Monday, August 23, 2021

Interesting in that it suggests how a knowledgeable insider can get away with selective hacks (social engineering) for a loooong time.

https://www.bespacific.com/the-mysterious-figure-stealing-books-before-their-release/

The Mysterious Figure Stealing Books Before Their Release

Vulture – The Spine Collector For years, a mysterious figure has been stealing books before their release. Is it espionage? Revenge? Or a complete waste of time? In the spectrum of cyberattacks, this one wasn’t very complex. There was no malicious software or actual hacking involved. Some of the earliest victims used Gmail accounts for work, which were easy and free to spoof. Registering an alternate domain and setting up an email server was only slightly more involved, and the possibilities were endless: ts became fs (@wwnorfon.com), qs replaced gs (@wylieaqency.com), rs and ns cornbined to make ms (@penguinrandornhouse.com). The domains suggested someone who liked to play with words as much as code. Books became bocks, unless the company was Dutch, in which case boek was Anglicized to book. What did seem sophisticated was the thief’s knowledge of the business. The culprit wrote like someone in publishing, abbreviating to “MS” for manuscript and “WEL” for world English-language rights, while exchanging insider chatter, telling one victim that a publisher was pitching a book as a comp to Pachinko and expressing surprise to another that a novel had recently sold for a shocking amount. The thief sent messages in the wake of announcements on Publishers Marketplace, a subscription website that tracks deals, but they also asked about books that the thief’s marks didn’t even know existed. The mimicry wasn’t always perfect — an assistant at the talent agency WME realized her boss was being impersonated because she would never say “please” or “thank you” — but the impression was good enough…”





That “future” surveillance you were worried about? Not so “future” after all. Have they been lying to the FBI about their ability to get around their encryption?

https://9to5mac.com/2021/08/23/apple-scans-icloud-mail-for-csam/

Apple already scans iCloud Mail for CSAM, but not iCloud Photos

Apple has confirmed to me that it already scans iCloud Mail for CSAM, and has been doing so since 2019. It has not, however, been scanning iCloud Photos or iCloud backups.

The clarification followed me querying a rather odd statement by the company’s anti-fraud chief: that Apple was “the greatest platform for distributing child porn.” That immediately raised the question: If the company wasn’t scanning iCloud photos, how could it know this?

Apple confirmed to me that it has been scanning outgoing and incoming iCloud Mail for CSAM attachments since 2019. Email is not encrypted, so scanning attachments as mail passes through Apple servers would be a trivial task.

Apple also indicated that it was doing some limited scanning of other data, but would not tell me what that was, except to suggest that it was on a tiny scale. It did tell me that the “other data” does not include iCloud backups.





Read ‘em and weep!

https://www.bespacific.com/here-are-all-the-ways-your-boss-can-legally-monitor-you/

Here are all the ways your boss can legally monitor you

As remote work gets prolonged because of the delta variant, more companies are tracking what employees do at home: “…Business is booming for companies that make software analyzing the data employees generate during the workday. These programs present reports to superiors on how often employees are typing, when they log off and on, and what social media sites they look at. When the pandemic began last spring, 30 percent of large employers — defined as companies with several thousand workers — adopted employee-tracking software for the first time, says Brian Kropp, chief of HR research for the research and advisory firm Gartner. Now, 60 percent use it in general, he said. Some states — such as Delaware and Connecticut — require employers to provide written notice to workers if their electronic activity is being monitored. If your company gave notice, it probably came in one of the many forms you signed when you accepted the job, Kropp said. But if you get in trouble for something your employer catches you doing while monitoring you remotely, you probably don’t have recourse. Almost all types of employee surveillance are entirely legal, according to Emory Roane, privacy counsel at the nonprofit organization Privacy Rights Clearinghouse. “In general, you have very, very, very light protections, if any, for employee privacy,” says Roane…”





Perspective. What could possibly go wrong?

https://www.theregister.com/2021/08/23/percy_liang_qa/

We spoke to a Stanford prof on the tech and social impact of AI's powerful, emerging 'foundation models'

Foundation models are called this because they are the base upon which myriad applications can be built, and issues at the foundation level could therefore have repercussions on the software and services we use.

Typically, these models are giant neural networks made up of millions and billions of parameters, trained on massive amounts of data and later fine-tuned for specific tasks. For example, OpenAI's enormous GPT-3 model is known for generating prose from prompts, though it can be adapted to translate between languages and output source code for developers.

These models – drawing from vast datasets – can therefore sit at the heart of powerful tools that may disrupt business and industries, life and work. Yet right now they're difficult to understand and control; they are imperfect; and they exhibit all sorts of biases that could harm us. And it has already been demonstrated that all of these problems can grow with model size.

What happens if these foundational models play an increasingly prominent role in society, and we can't be sure they're safe, fair, and reliable?

What if they can only be built and deployed by well-resourced corporate giants that prioritize profit above all else? Can this technological upheaval be of any good for us as a whole?

Seeking answers to these questions, The Register spoke with Percy Liang, an associate professor in computer science at Stanford University, about foundation models and what they portend.





Perspective. A legal maneuver to avoid a lengthy investigation/harassment. Not a hostile takeover and no suggestion that Giphy felt it was being undervalued. Perhaps this was a huge mistake on Facebook’s part? Perhaps Giphy saw their market collapsing and Facebook’s offer was the only way to salvage anything for their stockholders? Am I the only one considering these possibilities?

https://www.bloomberg.com/news/articles/2021-08-23/facebook-s-stealth-m-a-puts-focus-on-deals-under-antitrust-radar

Facebook’s Stealth M&A Puts Focus on Deals Under Antitrust Radar

Last year, Facebook Inc. did something U.S. technology giants have done countless times before: It bought a smaller company and closed the deal without notifying competition regulators.



No comments: