Wednesday, June 30, 2021

Might apply to your software also.

https://www.csoonline.com/article/3623396/nist-defines-critical-software-with-a-broad-range-of-security-functions.html#tk.rss_all

NIST defines "critical software" with a broad range of security functions

A significant part of the Biden administration's wide-ranging cybersecurity executive order (EO) mandates that the National Institute of Standards and Technology (NIST) define what constitutes "critical software," a deliverable that is central to the wider effort of securing software supply chains. Last week NIST made good on this assignment when it released a preliminary list of software categories within the scope of this definition.





Does this surprise anyone?

https://www.nextgov.com/emerging-tech/2021/06/watchdog-10-government-agencies-deployed-clearview-ai-facial-recognition-tech/176411/

Watchdog: 10 Government Agencies Deployed Clearview AI Facial Recognition Tech

Multiple federal agencies that employ law enforcement personnel used facial recognition technology designed and owned by non-government entities in recent years—and 10 deployed systems made by the controversial company, Clearview AI.

In a 92-page report addressed to Congress and publicly released Tuesday, the Government Accountability Office offers details on a range of government implementations of the biometric technology.

GAO’s review included a visual chart demonstrating facial recognition technology systems used by those federal law enforcement agencies and the number of photos in each system. Clearview AI’s system outnumbers the rest, encompassing more than 3 billion photos.



(Related)

https://www.cpomagazine.com/data-privacy/eu-privacy-watchdogs-seek-ai-biometrics-and-facial-recognition-ban-in-public-spaces/

EU Privacy Watchdogs Seek AI Biometrics and Facial Recognition Ban in Public Spaces

Two of the European Union’s leading independent data protection watchdogs, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS), are jointly calling for a widespread ban on the use of AI-driven biometric identification in public places. More than just a facial recognition ban, the proposal calls for automated systems recognizing “gait, fingerprints, DNA, voice, keystrokes and other biometric or behavioral signals” to be kept out of all of the EU’s publicly accessible spaces.





When that AI legal software isn’t really AI or software.

https://news.bloomberglaw.com/pharma-and-life-sciences/human-contract-review-behind-ai-might-jeopardize-your-license

Human Contract Review Behind AI Might Jeopardize Your License

Some purported AI contract management vendors are relying on human reviewers rather than exclusively on artificial intelligence, asserts Jerry Ting, CEO of AI contract management firm Evisort. If unvetted and unlicensed humans are reading contracts, general counsel and other attorneys using such services risk violating privacy regulations and law licensing requirements, he contends.



(Related) Other software issues…

https://www.schneier.com/blog/archives/2021/06/risks-of-evidentiary-software.html

Risks of Evidentiary Software

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example).

Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it.

The software engineers proposed a three-part test. First, the court should have access to the “Known Error Log,” which should be part of any professionally developed software project. Next the court should consider whether the evidence being presented could be materially affected by a software error. Ladkin and his co-authors noted that a chain of emails back and forth are unlikely to have such an error, but the time that a software tool logs when an application was used could easily be incorrect. Finally, the reliability experts recommended seeing whether the code adheres to an industry standard used in an non-computerized version of the task (e.g., bookkeepers always record every transaction, and thus so should bookkeeping software).
[More ]





A forensic tools & techniques.

https://www.makeuseof.com/tag/how-do-i-download-an-entire-website-for-offline-reading/

How to Download an Entire Website for Offline Reading





Part of a modern writing class?

https://www.makeuseof.com/emoji-etiquette-when-to-use-them/

Proper Emoji Etiquette: When to Use (or Not Use) Them



No comments: