Skip to content Skip to navigation

Friday Cyber News, October 19 2018

Cyber technology-related news and links from around the web, for the week of 10/13 - 10/19:

1. Since 2008, cryptocurrencies' ups and downs have captured the attention of researchers, speculators, and developers. Ten years in, the field remains torn between marketers and idealists, while real work is being done in establishing the game theory behind proof-of-stake systems. [New Yorker]

2. Half a month before election day, in a new effort to combat election influence "Facebook will ban false information about voting requirements and fact-check fake reports of violence or long lines at polling stations ahead of next month’s U.S. midterm elections." Facebook's war room for election interference, which was profiled previously from the outside and has a new write-up emphasizing the 24 desks and many, many monitors inside, some vertical and some horizontal, is now joined by Reddit's Russian misinformation war room, which is similarly tasked with identifying disingenuous and divisive posts and removing them. To help identify these posts, Twitter has released an archive of 10 million tweets from Russian and Iranian accounts linked to information operations between 2013 and 2018. [Reuters; NY Times; The Verge; NBC; The Verge]

3. A data breach of travel records held by a Pentagon contractor affected more than 30,000 employees. Also revealed this week, cross-site scripting vulnerabilities in the Tinder app left users' profile information at risk. Finally, a means of cross-checking whether DoD-employed singles really love traveling as much as they say they do. [Engadget; SC Magazine]

4. Medtronic has disabled its internet-based software update network after several failed attempts to mitigate vulnerabilities that left connected devices like pacemakers open to manipulation. Coming perhaps too late for Medtronic, the FDA this week released draft cybersecurity guidance for medical device manufacturers, including the suggestion that devices come with a "bill of materials" tracking all included hardware and software components. [Techcrunch; HealthDataManagement] 

5. Equifax's former engineer who, in the process of building a breach notification website, worked out that the breach was of his own company and used that information to make $75,000 insider trading, was sentenced to eight months of house arrest. In other breach fallout news: Facebook will not provide identity fraud protection to the victims of its latest breach because, let's be realistic, they already have it from other breaches. The insurer Anthem will pay a $16M settlement to the government to settle concerns over privacy violations associated with its 2015 breach of patient data. [ZDnet; BBC; AP]

6.​ Lest it seem that the field of cybersecurity has everything under control and doesn't need any help, the global cybersecurity workforce shortage is approximately 3,000,000 people, 500,000 of those in North America, according to a new report by the International Information System Security Certification Consortium [Nextgov]

7. Everything you can do to preserve--or reclaim--your privacy online, a guide by bitcoin whale and SWAT victim Jameson Lopp, recommends various strategies including registering for a throwaway phone number, owning your home through an LLC, a VPN, a Librem laptop, and a password manager. [Medium]

8. Senators' inquiries into the privacy implications of email scanning have led Google to decide that it will no longer allow developers to use information gleaned from users' emails to target ads or conduct market research. [Washington Post]

9. Scrolling, tapping, and other physical interactions with your phone can be used by a startup as early warning indicators of mood disorders. So can your Facebook status updates, as a team of UPenn researchers discovered. [Technology Review; Wired]

10. Does a robot get sworn in on a copy of Asimov? Pepper, a humanoid robot in residence at Middlesex University, gave testimony about AI before a UK Parliament committee. I'm looking forward to Armando Iannucci's lightly fictionalized version of this scene in a future In the Loop sequel. [CNet]

Thanks for reading,

Allison
Stanford Cyber Initiative
fsi.stanford.edu/cyber

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)