Skip to content Skip to navigation

Friday Cyber News, May 11 2018

Cyber technology-related news and links from around the web, for the week of 5/5 - 5/11:

1. The US withdrawal from the Iran nuclear deal is suspected to lead to retaliatory cyber attacks, as well as a resumption of Iran's nuclear weapons program. [Politico x2]

2. A bipartisan group of Representatives introduced legislation this week that would prevent the government from mandating that companies include back doors in encrypted products, prohibiting federal agencies from asking companies to "design or alter the security functions in [their] product or service to allow the surveillance of any user of such product or service, or to allow the physical search of such product". Relatedly, a group of cryptographers, including the Cyber Initiative's Dan Boneh, penned an op-ed this week critiquing former Microsoft executive Ray Ozzie's back door proposal, and the technical underpinnings of encryption back doors in general. [The Hill; Ars Technica]

3. Democrats on the House Intelligence Committee released approximately 3,500 Facebook ads paid for by Russian agents from mid-2015 to mid-2017. The ads were designed to inflame both sides of polarizing issues like racial inequality and immigration, often with heavy-handed graphics. Russian hackers were also revealed to be behind intimidating messages sent to US military families by individuals who claimed to be members of ISIS. [House.gov; Washington Post; The Hill]

4. An independent international agency tasked with attributing cyber attacks could help regulate malicious activity in cyberspace, suggests a former IDF officer. [Lawfare]

5. Google's I/O conference unveiled a few new assistive technologies, including Duplex, a bot assistant that can make calls in a voice sufficiently realistic (and including human vocal tics like "um") that it appears to convince a hair salon receptionist during a call that it is a human assistant making an appointment. Reactions to the bot ranged from appreciative to horrified that the explicit aim of this technology is to represent itself as human. Some suggested that the bot be required to identify itself upfront, as a form of informed consent to interact, and others were concerned about the potential capability of the bot to use its owner's voice--by sampling calls made on your Android phone, for example--to impersonate a specific individual. [NPR]

6.​ A Fourth Circuit court ruled this week that federal searches of electronic devices at borders must be justified by individual suspicion, rather than the broad "border exception" that allows searches of any devices at or near borders. [ACLU]

7. Google and Facebook have announced that they will ban bail bond ads on their platforms, citing the bail bond industry's predatory practices and disproportionate effects on low-income communities and people of color. This editorial decision brings the platforms closer to the model of a publisher than a public square, with implications for the platforms' responsibility for other types of content. [Axios]

8. Deployed military and absentee voters in two counties in West Virginia participated in the first US blockchain-backed election earlier this week. [ETHnews]

9. The US stand-alone and packaged cyber insurance premium market was $2.1B in 2017 ($986M of which was stand-alone coverage), while the direct loss ratio fell. [Intelligent Insurer]

10. Copenhagen's bicycle-sharing system was hacked, leading to a crash that forced Bycyklen to perform manual updates for every bike. [Hackread]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)