Do you really believe that this is their first time? Since when has the FBI had the computer power to do this? What if they cause harm?
https://gizmodo.com/the-fbi-just-snuck-into-computers-all-over-the-country-1846679332
The FBI Just Snuck Into Computers All Over the Country to Stop a Hacking Campaign
In what may be [but isn’t. Careful language reveals all! Bob] a first-of-its-kind operation, the FBI recently accessed private servers across the United States, ostensibly to delete malware that had previously been installed by foreign hackers.
The FBI targeted this unique digital clean-up at servers running the vulnerability-ridden email product Microsoft Exchange. The U.S. Justice Department said Tuesday that the purpose of the bureau’s operation was to digitally erase traces of web shells that, had they remained, “could have been used to maintain and escalate persistent, unauthorized access to U.S. networks.”
… The operation seems to have been strictly targeted at this one particular campaign, as the feds did not “search for or remove any additional malware or hacking tools that hacking groups may have placed on victim networks by exploiting the web shells,” the release says.
This may be the first time that the FBI has conducted an operation like this, TechCrunch reports. For years, the bureau has sought greater powers and authority when it comes to conducting digital investigations inside the U.S., though critics and civil liberties defenders have consistently fought against such encroachments into private servers.
(Related)
The FBI Is Now Securing Networks Without Their Owners’ Permission
In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities were patched, the shell would remain until the network operators removed it.
Now, months later, many of those shells are still in place. And they’re being used by criminal hackers as well.
On Tuesday, the FBI announced that it successfully received a court order to remove “hundreds” of these web shells from networks in the US.
This is nothing short of extraordinary, and I can think of no real-world parallel. It’s kind of like if a criminal organization infiltrated a door-lock company and surreptitiously added a master passkey feature, and then customers bought and installed those locks. And then if the FBI got a court order to fix all the locks to remove the master passkey capability. And it’s kind of not like that. In any case, it’s not what we normally think of when we think of a warrant. The links above have details, but I would like a legal scholar to weigh in on the implications of this.
Not exactly stopping the barbarians at the gate. More like, “We won’t let your tailor make us a suit!”
U.S. sanctions Russia for 2020 election interference, SolarWinds hack
The United States is hitting Russia with fresh sanctions for interference in the 2020 presidential election, a sweeping cyberattack against American government and corporate networks and other activities.
President Joe Biden signed an executive order Thursday morning to strengthen his administration's response to Russia, the White House said. Under the order, the Treasury Department has blacklisted six Russian technology companies that provide support to the cyber program run by Russia's intelligence services.
Would you rather have this data in the hands of unknown persons?
https://www.bespacific.com/opinion-data-brokers-are-a-threat-to-democracy/
Wired – “Unless the federal government steps up, the unchecked middlemen of surveillance capitalism will continue to harm our civil rights and national security… Enter the data brokerage industry, the multibillion dollar economy of selling consumers’ and citizens’ intimate details. Much of the privacy discourse has rightly pointed fingers at Facebook, Twitter, YouTube, and TikTok, which collect users’ information directly. But a far broader ecosystem of buying up, licensing, selling, and sharing data exists around those platforms. Data brokerage firms are middlemen of surveillance capitalism—purchasing, aggregating, and repackaging data from a variety of other companies, all with the aim of selling or further distributing it. Data brokerage is a threat to democracy. Without robust national privacy safeguards, entire databases of citizen information are ready for purchase, whether to predatory loan companies, law enforcement agencies, or even malicious foreign actors. Federal privacy bills that don’t give sufficient attention to data brokerage will therefore fail to tackle an enormous portion of the data surveillance economy, and will leave civil rights, national security, and public-private boundaries vulnerable in the process. Large data brokers—like Acxiom, CoreLogic, and Epsilon—tout the detail of their data on millions or even billions of people. CoreLogic, for instance, advertises its real estate and property information on 99.9 percent of the US population. Acxiom promotes 11,000-plus “data attributes,” from auto loan information to travel preferences, on 2.5 billion people (all to help brands connect with people “ethically,” it adds). This level of data collection and aggregation enables remarkably specific profiling…”
After GDPR?
https://www.bbc.com/news/technology-56745730
Europe seeks to limit use of AI in society
The use of facial recognition for surveillance, or algorithms that manipulate human behaviour, will be banned under proposed EU regulations on artificial intelligence.
The wide-ranging proposals, which were leaked ahead of their official publication, also promised tough new rules for what they deem high-risk AI.
That includes algorithms used by the police and in recruitment.
Experts said the rules were vague and contained loopholes.
The use of AI in the military is exempt, as are systems used by authorities in order to safeguard public security.
The suggested list of banned AI systems includes:
those designed or used in a manner that manipulates human behaviour, opinions or decisions ...causing a person to behave, form an opinion or take a decision to their detriment [Behavioral advertising? Bob]
AI systems used for indiscriminate surveillance applied in a generalised manner
AI systems used for social scoring
those that exploit information or predictions and a person or group of persons in order to target their vulnerabilities
An HBR podcast.
https://hbr.org/podcast/2021/04/mapping-ais-societal-impact
Mapping AI’s Societal Impact
AI is not just code and algorithms. It’s an industry built on a global network of resource extraction, human labor, and data collection. Kate Crawford, senior principal researcher at Microsoft Research and research professor of communication and science and technology studies at USC Annenberg, joins Azeem Azhar to explore the far-reaching impacts of AI and to consider the urgent case for proper governance and regulation of the industry.
They also discuss:
Why we need to observe hardware supply chains to understand AI’s impact.
Why the AI industry, like aviation and pharma, should be subject to strict regulation.
Why tech leaders should take a much greater responsibility for the social and environmental effects of technical systems.
Sentient, but not human. “Where will you find a jury of my peers,” my AI asks?
https://hai.stanford.edu/news/when-artificial-agents-lie-defame-and-defraud-who-blame
When Artificial Agents Lie, Defame, and Defraud, Who Is to Blame?
The movie Robot and Frank imagines a near future in which robots can be purchased to act as in-home caregivers and companions. Frank’s son buys him a robot, and Frank quickly realizes he can enlist its help in committing cat burglaries. The robot begins to show creativity and initiative in these criminal acts, and Frank is suffering from dementia. Who is ultimately responsible for these violations of the law?
Experts in robotics and artificial intelligence will have to suspend belief in order to enjoy Robot and Frank – the robot has capabilities that will continue to be purely science fiction for some time. But continuing advances in the field of artificial intelligence make it worth considering a provocative question that may become more practically relevant in the future: How would we, as individuals and as a society, react to an artificial agent that participated in the commission of some civil or criminal offense? The artificial agents of today would not make good cat burglars, but they have the gift of gab, and so it is only a matter of time before they are accused of committing offenses involving language in some way: libel, slander, defamation, bribery, coercion, and so forth.
Tools for my students.
Bibcitation's New Chrome Extension Makes It Easy to Create Citations
A few weeks ago I published an overview of seven free tools that help students create bibliographies. Bibcitation was one of the tools in that list. This week Bibcitation introduced a new Chrome extension that makes it easier than ever for students to cite webpages and build bibliographies.
Bibcitation's Chrome extension will generate a citation for any webpage that a student needs to include in his or her bibliography. To do that students simply have to click on the Bibcitation extension while viewing a webpage and select the citation style that they want to use. Students can then copy the text for the citation with just one click and paste it wherever they need to use it. Students can also click the "Add to Bibcitation.com" button within the extension to send the citation directly to the bibliographies they're working on.
… Bibcitation doesn't require students to register in order to use it. Completed Bibliographies can be downloaded as a document, as a BibTex file, or as HTML.
No comments:
Post a Comment