Misconfiguration
is mismanagement.
Misconfigured
Public Cloud Databases Attacked Within Hours of Deployment
Misconfigured
cloud databases left exposed to the internet are a huge, but largely
unquantified problem. New discoveries are found and reported by
security researchers on a weekly basis. What hasn't been clear is
whether bad actors can find them as easily as the researchers. The
answer is Yes.
Databases
-- usually in Elasticsearch or AWS S3 buckets, and often containing
sensitive data -- are frequently left in public Cloud storage without
access controls. The problem is so great that in January 2020, the
NSA warned, "misconfiguration
of cloud resources remains the most prevalent cloud vulnerability."
Such databases can be accessed, downloaded, or manipulated by anyone
who finds them.
Here
we go again?
This
Simple Facial Recognition Search Engine Can Track You Down Across the
Internet
… a
facial recognition website claims you can upload a picture of anyone
and the site will find that same person’s images all around the
internet.
PimEyes,
a Polish facial recognition website, is a free tool that allows
anyone to upload a photo of a person’s face and find more images of
that person from publicly accessible websites like Tumblr, YouTube,
WordPress blogs, and news outlets.
In
essence, it’s not so different from the service provided by
Clearview AI, which is currently being used by police and law
enforcement agencies around the world. PimEyes’ facial recognition
engine doesn’t seem as powerful as Clearview AI’s app is supposed
to be. And unlike Clearview AI, it does not scrape most social media
sites.
Will
it translate from the Portuguese?
A
Landmark Ruling in Brazil: Paving the Way for Considering Data
Protection as an Autonomous Fundamental Right
A
historic ruling of the Brazilian Supreme Court from May 07, 2020
describes the right to data protection as an autonomous right
stemming from the Brazilian
Constitution.
By a significant majority, 10 votes to 1, the Court halted the
effectiveness of the Presidential Executive Order (MP[1]
954/2020 )
that mandated telecom companies to share subscribers’ data (e.g.,
name, telephone number, address) of more than 200 hundred million
individuals with the Brazilian Institute of Geography and Statistics
(IBGE
),
the country’s agency responsible for performing census research.
More important than the decision itself was its reasoning, which
paves the way for recognizing the protection of personal data as a
fundamental right, independent of the right to privacy, that already
receives such recognition, in a similar fashion to the Charter of
Fundamental Rights of the European Union. This article summarizes
the main findings of the ruling. First, (1) it will provide
background on the role of the Brazilian Supreme Court and the legal
effects of the ruling. It will then look into (2) the facts of the
case, (3) the main findings of the Court, to conclude with (4) an
analysis of what comes next for the Brazilian data protection and
privacy law.
Who
controls access to data.
Meet
GAIA-X: This is Europe's bid to get cloud independence from US and
China giants
France
and Germany have kicked off the GAIA-X cloud project, their lofty bid
to manage dominant US and Chinese cloud giants in a European way, and
address potential conflicts between EU privacy laws and the US Cloud
Act.
… The
project is establishing a Belgian non-profit, the GAIX-X Foundation,
which would ensure member companies abide by its goals of data
sovereignty, data availability, interoperability, portability,
transparency and fair participation. It's also published
five documents explaining
the project's purpose and technical design.
… US
public cloud companies like Amazon Web Services, Microsoft and Google
can apply to join GAIA-X, but they would need to commit to GAIA-X's
principles.
Someone
is thinking about AI. (Download available.)
Government
publishes artificial intelligence procurement guidance
… the
document seeks to enable public bodies to buy
AI systems in a more confident and responsible manner.
… It
follows a
previous guide to using AI in the public sector by
the OAI and the Government Digital Service, released in January 2020.
Perspective.
10
common uses for machine learning applications in business
Machine
learning applications are unlocking value across business functions.
Here are 10 examples of how machine learning applications are being
used in business.
Looking
for law? Categories include computer law, but not privacy.
2019
Washington and Lee Law Journal Rankings
“Released
on June 1, 2020, the 2019
Rankings provide
citation data and calculated ranks for the top 400 U.S.-published law
journals and the top 100 law journals published outside the United
States. Journals ranked below these thresholds display “NR” (Not
Ranked) for each data category and are listed alphabetically. The
survey span of the 2019 ranking is five years (2015-2019). For more
information about the new and previous rankings, please see our
Methodology page. Send questions or comments to
LawJournalRankings@wlu.edu.”
Interesting.
Grammarly
adds custom style guides for business users
Grammarly,
the popular tool that aims to help you avoid grammar and style
gaffes, today announced the launch of custom
style guides for
its paying business users. Like with any style guide, the idea here
is to ensure that business communications are consistent. You
wouldn’t want one email to say “datacenter” while the other
says “data center,” after all.
… It’s
worth noting that style guides are not available to free Grammarly
and paid individual users. You’ll need a paid Grammarly Business
account, which starts at $12.50 per month/users, with a minimum of 3
users.
Use
all the tools available? What a concept! (Podcast)
Reading,
Writing and ... AI Literacy? Conrad Wolfram Wants to ‘Fix’ Math
Education
Living
through the COVID-19 pandemic requires some serious math literacy.
There’s a daily dose of statistics on the number of new cases, and
constant talk of “flattening the curve” of infections.
But
the education system has done a terrible job preparing us to live in
a world where such number crunching is more important than ever,
according to Conrad Wolfram, co-founder of Wolfram Research Europe.
He has a new book out this week called “The Math Fix: An Education
Blueprint for the AI Age.” In it, he proposes a new way for
schools and colleges to rethink everything in math education—about
what even needs to be taught and why.
… For
instance, he asked: “Why are we spending ages showing people how to
do quadratic equations by hand” when students today need a
different kind of algorithmic literacy in order to navigate a world
shaped by social media giants like Facebook and Google?
Listen
to this week’s episode on Apple
Podcasts, Overcast,
Spotify,
Stitcher,
Google
Play Music, or wherever you listen to podcasts, or use the player
below.
Warning
my students.
Employment
Scams Are On The Rise. Here’s What To Look Out For
… Falling
victim to a job scam has never been easier. Scammers are known to
create official-looking websites and email accounts to convey a sense
of reliability and trust to potential victims. Many of these bogus
job vacancies are listed on popular websites, and with remote work in
high demand, applicants may have a hard time spotting the scam.
If
you are in search of a job or simply browsing for one, here are the
top warning signs to look out for:
No comments:
Post a Comment