legal and political problems arising from encryption technology, the most important of which are addressed in Part II. That section also provides a brief history of various legislative and judicial responses to the encryption “problem,” mapping out some of the major challenges still faced by jurists, policymakers and activists. While this paper draws largely upon common law sources from the United States and Canada, metaphor provides a core form of cognitive scaffolding across legal traditions. Part III explores the relationship between metaphor and the law, demonstrating the ways in which it may shape, distort or transform the structure of legal reasoning. Part IV demonstrates that the function served by legal metaphor is particularly determinative wherever the law seeks to integrate novel technologies into old legal frameworks. Strong, ubiquitous commercial encryption has created a range of legal problems for which the appropriate metaphors remain unfixed. Part V establishes a loose framework for thinking about how encryption has been described by courts and lawmakers — and how it could be. What does it mean to describe the encrypted machine as a locked container or building? As a combination safe? As a form of speech? As an untranslatable library or an unsolvable puzzle? What is captured by each of these cognitive models, and what is lost? This section explores both the technological accuracy and the legal implications of each choice. Finally, the paper offers a few concluding thoughts about the utility and risk of metaphor in the law, reaffirming the need for a critical, transparent and lucid appreciation of language and the power it wields.”

For the toolkit.
Twitter for Business: Everything You Need to Know

Another tool for the toolkit. Knowing it can be done is half the battle.
Easy Screen OCR is a solid program for grabbing the text from any image on your PC. Head to its homepage and download it, opting for the portable version if you like.

Just in time for my Software Architecture class!
Ongoing series of nonverbal algorithm assembly instructions based on IKEA methodology
IDEA is a series of nonverbal algorithm assembly instructions by Sándor P. Fekete, Sebastian Morr, and Sebastian Stiller. They were originally created for Sándor’s algorithms and datastructures lecture at TU Braunschweig, but we hope they will be useful in all sorts of context. We publish them here so that they can be used by teachers, students, and curious people alike. Visit the about page to learn more.”

Something to mention to my students. (Yes, that includes textbooks!)
Preaching to the choir – Why Reading Books Should be Your Priority, According to Science
Inc., Christina DesMarais: “More than a quarter–26 percent–of American adults admit to not having read even part of a book within the last year. That’s according to statistics coming out of the Pew Research Center. If you’re part of this group, know that science supports the idea that reading is good for you on several levels.
  • Reading fiction can help you be more open-minded and creative.
  • People who read books live longer. [Good to know!!]
  • Reading 50 books a year is something you can actually accomplish.
  • Successful people are readers….”

Dilbert on the future technology of crime fighting?

No comments: