Meeting security.
https://www.bespacific.com/paper-a-first-look-at-zoombombing/
Paper – A First Look at Zoombombing
A First Look at Zoombombing. Chen Ling, Utkucan Balcı, Jeremy Blackburn, Gianluca Stringhini. Computers and Society. arXiv:2009.03822 [cs.CY].
“Abstract—Online meeting tools like Zoom and Google Meet have become central to our professional, educational, and personal lives. This has opened up new opportunities for large scale harassment. In particular, a phenomenon known as zoombombing has emerged, in which aggressors join online meetings with the goal of disrupting them and harassing their participants. In this paper, we conduct the first data-driven analysis of calls for zoombombing attacks on social media. We identify ten popular online meeting tools and extract posts containing meeting invitations to these platforms on a mainstream social network, Twitter, and on a fringe community known for organizing coordinated attacks against online users, 4chan. We then perform manual annotation to identify posts that are calling for zoombombing attacks, and apply thematic analysis to develop a codebook to better characterize the discussion surrounding calls for zoombombing. During the first seven months of 2020,we identify over 200 calls for zoombombing between Twitter and 4chan, and analyze these calls both quantitatively and qualitatively. Our findings indicate that the vast majority of calls for zoombombing are not made by attackers stumbling upon meeting invitations or brute forcing their meeting ID, but rather by insiders who have legitimate access to these meetings, particularly students in high school and college classes. This has important security implications, because it makes common protections against zoombombing, such as password protection, ineffective. We also find instances of insiders instructing attackers to adopt the names of legitimate participants in the class to avoid detection, making countermeasures like setting up a waiting room and vetting participants less effective. Based on these observations, we argue that the only effective defense against zoombombing is creating unique join links for each participant
Is this a Trump holdover? Who do you want elected and by how much? Apparently there is no security strategy.
Activists complain of weakened voting security standard
Leaders of the federal agency overseeing election administration have quietly weakened a key element of proposed security standards for voting systems, raising concern among voting-integrity experts that many such systems will remain vulnerable to hacking.
The Election Assistance Commission is poised to approve its first new security standards in 15 years after an arduous process involving multiple technical and elections community bodies and open hearings. But ahead of a scheduled Feb. 10 ratification vote by commissioners, the EAC leadership tweaked the draft standards to remove language that stakeholders interpreted as banning wireless modems and chips from voting machines as a condition for federal certification.
The mere presence of such wireless hardware poses unnecessary risks for tampering that could alter data or programs on election systems, say computer security specialists and activists, some of whom have long complained than the EAC bends too easily to industry pressure.
Perspective.
https://www.infoq.com/news/2021/02/kaggle-report-2020/
Kaggle Publishes 2020 State of Machine Learning and Data Science Report
Kaggle has published a report on the State of Machine Learning and Data Science for 2020. The report is based on survey responses from over two thousand users currently employed as data scientists.
The report and underlying survey were described on Kaggle's website. Kaggle opened the 35-question survey for 3.5 weeks in October 2020 and collected over 20 thousand responses. The Enterprise Executive Summary Report focuses on the 13% of respondents who identified their job title as "data scientist." The report identifies several key results about data scientist demographics as well as popular data science and machine learning technologies. As with the three previous annual surveys, Kaggle has also released the anonymized response data.
… The report contains graphs and analysis of several attributes of the survey respondents, including: respondent profile, education, and experience; employment and work environment; and technologies and platforms. The report notes that the "vast majority" of data scientists are under 35 years of age, two-thirds have a graduate degree, and most have less than 10 years coding experience. Around 55% have less than three years of experience with machine learning.
No comments:
Post a Comment