Is
this an escalation or is Germany merely bringing this (further) out
in the open?
Could
the German International Arrest Warrant Against a GRU Hacker Prompt
European Sanctions?
For
the first time in response to a state-sponsored cyber operation,
Germany’s federal prosecutor issued
an
international arrest warrant in early May for a Russian national,
Dmitriy Sergeyevich Badin. Badin is supposedly
employed by
the Russian Main Directorate of the General Staff of the Armed Forces
(GRU) of the Russian Federation. The international arrest warrant
was issued after Badin was indicted for compromising the
IT-infrastructure of the German parliament in 2015. On May 13,
Chancellor Merkel went on the record saying that there is “hard
evidence”
that points to Russia.
The
chancellor argued to the German parliament that the cyber operation
for which Badin was indicted is part of a broader
Russian hybrid warfare strategy.
She then said that although she will continue to work together with
Russia, “the
trustful relationship is disturbed.”
When parliamentarians pressed her on the consequences Russia would
face, Merkel answered vaguely, “of course we always reserve
measures, also against Russia.”
Alas.
C-suite
execs often pressure IT teams to make security exceptions for them
The
C-suite is the most likely group within an organization to ask for
relaxed mobile security protocols (74%) – despite also being highly
targeted by malicious cyberattacks, according to MobileIron.
https://www.mobileiron.com/en/resources-library/surveys-and-studies/trouble-at-the-top-study
[Registration required to
download Bob]
More
from the “We gotta do something!” school of thought.
Thermal
Imaging as Security Theater
These features are so tempting that thermal cameras are being installed at an increasing pace. They're used in airports and other public transportation centers to screen travelers, increasingly used by companies to screen employees and by businesses to screen customers, and even used in health care facilities to screen patients. Despite their prevalence, thermal cameras have many fatal limitations when used to screen for the coronavirus.
- They are "an imprecise method for scanning crowds” now put into a context where precision is critical.
- They will create false positives, leaving people stigmatized, harassed, unfairly quarantined, and denied rightful opportunities to work, travel, shop, or seek medical help.
- They will create false negatives, which, perhaps most significantly for public health purposes, "could miss many of the up to one-quarter or more people infected with the virus who do not exhibit symptoms," as the New York Times recently put it. Thus they will abjectly fail at the core task of slowing or preventing the further spread of the virus.
Another
“can’t hurt” tool.
Google
launches Scam Spotter program to help internet users identify and
prevent fraud
…
In
an effort to educate internet users on identifying and preventing
scams, Google has just launched Scam Spotter, a new program that
comes with its own website, at ScamSpotter.org.
Its
teachings revolve around three simple rules to consider when dealing
a suspicious email, phone call or message:
- Slow it down: Are they telling you it’s urgent? Take your time and ask questions to avoid being rushed into a bad situation.
- Spot check: Are they claiming to be from a specific institution? Do your own research to double check the details you’re getting.
- Stop! Don’t send: Are they asking you to go to the store and get gift cards? If you think a payment feels fishy, it probably is.
Complexifying
the obfuscation that is Privacy law.
Washington
D.C. Significantly Overhauls its Data Breach Notification Law
In
the midst of COVID-19 challenges, privacy and security matters
continue to be at the forefront for federal and state legislature.
In late March, the Washington D.C. (“D.C.”) legislature amended
its data breach notification law, with significant overhauls
including expansion of its definition of personal information,
updates to notification requirements and new credit monitoring
obligations. The Security Breach Protection Amendment Act of 2019,
b23-0215,
passed the 12-member D.C. Council unanimously and was signed by D.C.
Mayor Muriel Bowser on March 26. The new law became effective on May
19, 2020.
‘cause
lawyers have lots of interesting data.
Nearly
One Fifth of Law Firms Show Signs of Compromise
Cybersecurity
experts are calling for the legal sector to be defined as critical to
securing national
Web Result with Site Links
infrastructure, after revealing that 100% of law firms were targeted by attackers in the first quarter of 2020.Search Results
BlueVoyant appraised thousands of law firms worldwide between January and March 2020, to compile its latest report, Sector 17 - The State of Cybersecurity in the Legal Sector.
Of those
targeted, some 15% are likely to have been compromised while nearly
half showed signs of suspicious activity, including malicious proxy
use, it said.
(Re-)Opening
a huge can of worms?
Trump’s
executive order targets political bias at Twitter and Facebook: draft
Reuters:
“U.S. President Donald Trump is expected to order a review of a law
that has long protected Twitter, Facebook and Alphabet’s Google
from being responsible for the material posted by their users,
according to a draft executive order and a source familiar with the
situation. News of the order comes after Trump threatened to shut
down websites he accused of stifling conservative voices following a
dispute
with Twitter after the company decided to tag Trump’s tweets about
unsubstantiated claims [note
– this link references news on this incident posted by beSpacific]
of fraud in mail-in voting with a warning prompting readers to
fact-check the posts. The order, a draft copy of which was seen by
Reuters, could change before it is finalized. On Wednesday,
officials said Trump will sign an executive order on social media
companies on Thursday.
The executive order would require the Federal Communications Commission (FCC) to propose and clarify regulations under Section 230 of the Communications Decency Act, a federal law largely exempting online platforms from legal liability for the material their users post. Such changes could expose tech companies to more lawsuits. The order asks the FCC to examine whether actions related to the editing of content by social media companies should potentially lead to the platform forfeiting its protections under section 230… The draft order also states that the White House Office of Digital Strategy will re-establish a tool to help citizens report cases of online censorship. Called the White House Tech Bias Reporting Tool, it will collect complaints of online censorship and submit them to the Department of Justice and the Federal Trade Commission (FTC)…”
(Related)
Appeals
court rules in favor of Google, Apple, Facebook and Twitter in
anti-conservative bias suit
TechCrunch:
“The same day Donald Trump took to Twitter to threaten to regulate
or shut down social media sites, the U.S. appeals court in
Washington, D.C. dismissed
a lawsuit accusing
top tech companies of silencing conservative voices. Filed in 2018
by nonprofit Freedom Watch and right-wing gadfly Laura Loomer, the
suit accused Apple, Facebook, Twitter and Google of stifling First
Amendment rights. The suit alleged that four of tech’s biggest
names “have engaged in a conspiracy to intentionally and willfully
suppress politically conservative content.” It specifically cited
Loomer’s ban from Twitter and Facebook, following a tweet about
Congresswoman Ilhan Omar. Also noted is her inability to grow an
audience base and revenue on Google’s YouTube, suggesting that
after Trump’s election “growth on these platforms has come to a
complete halt, and its audience base and revenue generated has either
plateaued or diminished.” Apple’s alleged role is less clear.
In the ruling, District Judge Trevor McFadden notes that Freedom
Watch and Loomer failed to back up a claim that the companies were
“state actors,” involved with the regulation of free speech.
“The Plaintiffs do not show how the Platforms’ alleged conduct may fairly be treated as actions taken by the government itself,” the judge writes. “Facebook and Twitter, for example, are private businesses that do not become ‘state actors’ based solely on the provision of their social media networks to the public.” In other words, the companies cannot violate the first amendment, because banning users doesn’t constitute government abridgment of free speech. Per the decision, “Freedom Watch fails to point to additional facts indicating that these Platforms are engaged in state action and thus fails to state a viable First Amendment claim.”…
Will
you be able to explain why the AI did what it did? (See the next
article)
Google’s
federated analytics method could analyze end user data without
invading privacy
In
a blog
post today,
Google laid out the concept of federated analytics, a practice of
applying data science methods to the analysis of raw data that’s
stored locally on edge devices. As the tech giant explains, it works
by running local computations over a device’s data and making
only the aggregated results — not the data from the particular
device — available to authorized engineers.
While
federated analytics is closely related to federated
learning,
an AI technique that trains an algorithm across multiple devices
holding local samples, it only supports basic data science needs.
It’s
“federated learning lite”
(Related)
Thinking about how to explain what your AI decided?
ICO
finalises guidance on explaining decisions made with AI
Late
last year, we reported
that
the Information Commissioner’s Office (ICO) had published draft
guidance for assisting organisations with explaining decisions made
about individuals using with AI. Organisations that process personal
data using AI systems are required under the GDPR to provide an
explanation of the logic involved, as well as the significance and
the envisaged consequences of such processing in the form of a
transparency notice to the data subjects.
On
20 May 2020, followings its open consultation, the ICO finalised the
guidance (available here
).
This is the first guidance issued by the ICO that focuses on the
governance, accountability and management of several different risks
arising from the use of AI systems when making decisions about
individuals.
As
with the draft guidance, the final guidance is split into three
parts. We have outlined the key takeaways for each part below.
Perspective.
Hastened by Covid?
The
Commercial Real-Estate Market’s Impending Crash
Shopping
malls are in trouble, as are the commercial mortgage-backed
securities built around them. Can another 2008 be averted?
Wally
has a great idea! (Covid financial advice)
No comments:
Post a Comment