Friday, April 05, 2019

For my Ethical Hackers?
Hiding in Plain Sight
Over the past several months, Cisco Talos has tracked several groups on Facebook where shady (at best) and illegal (at worst) activities frequently take place. The majority of these groups use fairly obvious group names, including "Spam Professional," "Spammer & Hacker Professional," "Buy Cvv On THIS SHOP PAYMENT BY BTC 💰💵," and "Facebook hack (Phishing)." Despite the fairly obvious names, some of these groups have managed to remain on Facebook for up to eight years, and in the process acquire tens of thousands of group members.
These Facebook groups are quite easy to locate for anyone possessing a Facebook account. A simple search for groups containing keywords such as "spam," "carding," or "CVV" will typically return multiple results. Of course, once one or more of these groups has been joined, Facebook's own algorithms will often suggest similar groups, making new criminal hangouts even easier to find. Facebook seems to rely on users to report these groups for illegal and illicit activities to curb any abuse.




Election security? Overreaction?
Twitter stops blocking French government’s ad campaign
Twitter said Thursday it has stopped blocking French government ads calling on people to vote after it came under fire from authorities for being overzealous in applying a law aimed at banning fake news.
The incident highlights the challenge Silicon Valley tech giants face complying with tighter regulations from governments trying to clamp down on false information and prevent foreign interference in elections. The EU’s executive Commission, in its latest monthly report on tech companies’ efforts to fight election-related disinformation, criticized Twitter for not taking action to improve ad scrutiny or report on what it has done to protect its ad services against manipulation.


(Related)
Australian election: Facebook restricts foreign 'political' ads but resists further transparency
Facebook has announced it will restrict “political” ads from being bought by non-Australians during the election campaign, but will not be rolling out other key political ad transparency features used in other countries until after the election.


(Related)
Foreign Interference in Canadian Election 'Very Likely', Says Minister
Canada's foreign minister warned Friday that outside interference in the country's upcoming parliamentary election was "very likely".
"We are very concerned. Our judgement is that interference is very likely and we think there have probably already been efforts by malign foreign actors to disrupt our democracy," Chrystia Freeland said.


(Related)
Social media bosses could be liable for harmful content, leaked UK plan reveals
Social media executives could be held personally liable for harmful content distributed on their platforms, leaked plans for a long-awaited government crackdown obtained by the Guardian reveal.
There has been growing concern about the role of the internet in the distribution of material relating to terrorism, child abuse, self-harm and suicide, and ministers have been under pressure to act.
Under plans expected to be published on Monday, the government will legislate for a new statutory duty of care, to be policed by an independent regulator and likely to be funded through a levy on media companies.
The regulator – likely initially to be Ofcom, but in the longer term a new body – will have the power to impose substantial fines against companies that breach their duty of care and to hold individual executives personally liable.




What hath GDPR wrought?
Asia Pacific Data Protection and Cybersecurity Regulation: 2018 in Review and Looking Ahead to 2019
… Our Asia Pacific Data Protection and Cyber Security Guide 2019 will take you through the developments and key initiatives of APAC countries and discuss the implications of a shifting landscape.
Our Guide will discuss:
  • Key legislative and regulatory developments in 2018 and changes expected in 2019;
  • The impact of GDPR in APAC, and the prospects for regional harmonization;
  • APAC data protection regulatory heat map; and
  • Individual country data protection developments.
For Hogan Lovells’ Asia Pacific Data Protection and Cybersecurity Guide 2019, click here




Traveling after bashing Trump? Condemning the CBO?
Former Mozilla CTO Harassed at the US Border
This is a pretty awful story of how Andreas Gal, former Mozilla CTO and US citizen, was detained and threatened at the US border. CBP agents demanded that he unlock his phone and computer.
Know your rights when you enter the US. The EFF publishes a handy guide. And if you want to encrypt your computer so that you are unable to unlock it on demand, here's mu guide. Remember not to lie to a customs officer; that's a crime all by itself.




Architecture.
Addressing the Challenges of Moving Security to the Edge
For many organizations, the network perimeter has been replaced with a variety of new network edges. Many of these include unique challenges that can severely complicate an organization’s ability to maintain a consistent and manageable security infrastructure. These security challenges are two-fold.
The first involves implementing effective and consistent policy enforcement at an edge in spite of its unique network or platform configurations or functionality. The second is about creating consistent security between the various edges, not just for visibility, but to also ensure that policy changes and threat responses can be effectively coordinated across all edge environments.
… The network edge environments organizations need to secure and manage, some of their unique security challenges, and considerations for addressing those challenges include:
Cloud and multi-cloud
Enduser and IoT
WAN edge
5G




I’m confused. (Not unusual.) Are they saying the police instigate the action?
Do Police Body Cameras Provide an Impartial Version of Events?
The goal of this footage, of course, is to provide impartial evidence that could either help exonerate officers or convict them, depending on whether a shooting appears justified on film.
But a team of Kellogg researchers wondered just how impartial such evidence really is. Is all footage equal? Or might jurors perceive interactions filmed by a body cam versus a dash cam differently? And would these differences affect how much they blamed the officer?
… They found that people who watched a body cam version of an interaction—anything from the wearer bumping into someone to a police shooting—were less likely to believe that the person instigating that action did it on purpose, as compared to people who saw the same interaction filmed by a dash cam.
There was a “diminished sense of blame or responsibility for the person who’s wearing the body cam,” Roese says.
… The researchers recommend filming interactions from more than one point of view—for instance, from dash cams and body cams on multiple officers—so that jurors aren’t biased by seeing just one perspective.
“Whenever possible, I think more video is better,” Roese says. Installing body cams “is the beginning of a process of reaching greater accountability, but it’s not the end.”




There’s a joke (a million jokes?) here somewhere.
Lawyers and Twitter: Six Ways To Make People Like You
Kevin O’Keefe: Turns out that sharing the good of others, rather than talking about my company and our products, is the most effective method of business development I have ever used. Dale Carnegie, in one of the best-selling books of all time, ‘How to Win Friends and Influence People’ laid out six business principles for making people like you – an essential he believe needed for business development. Each of Carnegie’s points apply to how you as a lawyer can use Twitter to make people like you…”




Stay current!
Dictionary.com inches closer to explaining enigma of Gen Z’s vocabulary
cnet: “Dictionary.com added more than 300 new words and phrases on Wednesday, including a few tech-related entries like “textlationship” (when people text a lot but don’t really interact in person) and “keyboard warrior” (someone who shares opinionated content online in an aggressive or abusive way, typically without revealing who they are)…”




For the toolkit.
A Chrome Extension for Clutter-free Reading and Printing
Mercury Reader is a Chrome extension that removes sidebar content from articles that you view in your Chrome web browser. It will hide banner ads, suggested "related" articles, and anything else that is not a part of the primary article on the page you are viewing. When you use Mercury Reader to print an article, all of the sidebar content is removed thereby saving you paper and ink.
Mercury Reader is more than just a tool for hiding sidebar content from a page. It can also be used to adjust the font size and color contrast of a page. And Kindle users can send a page directly from Mercury Reader to their Kindles.




Dilbert clearly explains the risk of using digital assistants.


No comments: