Skip to content Skip to navigation

Friday Cyber News, December 7 2018

Cyber technology-related news and links from around the web, for the week of 12/1 - 12/7:

1. Disregarding strong opposition from tech companies and cryptographers, the Australian Parliament passed a bill this week requiring companies to give police access to encrypted data, and several companies have indicated they do not intend to comply. Along similar lines, GCHQ officials have proposed that encrypted chat apps like Signal and WhatsApp allow the option of adding law enforcement as a silent participant in group chats, but the proposal has garnered little support thus far. [Reuters; Apple; Lawfare]

2. Rural US residents lack broadband access in far greater numbers than implied by FCC statistics, according to a Microsoft study. The resulting digital divide means students have to leave home to do their homework, businesses drive to nearby cities to update their websites, and health records are transferred by hand on thumb drives. [NY Times] 

3. Even though public-key cryptography will be safe from the predations of quantum computing for at least a decade, a new report from the National Academies of Science, Engineering, and Medicine recommends that research into quantum-resistant encryption be undertaken now. [National Academies]

4. An amazing anatomical map of the Amazon Echo: what it takes to build an AI system, from physical resources to data to labor. [Anatomy of AI]

5. Marriott's breach, reported last week, may have been the work of Chinese government-sponsored hackers, according to an analysis of the hacking tools used. [Reuters]

6.​ Senator Mark Warner of Virginia calls for increased focus on cyber norms, and a "whole-of-society" approach to cybersecurity, rather than separating responses to private sector and public sector challenges. Senators Hassan and Portman introduced the bipartisan Public-Private Cybersecurity Cooperation Act this week, to encourage security research by requiring DHS to establish a vulnerability disclosure program. [Cyberscoop; Senate.gov]

7. Of the trove of Facebook emails that Parliament released Wednesday, takeaways include Facebook's fear of market fracturing, ability to whitelist certain apps and provide preferential data access (and to take away API access, as it did when Twitter launched Vine), and its considerations of selling user data, at one point valuing it at ten cents per person per year. [Business Insider]

8. NoMoreClipboard and Medical Informatics Engineering, electronic healthcare record vendors, are being sued by the Attorneys General of 12 states for failing to encrypt sensitive patient information, which was subsequently stolen in a 2015 breach. (As you know, the Attorneys General lead a vast army of attorneys into battle against the attorneys of foreign lands). [Sophos; Slatestarcodex]

9. Gilets Jaunes ("Yellow Jackets") protests in France over proposed gas taxes may have been stoked by Facebook's increased focus on promoting local news and local connections. [Buzzfeed News]

10. In breaches: Quora was hacked, and data on over 100 million users was taken, including private messages. Genomics England's sequencing project has been targeted so repeatedly that it has moved its data storage to military facilities. [Cyberscoop; The Register]

Thanks for reading,

Allison
Stanford Cyber Initiative
fsi.stanford.edu/cyber

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)