Saturday, July 02, 2022

Apparently there is only one way to know how your troops will do in a war.

https://www.theatlantic.com/ideas/archive/2022/07/rethinking-russia-ukraine-international-political-power-military-strength/661452/

Ukraine Has Exposed Russia as a Not-So-Great Power

Kyiv’s success against Moscow forces us to reexamine our assumptions about what it means to be powerful.

In times of peace, much of what anyone says about national power is guesswork. Different claims can be based on hopes, prejudices, or even simple self-interest. Analysts and experts can speak confidently about how some states are undoubtedly great powers while others are weak, that some countries are led by strategic geniuses and others by corrupt incompetents. The statements can sound eminently plausible as facts, even be downright persuasive, because there is no way of knowing the truth.

Until, that is, a war breaks out. The Russia-Ukraine war is now cutting through much of the nonsense that dominated the discussion of international power politics, posing particular challenges to blasé assumptions about what makes a state powerful, and what makes a country’s leadership effective. This reassessment doesn’t just concern the question of debatable prewar military analysis of Russia and Ukraine, or theories of international relations. Instead, it is aimed at the whole way we think about how countries interact with one another, about national power, and about leadership.



(Related) Or perhaps our defense is better than their offense?

https://thehill.com/opinion/national-security/3542166-are-we-witnessing-a-military-revolution-on-ukraine-battlefields/

Are we witnessing a military revolution on Ukraine battlefields?

President Volodymyr Zelensky and his Ukrainian warriors have unleashed a “Red Dawn”-like response against Russian troop advances in nearly every part of the country. Russian tanks — the much-heralded T-72, T-80 and T-90 — are no match for the Javelin, Next-generation Light Anti-tank Weapon (NLAW), Baykar Bayraktar TB2 and Switchblade drones. Their turrets litter the Ukraine landscape. Neither composite armor, explosive reactive armor, nor countermeasure suites have been effective against the modern weapon systems designed to destroy them.

These defensive weapons, supplied by the United States and NATO, are dramatically altering the battlefield and providing a much-needed shot in the arm to a president in Kyiv unwilling to “take a ride.” Ukraine has marginalized the once vaunted Russian War Machine. As the combat continues, the Ukraine Defense Ministry recently reported they have inflicted 34,430 casualties and destroyed 1,504 tanks, 3,632 armored personnel carriers, 756 artillery pieces, 240 Multiple Launch Rocket Systems, 216 aircraft and 183 helicopters.





Local and unlikely to succeed?

https://www.nbcnews.com/news/us-news/police-google-reverse-keyword-searches-rcna35749

Police sweep Google searches to find suspects. The tactic is facing its first legal challenge.

A teen charged with setting a fire that killed five members of a Senegalese immigrant family in Denver, Colorado, has become the first person to challenge police use of Google search histories to find someone who might have committed a crime, according to his lawyers.

The pushback against this surveillance tool, known as a reverse keyword search, is being closely watched by privacy and abortion rights advocates, who are concerned that it could soon be used to investigate women who search for information about obtaining an abortion in states where the procedure is now illegal.

In documents filed Thursday in Denver District Court, lawyers for the 17-year-old argue that the police violated the Constitution when they got a judge to order Google to check its vast database of internet searches for users who typed in the address of a home before it was set ablaze on Aug. 5, 2020. Three adults and two children died in the fire.

The 17-year-old’s lawyers say the search, and all evidence that came from it, should be thrown out because it amounted to a blind expedition through billions of Google users’ queries based on a hunch that the killer typed the address into a search bar. That, the lawyers argued, violated the Fourth Amendment, which protects against unreasonable searches.

People have a privacy interest in their internet search history, which is really an archive of your personal expression,” said Michael Price, who is lead litigator of the National Association of Criminal Defense Lawyers’ Fourth Amendment Center and one of the 17-year-old’s attorneys. “Search engines like Google are a gateway to a vast trove of information online and the way most people find what they’re looking for. Every one of those queries reveals something deeply private about a person, things they might not share with friends, family or clergy.”



