Tuesday, June 01, 2021

Ransomware hardliners?

https://www.databreaches.net/claiming-to-be-the-new-generation-threat-actors-declare-no-more-discounts-or-long-negotiations/

Claiming to be the “new generation,” threat actors declare, “No more discounts or long negotiations”

This week saw the emergence of a new group calling themself “Pay or Grief.” Or maybe they call themselves “Grief” or “Grief_List.” I really am not sure because they haven’t responded to simple questions like “What do we call you?”

In any event, DataBreaches.net noted two of their attacks and now SuspectFile was able to get an actual statement from the threat actors that may help us predict their behavior.

First, SuspectFile got them to state on the record that they will not target the health care sector. Their reasons, however, are not altruistic at all:

We know some players like it, but there are a lot more interesting sectors to make money. Some things like plastic surgery or pharma sector have almost nothing with health but have lot of money – so they will come to our lists too.

Significantly, they informed SuspectFile:

Who are we? We are the new generation… No more Discounts, time of long-term negotiations with brainwashing and tons of proofs is finished. The game is over for companies who like long negotiations, pay or grief come to you. We have all leaked files… On our website What about GDPR? Everyone just talks about GDPR. Nobody obeys this law. Plenty of hacked companies that leaked files including id, confidential information, scans etc wasn’t sanctioned for leak. We could stay inside the companies for weeks. It is enough for downloading confidential information, mails, id and other We have analyzed many ransomware groups and we are not like they. Companies are spending a lot of money hiring company-negotiatiors. Where is the result? Nothing. They spend money and time while the documents are publishing. Who won? Company-negotiatiors/Insurance companies. Now we define the rules of the game, fuck discounts, fuck negotiations, fuck time wasting… Pay or Grief. This is our statement

There’s a lot to unpack there. Read SuspectFile’s commentary on their interactions with these threat actors. Marco also has a write-up on another one of this group’s victims: Mobile County, Alabama. You can read that on SuspectFile, too.





You don’t need papers, citizen. I can read your e-wallet.

https://www.makeuseof.com/eu-plans-universal-digital-wallet-launch/

The EU Plans to Launch a Universal Digital Wallet

According to the Financial Times, the EU will reveal plans for its digital wallet on June 2, 2021.

This wallet will give citizens from all 27 EU countries a single universal login. It would store payment details and allow citizens to store documents and access public and private services. For example, you could store your driver's license in the wallet, but also use it to pay rent or use government websites.

Currently, 19 countries in the EU have digital IDs, but many aren't cross-compatible. The new system will not be compulsory, [Yet. Bob] but EU officials hope that uptake will be positive following the increased digital proficiency caused by the COVID-19 pandemic.





That slope is slippery.

https://www.pogowasright.org/interpol-unveils-new-global-database-to-identify-missing-persons-through-family-dna/

INTERPOL unveils new global database to identify missing persons through family DNA

From INTERPOL:

LYON, France: In 2004, Croatian police found a man’s body in the Adriatic Sea.
The condition of the body, which rendered identification through fingerprints or facial recognition impossible, meant that – for more than a decade – it remained unidentified.
Enter I-Familia, a groundbreaking new database officially launched this month that applies cutting-edge scientific research and uses the DNA of relatives to identify missing persons or unidentified human remains around the world.
In late 2020, DNA from the children of an Italian man missing since 2004 was added to I-Familia and then checked against DNA from all unidentified human remains in the system.
A match was found between the children’s DNA and that of the body found in the Adriatic Sea, closing a case that had gone cold 16 years earlier.

Read more about the I-Familia database and program on INTERPOL.

Reading through the description, they do say that the database is “not connected” to their criminal database:

Data protection
The processing of DNA data via INTERPOL is carried out via secure communications channels and in compliance with the Organization’s robust data protection rules as well as the INTERPOL policy on using family DNA profiles of missing persons for kinship matching.
Family members must give their consent for their data to be used for international searching. There is no nominal data attached to the profile, which is submitted in the form of an alphanumerical code. INTERPOL’s Constitution and commitment to neutrality mean that I-Familia does not collect or use any data related to race. Member countries retain ownership of the DNA profiles submitted.
I-Familia is applied only to missing persons in a dedicated database and is not connected to INTERPOL’s criminal databases.

So this sounds good and of humanitarian value. But how many of us are so cynical or jaded by now that we think it’s only a matter of time before the data is used for other purposes? [Me. Bob]



(Related)

https://www.nytimes.com/2021/05/31/science/dna-police-laws.html

Two New Laws Restrict Police Use of DNA Search Method

Maryland and Montana have passed the nation’s first laws limiting forensic genealogy, the method that found the Golden State Killer.





