Oops!
The
potential for a 'miscalculated' enemy cyberattack keeps me up at
night, warns Pentagon cyber chief
When asked what kept him up at night, Deputy
Assistant Secretary of Defense for Cyber Policy Ed Wilson told
members of Congress it was the possibility of an enemy erring in an
attack.
"I think it would be the miscalculation of an
adversary that is trying to seek ... an outcome it miscalculates with
regards to how they go about doing it, the WannaCry-like incident,
that maybe has much more implications worldwide or globally than what
an actor would have anticipated. And so, that's what I guess keeps
me up in the middle of the night," Wilson said.
… Cybersecurity
experts have long warned of the unintentional dangers posed by
cyberweapons. The ambiguous nature of cyberactors means that it is
often difficult to determine an adversary's intention. Governments
and militaries also run the risk of falling victim to "false
flags," or operations in which one actor makes it appear that
another is responsible for an attack.
"Due
to the difficulty of determining whether certain activity is intended
for espionage or preparation for an attack, cyber operations run the
risk of triggering unintended escalation," wrote
Benjamin
Brake, a fellow with the Council on Foreign Relations, in 2015.
A case study.
#GartnerSEC:
Maersk’s Adam Banks Reflects on NotPetya Response and Recovery
… When
NotPetya first hit, Maersk was unable to determine exactly what was
occurring, Banks explained. It took several hours to establish the
cause of the attack, and the wide-spread impact. IT services,
end-user devices and applications/servers were dramatically affected.
As many as 49,000 laptops
were destroyed and 1200 applications were inaccessible.
“I
didn’t go home for 70 days,” Banks said, as he worked tirelessly
with the rest of the business to respond and recover.
When employees
fall for phony emails…
Business
Email Compromise Is a $26 Billion Scam Says the FBI
FBI's Internet
Crime Complaint Center (IC3) says that Business Email Compromise
(BEC) scams are continuing to grow every year, with a 100% increase
in the identified global exposed losses between May 2018 and July
2019.
Also, between
June 2016 and July 2019, IC3 received victim complaints regarding
166,349 domestic and international incidents, with a total exposed
dollar loss of over $26 billion.
“We’ll
even help you write it! We’re thinking: “GDPR Lite!”
51
tech CEOs send open letter to Congress asking for a federal data
privacy law
… CEOs
blamed a patchwork of differing privacy regulations that are
currently being passed in multiple US states, and by several US
agencies, as one of the reasons why consumer privacy is a mess in the
US.
This patchwork
of privacy regulations is creating problems for their companies,
which have to comply with an ever-increasing number of laws across
different states and jurisdictions.
Surveillance
without adequate planning?
ICYMI:
FPF’s Amelia Vance Raises Concerns about School Surveillance
Technologies on WOSU
…
“Communities
should absolutely adopt the school safety measures that they think
are necessary for their community, but we [also] want to make sure
that they don’t have unintended consequences – that they don’t
actually harm
students
more than they help ensure school safety,” Vance
said.
Listen
to the full interview.
… Specifically,
Vance highlighted examples of students who have typed a sensitive
word or phrase, like “shooting hoops,” or posted images that are
falsely flagged as problematic. As a result, these students – and
the school administrators – can end up trapped in time-consuming
“threat assessment process” that can lead to unjust school
suspension or even expulsion.
Vance
noted, “You have students who have gone through the threat
assessment process, which is intended to make things better for
students… but what we’ve seen is, in some cases, these threat
assessments are discriminating against students with autism or
students with disabilities… Those students aren’t threats,
they’re simply students who need additional help.”
Vance
also warned that some surveillance technologies could inadvertently
deter students from seeking help (e.g. searching for resources and
support for depression) because they believe certain search terms
they will be ‘flagged’ as potential threats.
Perhaps
we will eventually learn something?
Google
Hit With Sweeping Demand From States Over Ad Business
… Texas
Attorney General Ken Paxton’s office, which is leading the
nationwide probe, on Monday issued a 29-page civil investigative
demand obtained by Bloomberg. In more than 200 directives,
investigators ordered the company to produce detailed explanations
and documents by Oct. 9 related to its sprawling system of online
advertising products.
… The
process of showing an ad to a single person visiting a web page can
involve dozens of companies and multiple auctions and transactions.
Google has worked its way into controlling much of that process, and
investigators want to know exactly how powerful the company has
become in this space.
… Google
controls about 37% of digital ad spending in the U.S., ahead of No. 2
Facebook at 22%, according to EMarketer.
… The
state attorneys general asked for information on how Google shares
data with other companies and how it tracks behavioral data of
advertisers and people on its Chrome web browser. That
could signal an interest in privacy in addition to the focus on
competition in the advertising market.
An article worth reading.
The
Ethics of A.I. Doesn’t Come Down to ‘Good vs. Evil’
The
Brain Chip will be the end of human civilization.
Ethics
in A.I. is about trying to make space for a more granular discussion
that avoids these binary polar opposites. It’s about trying to
understand our role, responsibility, and agency in shaping the final
outcome of this narrative in our evolutionary trajectory.
This
article divides the issues into five parts:
What do we mean by ethics and A.I.?
Our lack of ability to understand the intended and unintended
consequences of innovation.
Our lack of ability to understand the connections and ramifications
between separate events.
Our lack of ability to standardize fairness.
Our inexperience in managing platforms with billions of people.
Both
end of the normal curve seem over-represented.
How
Much AI Expertise Do Thought Leaders and Companies Really Have?
…
Launched
in early August, Certified
Artificial promises
a “neutral, independent third-party certification service” for
helping separate the AI snake oil from the real deal. One part of
this service focuses on companies requesting third-party verification
of the fact that they’re using the latest AI techniques in their
services and products rather than simply relying on groups of human
workers or older statistical methods. Certified Artificial’s other
line of business involves evaluating the quality of advice coming
from certain thought-leaders who frequently discuss AI technologies
and their social impacts.
“Our
goal is not to penalize anyone because they made a little misstep on
how they talked about AI,” says Tim Hwang, partner and technical
director of Certified Artificial, and director of the Harvard-MIT
Ethics and Governance of AI Initiative. “We want to signal places
where someone has either been consistently spreading disinformation
about AI or is opining about it so it impacts in a way that erases a
lot of people doing really amazing work in this space.”
The
newest part of the service includes an online
browser extension that
anyone can install in order to see assigned
ratings for
thought-leaders whenever their names pop up in search engines or
websites. Those experts who demonstrate both technical knowledge
about AI and responsible awareness of the technology implications may
receive gold, silver, or bronze certification badges. On the other
hand, individuals who frequently spread misinformation about AI can
receive a “Do Not Recommend” badge.
Perspective.
Sandvine
releases 2019 Global Internet Phenomena Report
The
Global Internet Phenomena Report is the authoritative view on how
applications are consuming the world's internet bandwidth.
… Some
highlights from this edition of the report include:
Video is
over 60% of the total downstream volume of traffic on the internet.
Netflix
is 12.60% of the total downstream volume of traffic across the
entire internet and 11.44% of all internet traffic.
Google is
12% of overall internet traffic, driven by YouTube, search, and the
Android ecosystem.
Gaming
traffic and gaming-related bandwidth consumption is increasing as
gaming downloads, Twitch streaming, and eSports go mainstream.
BitTorrent
is over 27% of total upstream volume of traffic, and over 44% in
EMEA alone.
Facebook
applications make up over 15% of the total internet traffic in APAC.
The
report includes spotlights on the traffic share leaders for video,
social networking, messaging, audio streaming, and gaming.
Perspective.
For my geeks.
Rethinking
software development in the AI era
Data
is fast replacing code as the foundation of software development.
Here’s how leading organizations anticipate processes and tools
transforming as developers navigate this paradigm shift.
… Today,
applications are deterministic. They are built around loops and
decision trees. If an application fails to work correctly,
developers analyze the code and use debugging tools to track the flow
of logic, then rewrite code in order to fix those bugs.
That's
not how applications are developed when the systems are powered by AI
and machine learning. Yes, some companies do sometimes write new
code for the algorithms themselves, but most of the work is done
elsewhere, as they pick standard algorithms from open source
libraries or choose from the options available in their AI platforms.
These
algorithms are then transformed into working systems by selecting the
right training sets and telling the algorithms which data points —
or features — are the most important and how much they should be
weighed.
Potential tool?
Glide
Now Lets You Publish App Templates
Glide
is
probably my favorite new tool of 2019. The free service lets you
take a Google Sheet and quickly turn it into a mobile app. It can be
used to create all kinds of apps including staff directories, study
guides, scavenger hunts, and local tourism guides. My tutorial on
how to use Glide can be seen here.
This
week Glide introduced a new feature that lets you share your app as a
template. This means that once you've created an app that you like
you can share it and let others make a copy of it to modify for their
own needs.
Resource
list. (and I love lists)
Ten
Free Tools for Creating Mind Maps and Flowcharts - Updated for
2019-20