Skip to content Skip to navigation

Friday Cyber News, June 23 2017

Cyber technology-related news and links from around the web, for the week of 6/17 - 6/23:

1. A group of computer scientists, statisticians, and election auditing experts sent a letter to Congress warning of the risks of insecure election systems and recommending paper-based verification, firewalled and patched voting machines, and statistically robust post-election audits. It's not only voting machines (or, "point-of-vote" machines) that are vulnerable; records on 198 million voters were discovered on an unprotected server, including personal data and analytics on issue preferences. Additionally, voter information was altered in at least one local election database in 2016. Meanwhile, Russian requests for source code review before allowing products to be sold in the country are increasing. [ElectionDefense; ZDnet; Time; Reuters] 

2. The US Supreme Court ruled on Monday that a law banning sex offenders from using social media is unconstitutional. The Court cited the First Amendment, and may have bolstered net neutrality arguments along the way by comparing the internet to public parks and town squares. [Ars Technica]

3. A joint Oxford-UPenn research group analyzed the effect of political bots on the 2016 US election, and how bots use Twitter to spread messages. They found that bots were retweeted by humans, played a major role in promoting hashtags to trending status, and reached positions of centrality where they mediated the flow of communication between users. [Comprop Oxford]

4. Preemptively--but prudently--circling its data wagons, Australia will move classified government data from a private data center after a Chinese company bought a major stake in the company managing the data center. While data at rest may be an attractive target, data in transit is also vulnerable; the NSA has the capability to divert internet traffic and direct its path to route domestic traffic through international channels where it can be more easily collected. [VOAnews; Century Foundation]

5. The Cyber Initiative and CASBS recently held a workshop on the policy intersections of work and cyber technologies; attendee Harry Holzer builds on that discussion to explore how lifelong learning, general skills training, and temporary income support for the AI-displaced worker can help our workforce transition into the future. [Brookings]

6.​ Since 2015, Russia has been using Ukraine as a hacking testing ground for cyber attacks it then repeats against other targets, like American power and water utilities. [Wired]

7. The Mexican government is using NSO Group spyware--purchased to track criminals--to surveil and intimidate journalists, activists, and human rights lawyers. [New York Times]

8. The EU has decided that economic sanctions, including travel and business bans and asset freezes, can be levied against nations found to be attacking EU states' computer networks. This decision is part of the release of a "cyber diplomacy toolbox," a set of norms for EU countries to use when evaluating cyber attacks and proportional responses. The European parliament has also proposed draft legislation that would require end-to-end encryption on all communications, to protect users. [Reuters; Cyberscoop; BBC]

9. German post offices and certain grocery stores are debuting personalized ad platforms that scan and analyze customers' faces for age and gender, and play different ads to different viewers. The marketing company deploying these ad platforms says no data is stored, and the devices aren't identifying individual faces, but the more disturbing aspect of this form of data-driven advertising may be simply the fact that German post offices and grocery stores are playing video ads to customers already trapped in line, like the worst gas pumps do. [DW]

10. Girl Scouts are getting a cybersecurity badge; they'll learn to code and create firewalls, and learn about data privacy. [CNN]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)