Saturday, October 19, 2019


It could (and probably will) happen to anyone.
The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History
How digital detectives unraveled the mystery of Olympic Destroyer—and why the next big attack will be even harder to crack.




Stupid is as stupid does.” F. Gump
Equifax used 'admin' as username and password for sensitive data: lawsuit
Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia.
The lawsuit, filed in January, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail.
The lawsuit also notes that Equifax admitted using unencrypted servers to store the sensitive personal information and had it as a public-facing website.
When Equifax, one of the three largest consumer credit reporting agencies, did encrypt data, the lawsuit alleges, “it left the keys to unlocking the encryption on the same public-facing servers, making it easy to remove the encryption from the data.”




Salvation is at hand! Or at least a general improvement in the level of security.
Girl Scouts of USA Launch First National Cybersecurity Challenge
Girls across the United States of America will take part in the country's first ever National Girl Scouts Cyber Challenge tomorrow.
Over 3,000 girls have signed up to practice their cybersecurity skills by solving a hypothetical ransomware attack on a moon base. Participants will form an incident response team that must find out who hacked the system and how they did it.




Keep up!
New Calculation Model for Data Protection Fines in Germany
On October 16, 2019, the body of German Supervisory Authorities known as the Datenschutzkonferenz (“DSK”) released a document proposing a model for calculating fines under the GDPR. The DSK indicated that this model is subject to change and will be superseded by any method put forward in guidance issued by the European Data Protection Board.




Safety over sanity?
Michael S. Lockett reports:
The Juneau School District is attempting to provide parents, students and school board members more information about a new computer monitoring program that was installed this school year without prior notification.
JSD informed parents via email about Bark — software which monitors for “harmful” content including school shooters, self-harm, pornography and cyber bullying — after it was installed on JSD computers earlier this school year. The program was tested for a few weeks, then went live on Sept. 13. An email was sent out Sept. 15 jointly from Bark and JSD’s IT department after the program was fully brought online.
Read more on Juneau Empire.
Related to the school monitoring issue, Lori Bezahler has an OpEd in The Guardian. Here’s a snippet:
The security technology market is capitalizing on fears about school safety to sell unproven, costly surveillance systems that put students, particularly students of color, at risk. The implications of using an unregulated system of data collection combined with biased and inaccurate surveillance tech on schoolchildren is not only alarming, but frankly dystopian.
Read more on The Guardian.



Friday, October 18, 2019


Not giving me those warm, fuzzy feelings.
Accused Capital One hacker had as much as 30 terabytes of stolen data, feds say
Investigators probing the Capital One data breach say they have between 20 and 30 terabytes of data in their possession as they prepare for trial against the alleged hacker, Paige Thompson, according to court documents obtained by CyberScoop.
… “[B]asically, each line is one credit card applicant and information about that person,” Assistant U.S. Attorney Andrew Friedman told a federal court during a detention hearing Oct. 4. “Some of it is coded information that means nothing to us, like what particular offer they received; some of it … is the names and dates of birth and the last four digits of Social Security numbers and things like that. … It’s hard to know exactly what this is.” [Here’s a hint: Ask Capital One! Bob]




Will the government help if an organization’s risk increases substantially? I’m guessing, no.
Reassessing U.S. Cyber Operations against Iran and the Use of Force
It’s becoming clear that, as the New York Times’ Julian E. Barnes puts it, United States cyber operations against Iran are taking place in what is “an undeclared cyberconflict, one carefully calibrated to remain in the gray zone between war and peace.” But has the United States, with a cyber operation against Iran in June and another in late September, already crossed the line that international law draws around “uses of force”? What may that mean for any future confrontations?




Is this a joke? What makes them think a thief would care? Or even hear about the injunction?
Commerce Commission obtains court order to protect 'sensitive' information from stolen computer
Commerce Commission obtains court order to protect 'sensitive' information from stolen computer
In a statement released today, the commission said the injunction is made against “unknown persons who may at any stage possess information on or taken from the equipment”.
The injunction prohibits any person from dealing with the stolen information in any way, including copying, communicating or publishing it.
The orders mean that anyone who fails to comply will be held in contempt of court.