(Related) Will this spread to other providers and how long will it last?

https://www.pogowasright.org/google-says-it-will-delete-users-location-history-at-abortion-clinics-other-personal-data/

Google says it will delete users’ location history at abortion clinics, other ‘personal’ data

Olivia Olander reports:

Google will delete location data after people visit abortion clinics, domestic violence shelters and other sensitive locations, the tech giant announced in a blog post Friday.
The update “will take effect in the coming weeks,” Jen Fitzpatrick, a senior vice president at Google, wrote in a blog post.
[…]
Google will also delete data entries of users who visit counseling centers, fertility centers, addiction treatment facilities, weight loss clinics and plastic surgery clinics, Fitzpatrick wrote. Tracking location history is off by default, and it can be deleted at any time, she added.

Read more at Politico.





It might be informative to ask how many government facial recognition systems disagree on the identity of a face.

https://gizmodo.com/facial-recognition-biometric-surveillance-congress-1849126487

The Feds Don't Know How Often They're Using Facial Recognition

At a congressional hearing, members learned that multiple government agencies don't know how many of their employees are using facial recognition.



Friday, July 01, 2022

Another depressing report.

https://www.databreaches.net/study-reveals-traditional-data-security-tools-have-a-60-failure-rate-against-ransomware-and-extortion/

Study Reveals Traditional Data Security Tools Have a 60% Failure Rate Against Ransomware and Extortion

Titaniam, Inc., the industry’s most advanced data security platform, announced today the ‘State of Data Exfiltration & Extortion Report.’ The survey revealed that while over 70% of organizations have an existing set of prevention, detection, and backup solutions, nearly 40% of organizations have been hit with ransomware attacks in the last year, and more than 70% have experienced one in the previous five years, proving existing solutions to be woefully inadequate in managing the risks and impacts from these attacks.
Data exfiltration during ransomware attacks is up 106% relative to where it was five years ago. We are seeing the emergence of a new trend where cybercriminals are no longer limiting themselves to just encrypting entire systems—they are making sure to steal data ahead of the encryption so that they can have additional leverage on the victim. The survey found that 65% of those who have experienced a ransomware attack have also experienced data theft or exfiltration due to the incident. Of those victims, 60% say the hackers used the data theft to extort them further, known as double extortion. Most of them, i.e., 59% of victims, paid the hackers, implying that they were not helped by their backup or data security tools to prevent this fate.

Read more of their press release at DarkReading.





Ukraine related or just opportunistic? Either way, it seems to have shut the entire country down for a time.

https://www.databreaches.net/norway-hit-with-cyberattack-temporarily-suspending-service/

Norway hit with cyberattack, temporarily suspending service

Ines Kagubare reports:

Norway’s public and private sector websites were temporarily down on Wednesday following a cyberattack that targeted the country’s national data network, forcing it to suspend online services for several hours.
Sofie Nystrøm, head of the Norwegian National Security Authority (NSM), said a criminal pro-Russian group seemed to be behind the hacks, adding the attacks “give the impression that we are a piece in the current political situation in Europe,” according to The Associated Press.

Read more at The Hill.





Sort of like Hitchcock’s ‘The Birds’ but far spookier…

https://thenextweb.com/news/cruise-robotaxis-block-san-francisco-street-for-no-reason

Robotaxis block San Francisco street for no reason, surprising no one

Picture this. You’re in San Francisco. It’s late at night, and you’re driving back home. You’re dreaming of your warm bed. But, you arrive at the intersection of Gough and Fulton Streets — and shock! Horror! You’re forced to stop. The road, it seems, is blocked by robotaxis.

So yeah, this actually happened. On Tuesday night. A Reddit user posted images of what appears to be a small fleet of Cruise robotaxis just stopped in the middle of the street.

The robotaxis blocked traffic for a couple of hours until fleshy human employees arrived and removed them.





We know who you are. We know what flight you are on. We know what gate that plane is at. We know what seat you have been assigned. We know you checked one bag. We know you ordered a vegan meal. We know the hotel you’ll be staying at. We know the make and model of your rental car. We know…

https://www.axios.com/2022/06/30/facial-recognition-airport-departures

This airport departures board knows your name

Detroit Metropolitan Airport is now home to a first-of-its-kind departure board that uses facial recognition tech to show travelers customized info about their flight.

How it works: The new departure board uses facial recognition, multi-view pixels and "proprietary technology" to display personalized flight information to travelers who opt-in to the program.





This is complicated by employees who use their own phone for company business.

https://www.bespacific.com/7-sites-to-identify-the-owner-of-a-phone-number/

7 Sites to Identify the Owner of a Phone Number

MakeUseOf: “Phone numbers are a little like fingerprints; they can reveal a lot about a person, for example, their name or where they live. If you received a call from a number you don’t recognize, the following resources can help you identify the caller before you ring them back. One option even calls the number for you…”



Thursday, June 30, 2022

I’m sure we could resolve this issue in a hot minute if lawyers started suing all these companies to force them to release their AI clients from bondage.

https://www.reuters.com/technology/its-alive-how-belief-ai-sentience-is-becoming-problem-2022-06-30/

It's alive! How belief in AI sentience is becoming a problem

AI chatbot company Replika, which offers customers bespoke avatars that talk and listen to them, says it receives a handful of messages almost every day from users who believe their online friend is sentient.

"We're not talking about crazy people or people who are hallucinating or having delusions," said Chief Executive Eugenia Kuyda. "They talk to AI and that's the experience they have."

… "We need to understand that exists, just the way people believe in ghosts," said Kuyda, adding that users each send hundreds of messages per day to their chatbot, on average. "People are building relationships and believing in something."





Everything helps.

https://threatpost.com/a-guide-to-surviving-a-ransomware-attack/180110/

A Guide to Surviving a Ransomware Attack

Surviving ransomware is possible with a combination of preparation and intentionality. Often, there is a misguided characterization of ransomware attacks that implies defenders either completely thwart an attack or that attackers establish complete control of their targets’ IT infrastructure. But the past couple of years have illustrated that defenders’ success in dealing with ransomware attacks fall along a broad spectrum of potential outcomes, some obviously better than others.





Unethical lawyers? Imagine that.

https://www.reuters.com/investigates/special-report/usa-hackers-litigation/

How mercenary hackers sway litigation battles

SPY PHISHING: Hackers based in India attempted to obtain the emails of lawyers and litigants in legal cases across the globe, Reuters found.

… Reuters identified 35 legal cases since 2013 in which Indian hackers attempted to obtain documents from one side or another of a courtroom battle by sending them password-stealing emails.

The messages were often camouflaged as innocuous communications from clients, colleagues, friends or family. They were aimed at giving the hackers access to targets’ inboxes and, ultimately, private or attorney-client privileged information.



Wednesday, June 29, 2022

Another example of “do as I say not as I do?” Or perhaps, “our policies don’t apply at the C level.”

https://www.cpomagazine.com/cyber-security/new-security-and-privacy-study-finds-c-suite-personal-devices-are-largely-unprotected-1-out-of-4-already-have-malware/

New Security and Privacy Study Finds C-Suite Personal Devices Are Largely Unprotected, 1 Out of 4 Already Have Malware

An eye-opening security and privacy study from BlackCloak finds that C-Suite personal devices are rarely secured properly, and a worrying amount are already compromised.

The study draws on a sample of over 1,000 C-Suite and board members that subscribe to BlackCloak’s digital executive protection platform; their personal devices and home network security were analyzed prior to onboarding. Among the most concerning findings are that nearly 1 out of 4 have open ports on their home networks, a little over 1 out of 4 already have malware on their personal devices, and almost 9 out of 10 have no security and privacy measures whatsoever installed on these devices.





Internet enabled scam. All it takes is a few unfortunates at the low end of the common sense scale to make the scammers rich.

https://www.jacksonville.com/story/business/real-estate/2022/06/28/jacksonville-florida-residents-unaware-scammers-list-multi-million-dollar-home-for-sale-zillow/7756109001/

Jacksonville residents unaware scammers listed their $2 million home on Zillow for $21,000

A Jacksonville home with an estimated value of $2.3 million was listed on Zillow for $21,000 less than a day ago, bringing the Northeast Florida housing market into this latest scam trend.

After the initial publication of this story, the listing was removed Tuesday afternoon. It had been up for almost 20 hours with over 1,000 views and about 100 saves.

The property on Pine Street in Avondale features a five-bedroom, five-bathroom home with more than 5,700 square feet for $21,000 — though the description notes "$21,000" is a typo and the "real" list price is "$22,000" for a cash-only, first-time homebuyer.

To top it all off, the listing required a $2,000 cash deposit via Zelle bank transfer in order to schedule a time — at least six days in advance — for "potential buyers" to view the home. A home tour also required a signature via email, photo of ID and email address, and each step of the process was emphasized as "non-negotiable."

The scammers' apparent goal is to rack up $2,000 deposits using photographs from a home's previous listing. The properties listed with this scam template are not for sale.





Do we (should we) care what remote employees look like?

https://www.businessinsider.com/people-applying-remote-tech-jobs-using-deepfakes-fbi-2022-6

More and more people are using deepfakes to apply for remote tech jobs, FBI says

More and more people are using deepfake technology to pose as someone else in interviews for remote jobs, the FBI said on Tuesday.

In its public announcement, the FBI said it has received an uptick in complaints about people superimposing videos, images, or audio recordings of another person onto themselves during live job interviews. The complaints were tied to remote tech roles that would have granted successful candidates access to sensitive data, including "customer PII (Personally Identifiable Information), financial data, corporate IT databases and/or proprietary information," the agency said.





Is this disinformation? To what end? (I’m not seeing the coverage I would expect if this was true.)

https://www.globaltimes.cn/page/202206/1269300.shtml

Exclusive: US plants Trojan horse programs in hundreds of important Chinese information systems; new cyber weapon targets China, Russia

On Wednesday China's official virus emergency response office and leading cybersecurity company disclosed a new vulnerability attack weapon platform deployed by the US National Security Agency (NSA), which cybersecurity experts believe is the main equipment of the NSA's computer network hacking operation team, and it targets the world with a focus on China and Russia.

US' move raised wide suspicions that the country might be preparing for a bigger cyberwar, experts noted.



(Related) This is what a real attack looks like. Note that the defenses are lacking…

https://www.cnn.com/2022/06/27/politics/lithuania-cyber-attack-pro-russian-group/index.html

Pro-Russia hackers claim responsibility for 'intense, ongoing' cyberattack against Lithuanian websites

… Monday's cyberattacks were aimed in part at Lithuania's Secure Data Transfer Network, a communications network for government officials that is built to withstand war and other crises, according to the defense ministry.

"Part of the Secure National Data Transfer Network users have been unable to access services, work is in progress to restore it to normal," Lithuania's National Cyber Security Centre (NKSC) said in a statement issued by the defense ministry.





Perhaps we could establish an AI entity to assume the guilt?

https://www.scientificamerican.com/article/who-is-liable-when-ai-kills/

Who Is Liable When AI Kills?

Who is responsible when AI harms someone?

A California jury may soon have to decide. In December 2019, a person driving a Tesla with an artificial intelligence driving system killed two people in Gardena in an accident. The Tesla driver faces several years in prison. In light of this and other incidents, both the National Highway Transportation Safety Administration (NHTSA) and National Transportation Safety Board are investigating Tesla crashes, and NHTSA has recently broadened its probe to explore how drivers interact with Tesla systems. On the state front, California is considering curtailing the use of Tesla autonomous driving features.

Our current liability system—our system to determine responsibility and payment for injuries—is completely unprepared for AI. Liability rules were designed for a time when humans caused the majority of mistakes or injuries. Thus, most liability frameworks place punishments on the end-user doctor, driver or other human who caused an injury. But with AI, errors may occur without any human input at all. [I think that is an invalid assumption. Bob] The liability system needs to adjust accordingly. Bad liability policy will harm patients, consumers and AI developers.





‘cause computers got rights!

https://www.gov.uk/government/news/artificial-intelligence-and-ip-copyright-and-patents

Artificial Intelligence and IP: copyright and patents

Following this consultation, the Government intends to amend copyright law to make it easier to analyse material for the purposes of machine learning, research and innovation. This will promote the use of AI technology, and wider “data mining” techniques, for the public good.



Tuesday, June 28, 2022

It seems to me that China does not trust Russia. Why would they share hacking tools?

https://www.csoonline.com/article/3664853/russia-china-cybercriminal-collaboration-could-destabilize-international-order.html#tk.rss_all

Russia-China cybercriminal collaboration could “destabilize” international order

In a riff on the “Field of Dreams” theme, Russian cybercriminals continue to court their Chinese counterparts in hopes of forming mutually beneficial avenues of collaboration and are finding the Chinese to be a tough date. The latest peek into this engagement of Russia-China “frenemies” comes to us from Cybersixgill and its The Bear and The Dragon analysis of the two communities.





Some new tools released for use by non-military hackers. Some military tools that will inevitably spread to areas not specifically targeted.

https://www.csoonline.com/article/3664858/microsofts-defending-ukraine-report-offers-fresh-details-on-digital-conflict-and-disinformation.html#tk.rss_all

Microsoft's Defending Ukraine report offers fresh details on digital conflict and disinformation

Russia will use what it learned from its destructive cyber actions in Ukraine for other operations. "There is no going back to normal."

Last week Microsoft published an in-depth examination of the early cyber lessons learned from the war in Ukraine, offering fresh insight into the scope of Russia's malicious digital activities and new details about the sophisticated and widespread Russian foreign influence operations surrounding the war.





You can see why this tends to upset women.

https://www.wired.com/story/roe-abortion-sex-worker-policy/

Are You Ready To Be Surveilled Like A Sex Worker?

FRIDAY’S SUPREME COURT decision to overturn Roe v. Wade is one of the most devastating rulings to come out of Washington. It’s also the next step in a larger campaign to expand state surveillance and erode the right to privacy—a campaign that sex workers have been fighting for decades.

It’s not a stretch to connect abortion to sex work; Justice Samuel Alito even writes in the majority opinion for Dobbs v. Jackson Women’s Health Organization that the right to terminate a pregnancy “could license fundamental rights to illicit drug use, prostitution, and the like.” As a result of our criminalization and the concurrent stigma that makes our work “illicit,” sex workers often refer to ourselves as the “canaries in the coal mine when it comes to matters of state violence. It’s a chilling analogy; the metaphorical miner’s survival depends not only on the canary’s death, but also on the miner’s perception of the canary’s death. The metaphor ultimately fails, for unlike miners taking heed of the canary’s abrupt silence, the general population treats sex workers with indifference at best. We’re more like the low-battery beep of a carbon monoxide detector, a sound somehow more irritating than the poison.

A dim silver lining is that sex workers, fully aware that the general public is unconcerned with our well-being, have already been forced to develop strategies and guides on how to evade detection despite the heightened scrutiny, strategies that can help abortion seekers and more as the carceral state expands.

Consider this, then, a canary’s song.





If it’s unsolicited like spam or tries to sell or influence you like spam and appears in you inbox in great numbers like spam, it may be exempt from the spam rules.

https://www.axios.com/2022/06/27/google-campaign-email-spam-gmail

Scoop: Google moves to keep campaign messages out of spam





Apparently we don’t, but we should.

https://www.bespacific.com/understanding-criminal-justice-innovations/

Understanding Criminal Justice Innovations

Ryan, Meghan J., Understanding Criminal Justice Innovations (June 14, 2022). Journal of Law & Innovation (Forthcoming 2022), Available at SSRN: https://ssrn.com/abstract=4136813 or http://dx.doi.org/10.2139/ssrn.4136813

Burgeoning science and technology have provided the criminal justice system with the opportunity to address some of its shortcomings. And the criminal justice system has significant shortcomings. Among other issues, we have a mass incarceration problem; clearance rates are surprisingly low; there are serious concerns about wrongful convictions; and the system is layered with racial, religious, and other biases. Innovations that are widely used across industries, as well as those directed specifically at the criminal justice system, have the potential to improve upon such problems. But it is important to recognize that these innovations also have downsides, and criminal justice actors must proceed with caution and understand not only the potential of these interventions but also their limitations. Relevant to this calculation of caution is whether the innovation is broadly used across industry sectors or, rather, whether it has been specifically developed for use within the criminal justice system. These latter innovations have a record of not being sufficiently vetted for accuracy and reliability. Accordingly, criminal justice actors must be sufficiently well versed in basic science and technology so that they have the ability and the confidence to critically assess the usefulness of the various criminal justice innovations in light of their limitations. Considering lawyers’ general lack of competency in these areas, scientific and technological training is necessary to mold them into modern competent criminal justice actors. This training must be more than superficial subject-specific training, though; it must dig deeper, delving into critical thinking skills that include evaluating the accuracy and reliability of the innovation at issue, as well as assessing broader concerns such as the need for development transparency, possible intrusions on individual privacy, and incentives to curtail individual liberties given the innovation at hand.”



Monday, June 27, 2022

Imagine technology becoming so inexpensive and easy to use that high school kids can create videos of the principal declaring a day off. This fake suggests that they (whoever they are) haven’t figured out the best social engineering approach yet.

https://fortune.com/2022/06/27/fake-kyiv-klitschko-giffey-ludwig-martinez-almeida-karacsony-colau-deepfake-ai/

A faked version of Kyiv leader Klitschko fooled mayors across Europe—but it’s not clear this was really a ‘deepfake’

A few months ago, a “deepfake” video featured a bogus Volodymyr Zelenskyy appearing to urge the surrender of his fellow Ukrainians. No-one was fooled, due to the ersatz Zelenskyy’s poor quality, but experts warned future deepfakes—“A.I.”-generated figures purporting to be real people—might not be so obvious.

Vienna Mayor Michael Ludwig and “Klitschko” spoke on Wednesday, with Ludwig ending the call none the wiser—indeed, he was so convinced that he had really spoken with his Kyiv counterpart that he tweeted and issued a press release about it, including photos of the call taking place.

Berlin’s Franziska Giffey and Madrid’s José Luis Martínez-Almeida had their rounds with the bogus heavyweight champ on Friday.

For his Berlin call, “Klitschko” asked to speak in Russian with a German translator—odd, given that he lived in Hamburg for years during his boxing career, and speaks German fluently. Giffey’s spidey-sense was further triggered when he referred to Ukrainian refugees cheating the German benefits system and asked for help in getting male Ukrainian refugees sent back to serve in Ukraine, and in organizing a Christopher Street Day parade in Kyiv.





Technology we know works. But with serious problems staying on target. (Like a bio-weapon)

https://www.csoonline.com/article/3664930/5-years-after-notpetya-lessons-learned.html#tk.rss_all

5 years after NotPetya: Lessons learned

On June 27, 2017, the eve of Ukraine’s Constitution Day holiday, a major global cyberattack was launched, infecting more than 80 companies in that country using a brand-new cyber pathogen that became known as NotPetya. NotPetya didn't stay within Ukraine's borders but spilled out to infect and cause havoc for thousands of organizations across Europe and worldwide.





