Skip to content Skip to navigation

Friday Cyber News, December 15 2017

Cyber technology-related news and links from around the web, for the week of 12/9 - 12/15:

1. Kate Crawford, of NYU and Microsoft Research, described the social implications of bias in machine learning, artificial intelligence, and big data, in her keynote at the NIPS conference. The number of papers focused on fairness in AI/ML has drastically increased in the last two years, distinguishing between harms in allocation (hiring, criminal justice) and harms in representation (identity, attitudes and beliefs). Crawford suggests building in tests before launch, to determine how classification products work across groups and populations, who will benefit from the systems we're building and who will be harmed, and what types of harms can be avoided. [Youtube]

2. Inside the digital republic of Estonia and its plans to redefine citizenship digitally, spur economic growth, and ensure that technological innovation happens in their country, starting with Skype and progressing through a bureaucratic overhaul. [New Yorker]

3. The FCC voted 3-2 to repeal net neutrality rules, and promised to work together with the FTC to identify when ISPs are throttling traffic without informing customers--no word on what the consequences would be for companies that give certain websites preferential treatment but do inform customers. [The Hill x2]

4. An interview with Microsoft researcher danah boyd explores whether the problem with fake news is a misaligned system of incentives for tech companies to enhance polarization, rather than strengthen cross-group social ties. And another former Facebook executive recommends everyone take a "hard break" from social media. [Wired; Quartz]

5. The 21- and 20-year-old authors of the Mirai botnet pleaded guilty this week to a clickfraud scheme using the botnet, as well as the DDoS attacks perpetrated in October, 2016. [Krebs on Security]

6.​ Ongoing security concerns over DJI drones highlight the need for a consistent IoT security policy across government agencies that purchase IoT devices for strategic surveillance and support. "Before connecting an IoT device, any device, you have to be sure your security program, security tools and team are prepared to be able to continuously monitor the device as it connects and leaves the network and determine in real time if the device is acting maliciously," says Katherine Gronberg, who works with the DHS Continuous Diagnostics and Mitigation program for civilian agencies and the Comply to Connect program for the DOD. Relatedly, the creator of BrickerBot--which connected to insecure IoT devices and disabled them--explains what BrickerBot was, and what more is needed to prevent the development of malicious botnets. [FCW;] 

7. A data dump of 1.4 billion email addresses and passwords in plaintext shows that everything has already been hacked, and 123456 and 111111 are still popular passwords. [The Register]

8. Google released a tool to help iPhone jailbreakers and security researchers working on iOS 11.1.2 and earlier versions. [Motherboard]

9. Bitcoin futures are trading on Cboe, and soon on Nasdaq, although demand for the investment instrument, which offloads the difficulty of cashing out in exchange for a slightly higher price than actual BTC, has been low. [Bloomberg]

10. File under "speculative": Is Russia tapping--or preparing to cut--undersea internet cables that carry traffic between Europe and the US? And, when Uber enters a new city, ambulance usage subsequently decreases. [Guardian; Mercury News]

Thanks for reading,

Stanford Cyber Initiative

(To suggest an item for this list, please email You can view news from past weeks, subscribe, and unsubscribe at