Always a good base to start from.
NIST SP 1800-23, Energy Sector Asset Management: Securing Industrial Control Systems
the NCCoE released a draft practice guide NIST Special Publication 1800-23, Energy Sector Asset Management. This practice guide explores methods for managing, monitoring and baselining assets and includes information to help identify threats to these OT assets.




No doubt there will be a ‘secret’ command that causes your self driving car to leave your garage and return to the dealer. Call it the “auto-repo” command. Should be fun to hack!
IntSights Reveals Automotive Cybersecurity Points of Exposure in New Research Report
IntSights, the threat intelligence company focused on enabling enterprises to Defend Forward, announced today the release of the firm's new report, Under the Hood: Cybercriminals Exploit Automotive Industry's Software Features. The report identifies the inherent cybersecurity risk and vulnerabilities manufacturers face as the industry matures through a radical transformation towards connectivity.




This raises two questions. If the information does not match, which will be believed? Will anyone trust the Census Bureau again?
Census Bureau asks states for driver’s license records to produce citizenship data
WHYY – “The Census Bureau is asking states to voluntarily share driver’s license records as part of the Trump administration’s efforts to produce detailed data about the U.S. citizenship status of every person living in the country. According to a statement the bureau released Tuesday, the requests are in response to an executive order President Trump issued in July after courts blocked his administration from adding a citizenship question to 2020 census forms…” [h/t Pete Weiss] Note – if you are not aware, all states have sent notifications to residents requiring that they provide – by February 2020, in person at DMV, their respective PII – including original Social Security Card, Birth Certificate, Passport and utility bills, or risk cancellation of drivers license.
    • Example – Having a REAL ID compliant driver’s license or ID card will be necessary to board commercial aircraft or gain access to federal facilities. To be considered REAL ID compliant, you must have the required documents on file with the Maryland Department of Transportation Motor Vehicle Administration (MDOT MVA)…




Architecture.
IT-as-a-business is dead. Long live BusOps
Thanks to digital transformation, technology is embedded in every business process and practice your company relies on.
To succeed in the digital age, IT projects must be redefined to deliver business change instead of just information technology deliverables. But beneath this lies a more fundamental shift: IT operations should be just as embedded in business operations as IT applications should be embedded in achieving business change.
In many organizations, IT is run as if it were a separate business – a service provider for its internal customers. Unfortunately, doing so creates dysfunction for both the applications and operations sides of the IT house.
For most people in management, success increases their visibility, which can lead to promotion, accolades, and better pay. The only time IT operations is visible is when something goes wrong.
All good metrics are numerical representations of qualitative goals. So, the IT operations metric that best reflects its goals is a measure of its invisibility. This “invisibility index” should be a composite metric that encompasses application availability and performance, the number of calls to the help desk – fewer calls means more invisibility – and some measure that reflects how often IT operations performance is a bottleneck in other areas’ business processes and practices.




One way to look at AI.
The AI-Enabled Future
One way of looking into the future that AI might bring is through Cognilytica’s four-part AI enabled vision of the future. In that vision, there are four main aspects in which AI will impact our future lives: the way we work, the way we live, the way we experience the world and our interactions with each other, and the relationship we have with data.




Traditionalists will have a fit, but it teaches us something about AI.
AI created by Dodo analyzed 300,000 recipes to create a pizza transcending individual tastes
Open Source” pizza was an experiment aimed at proving the hypothesis that tastes, though considered entirely subjective, could be quantified and that AI could be trained to find uncommon ingredient combinations that would taste well together for most people.
The “Open Source” pizza recipe includes ten ingredients both traditionally used in pizza’s (tomato sauce, chicken, cherry tomatoes, broccoli, and mozzarella) and very uncommon ones (melon, pear, tuna, mint, and muesli).
To train AI, Dodo used the dataset of over 300,000 recipes along with the results of “Flavor network and the principles of food pairing” study published in The Nature in 2011. The study found that Western cuisines showed a tendency to use ingredient pairs that shared many flavor compounds.




There are some places robots were never meant to go!
Medtronic launches the first artificial intelligence system for colonoscopy



Thursday, October 17, 2019


No need to test that. These aren’t the ‘droids we’re looking for.”
Samsung: Anyone's thumbprint can unlock Galaxy S10 phone
A flaw that means any fingerprint can unlock a Galaxy S10 phone has been acknowledged by Samsung.
It promised a software patch that would fix the problem.
The issue was spotted by a British woman whose husband was able to unlock her phone with his thumbprint just by adding a cheap screen protector.
When the S10 was launched, in March, Samsung described the fingerprint authentication system as "revolutionary".