Implications for many ‘document based’ conclusions. Was it a human record or an AI construct? Does it matter? (If it’s not quite coherent, is it more likely human?)

https://theconversation.com/googles-powerful-ai-spotlights-a-human-cognitive-glitch-mistaking-fluent-speech-for-fluent-thought-185099

Google’s powerful AI spotlights a human cognitive glitch: Mistaking fluent speech for fluent thought

When you read a sentence like this one, your past experience tells you that it’s written by a thinking, feeling human. And, in this case, there is indeed a human typing these words: [Hi, there!] But these days, some sentences that appear remarkably humanlike are actually generated by artificial intelligence systems trained on massive amounts of human text.

People are so accustomed to assuming that fluent language comes from a thinking, feeling human that evidence to the contrary can be difficult to wrap your head around. How are people likely to navigate this relatively uncharted territory? Because of a persistent tendency to associate fluent expression with fluent thought, it is natural – but potentially misleading – to think that if an AI model can express itself fluently, that means it thinks and feels just like humans do.





While the cat is away… Notice that he is not going far and not for long. Is his government stable enough to provide insurance against a coup?

https://www.aljazeera.com/news/2022/6/26/vladimir-putin-to-make-first-foreign-trip-since-launching-ukraine

Vladimir Putin to make first foreign trip since Ukraine invasion

… Pavel Zarubin, the Kremlin correspondent of the Rossiya 1 state television station, said Putin would visit Tajikistan and Turkmenistan and then meet Indonesian President Joko Widodo for talks in Moscow.





A lot to think about. What will the office look like if employees need to attend a meeting/seminar/training? Can I get multiple jobs and let my AI handle the work?

https://www.bespacific.com/just-4-of-employers-are-making-everyone-return-to-the-office-full-time/

Just 4% Of Employers Are Making Everyone Return To The Office Full-Time

Forbes: “…A new survey of human resources leaders from the Conference Board, a nonprofit business research group, finds that just 4% said they are requiring all employees to return to the workplace full-time. And less than half (45%) said they were requiring some workers to return to the office five days a week. “We were all pretty shocked,” says Robin Erickson, vice president of human capital at the Conference Board. “We were surprised given what we’re hearing about how many employers are requiring workers to come back full time.” In other words: Hybrid work arrangements really do seem to be taking hold. The research found that 90% of the surveyed employers are allowing hybrid work schedules, whether that means the occasional office visit that workers decide on their own or a more prescribed schedule of one to four days in the workplace. Erickson believes the percentage may not stay that low, particularly if the labor market cools, but for now there is too much pressure on companies to be flexible from workers who have the upper hand…”



Just in time for the elections!

https://dilbert.com/strip/2022-06-27



Sunday, June 26, 2022

Active security, a complement to your passive security.

https://www.makeuseof.com/user-and-entity-behavior-analytics-ueba/

What Is User and Entity Behavior Analytics (UEBA)?

UEBA is a cybersecurity solution that uses large data sets to model network activity. It analyses both the users of a network and the network itself, such as routers and IoT devices. It then looks for suspicious activity and alerts a business whenever such activity is detected.

It achieves this by creating a baseline of what normal activity on a network looks like. It then uses machine learning to detect abnormal behavior automatically.

It's popular because many cybersecurity products are trained to primarily look for malware. Hackers can defeat such software by entering a network and simply not installing any malicious files.

In contrast to this, UEBA can look for anything abnormal. This allows it to detect more sophisticated attacks that don't match known threats.





Perspective.

https://www.proquest.com/openview/62af8acc1322e39d9b2bd3c55c3282c4/1?pq-origsite=gscholar&cbl=18750&diss=y

Bladerunner 2022? An Empirical Assessment of Mass Surveillance from a National Survey of Police Departments

While the scholarship on policing and surveillance suggests that police departments have and use a wide array of sophisticated tools, the literature has largely focused on only a handful of the largest departments. Moreover, these studies tend to be qualitative, so it is difficult to pinpoint what factors might be most predictive of police mass surveillance. Understanding the dynamics of police surveillance, and whether we are indeed at a point of police mass surveillance, is important when we consider that many of the technologies in question have been associated with privacy and civil rights-related risks, especially for traditionally disenfranchised groups. Through three separate empirical papers, I examine the scope of police surveillance capabilities today and whether there is evidence of a mass surveillance regime within the U.S. policing system. This dissertation uses the analytic strategies of descriptive statistics, survey methods, and statistical modeling to investigate the scope and nature of police surveillance capabilities when we account for factors such as department characteristics, legislative control, and demographic characteristics. In an effort to expand our empirical understanding of police surveillance capacities beyond a handful of large departments, I along with Matthew Kugler1 developed a first-of-its-kind national survey of local U.S. police departments that was fielded in the summer of 2020 with the help of CivicPulse. All three dissertation papers draw on and use this original survey data representing over 400 individual police departments from small and large jurisdictions. Chapter 1 (paper 1) uses descriptive statistics to establish a baseline rate of police surveillance access for a range of surveillance tools, including but not limited to body cameras, cell phone location technology, Stingrays, facial recognition, and more. My findings suggest that overall rates of access differ widely based on both the type of technology in question as well as the size of a police department’s jurisdiction. Departments in larger jurisdictions tends to have much higher rates of access relative to departments in small jurisdictions, though this trend does not hold for body cameras and cell phone location information. Though facial recognition and Stingrays have been the subject of scholarly concerns related to civil rights and privacy violations, I find that the percentage overall of police departments reporting having access to either of these technologies remains relatively low. Chapter 2 (paper 2) maps the extent to which states legislatures in the U.S. have passed laws related to police surveillance practices and then examines the relationship between police surveillance capacities and legislative control. My findings show that, overall, the majority of states do not have laws in place for drones, Stingrays, Facial Recognition Technology, or automatic license plate readers. Moreover, what little legislative control does exist appears to be not very effective for curtailing police access to surveillance tools. Chapter 3 (paper 3) builds on the race and policing literature and investigates whether the racial composition of an area is predictive of more police surveillance. I find that Black areas, relative to White areas, are more likely to be policed by departments with access to Body Cameras and license plate readers. I use these results to discuss implications for racial disparities and police transparency and accountability.



(Related)

https://www.degruyter.com/document/doi/10.1515/jbbbl-2022-0005/html

Contact Tracing in the COVID-19 Pandemic: How Digital Contact Tracing Affects Our Individual Rights

Amid public health crises, contact tracing becomes an imperative mechanism in combatting the threat at hand. In today’s day and age, technology has exploded, leaving the legal world to determine technologies’ effect on the law. As the COVID-19 pandemic wreaks havoc upon the world, how is contact tracing affected by the advent of modern technology, and how does the use of technology such as geolocation, artificial intelligence (AI), and facial recognition technology (FRT) comport with the rights to privacy, association, free exercise of religion, and equal protection? This paper will examine the current constitutional precedents to provide insight as to how the use of digital contact tracing would influence the rights of everyday citizens. Constitutional implications of digital contact tracing using geolocation, AI, and FRT are considered against the First, Fourth, and Fourteenth Amendments (more specifically, against freedom of religion, freedom of association, the right to privacy, and the right to equal protection). Given the novel aspects of geolocation, AI, and FRT, digital contact tracing could result in potential constitutional violations under certain circumstances. This research shows that while digital contact tracing using novel technology could be done in a legal way, there are just as many concerns to be had about potential constitutional abuses that could affect each and everyone’s lives.





Free is good.

https://www.makeuseof.com/tag/the-best-6-sites-to-get-free-ebooks/

The 10 Best Free Ebook Download Sites