Looking criminals up on the Internet for fun and profit? A new class for Criminal Justice majors?

https://www.pogowasright.org/e-d-cal-internet-research-can-provide-probable-cause-for-a-search-warrant/

E.D.Cal.: Internet research can provide probable cause for a search warrant

Over on FourthAmendment.com, John Wesley Hall cites an interesting opinion:

An officer’s internet search provided a substantial basis for finding probable cause to search defendant’s house for evidence of misrepresenting military service. Citations to the places where the information was be found elevated this above a mere anonymous tip. United States v. Tang, 2021 U.S. Dist. LEXIS 101743 (E.D. Cal. May 27, 2021):

[T]he Court finds the magistrate judge had “a substantial basis” for determining there was probable cause that Tang had misrepresented her military service on her visa application and that evidence of such service would be found in her apartment. See Gates, 462 U.S. at 239. Defendant, however, argues there was not probable cause, as the internet sources relied upon in the affidavit and translation tools used were not verified for accuracy. See Mot. at 4-9. To support her position, Defendant relies on precedent finding that allegations of an unknown informant are insufficient to support probable cause. Id. At 8. It is well established that information from an unverified, anonymous tip alone is not enough to demonstrate probable cause. See Gates, 462 U.S. at 239. Something else is required to indicate it is reliable. See id. at 232-35. But the Court is not persuaded that this situation, where a trained FBI agent relies on certain sources found on the internet, is akin to an unverified, anonymous tip.

Read more on FourthAmendment.com.





Interesting, but I beg to differ.

https://www.politico.eu/article/ex-google-boss-eu-risks-setback-by-demanding-transparent-ai/

Ex-Google boss slams transparency rules in Europe’s AI bill

Speaking at POLITICO's AI Summit, Schmidt criticized the provisions of the EU's AI bill that require algorithms to be transparent. "It's just a proposal, but if you would adopt it without modification, it would be a very big setback for Europe," said Schmidt, who chairs the National Security Commission on Artificial Intelligence (NSCAI) and is a former CEO of Google.

The EU's proposal "requires that the system would be able to explain itself. But machine learning systems cannot fully explain how they make their decisions," Schmidt said.



(Related)

https://gizmodo.com/flying-killer-robot-hunted-down-a-human-target-without-1847001471?scrolla=5eb6d68b7fedc32c19ef33b4

The Age of Autonomous Killer Robots May Already Be Here

A “lethal” weaponized drone “hunted down” and “remotely engaged” human targets without its handlers’ say-so during a conflict in Libya last year, according to a United Nations report first covered by New Scientist this week. Whether there were any casualties remains unclear, but if confirmed, it would likely be the first recorded death carried out by an autonomous killer robot.

The Kargu-2 is a so-called loitering drone that uses machine learning algorithms and real-time image processing to autonomously track and engage targets. According to Turkish weapons manufacturer STM, it’s specifically designed for asymmetric warfare and anti-terrorist operations and has two operating modes, autonomous and manual. Several can also be linked together to create a swarm of kamikaze drones.





English, as she is spoke.”

https://theconversation.com/machine-learning-is-changing-our-culture-try-this-text-altering-tool-to-see-how-159430

Machine learning is changing our culture. Try this text-altering tool to see how

Computer scientists and linguists have spent decades trying to program computers to understand the nuances of human language. And in certain ways, computers are fast approaching humans’ ability to understand and generate text.

Through the very act of suggesting some words and not others, the predictive text and auto-complete features in our devices change the way we think. Through these subtle, everyday interactions, machine learning is influencing our culture. Are we ready for that?

I created an online interactive work for the Kyogle Writers Festival that lets you explore this technology in a harmless way.

The interactive work I created allows people to playfully gain an intuition for how computers understand language. It is called Everything You Ever Said (EYES), in reference to the way natural language models draw on all kinds of data sources for training.

EYES allows you to take any piece of writing (less than 2000 characters) and “subtract” one concept and “add” another. In other words, it lets you use a computer to change the meaning of a piece of text. You can try it yourself.





Enough to get me through the summer?

https://gizmodo.com/54-brand-new-sci-fi-and-fantasy-books-to-add-to-your-ju-1846910944

54 Brand New Sci-Fi and Fantasy Books to Add to Your June Reading List



No comments: