Tuesday, June 07, 2022

You need to think about this before allowing some amateur hacker to challenge the pros. On the other hand, this could be a new market for my Ethical Hackers.

https://www.cpomagazine.com/cyber-security/defensive-cyber-attacks-declared-legal-by-uk-ag-path-cleared-to-hack-back-when-critical-infrastructure-services-attacked/

Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to “Hack Back” When Critical Infrastructure & Services Attacked

The Attorney General of the United Kingdom has declared the country can make use of defensive cyber attacks when “key services” (such as critical infrastructure and banks) are struck by foreign threat actors.

The country is taking a formal position on extending international law to the digital realm, something that nations have typically been hesitant to do as espionage attempts are regularly traded back and forth between them. AG Suella Braverman paired the move with an argument before leading policy institute Chatham House that the international principle of non-intervention in the affairs of other sovereign countries should now extend to cyber attacks and countermeasures in a “proportionate” way.





Forewarned etc.

https://www.makeuseof.com/what-is-smishing-scam/

What Is a Smishing Scam? How Can You Spot One?

The term "smishing" is a merger of "SMS" (Short Message Service) and "phishing"—fittingly so, as smishing scams involve conducting phishing via SMS. Such scams fall under the umbrella of social engineering scams, wherein a person's trust is exploited for the scammer's benefit. Smishing scammers can also be referred to as "smishermen".

The first thing to remember when you receive a text from anyone you don't know is that you should never click on any kind of link until you've confirmed whether it's legitimate. You can do this easily by running the link through a link-checking website, which will tell you if the URL in question is safe.





Smile!

https://www.engadget.com/google-photos-bipa-lawsuit-settlement-161237789.html

Google settles Photos facial recognition lawsuit for $100 million

Facebook isn't the only one compensating Illinois residents over alleged privacy violations. The Verge notes Google has agreed to pay $100 million to settle a class action lawsuit accusing the company of violating Illinois' Biometric Information Protection Act (BIPA) through Photos' "Face Grouping" feature. The settlement will let you claim between $200 and $400 if you appeared in a picture on Photos between May 1st, 2015 and April 25th, 2022.

Google supposedly broke the law by collecting and analyzing faces without appropriate notice, asking for "informed" consent or sharing data retention policies with the public. Face Grouping is meant to help you find photos of given people by detecting faces and automatically organizing them into collections.



(Related) A million here, a million there and we’re still talking chump change.

https://www.cpomagazine.com/data-protection/spain-hands-google-e10-million-gdpr-fine-for-violation-of-right-to-be-forgotten-rules/

Spain Hands Google €10 Million GDPR Fine for Violation of “Right To Be Forgotten” Rules

Some big tech firms have been heavily targeted for General Data Protection Regulation (GDPR) fines in the EU, but Google has been relatively fortunate thus far. Aside from two multimillion-dollar judgements issued in 2020 (in France and Sweden), the company has largely managed to avoid substantial punishments from regional regulators. It has now received one from Spain, however, for violations of the GDPR’s “right to be forgotten” provisions and for improperly passing EU personal data overseas.



Fingers crossed?

https://www.insideprivacy.com/uncategorized/is-congress-about-to-pass-comprehensive-privacy-legislation/

Is Congress about to pass comprehensive privacy legislation?

After years of negotiations, members of the U.S. Senate and House of Representatives have released bipartisan comprehensive privacy legislation—the American Data Privacy and Protection Act. Democrats and Republicans have put forward separate proposals in the past that have more in common than different. The two main points of disagreement that have historically stalled a comprehensive proposal are whether there should be a private right of action for privacy violations and to what extent federal laws should preempt state laws. Even though this new draft takes novel approaches to both of those issues, division continues. The chances of Congress passing privacy legislation this session or the next will turn on whether a broader consensus can be found in these two areas, especially after outside stakeholders and the business community now have an opportunity to fully engage. For the full post, please see here.




Here they come, ready or not.

https://www.bespacific.com/what-litigators-should-know-now-about-non-fungible-tokens/

