Skip to content Skip to navigation

Friday Cyber News, May 4 2018

Cyber technology-related news and links from around the web, for the week of 4/28 - 5/4:

1. US Cyber Command's recently-released "Command Vision" could use further detail on how strategic advantage in cyberspace is defined, what role deterrence will play in a strategy focusing anew on proactive measures, and how Cyber Command plans to achieve strategic persistence. [Lawfare]

2. "Giant technology companies have become targets of suspicion because of their size, their influence, their possibly addictive products and their apparent indifference to our privacy." Tim Cook frames the problem as "the natural outgrowth of tech becoming a large percentage of the economy. With the success comes more scrutiny." For Apple, that means commitment to distinguishing between a business model built around products and one built around the monetization of data. For the Cyber Initiative, that means going back to the history of Silicon Valley, and examining how this citrus grove became a haven for people--including wealthy railroad barons--who thought that technology would change the world. The third season of our podcast Raw Data launched this week, and will be telling the story of the history of Silicon Valley, starting with the founding of Stanford. [The Times; Raw Data podcast]

3. Facebook announced a new dating feature that will be integrated into the site, in the same week that it fired an engineer for using private internal data to read up on women he was talking to on Tinder. [Wired; Ars Technica]

4. University of Michigan researchers developed a hardware backdoor, by adding a capacitor to a processor chip during its manufacture that can deploy alternate functionality on the chip after fully charging. [Wired]

5. Federal bans on Kaspersky software and on Huawei and ZTE phones point to the balkanization of the internet over competing security concerns. [Nextgov]

6.​ Alabama became the 50th and final state this week to pass a data breach notification law. The terms are similar to other states' notification laws, including a $5,000 per day maximum penalty, capped at $500,000 total per breach. [Lexology]

7. A denial of service attack against the Knox County (TN) election commission website, which delayed publication of May 1st county primary election results may be the first election-related cyber attack of 2018. [WBIR]

8. Commonwealth Bank of Australia lost magnetic tapes storing data corresponding to 19.8 million accounts, but chose not to notify customers because an internal investigation concluded the tapes were most likely destroyed. [Reuters]

9. Carnegie Mellon collaborated with Army researchers to find that the most successful teams in cybersecurity defense competitions don't talk much amongst themselves. [Phys.org]

10. Twitter was accidentally storing pre-hashed passwords internally, and notified users to change their passwords this week. Oscar Mayer's faux-cryptocurrency "Bacoin", redeemable for bacon, was served a cease-and-desist letter because that pun had been made before, in 2014. [The Hill; Daily Dot; Motherboard]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)