Pete Recommends – Weekly highlights on cyber security issues May 5, 2019

Subject: FTC Releases Article on Keeping Children Safe Online
Source: FTC via US-CERT
https://www.us-cert.gov/ncas/current-activity/2019/04/26/FTC-Releases-Article-Keeping-Children-Safe-Online

The Federal Trade Commission (FTC) has released an article with tips for parents to keep their children safe online.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article and the following additional resources for more information:


Subject: Avoid these Android apps like the plague
Source: BGR
https://bgr.com/2019/04/19/android-app-permissions-ad-fraud-google/
Revelations about apps from the Google Play Store sneaking past available protections and collecting gobs of user data without permission are nothing new, but a new investigation has revealed an especially troubling pattern of behavior among one particular set of apps.

A BuzzFeed analysis recently found that several Android apps that happen to be among the most-downloaded on the Google Play Store may in fact have been sharing data they collect with the Chinese government. One of the apps in question, a selfie app, has been downloaded more than 50 million times and all of them have reportedly been “committing large-scale ad fraud and abusing user permissions,” according to the report.

Tags: Android, Google Play Store


Subject: Amazon’s one-day shipping plan sparks backlash from labor union
Source: CNN Wire via
https://fox43.com/2019/04/27/amazons-one-day-shipping-plan-sparks-backlash-from-labor-union/

Stuart Appelbaum, president of the Retail, Wholesale and Department Store Union, said speeding up deliveries could be dangerous for Amazon fulfillment center employees. Appelbaum said workers are already struggling to keep pace and handle 200 to 300 orders per hour during a single 12-hour shift.

Amazon’s Dave Clark, senior vice president of worldwide operations, shot back at Appelbaum’s remarks. He accused the union leader of continuing to “spout falsehoods.”

“We appreciate his concern for our associates but his concern is misguided and self-serving,” Clark said in a statement shared by Amazon.

An Amazon spokesperson say that workers do “not struggle to maintain” their workloads, and their lives are not at stake. “We have a very safe work environment,” the spokesperson said in an email.


Subject: Spies, Lies, and Algorithms
Source: Foreign Affairs via beSpacific
https://www.bespacific.com/spies-lies-and-algorithms/

But today, confronted with new threats that go well beyond terrorism, U.S. intelligence agencies face another moment of reckoning. From biotechnology and nanotechnology to quantum computing and artificial intelligence (AI), rapid technological change is giving U.S. adversaries new capabilities and eroding traditional U.S. intelligence advantages. The U.S. intelligence community must adapt to these shifts or risk failure as the nation’s first line of defense. Although U.S. intelligence agencies have taken initial steps in the right direction, they are not moving fast enough. In fact, the first intelligence breakdown of this new era has already come: the failure to quickly identify and fully grasp the magnitude of Russia’s use of social media to interfere in the 2016 U.S. presidential election. That breakdown should serve as a wake-up call. The trends it reflects warrant a wholesale reimagining of how the intelligence community operates. Getting there will require capitalizing on the United States’ unique strengths, making tough organizational changes, and rebuilding trust with U.S. technology companies…”

beSpacific Subjects: AI, Cybercrime, Cybersecurity, Defense, Government Documents, Internet, Knowledge Management, Legal Research
Sample AIcategory  RSS feed: https://www.bespacific.com/category/ai/feed/

Foreign Affairs tags: Intelligence  Cybersecurity
Site RSS feed: https://www.foreignaffairs.com/rss.xml


Subject: Rights groups challenge warrantless cellphone searches at U.S. border
Source: Reuters via Yahoo
https://news.yahoo.com/rights-groups-challenge-warrantless-cellphone-searches-u-border-204453466.html

Generally in the United States, law enforcement is required to obtain a warrant before it can search an American’s electronic devices. But a so-called border search exception, which dates to the early days of the United States, allows authorities to conduct searches at a port of entry without a warrant. That exemption has been repeatedly upheld by the courts.

The rights organizations said customs and immigration officials also act on requests from other agencies as well as state and local police and foreign law enforcement agencies, according to the court papers. The groups asked U.S. District Judge Denise Capser in Boston to order a halt to such practices without going to trial. Customs and Border Patrol searched 33,295 electronic devices in fiscal year 2018, up from 5,085 in fiscal 2012, according to the court documents.


Subject: U.S. cyber spies unmasked many more American identities in 2018: U.S. report
Source: Reuters via Yahoo
https://news.yahoo.com/u-cyber-spies-unmasked-many-more-american-identities-200345274.html

WASHINGTON (Reuters) – U.S. cyber spies last year unmasked the identities of nearly 17,000 U.S. citizens or residents who were in contact with foreign intelligence targets, a sharp increase from previous years attributed partly to hacking and other malicious cyber activity, according to a U.S. government report released on Tuesday.

The unmasking of American citizens’ identities swept up in U.S. electronic espionage became a sensitive issue after U.S. government spying on communications traffic expanded sharply following the Sept. 11, 2001 attacks and started sweeping up Americans’ data.

The report says that the number of “non-US persons” targeted by the U.S. for foreign intelligence surveillance rose to 164,770 in calendar year 2018 compared to 129,080 the year before.

The report adds that not a single FBI investigation was opened on U.S. persons based on NSA surveillance in either 2017 or 2018.


Subject: Handful of States Begin Legislating “Deepfake” Videos
Source: Government Technology
https://www.govtech.com/policy/Handful-of-States-Begin-Legislating-Deepfake-Videos.html

[sorry, you’ll have to click-thru the advert /pmw1]

A new form of online disinformation has some government officials uneasy about its potential effects on upcoming political campaigns and elections, but policy efforts to address it are sparse. “Deepfakes” — videos altered with the help of AI that can make people (typically celebrities or politicians) appear to do and say things they actually did not — are not only weird, uncanny manifestations of a new era of technological progress, they’re also a national security threat, according to some.

Last November, the Council on Foreign Relations hosted a public roundtable discussion of the new online phenomenon, where panelists lamented the potential these videos have for deployment by hostile foreign actors. Similarly, the Pentagon and its research agency, the Defense Advanced Research Projects Agency (DARPA), recently announced their commitment to researching various ways to combat the new phenomenon.

Deepfakes are created through AI algorithms that observe and record movement patterns in a subject’s face from actual video and then recreate and simulate them to make the subject do or say something they did not. The concern by many is that such videos will be used to manipulate public perceptions of public figures during elections.

RELATED

Artificial Intelligence Can Now Emulate Human Behaviors – Soon It Will Be Dangerously GoodDeepfake Videos Could Destroy Trust in Society – Here’s How to Restore ItCountering ‘Deepfakes’ Proves Problematic for Researchers


Subject: Digital Privacy: Discussion Draft of the NIST Privacy Framework Released
Source: NIST via LJ infoDOCKET
https://www.infodocket.com/2019/05/01/digital-privacy-discussion-draft-of-the-nist-privacy-framework-releases/

From the National Institute of Standards and Technology: We’ve just released a discussion draft of the NIST Privacy Framework: An Enterprise Risk Management Tool! The discussion draft reflects stakeholder input we’ve received throughout the development process. Now, we want your feedback: check out the discussion draft and related documents.

NB various NIST RSS feeds: https://www.nist.gov/pao/nist-rss-feeds

None that specifically relate, but at the bottom of the page, many topics e.g., https://www.nist.gov/topics/cybersecurity

https://www.nist.gov/topics/information-technology


Subject: Google to roll out auto-delete controls for location history and activity data
Source: Google via beSpacific
https://www.bespacific.com/google-to-roll-out-auto-delete-controls-for-location-history-and-activity-data/

Google Blog – Introducing auto-delete controls for your Location History and activity data – Whether you’re looking for the latest news or the quickest driving route, we aim to make our products helpful for everyone. And when you turn on settings like Location History or Web & App Activity, the data can make Google products more useful for you—like recommending a restaurant that you might enjoy, or helping you pick up where you left off on a previous search. We work to keep your data private and secure, and we’ve heard your feedback that we need to provide simpler ways for you to manage or delete it. You can already use your Google Account to access simple on/off controls for Location History and Web & App Activity, and if you choose—to delete all or part of that data manually. In addition to these options, we’re announcing auto-delete controls that make it even easier to manage your data. Here’s how they’ll work…”

beSpacific Subjects: Internet, Privacy, Search Engines

Google Related Articles:
The ultimate account security is now in your pocket
Building a safer internet, one secure domain at a time
Fighting disinformation across our products
Working with security researchers to make the web safer for everyone


Subject: New smartphone app uses GPS to connect disaster victims with responders
Source: UPI
https://www.upi.com/Top_News/US/2019/05/03/New-smartphone-app-uses-GPS-to-connect-disaster-victims-with-responders/6831556829639/

EVANSVILLE, Ind., May 3 (UPI) — A new smartphone application uses GPS technology to help emergency responders locate and help victims of natural disasters. The app, called PubSafe, allows disaster victims to post their location and need directly from their phone to a public map that relief workers can monitor in real time.

His recently completed app is not yet widely used, he said. The American Red Cross said it has not used it, and neither have government agencies. But that could change soon, especially as hurricane season begins.

The application extends beyond search and rescue. It could help volunteers deliver supplies where they are needed.

Topics:

Posted in: AI, Government Resources, Information Management, KM, Legal Research, Mobile Technology, Privacy, Search Engines, Social Media, Technology Trends
CLOSE
CLOSE