What Litigators Should Know Now about Non-Fungible Tokens

ABA Litigation: Jurisdictional and other legal considerations in the booming NFT market.” Many purists think decentralization is the most important promise of cryptocurrency, but to grow in popularity, non-fungible tokens (NFTs) need to guarantee rights to artists. NFTs are non-interchangeable units of data, stored on a blockchain, that can be sold and traded. NFTs can represent real-world items, such as artwork. Currently, some artists are hesitant to enter the NFT space fully because they lack certainty as to how legal rights will be enforced in a decentralized space. For example, if there is a dispute, how would one handle it? When people hear only about the scams or “getting rugged,” they will be wary of entering into the NFT market. (“Getting rugged” is a widely used term for investing in an NFT project after the artists or managers of the project promise the moon but then “pull the rug out from under you” by taking your money and never developing the project). Courts have not yet determined how to treat NFTs. Will artists be able to enforce copyright? What if someone claims that stealing an image is free use but barely changed the original artwork? Because an NFT is a combination of an image and a token, should we treat them the same or differently? Some people in the NFT community believe there should be some regulation, while others say there should be none, given that NFTs are supposed to be completely decentralized. There may be answers in traditional art law, but artists (and art law attorneys who counsel them) cannot be certain how courts will handle disputes involving NFT art law. Many in the NFT community feel this uncertainty is a non-issue. For them, it is more about the thrill of a sale and being on the cutting edge of new technology and art. Yet other artists are waiting for certainty before they fully commit to NFTs…”





Heavy reading…

https://www.bespacific.com/trump-on-trial-a-guide-to-the-january-6-hearings-and-the-question-of-criminality/

Trump on Trial: A Guide to the January 6 Hearings and the Question of Criminality

Brookings: “President Joe Biden legitimately won a fair and secure 2020 presidential election—and Donald Trump lost. This historical fact has been uncontroverted by any evidence since at least November 7, 2020, when major news outlets projected Biden’s victory. But Trump never conceded. Instead, both before and after Election Day, he tried to delegitimize the election results by disseminating a series of far-fetched and evidence-free claims of fraud. Meanwhile, with a ring of close confidants, Trump conceived and implemented unprecedented schemes to—in his own words—“overturn” the election outcome. Among the results of this “Big Lie campaign were the terrible events of January 6, 2021—an inflection point in what we now understand was nothing less than an attempted coup. With Congress undertaking landmark hearings on all of that, our new Brookings report “Trump on Trial: A Guide to the January 6 Committee Hearings and the Question of Criminality is a comprehensive guide to the proceedings. The report covers the Committee’s work to date, the key players in the attempt to overturn the election, the known facts regarding their conduct that are expected to be covered at the hearings, and the criminal law applicable to their actions. The report goes beyond prior analyses to provide the first in-depth treatment of the voluminous publicly available evidence and the relevant law, including possible defenses. It reviews the evidence as to whether Trump as a matter of law conspired with his outside counsel John Eastman, administration lawyer Jeffrey Clark, and others to defraud the United States in violation of 18 U.S.C. § 371 by scheming to block the electoral count on January 6, 2021 and to subvert the Department of Justice’s election enforcement work. The report similarly reviews the evidence as to whether Trump and Eastman violated 18 U.S.C. § 1512(c) with their scheme to obstruct the congressional count. While the report is primarily focused on possible federal offenses that the hearings are expected to illuminate, it also notes evidence potentially probative of state criminal violations that the hearings will consider. Fulton County, Georgia is one jurisdiction currently investigating such evidence, and the report addresses the factual and legal aspects of that investigation and how it will be advanced by the Congressional hearings. (The Georgia investigation is also the subject of a separate report by some of the publication’s authors.)…”





Perspective. Hasn’t it always been thus?

https://sloanreview.mit.edu/article/a-change-in-perspective/

A Change in Perspective

Persistent problems often seem intractable because of the frame through which we view them. A fixed point of view on an issue might lead us to struggle because we are trying to solve the wrong problem.

Consider the anxiety in the workplace about the growing role of AI. Business leaders see ever wider applications for increasingly powerful technologies but worry that they don’t have the right talent in place to leverage AI; meanwhile, many workers fret about correspondingly narrower options for their own human contributions. Leaders who are focused on building new strategic capabilities often dismiss employees’ worries about new systems as stubbornness or an inability to learn. That narrative of change-resistant workers is reinforced only when AI implementation stalls, as it often does, due to slow adoption by end users.

The experience of AI developers working with Duke University Hospital shows what can happen when you look at the problem from a different vantage point: end users’ concerns. Katherine C. Kellogg, Mark Sendak, and Suresh Balu investigated AI deployments at Duke and identified commonalities among the project teams that won user acceptance of AI implementations. From project inception, these teams worked to understand users’ workloads, workflows, and need for autonomy, and they looked for ways to ensure that new AI decision-support tools didn’t undermine their experience. They successfully facilitated adoption by simply looking at the issue from the end user’s perspective rather than focusing only on the objectives of a project sponsor far removed from the front lines. Where managers might have seen the problem as one of front-line workers’ skills or adaptability, the developers saw — and solved — a slightly different problem and were able to obtain the result the organization needed.





The best illustration of a “Marketing definition” I have ever seen.

https://dilbert.com/strip/2022-06-07



No comments: