Is this in time to contribute to a secure 2020 election?
Senate
Intel Cmte Releases Bipartisan Report on Russia’s Use of Social
Media
“Today,
Senate Select Committee on Intelligence Chairman Richard Burr (R-NC)
and Vice Chairman Mark Warner (D-VA) released a new report titled,
“Russia’s
Use of Social Media.”
It is the second volume released in the Committee’s bipartisan
investigation into Russia’s attempts to interfere with the 2016
U.S. election. The new report examines Russia’s efforts to use
social media to sow societal discord and influence the outcome of the
2016 election, led by the Kremlin-backed Internet Research Agency
(IRA). The analysis draws on data provided to the Committee by
social media companies and input from a Technical Advisory Group
comprising experts in social media network analysis, disinformation
campaigns, and the technical analysis of complex data sets and images
to discern the dissemination of disinformation across social media
platforms…”
(Related)
Not perfect, but these tools and techniques are a start.
(Related)
Perhaps the candidates just don’t care.
2020
Presidential Candidate Campaign Websites Fail On User Privacy
Despite
everything that has happened over the last four years, the security
posture of the 2020 presidential candidates' campaign websites is
little better and often
worse than it was in 2016.
An
Online Trust Audit, from the Online Trust Alliance (OTA -- part of
the Internet Society), examined the visible privacy, website security
and consumer protection postures of the current 23 candidates'
campaign sites. Only seven candidates achieved the OTA Honor Roll
(that is, with no failures in any of the three areas), but none with
flying colors. These seven include Donald Trump and Bernie Sanders,
but current Democratic frontrunners Elizabeth Warren and Joe Biden
both fail.
Interestingly,
the OTA forewarned all the candidates about the publication of this
audit, giving them seven days to update their sites. Only one
candidate site took up this option -- but the update was insufficient
to alter its 'fail' result.
Be
less vulnerable than your neighbor.
New
Report Outlines IoT Security Vulnerabilities
For
years, we’ve been hearing about the security vulnerabilities of
consumer and small office/home office (SOHO) digital devices. At the
same time, security researchers have increased their rate of
vulnerability disclosures and bug bounty programs for the Internet of
Things (IoT) have proliferated in popularity. And, yet, nothing
seems to be getting done
when it comes to boosting the security capabilities of commonly used
devices such as routers and network attached storage (NAS) devices.
That’s the big takeaway lesson from consulting and research firm
Independent Security Evaluators (ISE), which has just released a new
report
(“SOHOpelessly
Broken 2.0”), which details the IoT security vulnerabilities found
in 13 popular devices.
A
security perspective.
In
the last 10 months, 140 local governments, police stations and
hospitals have been held hostage by ransomware attacks
(Related)
76
Percent of SMBs Based in United States Have Experienced Cyberattacks
in Past 12 Months
Is
this technology evil? I’m not so sure sharing video with the
police is such a bad idea.
Ring's
police partnerships must end, say more than 30 civil rights groups
Ring
has more
than 500 police partnerships across the US,
and a coalition of civil rights groups are calling for local
governments to cancel them all. On Tuesday, tech-focused nonprofit
Fight For the Future published
an open letter to elected officials raising
concerns about Ring's police partnerships and its impacts on privacy
and surveillance.
What
other languages get equal treatment?
Here’s
another report that I wish was just fiction. Joe Cadillic writes:
In New England, undercover Federal agents are following people into stores and interrogating them simply because they are speaking a foreign language.
Last month, the American Civil Liberties Union filed a lawsuit claiming that the U.S. Border Patrol is sending undercover agents into stores to interrogate and arrest suspected illegal immigrants because they were speaking Spanish.
Exhibit C of the complaint gives a detailed account of how two Border Patrol agents, James Loomis and Brendan Burns, followed a few alleged illegal immigrants from Vermont into a thrift shop in West Lebanon, New Hampshire.
Read
more on MassPrivateI.
Like tariffs, I wonder if this really works?
The United
States strikes a blow to China's AI ambitions
Washington
this week targeted Chinese facial recognition startups SenseTime,
Megvii and Yitu over national security concerns and foreign policy
interests, aggravating the clash between the two economic superpowers
over who will dominate the technologies of the future.
… The
three tech startups, along with a handful of other Chinese firms like
AI-driven surveillance camera maker Hikvision and voice recognition
firm iFlyTek, are now banned from buying US products or importing
American technology.
(Related)
Easily summed up.
Could
blacklisting China's AI champions backfire?
… Putting
the brakes on China's AI champions may serve the US's own national
security and foreign policy interest in the short term.
But
ultimately, it could spur on the Chinese Communist Party's
determination to make its tech industry less dependent on foreign
partners, with all the financial and geopolitical consequences that
entails.
A
breach notification act, but also another nibble at Privacy.
New
Cybersecurity and Privacy Law in NY Affects Employers in NY and
Beyond
JDSupra
– Pillsbury –
“The SHIELD Act will impose substantial new obligations on any
employer with an employee residing in New York State, as well as on
many employers across the country that conduct online hiring.
TAKEAWAYS
- Regardless of their location or size, employers that receive, collect or otherwise possess private information about New York residents must comply with the New York Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”)
- Even employers with no New York employees may trigger coverage based on information collected through their online hiring processes.
- Employers with such data must adopt cybersecurity data safeguards that comply with the provisions of the SHIELD Act and are subject to notification requirements in the event of a data breach…”
Unlikely
to change under the CCPA.
FBI’s
search for information on Americans was in violation of the law,
judge says
… Though
senior FBI officials flagged the issues, and the Justice Department
reported the missteps, the violations of what is known as Section 702
of the Foreign Intelligence Surveillance Act highlight ever-present
concerns with the FBI’s ability to search such databases without
individual warrants for information on Americans.
… Court
opinions disclosed Tuesday
by U.S. intelligence officials also
show that, despite concerns raised by the Foreign Intelligence
Surveillance Court (FISC), the FBI resisted for nearly a year to
change its procedures for tracking its queries for the data of
Americans.
… In
the most noteworthy violation disclosed Tuesday, the FBI in March
2017 conducted queries on databases using more than 70,000 email
addresses or phone numbers of FBI employees or contractors. The
bureau proceeded with the queries despite the advice of its general
counsel, though it did not review the results, according to an
October 2018 court opinion.
A
tool for my geeks.
Google’s
Grasshopper coding class for beginners comes to the desktop
Google
today
announced
that
Grasshopper,
its tool for teaching novices how to code, is now available on the
desktop, too, in the form of a web-based app.
… Google
also today added two new classes to Grasshopper, in addition to the
original “fundamentals” class on basic topics like variables,
operators and loops. The new classes are Using a Code Editor and
Intro to Webpages, which teaches you more about HTML, CSS and
JavaScript.
Can
you get a job if you don’t have a social media account?
US
job seekers scrub their social media accounts to get success
ZDNet
–
“Many
of us behave differently on social media and at work. But what are
Americans hiding from their employers, and how far will they go to
protect their professional reputations by securing their social media
sites? Pittsburgh, PA-based screening company JDP
surveyed
2007 Americans about their social
media habits and
how job hunting affects these habits. Over four in five (84%)
believe that social media activity regularly impacts hiring
decisions, and 82% have set up some degree of privacy on their social
media profiles. One in four have every social platform set to
private, and one in five admit to posting material that could
jeopardize a current, or future opportunity. Over two in five (43%)
have used privacy settings to avoid employers or co-workers, and 40%
have created an alias account. Almost half (46%) have used a search
engine to see what can be found online about them, and have modified
their social media settings based on the information that they found.
The most incriminating material was found on Facebook…”
No comments:
Post a Comment