Sunday, April 15, 2018

Just a reminder:
The Privacy Foundation at the University of Denver Sturm College of Law
Privacy Foundation Event: Workplace Privacy and Bring Your Own Device (BYOD)
Friday, April 20, 2018 10:00 am to 1:00 pm
or contact Privacy Foundation Event Coordinator at
Click here for the flyer (PDF)

Warrants, there’s an App for that!” A response to savvy repeat offenders, could this make obtaining warrants for other searches easier?
Robert McCoppin reports:
Police in McHenry County will be out for blood with drivers who refuse to take breath tests for suspicion of driving under the influence of alcohol or drugs.
And the practice of officers immediately seeking blood draws from those who won’t submit to a breath screen appears to be spreading, with Lake County also planning to adopt a similar policy.
The strategy in many departments takes advantage of technology that allows police to generate an “e-warrant” that can be sent electronically to a judge for review right from a curbside traffic stop.
Read more on Chicago Tribune.
via Joe Cadillic
So… does this e-warrant approach also apply to applications to search a driver’s or passenger’s cell phone or devices? What would the police have to provide to a judge to get a judge to sign the warrant? And should searching the device be treated any differently than requiring a blood draw?
As you may have guessed, I’m still working on my first cup of coffee this morning and finding the news puzzling….

This is an old hack, but I have a new batch of Computer Security students who must start thinking of the threat from Things on the Internet of Things.
Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank

Is the world headed this way? How long can the US resist?
Michael Bahar, Mary Jane Wilson-Bilik, Alexander F.L. Sand, and Trevor J. Satnick of Eversheds Sutherland write:
With enactment of the Personal Information Protection Act (PIPA), Bermuda can now count itself among the ever-expanding list of jurisdictions with enhanced privacy protections. PIPA, passed on July 27, 2016, and entered into force in December 2017, shares many of the more stringent requirements and protections with Europe’s impending General Data Protection Regulation (GDPR), which indicates a growing, global trend towards stepped-up privacy regimes. That said, as much as there are similarities between the regulations, there are important differences, especially for those companies which also must comply with US privacy laws.
Read more on Eversheds Sutherland.
[From the article:
Like the GDPR, PIPA defines personal information (PI) more broadly than the US typically does. For Bermuda, PI is “any information about an identified or identifiable individual.” Under GDPR, personal data is “any information relating to an identified or identifiable natural person.”

This is useful for all my students.
NIST – Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems
“This publication is intended to be used in conjunction with NIST Special Publication 800-160 Volume 1, Systems Security Engineering – Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. It can be viewed as a handbook for achieving the identified cyber resiliency outcomes based on a systems engineering perspective on system life cycle processes, allowing the experience and expertise of the organization to determine what is correct for its purpose. Organizations can select, adapt, and use some or all of the cyber resiliency constructs (i.e., goals, objectives, techniques, approaches, and design principles) described in this publication and apply them to the technical, operational, and threat environments for which systems need to be engineered.

I have to agree with the author, this raises a number of questions. Is the Pentagon learning to speak Trump Talk? Do they have a much faster method of identifying trolls than Facebook claims?
… So far, Russia hasn’t given any signs it intends to truly escalate the situation, possibly in part because the White House has actually not yet settled on a comprehensive strategy. But Pentagon spokesperson Dana White did trot out a bizarre statistic on “Russian trolls” on Saturday, telling reporters, “The Russian disinformation campaign has already begun. There has been a 2,000 percent increase in Russian trolls in the last 24 hours.”
… It’s entirely plausible that Russia’s “Troll Army” did mobilize and pull some weekend shifts in response to the events in Syria. It’s much less clear where White pulled the 2,000 percent statistic from, or whether that number is particularly significant—while trolls have gathered to talk shit or simply try to hijack the discussion around the events in Syria, the same could be said of most noteworthy events.

Perspective. Remember that scene in “2001 A space odyssey” where the astronauts lock themselves in a shuttle and HAL reads their lips?
Google works out a fascinating, slightly scary way for AI to isolate voices in a crowd
The company says this tech works on videos with a single audio track and can isolate voices in a video algorithmically, depending on who's talking, or by having a user manually select the face of the person whose voice they want to hear.
Google says the visual component here is key, as the tech watches for when a person's mouth is moving to better identify which voices to focus on at a given point and to create more accurate individual speech tracks for the length of a video.

Perspective. I also see this as a method of ensuring that money/food reaches the intended recipients.
Inside the Jordan refugee camp that runs on blockchain
… And if the man behind the project, WFP executive Houman Haddad, has his way, the blockchain-based program will do far more than save money. It will tackle a central problem in any humanitarian crisis: how do you get people without government identity documents or a bank account into a financial and legal system where those things are prerequisites to getting a job and living a secure life?

Perspective. Do this result from targeting the symptom rather than the cause?
Amid FOSTA crackdown, sex workers find refuge on Mastodon
… With the news that President Trump has signed the Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA), their options will continue to dwindle — and with it, the ability for many sex workers to pay their bills, let alone do so safely.
Over the past few weeks, sex workers have been turning to an unexpected platform to remain online: the social network Mastodon, under a new instance called “Switter.” Melbourne-based company Assembly Four created Switter after its founders learned that social media platforms were either removing sex workers’ content or banning their accounts. Without the time or resources to build a whole new network from scratch, the group turned to Mastodon.
… Switter, which uses a domain hosted in Austria, offers a workaround to this US legislation. As an open-source platform, Mastodon mimics the look and function of Twitter. Rather than rely on a single flagship site, however, it functions through a series of networks called instances. These instances can be connected to others, or they can exist as standalone networks. Since its launch last month, Switter has grown to become the sixth largest instance, according to Mastodon Network Monitoring. “The ability to communicate and share information with your peers is absolutely critical in the modern age,” says J, an Assembly Four employee who goes by a single-letter handle. “With FOSTA already having wide-reaching effects, we realised that we needed to come up with a safe place for sex workers to communicate, and fast.”

The ultimate suggestion box?

No comments: