Skip to content Skip to navigation

Friday Cyber News, October 14 2016

Cyber technology-related news and links from around the web, for the week of 10/8 - 10/14:

1. Facebook doesn't want you to share your login with a third party that will post on your behalf, but they're fine with sharing your posts with Geofeedia, which in turn provides surveillance data to police departments looking to track protestors. After the ACLU reported on the data-sharing, Facebook and Twitter suspended their data-sharing agreements with Geofeedia, but as Nicole Ozer of ACLU California notes, "The ACLU shouldn’t have to tell Facebook or Twitter what their own developers are doing. The companies need to enact strong public policies and robust auditing procedures to ensure their platforms aren’t being used for discriminatory surveillance." There are many other tools police can use to track social media-using citizens besides Geofeedia. [Washington Post; Daily Dot]

2. "I think there’s no doubt that developing international norms, protocols, and verification mechanisms around cybersecurity generally, and AI in particular, is in its infancy. Part of what makes this an interesting problem is that the line between offense and defense is pretty blurred. And at a time when there’s been a lot of mistrust built up about government, that makes it difficult. When you have countries around the world who see America as the preeminent cyberpower, now is the time for us to say, "We’re willing to restrain ourselves if you are willing to restrain yourselves.'" - Obama and MIT's Joi Ito in conversation on AI, cyber threats, and how government can help fund and encourage research. See also, NSTC executive report on preparing for the future of AI. [Wired; Whitehouse.gov]

3. The US officially accused Russia of attempting to influence the election through hacking. Admiral Mike Rogers testified before Congress that nation-states are the biggest threat facing the US online. But what about cyber mercenaries and terrorist groups? E.g., social media is being co-opted to shed light on ISIS activities, by both pro- and anti-ISIS groups. [Politico; Politico; Atlantic]

4. Assess your tolerance for Silicon Valley Tech Millennial before opening this profile (its subject attends a hypnosis class he describes as "low-bitrate", describes earnest eye contact with a man to whom he has given the nickname "Presence" as "the antidote" to cell phone-based communication, and lives in an "intentional community house" whose inhabitants work in such a way as to "fully align with their purpose"...ok, I'm done), and then take note that determining whether a tech-enabled experience is in your best interest right now--for your concentration, state of mind, and preferences--isn't something most tech is set up to encourage you to do. Tristan Harris has founded an organization designed to get us to spend our time wisely, and not on a hamster wheel of app notifications and email. [Atlantic]

5. Computers want to push humans out of the way: cars want to drive themselves, warehouses want to run themselves, and Facebook's newsfeed wants to curate itself. This can free us from responsibility and repetitive tasks, or lull us into complacency, leaving us with rusty or non-existent skills when something goes wrong and the car now needs us to step in. As illustrated by a doomed Air France flight that crashed after autopilot disengaged and the human pilots didn't realize they were fully in control, an automated system that works perfectly 99% of the time and not at all in the remaining 1% is more dangerous than one that requires more oversight. [Guardian]

6. The FBI has been using a contractor to prepare materials for FISA court orders, and although no wrong-doing is claimed, recent contractor problems with Booz Allen Hamilton have drawn attention to the arrangement, which creates a "choke point" for surveillance-related information. [Guardian]

7. Researchers have devised a relatively time-feasible means of creating "trap-doored" primes that are insecure when used with Diffie-Hellman encryption but appear randomly chosen. This serves as a reminder that when not allowed to choose your own primes, there are no guarantees they haven't been chosen with ulterior motives. [IACR; Ars Technica]

8. Google will take down content that a court has declared to be defamatory, although the process for getting a court to make that declaration has some loopholes: for example, you can file a lawsuit against a fake defendant with the same name--or a similarly spelled one--as the person posting the offending content, have that fake defendant sign an agreement to an injunction, and get content taken down when no one at the court or at Google investigates further. [Washington Post]

9. Techcrunch video series on the history of Bitcoin and the blockchain has some neat interviews: inside mining outfits, with Susan Athey, and at the SF headquarters of Snapcard (the Tech Millennial warning from item 4 applies here as well). [TechCrunch]

10. London man charged with terrorism for studying encryption and encrypting his blog. (He was also charged with some potentially terror-aiding things, but the charge for encrypting his blog ought to go.) [ZDnet]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. This email contains links that may not work if HTML is not supported in your mailbox. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)