Skip to content Skip to navigation

Friday Cyber News, September 23 2016

Cyber technology-related news and links from around the web, for the week of 9/17 - 9/23:

1. It's huge: Yahoo confirms that 500 million users' account details were stolen in a breach that occurred in late 2014. Yahoo claims the breach was the work of a state-sponsored actor. We're waiting to hear whether this disclosure will affect the price of Yahoo's sale to Verizon, and how the breach occurred (though another dump purporting to be data on 200 million of the same accounts claims to be from 2012). [Yahoo; Recode; Business Insider]

2. The British Standards Institute presented guidelines for the ethical design of robots--and the design of ethical robots--this week, including how to assess the racism and sexism of robots, and what types of relationships between humans and robots are desirable. Meanwhile, the US Department of Transportation issued a set of 15 safety assessment guidelines for self-driving cars including how vehicles address ethical dilemmas on the road, and how they record their decision-making and activity. [Entrepreneur; Technology Review]

3. You don't know how the algorithms that display your news, predict your leisure interests, assist in hiring decisions, and recommend health treatments work. So, whose black box do you trust? [LinkedIn]

4. Earlier this year, a Florida judge ruled that for the purposes of money-laundering laws, bitcoins aren't money. But a federal judge in Manhattan ruled this week that a bitcoin exchange could be charged as an unlicensed money transfer business. The IRS treats cryptocurrencies as property, not money. Maybe to decide this one we can flip a coin? [Ars Technica]

5. iPhone 7 jailbreak only took 24 hours. A bug was found that allowed the takeover of any Facebook page through Facebook Business Manager. Rather than fight the losing battle of making ever more secure products, what if we turn to using incentives to shape the vulnerabilities market? [Motherboard; TechWorm; CFR]

6. The leap from IP address to police raid is often made without consideration for the many ways that information can be inaccurate or distorted: IP addresses are reassigned, Tor exit relays can show up as the addresses of anonymized users, one IP address can be used by multiple people on the same computer or in the same house, and geolocation is sometimes just wrong. [Fusion]

7. Andrew Sullivan despairs that the onslaught of online information wears away at our minds like stones in a riverbed. [NY Mag]

8. Tesla issued a software update this week after hackers 12 miles away were able to unlock a Model S, control its brakes, and open the trunk. Although the hack required fairly specific initial conditions, these demonstrations reaffirm that a computer on wheels is still a computer. [BBC]

9. Welcome to the dark net, it gets worse here everyday. [Vanity Fair]

10. North Korea only has 28 websites. An IT specialist working on Hillary Clinton's emails posted on Reddit asking for help. A remote code execution vulnerability was found in Metasploit itself. Never a dull week. [NPR; The Hill; Github]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. This email contains links that may not work if HTML is not supported in your mailbox. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)