Will this result in an increased volume of attacks? “You can pay, you’ve got insurance!”
Baltimore to Buy $20M in Cyber Insurance Months After Attack
The move comes after hackers in May demanded about $76,000 in ransom after freezing key computer systems. Online payments, billing systems and email were down, and property transactions came to a stop, exasperating home sellers and real estate professionals.
The city refused to pay the ransom, but recovery has been estimated at about $18 million.
The policies have a $1 million deductible.




Everything is very simple in war, but the simplest thing is difficult.” Carl von Clausewitz Sounds like that applies to law too.
UK ‘porn block’: Government drops plan to stop children watching sex videos online
Controversial plans for a “porn blockto stop children viewing adult material online have been dropped, the government has announced.
The long-delayed measure – first promised in 2015 and first due to come into effect last year – “will not be commencing” after running into trouble and after repeated delays.
The government was also forced to exempt large social media sites from the ban over fears that it would result in the likes of Twitter and Reddit being blocked for adult content.




The evolution of personal.
California Amends Breach Notification Law
On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130. which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification number, or other unique identification number issued on a government document commonly used to verify the identity of a specific individual; and (2) biometric data generated from measurements or technical analysis of human body characteristics (e.g., fingerprint, retina, or iris image) used to authenticate a specific individual. Biometric data does not include a physical or digital photograph unless used or stored for facial recognition purposes.




A security perspective.
Jack Ma Reveals Alibaba Is the Target of 300 Million Cyber Attacks Each Day
During his 45-minute conversation with Forbes editor-in-chief Steve Forbes, the billionaire business magnate disclosed that his company suffers unrelenting hacking attempts — “but we deal [with] it,” Ma said. “We don’t have even one problem.”




The very definition of a hacker target. Everything you ever wanted to steal, all in one place.
Angelica Mari reports:
The Brazilian government will create a single citizen database that will contain a wide range of personal information about the country’s population of over 200 million people, to be fully shared across departments.
According to the decree signed by Brazilian president Jair Bolsonaro, the objectives of the database include the improvement in public policy, as well as simplifying data sharing between government departments.
The information “will be shared as widely as possible,” according to the decree, taking into account any legal restrictions, requirements around information and communications security, as well as Brazil’s General Data Protection Act, which will be enforced in August 2020.
Read more on ZDNet.




Privacy lawyers are probably underpaid.
There were a slew of sessions on the California Consumer Privacy Act (CCPA) at the Privacy+Security Forum in Washington, D.C. this week. I need to find time to read up more on the law and the regulations that have been introduced as CCPA is shaking things up big time. As one example, one law firm has identified almost two dozen significant impacts they see in the draft regulations. Daniel Felz of Alston & Bird writes that their advisory covers a number of topics, including
    • Why posting a CCPA privacy policy on your website may not be enough to satisfy your CCPA notice obligations – instead you may need additional “just in time” notices at every specific point where you collect data (or lose the right to collect it);
    • Why you may hear discussions about a potential return of Do Not Track in the online context, this time as a “Do Not Sell My Info” request;
    • Why brick-and-mortar interactions with consumers may require companies to faciliatate “offline” CCPA rights requests; and
    • Why companies that take a position as vendor or service provider may need to examine any aspect of their business that involves pooling customer data for regulatory risk.
Read their full advisory here.
Taking a somewhat lighter approach, Odia Kagan of Fox Rothschild provides us with the Ten Commandments of CCPA Compliance:
    • Thou shalt make for yourself a person overseeing privacy compliance in thine corporation.
    • Thou shalt map thy data so thou knowest what it is, wherefrom it cometh and where it is shared.
    • Thou shalt keep thy service providers close and thy third parties closer and revise thine own agreements with them.
Read all the commandments on Privacy Compliance & Data Security.




A twist on state privacy legislation.
Karl Bode reports:
Oregon Senator Ron Wyden has unveiled updated privacy legislation he says will finally bring accountability to corporations that play fast and loose with your private data.
Dubbed the Mind Your Own Business Act, the bill promises consumers the ability to opt out of data collection and sale with a single click. It also demands that corporations be transparent as to how consumer data is collected, used, and who it’s sold to, while imposing harsh fines and prison sentences upon corporations and executives that misuse consumer data and lie about it.
Read more on Vice. I haven’t found the full text of the bill yet, but will add a link to it when it’s available or I can find it.




Could this translate to facial recognition?
A Fourth Amendment Framework for Voiceprint Database Searches
From prisons to banks, the mass recording and collection of voices has become increasingly common. This practice can be useful—voiceprint technology (also known as voice recognition technology) helps banks and prisons verify the identity of a caller and prevent fraud. But, used for other purposes, this technology can reveal a considerable amount of personal information about the speaker and those they associate with. To address these privacy concerns, voiceprint technology should be subject to a new Fourth Amendment framework that treats each query of a voice database to verify an individual’s identity – a voiceprint verification – as a unique “search.” Drawing on the Supreme Court’s recent technology-related decisions and the insights of Fourth Amendment experts, we articulate the rationale for and specifics of this framework below.




If the AI suggests I have “reallyrare-itis” what happens if the doctors ignore that diagnosis and I later die from it? Can my heirs sue the AI?
Explainable AI In Health Care: Gaining Context Behind A Diagnosis
Most of the available health care diagnostics that use artificial intelligence (AI) function as black boxes—meaning that results do not include any explanation of why the machine thinks a patient has a certain disease or disorder. While AI technologies are extraordinarily powerful, adoption of these algorithms in health care has been slow because doctors and regulators cannot verify their results. However, a new type of algorithm called “explainable AI” (XAI) can be easily understood by humans. As a result, all signs point to XAI being rapidly adopted across health care, making it likely that providers will actually use the associated diagnostics.
for fields such as health care, where mistakes can have catastrophic effects, the black box aspect of AI makes it difficult for doctors and regulators to trust it—perhaps with good reason. Doctors are trained primarily to identify the outliers, or the strange cases that don’t require standard treatments. If an AI algorithm isn’t trained properly with the appropriate data, and we can’t understand how it makes its choices, we can’t be sure it will identify those outliers or otherwise properly diagnose patients, for instance.
For example, in its latest draft guidance released on Sept. 28, the FDA continues to require doctors to be able to independently verify the basis for the software’s recommendations in order to avoid triggering higher scrutiny as a medical “device.” Thus, software is lightly regulated where doctors can validate the algorithms’ answers. Consider the case of a medical image, where doctors can double-check suspicious masses highlighted by the algorithm. With algorithms such as deep learning, however, the challenge for physicians is that they have no context for why a diagnosis was chosen.


(Related) What if the legal AI misses relevant data? Can a legal ‘black box’ be allowed? (Cute image.)
Artificial Intelligence Is on the Case in the Legal Profession
My brain conjures up an image of C-3PO in a three-piece suit…
Artificial intelligence (AI) is, in fact, becoming a mainstay component of the legal profession. In some circumstances, this analytics-crunching technology is using algorithms and machine learning to do work that was previously done by entry-level lawyers. (What does that say about entry-level lawyers?)
… “AI’s present capability meets a sizable need in the legal space by automating a number of high-volume, recurring tasks that otherwise take lawyers’ focus away from more meaningful work,” Lillquist said. “Beyond this, the role of the lawyer is still vital to conducting quality legal work.”
Over the next five years, Lillquist predicts the role of AI in the legal space will continue to be accomplishing narrow and specific tasks, such as finding terms in a set of documents or filling out certain forms.
Meet the Robot Lawyer Fighting Fines, Fees, and Red Tape https://www.youtube.com/watch?v=xbXM-aNRNlY
… “Deep legal expertise is required to create technology that successfully operates in the legal space, and that knowledge resides in humans,” he added.


