Thursday, April 11, 2019


Insecurity by design.
Cars Exposed to Hacker Attacks by Hardcoded Credentials in MyCar Apps
A small aftermarket telematics unit from Montreal, Canada-based AutoMobility, MyCar provides users with a series of smartphone-controlled features for their cars, including geolocation, remote start/stop and lock/unlock capabilities.
The easy-to-use MyCar app interface gives you control to remote start, lock, unlock and locate your vehicle from anywhere just by pushing a button on your smartphone,” the vendor says .
Hardcoded admin credentials found in the MyCar Controls mobile apps can be used to communicate with the server endpoint for a targeted user’s account, without having their username and password.
A remote un-authenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain unauthorized physical access to a vehicle,” Carnegie Mellon University’s CERT Coordination Center notes in a security alert.




Amusing. (To those of us with no Facebook page.)
Transparency tool on FB inadvertently provides window into confusing maze of companies who have your data
BuzzFeedNews – “On Facebook under Settings, there’s a page in the Ads section where you can view your Ad Preferences. Most of this is fairly straightforward — choices about how you’ll allow ads and how advertisers target you based on things like what pages you’ve liked. But there’s one section there that will probably surprise you: a list of advertisers “Who use a contact list added to Facebook.”… According to the description, “These advertisers are running ads using a contact list they or their partner uploaded that includes info about you. This info was collected by the advertiser or their partner. Typically this information is your email address or phone number.” The list of Advertisers, a feature Facebook added for transparency, is incomprehensible to anyone who isn’t an expert in advertising (and even some who are!), and leads to the unsettling realization that…, man, our data is out there and trafficked without our consent and being used by advertisers in ways we have no clue about…”




Did I miss this one? I think I did.
COMMENTS ON THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA)




I guess Privacy is trending. (See how the Times selects their coverage, below)
The New York Times has launched what it calls The Privacy Project:
a monthslong initiative to explore the technology, to envision where it’s taking us, and to convene debate about how we should control it to best realize, rather than stunt or distort, human potential.
Here are the articles they’ve posted to get it started:




Impacts both Computer Security and System Architecture.
In an attempt to to build in transparency and accountability into the next generation of world-changing technology, American lawmakers introduced a bill on Wednesday to require large companies to audit machine learning systems for bias.
Democratic Senators Ron Wyden and Cory Booker introduced the Algorithmic Accountability Act on Wednesday. Democratic Congresswoman Yvette Clarke introduced an equivalent bill in the House of Representatives.
The new bill would task the Federal Trade Commission with crafting regulations making companies conduct “impact assessments” of automated decision systems to assess the decision making systems and training data “for impacts on accuracy, fairness, bias, discrimination, privacy and security.”
Companies making over $50 million per year or holding the data of over one million individuals would be targeted by the bill.


(Related) Did they ever promise not to? Auditing for bias? Probably not.
Amazon Workers Are Listening to What You Tell Alexa
Amazon.com Inc. employs thousands of people around the world to help improve the Alexa digital assistant powering its line of Echo speakers. The team listens to voice recordings captured in Echo owners’ homes and offices. The recordings are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa’s understanding of human speech and help it better respond to commands.
Occasionally the listeners pick up things Echo owners likely would rather stay private: a woman singing badly off key in the shower, say, or a child screaming for help. The teams use internal chat rooms to share files when they need help parsing a muddled word—or come across an amusing recording.


(Related) Customers are told it may reduce the cost of their insurance. Could it also cause them to be dropped from any insurance plan?
A.I. Is Changing Insurance
A smartphone app that measures when you brake and accelerate in your car. The algorithm that analyzes your social media accounts for risky behavior. The program that calculates your life expectancy using your Fitbit
This isn’t speculative fiction — these are real technologies being deployed by insurance companies right now.
The idea is that if your Fitbit or Apple Watch can tell whether or not you’re living the good, healthy life — and if you are, your insurance premium will go down .
This is the cutting edge of the insurance industry, adjusting premiums and policies based on new forms of surveillance. It will affect your life insurance, your car insurance and your homeowner’s insurance — if it hasn’t already. If the Affordable Care Act’s protections for people with pre-existing conditions should vanish, it will no doubt penetrate the health insurance industry as well.


(Related)
Affectiva raises $26 million to bring emotional intelligence AI to car safety systems
Affectiva wants its solution to be incorporated into cameras used in car safety systems to recognize when a driver is happy, sad, drowsy, or frustrated.
In the future the company wants its detection systems to include more context about how vehicle passengers interact with each other and objects in a vehicle.




Apparently he could not resist trying to stay involved. To keep his name in the news?
Julian Assange: Wikileaks co-founder arrested in London
Video footage shows Julian Assange being dragged from the Ecuadorian embassy in London
Mr Assange took refuge in the embassy seven years ago to avoid extradition to Sweden over a sexual assault case that has since been dropped.
Ecuador's president said it withdrew his asylum after repeated violations of international conventions.
But he still faces a lesser charge of skipping bail in 2012 and he says this could lead to an extradition to the US for publishing US secrets on the Wikileaks website.
Scotland Yard said it was invited into the embassy by the ambassador, following the Ecuadorian government's withdrawal of asylum.
After his arrest for failing to surrender to the court, police said he had been further arrested on behalf of US authorities under an extradition warrant.
Press freedom organisation Reporters Without Borders said that the UK should resist extradition, because it would "set a dangerous precedent for journalists, whistleblowers, and other journalistic sources that the US may wish to pursue in the future".




Silly me. I thought journalists were reporting on important things.
Lifting Journalism by Knowing What Readers Are Looking For
Claudio E. Cabrera, who specializes in search engine optimization, describes how he keeps track of what’s hot in search and how that informs coverage — and what the limits are.




Perspective. We’re not ready for cashless.
After pushback from states and cities, Amazon Go might accept cash
According to CNBC, Amazon executive Steve Kessel told employees at a recent all-hands meeting that the company's brick-and-mortar, cashier-less Amazon Go stores would start accepting "additional payment mechanisms" to combat charges of discrimination.
An Amazon spokesperson later told CNBC that those additional mechanisms included accepting cash. "You’ll check out, pay with cash, and then get your change,” the spokesperson said. [What a bold new concept! Bob]




My guess is that President Trump’s Library will be measured in “Tweets.”
Obama’s Presidential Library Is Already Digital
The Atlantic – The question now is how to leverage its nature to make it maximally useful and used… ”The debate about the Obama library exhibits a fundamental confusion. Given its origins and composition, the Obama library is already largely digital. The vast majority of the record his presidency left behind consists not of evocative handwritten notes, printed cable transmissions, and black-and-white photographs, but email, Word documents, and JPEGs. The question now is how to leverage its digital nature to make it maximally useful and used…the record of President Obama’s White House: 1.5 billion “pages” in the initial collection, already more than 33 times the size of President Johnson’s library. I use “pages” because the Obama Foundation has noted that “95 percent of the Obama Presidential Records were created digitally and have no paper equivalents.” The email record alone for these eight years is 300 million messages, which NARA (the U.S. National Archives and Records Administration) estimates amounts to more than a billion printed pages. In addition, millions of other “pages” associated with the Obama administration are word-processing documents, spreadsheets, or PDFs, or were posted on websites, apps, and social media. Much of the photographic and video record is also born-digital. There are also 30 million actual pages on paper, which are currently stored in a suburb near Chicago. Given the likelihood that a decent portion of this paper record actually came from digital files—think about all of the printouts of PDFs, for instance—only a miniscule portion of what we have from Obama’s White House is paper-only…”




I will share this with my “students who text during class.”



No comments: