Saturday, December 19, 2020

Soon I’ll have to buy multiple trash cans so the house AI can tell me how to break down my trash for optimum societal benefit. (And then I’ll toss the damn camera into one of the trash cans.)

https://www.cnn.com/2020/12/18/tech/compology-artificial-intelligence/index.html

Here's why some McDonald's restaurants are putting cameras in their dumpsters

Since 2013 his San Francisco-based startup, Compology, has used cameras and artificial intelligence to monitor what's thrown into dumpsters and trash containers at businesses such as McDonald's restaurants and Nordstrom department stores. The point is to make sure dumpsters are actually full before they're emptied and to stop recyclable materials like cardboard from being contaminated by other junk so it, too, doesn't become waste.

"Once we saw the bags of trash go inside the cardboard containers, we sent a notification to the people on site via text message, letting them know that they should remove it before the truck comes the next morning and telling them that putting trash in the recycling container is a form of contamination, which they should not do in the future," he said.





Worthy of a class at the college level? Not if it’s done right.

https://www.fastcompany.com/90587364/teachable-alexa-ai

You can now teach Alexa how to do new things—a baby step toward ‘general’ AI

We are still a very long way from a “general” artificial intelligence—a machine that can learn and comprehend any task or concept a human can. But Amazon is taking a small step toward it with a new feature that lets you teach its Alexa personal assistant how to do new things.





A uniform format makes it easier to grade code (and find errors)

https://www.makeuseof.com/keeping-code-clean-with-prettier/

Keeping Your Code Clean With Prettier

Code formatting seems like a trivial subject, but it’s something that can affect the quality and correctness of your code, how it gets version controlled, and how you collaborate with others. If you don’t want to get bogged down in details of where every last brace goes, however, try outsourcing the problem to open-source tool, Prettier. https://prettier.io/

(For an alternative with much finer-grained control over every last formatting detail, try eslint.)



Friday, December 18, 2020

Merry Christmas ethical hackers.

https://www.makeuseof.com/tag/websites-legally-hack/

5 Websites That Teach You How to Hack Legally

To learn ethical hacking, you have to hack like a criminal but be smart about it. Get started with these websites you can legally hack.



(Related) For those of us who can’t wait to hack a self-driving car…

https://thenextweb.com/shift/2020/12/18/autonomous-vehicle-makers-should-be-held-responsible-for-accidents-says-law-commission/

Autonomous vehicle makers should be held responsible for accidents, says Law Commission

What do you call the person behind the wheel of a self-driving car? Are they a passenger or owner or are they still the driver? Whatever they’re called, the UK‘s Law Commission says they shouldn’t be held responsible if their “autonomous” vehicle is in an accident.

Under a new proposal from the UK‘s Law Commission, the “user in charge” of the vehicle would not be prosecuted for careless or dangerous driving, speeding, or breaking red lights when the car was in self-driving mode, the Telegraph reports.





Failure of the people charged with protecting the country…

https://www.cnbc.com/2020/12/18/suspected-russian-hack-on-us-is-much-worse-than-first-feared.html

Suspected Russian hack is much worse than first feared: Here’s what you need to know

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat “poses a grave risk to the federal government.”

It added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.

CISA believes the attack began at least as early as March.

The magnitude of this ongoing attack is hard to overstate,” former Trump Homeland Security Advisor Thomas Bossert said in a piece for The New York Times on Thursday. “The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.



(Related)

https://www.makeuseof.com/microsoft-confirms-solarwinds-breach/

Microsoft Confirms SolarWinds Breach Affecting Core Products

An NSA advisory released on 17 December 2020 referenced Microsoft products such as Azure and Active Directory, which the technology giant later confirmed.

Other targets include the US Energy Department and, perhaps most worryingly of all, the National Nuclear Security Administration, which manages the US nuclear arsenal.

Microsoft's report indicates that around 80 percent of affected organizations are based in the US. There are also victims in the UK, Belgium, Spain, Canada, Mexico, Israel, and the UAE. More victims are expected to appear in the coming days and weeks.



(Related)

https://www.cnbc.com/2020/12/17/biden-hints-at-a-tougher-stance-against-state-sponsors-of-cyberattacks.html

Joe Biden warns he will be tough on state sponsors of cyberattacks, as U.S. suffers massive hack

This timeline suggests that it will be Biden, not outgoing President Donald Trump, who is ultimately responsible for determining what retaliatory actions, if any, are warranted against those behind the attacks. Biden will take office on Jan. 20.

Trump has yet to personally respond to the latest attack. White House spokeswoman Kayleigh McEnany said Tuesday that the administration is “taking a hard look on this.”





We’ll see…

https://www.theverge.com/2020/12/16/22179245/facial-recognition-bill-ban-rejected-massachusetts-governor-charlie-baker-police-accountability

Massachusetts governor won’t sign facial recognition ban

Massachusetts Gov. Charlie Baker has refused to sign a law banning most government use of facial recognition. The Boston Globe reported last week that Baker sent an omnibus police reform bill back to state lawmakers, asking for changes that included striking the facial recognition rules.

Massachusetts legislators passed the first major state-level facial recognition ban, following a model set by individual cities like Boston and San Francisco. The bill says public agencies, including police departments, can’t use or acquire biometric surveillance systems. It makes exceptions for running facial recognition searches against a motor vehicles registration database, as long as police obtain a warrant or demonstrate “immediate danger” that requires a search. It would help fill a gap left by federal lawmakers, who haven’t passed a nationwide framework for using potentially invasive facial recognition technologies.

But in a letter to lawmakers, Baker said the reform package “ignores the important role [facial recognition] can play in solving crime.” His office told the Globe that he plans to veto the bill if lawmakers don’t make changes.





Beware of active cell phone users!

https://www.vice.com/en/article/7k94a9/gun-detection-ai-is-being-trained-with-homemade-active-shooter-videos

Gun Detection AI is Being Trained With Homemade ‘Active Shooter’ Videos

Companies are using bizarre methods to create algorithms that automatically detect weapons. AI ethicists worry they will lead to more police violence.





Keeping up with satellite tech.

https://www.pogowasright.org/a-new-satellite-can-peer-inside-buildings-day-or-night/

A New Satellite Can Peer Inside Buildings, Day or Night

Dan Robitzski reports:

A few months ago, a company called Capella Space launched a satellite capable of taking clear radar images of anywhere in the world, with incredible resolution — even through the walls of some buildings.
And unlike most of the huge array of surveillance and observational satellites orbiting the Earth, its satellite Capella 2 can snap a clear picture during night or day, rain or shine.

Read more on Futurism.





For history buffs.

https://www.bespacific.com/lc-complete-digitization-of-23-early-presidential-collections/

LC Complete Digitization of 23 Early Presidential Collections

Library of Congress Blog: “The Library of Congress has completed a more than two decade-long initiative to digitize the papers of nearly two dozen early presidents. The Library holds the papers of 23 presidents from George Washington to Calvin Coolidge, all of which have been digitized and are now available online. The Library plans to highlight each presidential collection on social media in the weeks leading up to the next presidential inauguration on Jan. 20, 2021. “Arguably, no other body of material in the Manuscript Division is of greater significance for the study of American history than the presidential collections,” said Janice E. Ruth, chief of the Manuscript Division at the Library of Congress. “They cover the entire sweep of American history from the nation’s founding through the first decade after World War I, including periods of prosperity and depression, war and peace, unity of purpose and political and civil strife.” The 23 presidential collections in the Library’s holdings, acquired through donation or purchase, are of such significant value that Congress enacted a law in 1957 directing the Library to arrange, index and microfilm the papers, an enormous job that concluded in 1976. With the dawn of the digital age, the collections of presidential papers were among the first manuscripts proposed for digitization. The conclusion of this effort marks the addition of more than 3.3 million images to the Library’s online archives…”





After a mere 95 years…

https://www.bespacific.com/january-1-2021-is-public-domain-day-works-from-1925-are-open-to-all/

January 1, 2021 is Public Domain Day: Works from 1925 are open to all

Duke Law, Center for the Study of the Public Domain – On January 1, 2021, copyrighted works from 1925 will enter the US public domain,1 where they will be free for all to use and build upon. These works include books such as F. Scott Fitzgerald’s The Great Gatsby, Virginia Woolf’s Mrs. Dalloway, Ernest Hemingway’s In Our Time, and Franz Kafka’s The Trial (in the original German), silent films featuring Harold Lloyd and Buster Keaton, and music ranging from the jazz standard Sweet Georgia Brown to songs by Gertrude “Ma” Rainey, W.C. Handy, and Fats Waller. This is not just the famous last line from The Great Gatsby. It also encapsulates what the public domain is all about. A culture is a continuing conversation between present and past. On Public Domain Day, we all have a “green light,” in keeping with the Gatsby theme, to use one more year of that rich cultural past, without permission or fee. Works from 1925 were supposed to go into the public domain in 2001, after being copyrighted for 75 years. But before this could happen, Congress hit a 20-year pause button and extended their copyright term to 95 years.2 Now the wait is over. In 2021, there is a lot to celebrate. 1925 brought us some incredible culture. The Harlem Renaissance was in full swing. The New Yorker magazine was founded. The literature reflected both a booming economy, whose fruits were unevenly distributed, and the lingering upheaval and tragedy of World War I. The culture of the time reflected all of those contradictory tendencies. The BBC’s Culture website suggested that 1925 might be “the greatest year for books ever,” and with good reason. It is not simply the vast array of famous titles. The stylistic innovations produced by books such as Gatsby, or The Trial, or Mrs. Dalloway marked a change in both the tone and the substance of our literary culture, a broadening of the range of possibilities available to writers, while characters such as Jay Gatsby, Hemingway’s Nick Adams, and Clarissa Dalloway still resonate today.

How will people celebrate this trove of cultural material? The Internet Archive will add books, movies, music, and more to its online library. HathiTrust will make tens of thousands of titles from 1925 available in its digital repository. Google Books will offer the full text of books from that year, instead of showing only snippet views or authorized previews. Community theaters can screen the films. Youth orchestras can afford to publicly perform, or rearrange, the music. Educators and historians can share the full cultural record. Creators can legally build on the past—reimagining the books, making them into films, adapting the songs. Here are some of the works that will be entering the public domain in 2021. (To find more material from 1925, you can visit the Catalogue of Copyright Entries.)…”



Thursday, December 17, 2020

Learn from the mistakes of others.

https://www.washingtonpost.com/national-security/ruusian-hackers-outsmarted-us-defenses/2020/12/15/3deed840-3f11-11eb-9453-fc36ba051781_story.html

The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it.

When Russian hackers first slipped their digital Trojan horses into federal government computer systems, probably sometime in the spring, they sat dormant for days, doing nothing but hiding. Then the malicious code sprang into action and began communicating with the outside world.

At that moment — when the Russian malware began sending transmissions from federal servers to command-and-control computers operated by the hackers — an opportunity for detection arose, much as human spies behind enemy lines are particularly vulnerable when they radio home to report what they’ve found.

Why then, when computer networks at the State Department and other federal agencies started signaling to Russian servers, did nobody in the U.S. government notice that something odd was afoot?

The answer is part Russian skill, part federal government blind spot.

The hackers also shrewdly used novel bits of malicious code that apparently evaded the U.S. government’s multibillion-dollar detection system, Einstein, which focuses on finding new uses of known malware and also detecting connections to parts of the Internet used in previous hacks.

But Einstein, operated by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), was not equipped to find novel malware or Internet connections, despite a 2018 report from the Government Accountability Office suggesting that building such capability might be a wise investment. Some private cybersecurity firms do this type of “hunting” for suspicious communications — maybe an IP address to which a server has never before connected — but Einstein doesn’t.

It’s fair to say that Einstein wasn’t designed properly,” said Thomas Bossert, a top cybersecurity official in both the George W. Bush and Trump administrations. “But that’s a management failure.”





For my Ethical Hackers. Even Presidents can choose bad passwords.

https://www.bbc.com/news/technology-55337192

Trump Twitter ‘hack’: Police accept attacker's claim

Dutch prosecutors have found a hacker did successfully log in to Donald Trump's Twitter account by guessing his password - "MAGA2020!"

But they will not be punishing Victor Gevers, who was acting "ethically".

Mr Gevers shared what he said were screenshots of the inside of Mr Trump's account on 22 October, during the final stages of the US presidential election.

But at the time, the White House denied it had been hacked and Twitter said it had no evidence of it.

But Twitter has refused to answer direct questions from BBC News, including whether the account had extra security or logs that would have shown an unknown login.





One of many laws I try to explain to my Computer Security students.

https://www.csoonline.com/article/3598568/glba-explained-what-the-graham-leach-bailey-act-means-for-privacy-and-it-security.html#tk.rss_all

GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security

for IT professionals, it's much better known for the data security and privacy mandates it imposes on a wide range of companies and organizations, even beyond the banking industry. While many of these rules represent best IT practices, the legal stakes of noncompliance are high, with big fines and even potential jail time looming for those who fall short.





Self-inflicted.

https://fpf.org/2020/12/16/the-complex-landscape-of-enforcing-the-lgpd-in-brazil-public-prosecutors-courts-and-the-national-system-of-consumer-defense/

The Complex Landscape of Enforcing the LGPD in Brazil: Public Prosecutors, Courts and the National System of Consumer Defense

This blog (1) summarizes the contributions of our three guest speakers, focusing on (2) public prosecutors under the Public Ministry, (3) recent case-law from the two highest Federal Brazilian Courts, (4) the national system of consumer defence, and (5) outlines potential conflicts of competence, before reaching (6) conclusions.





Perspective.

https://www.adweek.com/digital/ibm-predictions-artificial-intelligence-ad-tech-2021/

5 Ways IBM Predicts AI and Ad Tech Will Evolve in 2021

The trends range from more machine learning to a shift in the privacy conversation

With tech giants set to crack down on cookies and third-party trackers in the coming months, the ad-tech industry is in for some major changes.

IBM Watson Advertising has bet that artificial intelligence and anonymized behavioral insights will play a central role in that post-cookie future. The company has rolled out a series of product releases this year that aimed to lessen marketers’ reliance on personal data.

In a new report this week, Sheri Bachstein, global head of IBM Watson Advertising and The Weather Company, laid out some predictions for how those changes may take shape in the year to come, from a ramping up of discussions around consumer privacy to what a post-Covid-19 new normal might look like.





Even the government is starting to use technology!

https://www.bespacific.com/u-s-copyright-office-launched-a-new-copyright-public-records-system-cprs-pilot-to-the-public/

U.S. Copyright Office launched a new Copyright Public Records System (CPRS) pilot to the public

The U.S. Copyright Office launched a new Copyright Public Records System (CPRS) pilot to the public. The new portal will provide access to the same copyright records for both registration and recordation data that exist in the Copyright Public Catalog but with enhanced search capabilities and improved interfaces for internal and external users. With these enhancements, users should have an easier time finding the exact records they need. The CPRS pilot is also the second Enterprise Copyright System module to launch. While the first module, the electronic recordation system pilot, was released to a limited external audience, the CPRS pilot is available to the entire public. The public can access the new CPRS pilot at publicrecords.copyright.gov and provide feedback on their experience using the feedback link at the bottom of the page. The pilot is designed to run concurrently with the Copyright Public Catalog—available at cocatalog.loc.gov. During the pilot, the Copyright Public Catalog will remain the official source of authoritative records. The CPRS pilot will continue to evolve after the public release. Developers and Copyright Office staff are working on including the ability to download and print search results and the ability for users to see their recent searches and records. While the current CPRS pilot contains records from 1978 through the present, the Office is considering migrating other public records to the CPRS…”





Fits my “change is the only constant” philosophy.

https://sloanreview.mit.edu/article/the-essence-of-strategy-is-now-how-to-change/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+mitsmr+%28MIT+Sloan+Management+Review%29

The Essence of Strategy Is Now How to Change

When environments are complex and dynamic, strategy is about adaptability.

A fundamental assumption underlying traditional approaches to strategy is that industry boundaries and economics remain broadly stable over time. This assumption is no longer realistic, given that digital technologies and other factors have caused the average age of the companies in the S&P 500 to decline from more than 60 years in 1958 to less than 20 years today.





Job hunting in a changing world.

https://www.fastcompany.com/90586957/how-ai-is-helping-top-tech-talent-connect-with-the-best-opportunities

How AI is helping top tech talent connect with the best opportunities

Despite what’s happened to the world economy over the past year—and the continued uncertainty of what lies ahead—when it comes to hiring top talent it remains a job candidate’s market. The current focus of the conversation is around the impact of artificial intelligence on hiring practices. However, there are some key considerations that demonstrate the immense amount of choices talent will always have.

Right now, two seemingly contradictory things are happening in business.

Artificial intelligence is growing tremendously. According to statista, AI is growing approximately 54 percent annually and will be “one of the next great technological shifts, like the advent of the computer age or the smartphone revolution.”

Humans are not becoming less important. Organizations are becoming more sophisticated about measuring the value, impact, and importance of people. In turn, talent—or human resources or the management of workforces—is receiving more attention.



Wednesday, December 16, 2020

Can’t repeat this enough…

https://www.csoonline.com/article/3600793/14-tips-to-prevent-business-email-compromise.html#tk.rss_all

14 tips to prevent business email compromise

Criminals fool victims into clicking on malicious links or assisting in financial theft by sending emails that mimic real senders and real companies. Here's how to stop BEC.





A backgrounder podcast and some links…

https://www.makeuseof.com/what-is-the-dark-web-safe/

What Is the Dark Web, How Do You Reach It, and Is It Safe?





Plan for the worst. If criminals won’t obey the law, perhaps their victims will?

https://www.databreaches.net/regulatory-crackdown-on-ransomware/

Regulatory Crackdown on Ransomware

Seetha Ramachandran, Nolan Goldberg and Hena M. Vora of Proskauer write:

It is increasingly common for Ransomware attacks to be associated with large sophisticated cyber-criminal organizations, with a central entity providing the tools, training, and ability to collect ransoms and sending its “associates” out to cause harm. As long as victims continue to pay ransoms, Ransomware is able to expand. Ransomware is also being adapted for new, criminal purposes. Increasingly, hackers associated with countries like Iran and North Korea are using Ransomware to generate an influx of cash into their economic streams and bypass economic sanctions. Faced with an urgent need to stop the spread of Ransomware, law enforcement is now moving past its old strategy of strongly discouraging victims from paying ransoms. Regulatory agencies – such as OFAC and the SEC – are implementing regulations to prevent victims from paying ransom to buy their way out of a Ransomware attack. These regulations arm law enforcement with a new enforcement mechanism – allowing them to punish companies who choose to pay ransom in the face of a Ransomware attack. Accordingly, they signal a new area of regulatory enforcement that will likely become the government’s most powerful tool to curb the spread of Ransomware.

Read more about the regulatory responses and the takeaways these lawyers see on The Capital Commitment..





The intersection of Security and Privacy…

https://www.csoonline.com/article/3600748/privacy-data-protection-regulations-clamp-down-on-biometrics-use.html#tk.rss_all

Privacy, data protection regulations clamp down on biometrics use

The liabilities associated with biometric information are extremely high because you can’t call God up and say, ‘Hey I need a new fingerprint because mine was stolen,’” says Judy Selby, a Partner at Hinshaw & Culbertson LLP who specializes in privacy and cyber insurance.

In the US, regulations in California, Illinois and New York are considered the gold standard for protecting the collection, use, storage, and reuse of biometric data. In addition, The National Biometric Privacy Act was introduced to Congress in August 2020, with the potential to become federal law. While other acts and laws are in the works, these contain the most comprehensive privacy restrictions similar to the biometrics privacy rules set in European nations under the General Data Protection Regulation (GDPR ).





Will this encourage the UK to create its own version of the GDPR?

https://www.theguardian.com/technology/2020/dec/15/facebook-move-uk-users-california-eu-privacy-laws

Facebook will move UK users to US terms, avoiding EU privacy laws

Facebook will shift all its users in the United Kingdom into user agreements with the corporate headquarters in California, moving them out of their current relationship with Facebook’s Irish unit and out of reach of Europe’s privacy laws.

The change takes effect next year and follows a similar move announced in February by Google. Those companies and others have European head offices in Dublin, and the UK’s exit from the EU will change its legal relationship with Ireland, which remains in the Union.



(Related) An FYI…

https://www.csoonline.com/article/3410039/gdpr-vs-uk-data-protection-act-2018-whats-the-difference.html

GDPR vs UK Data Protection Act 2018: What’s the difference?





A summary…

https://fpf.org/2020/12/15/policy-brief-location-data-under-existing-privacy-laws/

Policy Brief: Location Data Under Existing Privacy Laws

The Future of Privacy Forum released a new policy brief, Location Data Under Existing Privacy Laws.





Perspective.

https://www.pewresearch.org/fact-tank/2020/12/15/people-globally-offer-mixed-views-of-the-impact-of-artificial-intelligence-job-automation-on-society/

People globally offer mixed views of the impact of artificial intelligence, job automation on society

As artificial intelligence (AI) plays a growing role in the everyday lives of people around the world, views on AI’s impact on society are mixed across 20 global publics, according to a recent Pew Research Center survey.

A median of about half (53%) say the development of artificial intelligence, or the use of computer systems designed to imitate human behaviors, has been a good thing for society, while 33% say it has been a bad thing.

Opinions are also divided on another major technological development: using robots to automate many jobs humans have done in the past. A median of 48% say job automation has been a good thing, while 42% say it’s had a negative impact on society.





Reading for shut-ins. It’s the time of year for lists.

https://www.wired.com/gallery/best-books-artificial-intelligence/

The 8 Best Books About Artificial Intelligence to Read Now



(Related)

https://www.pogowasright.org/notable-privacy-and-security-books-2020/

Notable Privacy and Security Books 2020

Professor Daniel Solove is indefatigable when it comes to promoting privacy scholarship and sharing what he knows. Now he has compiled a list of some notable books on privacy and security from 2020. You can access his list here.

But wait… there’s more!”

To see a more comprehensive list of nonfiction works about privacy and security for all years, Professors Paul Schwartz and Daniel Solove maintain a resource page on Nonfiction Privacy + Security Books. Check it out!



(Related) Finding something to read…

https://www.bespacific.com/introducing-the-open-library-explorer/

Introducing the Open Library Explorer

Open Library Blog: “At the Library Leaders Forum 2020 (demo), Open Library unveiled the beta for what it’s calling the Explorer: an immersive digital library which powerfully recreates and enhances the experience of navigating a physical library. If the tagline doesn’t grab your attention, wait until you see it in action. Get Ready to Explore In this article, we’ll give you a tour of the Open Library Explorer and teach how one may take full advantage of its power features. You’ll also get a crash course on the 100 years of library history which led to its innovation and an opportunity to test-drive it yourself…thanks to the new Open Library Explorer, you can experience the joys of a physical library right in your web browser, as well as leverage superpowers which enabling you to explore in ways which may have previously been impossible…