(Related) I note that this article was not written by an AI.
Artificial Intelligence, Legal Change, and Separation of Powers
Michaels, Andrew C., Artificial Intelligence, Legal Change, and Separation of Powers (September 24, 2019). 88 University of Cincinnati Law Review _ (2020, Forthcoming). Available at SSRN: https://ssrn.com/abstract=3459069
A number of prominent contemporary legal scholars have recently argued in favor of replacing human legal decision-making with Artificial Intelligence, assuming that AI technology improves to a level they deem appropriate. I disagree, particularly as regards Article III judges, for four main reasons. First, human judges must strike a delicate balance between respect for precedent (the past), and adapting the law to unforeseen circumstances (the present/future), thus playing an important role in shaping the law that those arguing for robot judges do not adequately account for. Second, arguments for AI judges often seem inherently formalist in stating that robot judges would make fewer errors, overlooking the teachings of legal realism that not all cases have a clear right answer. Third, the loss of human judges would lead to a loss or diminishment of the human legal community, such that fewer people would be paying attention to the law, leaving the law more susceptible to being co-opted. Fourth, Article III judges play an important role as a check on the other two branches, a role which AI seems ill-equipped to replace and those arguing for AI judges do not account for. In short, proposals to automate the judiciary both under-appreciate and undervalue the human aspects of law, and the degree to which a human legal system contributes to the sense that we as a society govern ourselves. The potential benefits of an automated judiciary are better achieved in other ways, and do not justify the risks.”




Useful?
Artificial intelligence: Cheat sheet



Wednesday, October 16, 2019


The Privacy Foundation is pleased to announce the Fall 2019 Privacy Seminar: “AI & Privacy: Ethical, Legal, and Technical Issues” Friday Nov 1st 10:00 – 1:00 followed by lunch. For full details and registration information: https://www.law.du.edu/privacy-foundation
Or contact Vince Gonzales vgonzales@law.du.edu 303-871-6313




Always worth studying. Learn from the mistakes of others or learn from your own mistakes.
Texas Chief Information Officer Shares Lessons Learned from Ransomware Attack
… “These 23 organizations were impacted because they failed to follow good cyber hygiene,” said Kimbriel, discussing the incident during the annual National Association of State Chief Information Officers convention in Nashville. “This particular provider had other organizations that were also connected in the same fashion and could have been impacted but because they follow good cyber hygiene they were not.”
In response to the July attack, the Texas National Guard deployed six-man cybersecurity teams who specialized in cybersecurity responses to assist the affected municipalities. 
A similar declaration was not made in Colorado after a 2018 hack on the state’s department of transportation until 10 days after the attack.




How does one miss this in testing? Probably used real data rather than test data (which should incorporate flaws in every field and test every step in the process).
Big Discovery Bank security flaw
Discovery Bank credit cards were affected by a security vulnerability that allowed you to make online purchases without knowing a specific bank card’s CVV.
The card verification value (CVV) is the set of three digits printed on the back of the card which acts as a security measure when making payments online.
MyBroadband received an anonymous tip stating that you could type in any three digits for the CVV when buying something online with a Discovery Bank card and the transaction would be approved. It appeared as though Discovery was not checking the CVV to authenticate transactions at all.




Individually, not much. But remember, hackers steal millions of accounts at a time.
What Your Personal Information is Worth to Cybercriminals
Full packages of data that can be used to steal a US victim's identity sell for $4-$10, the researchers say. These are called 'fullz' and include at least the name, Social Security number, date of birth, and account numbers.
The price seems low but it can get as high as $65 when accompanied by financial information, such as credit scores. The better the credit score, the higher the price. A score of 700, for instance, increased the fullz' value to $40.




Probably impacts many of my students.
Yahoo could pay you $358 for its massive data breach settlement. Here's how to claim it
Was your Yahoo account among the 3 billion struck by multiple data breaches between 2013 and 2016? You might be eligible for a $358 payout or two years of free credit monitoring.
If the settlement is approved by California courts, Yahoo could divvy up more than $117.5 million among users whose names, email addresses and passwords were stolen.
Eligible users can submit claims at Yahoodatabreachsettlement.com to receive at least two years of free credit monitoring services by AllClear ID.
If consumers can verify that they already use a credit monitoring service that they'll keep for at least a year, they can submit a claim for $100 instead. The true amount may be more than that -- up to $358 -- but it will likely be less, depending on how many people submit claims.




Probably similar here.
Australian CEOs are too overoptimistic for cybersecurity, out of touch on privacy
Only 6% of surveyed CEOs think their organisation has suffered a data breach in the last year, but 63% of their CISOs say they have, according to Unisys research. Big disconnect.
The report, Cybersecurity Standoff Australia [PDF], describes CEOs as "overconfident and out of the loop".




A tool for our Ethical Hackers?
OnionShare Lets Anyone Host Anonymous Sites on the Dark Web
A new version of the OnionShare program now allows you to easily create basic anonymous dark web sites on Tor so that they cannot be censored. This is particularly useful for those who wish to publish information anonymously, but do not want to deal with the mechanics of setting up their own dark web server.
"This website is only accessible from the Tor network, so people will need Tor Browser to visit it," states the OnionShare announcement for this new version. "People who visit your website will have no idea who you are – they won’t have access to your IP address, and they won’t know your identity or your location. And, so long as your website visitors are able to access the Tor network, the website can’t be censored."




I am willing to leave retirement to consult on CCPA (really to laugh at your approaching doom).
New Report Suggests Initial Compliance Costs for CCPA Could Reach $55 Billion
For months, there has been speculation about how much the new California Consumer Privacy Act (CCPA) would wind up costing California businesses as they prepare for the sweeping new privacy legislation, which is set to go into effect on January 1, 2020. According to a new economic impact assessment prepared for the California state attorney general by independent economic research firm Berkeley Economic Advising and Research, initial CCPA compliance could cost companies as much as $55 billion.




Don’t these people watch SciFi movies?
Workers trust AI more than human managers
Workers place more trust in robots and AI than their managers according to the second annual AI at Work study conducted by Oracle and Future Workplace.




When an AI writes (and patents) a better AI will it also write a patent lawyer App?
The Patent Office Is Hunting for an Artificial Intelligence Expert
The U.S. Patent and Trademark Office recently launched a recruitment effort to hire its first-ever senior-level artificial intelligence expert to advance the agency’s applications of the emerging technology and provide technical expertise to keep employees on the leading edge.
He’s looking for someone to provide technical insights and expert knowledge across the agency’s numerous AI initiatives. For example, USPTO is implementing the technology in both patent search and trademark image search to speed up its examiners’ ability to spot fraud or whether the contents have already been submitted before. The agency also applies AI to auto-classify patents and connect them to the correct examiners more rapidly.




Could be useful in my next Statistics class.
Crawl data analysis of 2 billion links from 90 million domains offer glimpse into today’s web
SearcEngineLand: Data analysis reveals the distribution of PageRank is highly right-skewed meaning the majority of hosts have very low PageRank – “The web is not only essential for people working in digital marketing, but for everyone. We professionals in this field need to understand the big picture of how the web functions for our daily work. We also know that optimizing our customers’ sites is not just about their sites, but also improving their presence on the web, which it is connected to other sites by links. To get an overall view of information about the web we need data, lots of data. And we need it on a regular basis. There are some organizations that provide open data for this purpose like Httparchive. It collects and permanently stores the web’s digitized content and offers them as public dataset. A second example is Common Crawl, an organization that crawls the web every month. Their web archive has been collecting petabytes of data since 2011. In their own words, “Common Crawl is a 501(c)(3) non-profit organization dedicated to providing a copy of the internet to internet researchers, companies and individuals at no cost for the purpose of research and analysis.” In this article, a quick data analysis of Common Crawl’s recent public data and metrics will be presented to offer a glimpse into what’s happening on the web today…”




Because my students never take notes! (and I think my lectures are worth saving and savoring!)
Google’s new voice recorder app transcribes in real time, even when offline
TechCrunch: “At Google’s hardware event this morning, the company introduced a new voice recorder app for Android devices, which will tap into advances in real-time speech processing, speech recognition and AI to automatically transcribe recordings in real time as the person is speaking. The improvements will allow users to take better advantage of the phone’s voice recording functionality, as it will be able to turn the recordings into text even when there’s no internet connectivity. This presents a new competitor to others in voice transcriptions that are leveraging similar AI advances, like Otter.ai, Reason8, Trint and others, for example. As Google explained, all the recorder functionality happens directly on the device — meaning you can use the phone while in airplane mode and still have accurate recordings.
This means you can transcribe meetings, lectures, interviews, or anything you want to save,” said Sabrina Ellis, VP of Product Management at Google….”




For my geeks.
The Best Way to Search for Free Software Online
lifehacker: “…you want to search for is “open-source” plus the general topic of whatever app or service you’re trying to find. This won’t always net you an app that costs you nothing, but you’re likely to have better luck. You can also search for “alternative to” a conventional app that does something you don’t want to have to pay for (or check out the similarly named website )…”