Tuesday, August 07, 2018

Targeting technology. The modern equivalent of WWI’s “third man on a match.” Apparently it only took that long for a sniper to target troops on a smoke break.
Pentagon bans use of geolocators on fitness trackers, smartphones
The Pentagon is banning deployed personnel from using fitness trackers, smartphones and potentially even dating apps that use geolocating features that could reveal the user's location.
The ban was announced in a Pentagon memorandum issued Friday and signed by Deputy Secretary of Defense Patrick Shanahan.
"Effective immediately, Defense Department personnel are prohibited from using geolocation features and functionality on government and non-government-issued devices, applications and services while in locations designated as operational areas," the policy memo said.




The new normal?
Campaigns on Their Own as Cyber Threats Roil Midterms
Kamala Harris has been the target of social media misinformation campaigns since she became a U.S. senator.
Every month for the last 18 months, her office has discovered on average between three and five fake Facebook profiles pretending to be hers, according to a Harris aide. It's unclear who creates the pages, which are often designed to mislead American voters about the ambitious Democratic senator's policies and positions.
The aide spoke on the condition of anonymity, like more than a half dozen campaign officials contacted for this story, for fear of attracting unwanted attention from adversaries or scrutiny on the Senate office's evolving cybersecurity protocols.
The Democratic National Committee has worked to strengthen its own internal security protocols and encouraged state parties to do the same, according to Raffi Krikorian, who previously worked for Uber and Twitter and now serves as the DNC's chief technology officer.
But in an interview, he acknowledged there are limits to how much the national party can protect the thousands of Democratic campaigns across the country.
"At the end of the day, the U.S. government is not putting any type of a bubble around any (campaign). They do not have the authority, capacity or capability to do it," said Shawn Henry, a former senior FBI official who now leads the cybersecurity firm CrowdStrike, which works with political campaigns. "NSA is not sitting in the ISPs filtering out malicious traffic."
Henry added: "They've got to take pro-active actions themselves."


(Related) Yet technology keeps moving.
West Virginia to introduce mobile phone voting for midterm elections
West Virginians serving overseas will be the first in the country to cast federal election ballots using a smartphone app, a move designed to make voting in November's election easier for troops living abroad. But election integrity and computer security experts expressed alarm at the prospect of voting by phone, and one went so far as to call it "a horrific idea."




Florida would be crazy not to ask if your children are crazy! Another example of distinguishing mental health from any other medical information.
From the road-to-Hell-has-been-traveled-too-frequently dept.
Carrie Seidman has a commentary on Florida law that all parents of Florida students should read, and parents in other states should take note of in case the same provision is proposed in their states. Seidman writes, in part:
Buried amid the school security measures swiftly passed by the Florida Legislature in the wake of the shootings last February at Marjorie Stoneman Douglas High School in Parkland is a mostly overlooked provision that requires parents or guardians registering a child for public school to disclose any mental health information in the prospective student’s past.
Sounds good, right? Having school officials made aware of a child dealing with mental health challenges means that the student and family can be connected to all available services, and school staff will be on alert to provide additional support. Who could argue with that?
As always, the devil lies in the details, which include everything from whether the person doing the registering will feel comfortable disclosing the information to how that sensitive information will be managed and shared. Those are questions that every school district in Florida is now grappling with.
Read more on Herald-Tribune. Seidman provides useful examples of how different districts are attempting to translate the requirement and so some are asking for very very detailed information, while others ask for less.
But should they be asking at all? Well, the law says they should, but the executive director of NAMI, quoted in the story, really captures the concerns about this type of provision. So let me highlight a few questions:
  1. Should districts be collecting this information or do families have the right to withhold health information about their child if they are not seeking accommodations for it or special services for it by the school district? Under the new Florida provisions, they seemingly no longer have the right to withhold health information of this kind. But where is the evidence to justify this mandated disclosure? Should there be a strict scrutiny standard? If not, what standard would be appropriate to justify a law that intrudes on privacy of sensitive information?
  2. If parents notify the school district, what responsibility under I.D.E.A. do school districts then incur to screen the student for the need for special education services?
  3. If parents notify the school district, what liability do school districts then incur if they do not provide mental health screening and services, and the student then acts out behaviorally?
In my experience, I know that many families — and many students — do NOT want the school district knowing about a diagnosis, if the diagnosed condition is stigmatizing. And many, if not most, psychiatric/psychological diagnoses are viewed that way by parents and students.
As always, in a rush to be reactive and kidding ourselves that we’re being proactive, the Florida legislature has enacted legislation that perhaps would best have not been enacted. And given how utterly horrible most school districts are at protecting student data, has the state of Florida just provided threat actors like TheDarkOverlord with just more low-hanging fruit to attack?




If it’s in the Wall Street Journal, it must be so?
Facebook to Banks: Give Us Your Data, We’ll Give You Our Users
The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.
Facebook increasingly wants to be a platform where people buy and sell goods and services, besides connecting with friends. The company over the past year asked JPMorgan Chase & Co., Wells Fargo & Co., Citigroup Inc. and U.S. Bancorp to discuss potential offerings it could host for bank customers on Facebook Messenger, said people familiar with the matter.
Facebook has talked about a feature that would show its users their checking-account balances, the people said. It has also pitched fraud alerts, some of the people said.
… Banks face pressure to build relationships with big online platforms, which reach billions of users and drive a growing share of commerce. They also are trying to reach more users digitally. Many struggle to gain traction in mobile payments.
Yet banks are hesitant to hand too much control to third-party platforms such as Facebook. They prefer to keep customers on their own websites and apps.
As part of the proposed deals, Facebook asked banks for information about where its users are shopping with their debit and credit cards outside of purchases they make using Facebook Messenger, the people said.


(Related) A carefully worded denial. In order to provide the services customers are “opting in to” Facebook must have access to the data.
Facebook denies seeking users' bank data
Facebook has denied reports that it is actively asking banks for details of users' financial transactions.
… Facebook said some users opted in to accessing some financial information in its Messenger app.
… However, Facebook said that users must opt in to linking the Messenger chat app to their bank accounts.




I agree. How do we live with it?
AI Weapons Are Here to Stay
The debate around the ethics of AI weapons has involved everyone from advocacy groups, to government officials, to Google engineers. Many agree that AI weapons carry very significant ethical concerns. Which begs the question, will these concerns, and the efforts of anti-AI weapons advocacy groups, result in a ban of their use or a strong taboo? Some seem to think that an international agreement will be enough to stop their adoption in the world’s militaries. However, the development of a taboo around the use of AI weapons depends on something much more straightforward, their effectiveness on the battlefield.


No comments: