Will
President Trump follow their lead?
Thailand
unveils 'anti-fake news' center to police the internet
Thailand
unveiled an “anti-fake news” center on Friday, the Southeast
Asian country’s latest effort to exert government control over a
sweeping range of online content.
… Minister
of Digital Economy and Society Puttipong Punnakanta broadly defined
“fake news” as any viral online content that misleads people or
damages the country’s image. He made no distinction between
non-malicious false information and deliberate disinformation.
“The
center is not intended to be a tool to support the government or any
individual,” Puttipong said on Friday before giving reporters a
tour.
A
reminder.
Texas
Updates Data Breach Notification Requirements
Effective
January 1, 2020, the Texas legislature will impose new notification
requirements on businesses that maintain personal information of
customers. House Bill 4390 amends the Texas Identity Theft
Enforcement and Protection Act by requiring that Texas residents be
notified of a data security breach within sixty (60) days of the
determination that a breach has occurred.
… The
notification to the Texas Attorney General must include the following
information:
- A detailed description of the breach or the use of sensitive information acquired during the breach
- The number of Texas residents affected
- Measures taken to date regarding the breach
- Any measures that will be taken in the future regarding the breach
- An indication of whether law enforcement has been notified.
Every
security manager should subscribe to this feed. (Assumes you have a
complete inventory of software.)
US
MS-ISAC Releases the October List of End of Support Software
The
Multi-State Information Sharing and Analysis Center (MS-ISAC) of the
Center for Internet Security has a released the October 2019 list of
of software that is currently in or nearing end of support.
When
software has reached end of support (EoS), it means the developers
will no longer release fixes for any bugs that are found in the
software. This includes fixes for security vulnerabilities that may
be discovered.
… As
part of this mission, each month the MS-ISAC releases a monthly
report detailing
the list of software that is in or reaching end of support.
Think
about isolated islands of Internet in Russia, China, the UK and
others.
Cyberbalkanization
and the Future of the Internet
On
May 1, 2019, Russia's President Vladimir Putin signed into law what
is generally known as the Sovereign
Internet law.
It came
into effect on November 1, 2019,
and is ostensibly designed as a defensive mechanism against any
foreign attempts -- namely U.S. -- to harm the Russian internet by
cutting access to foreign (non-Russian) servers.
In
principle, the concept is relatively simple. Russia will establish
its own shadow Russia-only DNS system. Under duress, or on-demand,
Russian ISPs would be instructed to switch to the alternative DNS.
This would ensure that all Russia-to-Russia communications never
leave Russian territory, and a Russian national internet would be
protected. Of course, it also means that all internal communication
can be more easily intercepted, and that Russian citizens could be
prevented from visiting selected websites in the rest of the world.
An
opinion that follows you for a lifetime?
From
the Road-to-Hell-is-Paved-with-Good-Intentions
and
What-Could-Possibly-Go-Wrong?
departments,
T. Keung Hui reports:
Some Wake County parents are refusing to give permission for teachers to conduct surveys that rate and track the behavioral health of their students.
The Wake County school system will have teachers at around 40 schools rate their students on 34 questions, such as how often they’ve appeared angry, expressed thoughts of hurting themselves, expressed strange or bizarre thoughts, appeared depressed or engaged in risk-taking behavior.
School officials say the Behavior Intervention Monitoring Assessment System, or BIMAS-2, will help them identify students who are at risk of future academic, behavior or emotional difficulties.
According
to the publisher of BIMAS-2, a masters-level teacher can administer
the system (as can some other specialties), but if I was a parent, I
would opt my kid(s) out, as until schools do a much better job of
securing data and protecting privacy, I would not want such data on
file for my children.
(Related)
Caroline
Haskins has a must-read article about Google’s Gaggle that is
part of a BuzzFeed
News package on schools and social media surveillance.
This article begins:
For the 1,300 students of Santa Fe High School, participating in school life means producing a digital trail — homework assignments, essays, emails, pictures, creative writing, songs they’ve written, and chats with friends and classmates.
All of it is monitored by student surveillance service Gaggle, which promises to keep Santa Fe High School kids free from harm.
Santa Fe High, located in Santa Fe, Texas, is one of more than 1,400 schools that have taken Gaggle up on its promise to “stop tragedies with real-time content analysis.” It’s understandable why Santa Fe’s leaders might want such a service. In 2018, a shooter killed eight students and two teachers at the school. Its student body is now part of the 4.8 million US students that the for-profit “safety management” service monitors.
Read
more on BuzzFeed,
Perspective.
Zack
Whittaker reports:
Twitter says the number of government demands for user data are at a record high.
In its latest transparency report covering the six months between January and June, the social media giant said it received 7,300 demands for user data, up by 6% a year earlier, but that the number of accounts affected are down by 25%.
Read
more on TechCrunch
Some points.
AI for good
or evil? AI dangers, advantages and decisions
… The
main ways AI is being used for good today is for "predictive
analytics, intelligence consolidation and to act as a trusted advisor
that can
respond automatically,"
FireEye's Muppidi said.
… AI
is already widely used for fraud -- including for operating botnets
out of infected computers that work solely as internet traffic
launderers, Tiffany said. But myriad other ways exist for AI to be
harnessed.
… A
big, but sometimes overlooked, truth when it comes to the use of AI
is that, unlike corporate America, cybercriminals don't have to care
about or comply with the General
Data Protection Regulation,
privacy regulations -- or laws and regulations of any kind, for that
matter. This allows them to do vastly more invasive data collection,
according to Tiffany.
… Right
now, a lot of defensive security work isn't really about presenting
an impregnable barrier to adversaries. Rather it's about creating a
better barrier than other potential victims so that predators choose
a different victim, Tiffany said. "A lot of security works like
this: It's not about
outrunning the bear; it's about outrunning the other people who are
running from the bear."
Add an AI to nag you into eating healthy? Report
your health metrics to your health insurance company?
What
Google's Fitbit Buy Means for the Future of Wearables
When Fitbit launched its first product in 2009,
the activity tracker didn’t even share data to a smartphone app.
Instead, it wirelessly connected to a base station that had to be
tethered to your computer. The clip-on itself displayed some
information, but Fitbit’s website was where you’d find
visualizations of your personal activity data. It
was a kind of gateway drug to what would become our
full-fledged, 2010’s, quantified-self addictions.
Over the years Fitbit would become known for its
accessible hardware, but it was its software—its mobile app, social
network, sleep tracking, subscription coaching—that made it stand
out in an ocean of fitness wearables.
… “The tradeoff will be, ‘I don’t want
one company knowing all of this about me,’ versus, ‘I can see the
value,’” he says.
You too can have a warped view of reality!
What to
Read, Watch, and Listen to In Preparation For the Robot Apocalypse
With 'Terminator:
Dark Fate' out this weekend, we've rounded up the books, movies, and
shows to prep you for the day we get terminated.