^CategoryComputer Security

Cyber network, data flow, open source. 3D illustration of digital hi-tech particles

^{Type
post

Author
Jonathan Bartlett
Date
April 1, 2024

Categorized
Computer Security

Tagged
cybersecurity, internet, open source, Software, Technology}

The Backdoor to Control the Internet

_{We almost lost the Internet last week, but open-source developers saved the day.} _{Jonathan Bartlett

April 1, 2024

4

Computer Security}

Few people are aware, but over the last several days, a perceptive developer foiled a multi-year plot to install a remote backdoor into, well, the entire Internet. Two years ago, a programmer known as Jia Tan (JiaT75) started helping out with a lesser-known compression library, known as xz. For those who don’t know, software today is not a monolithic entity. Every piece of software you use it built from a collection of tools, known as libraries, that make programming easier. For instance, most programmers never have to write the specifics of a sorting algorithm, because, somewhere, there is a library which performs sorting for them. This leaves programmers to focus on higher-level tasks, like actually making the software do what the users want. However, these Read More ›

Secure Cyber World, Blue Background Illustrating Protection, Digital Safety, Blue Background with Lock Symbol, Cybersecurity Visuals, Blue Background and Lock Emblem, Guarding Digital Assets, Blue Bac

^{Type
post

Author
Heather Zeiger
Date
March 19, 2024

Categorized
China, Computer Security, Politics

Tagged
APT41 hacker group, Chengdu 404 hacker group, Chinese hackers in U.S., Chinese hackers in U.S. (leak), Chinese hackers' complex relationship with CCP, Christopher Wray on spyware, Dakota Cary, Eliot Chen, I-Soon (Anxun), QiAnXin, Quihoo360, Wu Haibo}

A Timely Leak Offers a Peek Into Chinese Cyberespionage Worldwide

_{What Chinese hackers are doing can sound as exciting as a spy movie — but it is much more dangerous} _{Heather Zeiger

March 19, 2024

6

China, Computer Security, Politics}

Some of the leaked documents shed light on the corrupt business practices inherent in the hacker ecosystem and on the role of the CCP government. Read More ›

internet security and privacy challenges. Use a human eye and digital binary code to convey the idea of surveillance by cybercriminals.

^{Type
post

Author
Heather Zeiger
Date
March 7, 2024

Categorized
China, Computer Security, Crime, Surveillance

Tagged
CCP and Russia, China (cyberespionage), Christopher Wray on spyware, Cyberattacks timeline, Cyberespionage (China), Dell SecureWorks, Jen Easterly, Malware embedded by China, Microsoft and hackers, NotPetya, NotPetya., Russia (cyberattacks on Ukraine), SecureWorks, Spyware and China, Stuxnet worm, Taiwan and cybersecurity issues, Ukraine (2022 war), Volt Typhoon hacking network}

We’re Slowly Learning About China’s Extensive Hacking Network

_{China’s state-backed hackers have embedded malware within U.S. programs used to manage clean drinking water, the power grid, and air traffic, among others} _{Heather Zeiger

March 7, 2024

6

China, Computer Security, Crime, Surveillance}

Hackers’ advantage: One of the biggest security weaknesses in U.S. digital networks and infrastructure is out-of-date, no-longer-supported technology. Read More ›

Big brother electronic eye concept, technologies for the global surveillance, security of computer systems and networks

^{Type
post

Author
Erik J. Larson
Date
December 7, 2023

Categorized
Censorship, Computer Security

Tagged
AI, apple, Big Tech, censorship, Computer security, Data privacy, Facebook privacy violations history, FBI, Google, surveillance capitalism}

This is Digital McCarthyism

_{Far from being liberated by these technologies, we have been plunged back into the worst abuses of surveillance and privacy violation.} _{Erik J. Larson

December 7, 2023

5

Censorship, Computer Security}

The notion that we’re getting somewhere, making progress, is remarkably durable. It survives wars, financial collapse, riots, scandals, stagnating wages, and climate change (to name a few). Though techno-futurists are also fond of AI apocalypse scenarios, where artificial intelligence somehow “comes alive,” or at any rate uses its superior intelligence to make an autonomous decision to wipe out humanity, much more ink has been spilled this century prognosticating indomitable technical progress, which somehow stands in for human progress generally. But sanguine belief in progress is belied by the actual events of the twenty-first century. Computers have gotten faster and AI more powerful, but digital technology has also been used to spread misinformation, make deep fakes, and conduct relentless cyberwarfare. Financial Read More ›

Robotic hand using wooden geometrical shapes at during machine learning. 3d illustration.

^{Type
post

Author
News
Date
December 5, 2023

Categorized
Artificial Intelligence, Computer Security, Philosophy of Mind

Tagged
Andy Greenberg, Gary Smith on chatbots, Joseph Weisenbaum, Marco Ragni, Philip Johnson-Laird, Sarah Wells, Turing Test (and chatbots), Turing Test weaknesses}

Why the Turing Test Is Becoming Obsolete

_{Chatbots can easily pass the test without doing any thinking at all} _{News

December 5, 2023

4

Artificial Intelligence, Computer Security, Philosophy of Mind}

One research team recommends replacing the Turing test (can it deceive humans?) with tests for actual reasoning skills. Read More ›

^{Type
post

Author
Heather Zeiger
Date
November 2, 2023

Categorized
Computer Security

Tagged
China, Computer security, cybersecurity, cyberspace, cybertheft, intelligence agencies, piracy, Stanford, United States}

Spies and Lies: China’s Cyberespionage Is on an Unprecedented Level

_{Chinese cybertheft is an ever-increasing threat.} _{Heather Zeiger

November 2, 2023

5

Computer Security}

Intelligence agencies are clear that the problem is not the Chinese people or Chinese citizens living in other countries. The problem is the Chinese government. Read More ›

^{Type
post

Author
News
Date
May 22, 2023

Categorized
Computer Security

Tagged
data, Data Security, European Union, Facebook, Meta, Privacy, social media}

Meta Fined Over 1.3 Billion

_{The EU is penalizing the tech giant for shipping data across the Atlantic} _{News

May 22, 2023

2

Computer Security}

European Union regulators have fined Meta over a billion dollars for sending users’ data to the United States. Many companies operate using a free flow of data across the Atlantic, so the ruling will complicate other companies’ modes of business. Sam Schechner reports, The steep fine represents a step change from EU privacy regulators, who are increasing their enforcement of the GDPR, the bloc’s privacy law, some five years after it came into effect. A board of EU regulators has taken more control over cross-border decisions—and has insisted on bigger fines, people familiar with the deliberations say. -Sam Schechner, Facebook Owner Meta Fined $1.3 Billion Over Data Transfers to U.S. – WSJ Meta is not pleased with the decision, unsurprisingly, Read More ›

^{Type
post

Author
News
Date
May 12, 2023

Categorized
Computer Security

Tagged
AI, Computer security, Criminal, hacking, IT, Malware, Technology}

Ransomware Attacks on Public Institutions

_{Hackers are always coming up with new approaches, keeping IT staff on their toes} _{News

May 12, 2023

6

Computer Security}

by Karl Stephan In what is just the latest of a lengthening series of ransomware attacks, the sheriff’s office of San Bernardino County, California reportedly paid over $1 million in ransom to an Eastern-Europe-based hacking group. About half the money was paid by insurance and the county paid the rest from its risk-management fund. Reporters for the Los Angeles Times were unable to determine exactly who authorized the payments, which enabled the county to restore its email servers, in-car computers, and law enforcement databases. According to the report, the FBI discourages payments to ransomware hackers, but almost half of the state and local governments attacked worldwide pay anyway. A survey conducted by the British security firm Sophos was cited in the report, which said that Read More ›

Police tactical team gathered round a house

^{Type
post

Author
News
Date
September 1, 2022

Categorized
Artificial Intelligence, Computer Security, Crime, Data Privacy

Tagged
Marjorie Taylor Greene, Swatting, Swatting and police response}

Swatting Goes Into Politics — as Congresswoman Greene Discovered

_{Swatting — calling the police and pretending that a violent incident is taking place at a given address — can kill the victim} _{News

September 1, 2022

5

Artificial Intelligence, Computer Security, Crime, Data Privacy}

This has been a summer to remember for U.S. Congresswoman Marjorie Taylor Greene (R-Georgia). She was “swatted” twice. The first false report that brought the police to her home was Wednesday, August 23: According to the first Rome PD report, five officers responded to a call on Wednesday during the initial attempted swatting. The caller claimed that a man had been “shot five times in a bathtub” at Greene’s home, and there was a woman and possibly children still in potential danger. On the way to Greene’s house, police realized who the homeowner was, but “due to the nature of the call,” police “formed up” at a nearby intersection and made a “tactical approach.” Rome PD provided Ars with no Read More ›

^{Type
post

Author
News
Date
August 22, 2022

Categorized
Business and Finance, Computer Security, Crime

Tagged
Phishing, Ransomware attack - future precautions, Ransomware attacks, Ransomware attacks on small business, Thumb drives and ransomware}

What To Do If Your Business Is Hit With a Ransomware Demand

_{A roundup of advice for small businesses and their employees and contract workers, on site or remote} _{News

August 22, 2022

5

Business and Finance, Computer Security, Crime}

Ransomware attacks have reportedly continued to grow in 2022, as criminals hone their skills in grabbing our data and wanting money to release it. Today, it’s not just government and large businesses that are at risk. Small to mid-size businesses are at greatest risk. That’s because a) they often don’t have enough security in place and b) let’s face it, today’s attacker might be content with $300,000 each from a cluster of them rather than $30 million from a giant firm. Attracts less attention, for one thing. Here’s Blackfog’s monthly list of publicly reported attacks in 2022. In the first 30 minutes… Don’t just panic and agree to pay: [Kevin] Epstein says international law enforcement and white hat hackers usually Read More ›

3D Rendering of binary tunnel with led leading light. Concept for data mining, big data visualization, machine learning, data discovery technology, customer product analysis.

^{Type
post

Author
News
Date
July 14, 2022

Categorized
Computer Security, Crime, Data Privacy

Tagged
Dark Web, Dark Web and crime, Dark Web risks to users, Deep Web, Julian Assange, NetWalker ransomware, Ross William Ulbricht, Silk Road Dark Web site (2011–2013), Surface Web, Tor web browser, WikiLeaks}

Deep Web? Dark Web? What’s Dangerous? What’s to Know?

_{The Deep Web hosts information like bank statements and health records so a search on your name won't turn them up} _{News

July 14, 2022

4

Computer Security, Crime, Data Privacy}

The terms deep and dark sound glamorous and forbidding, maybe criminal. Both terms just mean that we can’t reach a site on that portion of the web via a conventional search engine. The Surface Web, the part that we can reach via a conventional search engine like Google, DuckDuckGo, or Brave, is estimated roughly to be 0.03% of the internet (Britannica). The Deep Web contains email accounts, bank statements, health records, and other services that can only be accessed by passwords. It’s the main reason that our private business can’t be accessed just by searching on our names. Both the Surface Web and the Deep Web are growing as more people go online. Now, about the Dark Web: By comparison, Read More ›

^{Type
post

Author
Heather Zeiger
Date
July 13, 2022

Categorized
Computer Security, Crime, Data Privacy, Surveillance

Tagged
Alibaba Group and Shanghai hack, China, China mass surveillance (inherent risk), Dark Web and Shanghai hack, Featured, Shanghai police data hack}

Largest Data Grab Ever Stole Shanghai’s Mass State Surveillance

_{The police, dutiful in monitoring everyone, flunked data security. Now it’s all for sale on the Dark Web} _{Heather Zeiger

July 13, 2022

8

Computer Security, Crime, Data Privacy, Surveillance}

Beijing wants to create a centralized database with personal information on everyone living in China. To do that, the government saves massive amounts of data acquired through surveillance technologies such facial and voice recognition and cell phone monitoring. In a previous article, we saw that the Chinese government’s surveillance network is much more extensive than once thought. However, while the Chinese government has prioritized collecting massive amounts of data, it has not prioritized protecting it. Thus, a hacker has acquired police data files on 1 billion Chinese residents (approximately 23 terabytes of data) from the Shanghai National Police database. The files include name, national ID number, cell phone number, birthdate, birthplace, ethnicity, education level, marital status, and delivery records. They Read More ›

^{Type
post

Author
News
Date
July 11, 2022

Categorized
Computer Security, Global Technology, Language

Tagged
Geocoding, Geolocation, Mary Lynn Reed, National Cyber Security Centre (Britain), Passwords (three word system), Three word geolocation addresses, Three word passwords, What3words app}

Three Simple Words Can Find Any Place on Earth

_{The “what3words system” of geolocation is easier to remember than many street addresses and may also work for passwords} _{News

July 11, 2022

5

Computer Security, Global Technology, Language}

What3words is an app and web-based service that can convert practically any location within 3 × 3 meters (or 10 × 10 feet) — the size of a typical small bedroom or den — to just three short English words if you can give it an address. Don’t believe that? Try it. The address of the Library of Congress is person.hotels.canny The address of the Louvre Museum in France is started.pelting.pops And … bluffs.alas.skater? That’s the address of a Canadian Tire store somewhere in Ottawa. Clicking Bing Maps at the What3Words site will give you that store’s street address, satellite image and tell you how to get there. So why do this? Math prof Mary Lynn Reed explains: This new Read More ›

New strong password and weak ones near keyboard.

^{Type
post

Author
News
Date
June 21, 2022

Categorized
Computer Security, Data Privacy, Surveillance, Technocracy

Tagged
Apple and ending passwords, Biometrics (replacing passwords), China biometrics, David Kruger on replacing passwords, Facial recognition replacing passwords, Fingerprints replacing passwords, Passkeys vs. passwords, Passwords (elimination), Retina scanning}

Forget Your Password? Apple Wants To End Them for Good But…

_{Do you want to give Apple your face- and fingerprints, maybe other “biometrics” down the road…?} _{News

June 21, 2022

5

Computer Security, Data Privacy, Surveillance, Technocracy}

We’ve all heard the tales of woe about people whose password was “password” or “123456” or “BertJones”. Currently, Big Tech, tired of the flak and the fallout, is trying to end passwords. Here’s Apple’s approach: When Apple’s latest software updates for iPhones, iPads and Macs arrive this fall, they will include a way for users to log into various online accounts without entering passwords or relying on password managers to save and fill in credentials. The technology generates unique passkeys for each app or browser-based service in the place of characters. Those passkeys, a new type of identity authentication, prompt a scan of your face or fingerprints to log you in… Passkeys, like those from Apple, are made up of Read More ›

Portrait of insidious hacker organizing virus attack on corporate servers in hideout place. Serious man looking at camera sitting at desk with multiple displays.

^{Type
post

Author
News
Date
May 30, 2022

Categorized
Computer Security

Tagged
David Kruger, FBI hack 2016, Hacking (conflicting interests), Hacking (famous data breaches), Hacking (ransomware), Hacking (state-sponsored hacking), John Scott-Railton}

At the Water Cooler: They’re Talking About Computer Hacks Again

_{Some people appear to know all the answers to the latest assaults on our finances and privacy. If only the government would listen… (?)} _{News

May 30, 2022

6

Computer Security}

In 2020, hackers threatened to release thousands of Finnish psychotherapy patients’ records to the internet unless they paid a steep ransom. Meanwhile, just last month, U.S. authorities uncovered a ‘Swiss Army Knife’ for hacking industrial control systems. “The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries.” (Wired) So yes, we have a problem. Wired sums up last year’s hacking news: “As John Scott-Railton, senior researcher at University of Toronto’s Citizen Lab, puts it, ‘2021 is the year where we’re realizing that the problems we chose not to solve years or decades ago are one by one coming back to haunt us.”” (December 24, 2021) The Read More ›

Big data futuristic visualization abstract illustration

^{Type
post

Author
News
Date
May 16, 2022

Categorized
Business and Finance, Computer Security

Tagged
Crypto wars, Cybersecurity (insurance issues), Encryption (and control of data), Facebook (tracking and market value), Human data collectors (HDCs), Insurance (cybersecurity issues), Wall Street and human data collection (HDC)}

How Software Makers Will Push Back Against Reforms

_{Software makers will grumble but insurers may force their hand. That, however, is NOT the Big Battle…} _{News

May 16, 2022

10

Business and Finance, Computer Security}

Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here as a series. On Friday, we looked at the claim that human data collectors should own your data because it is too complex for you to manage. In this final installment, we look at how tech companies will try to avoid actually having to change anything. Preview of Coming Attractions If policymakers start to move towards implementing the policies suggested above, there will be a pushback from software makers that are not HDCs. They will be unhappy about additional software development costs, and they will play the “It’s the cyberattackers, not us!” card, saying it’s unfair to hold Read More ›

Smart technologies in your smartphone, collection and analysis of big data

^{Type
post

Author
News
Date
May 13, 2022

Categorized
Business and Finance, Computer Security, Data Privacy

Tagged
Human data collection (proposed reforms), Human data collectors (HDCs), Privacy controls (shortcomings), Self-managed data}

Is Your Data About Yourself Too Complex for You to Manage?

_{That’s the argument human data collectors (HDCs) make for why they should be allowed to collect and own your data} _{News

May 13, 2022

9

Business and Finance, Computer Security, Data Privacy}

Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here as a series. On Tuesday, we looked at how the current system punishes small businesses for data breaches that they could not have prevented. Today, we look at the claim that human data collectors should own your data because it is too complex for you to manage. The Easy Button The most common objection to data ownership is that self-management of owned data is overly complex. That view is based on the complexity of so-called “privacy controls” offered by big tech HDCs, controls which have every appearance of being deliberately obtuse. As a software developer and Read More ›

^{Type
post

Author
News
Date
May 10, 2022

Categorized
Business and Finance, Computer Security

Tagged
Data breaches (liability), David Kruger}

Cybersecurity: Why a Poke in the Eye Does Not Work

_{The current system punishes small businesses for data breaches they could not have prevented} _{News

May 10, 2022

7

Business and Finance, Computer Security}

Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here as a series. Yesterday, we looked at how online human data collectors get free from legal responsibility. Today we look at how the current system punishes small businesses for data breaches that they could not have prevented. A Poke in the Eye Furthermore, in the domain of unintended consequences, deterrence polices are based on the technological symptomatic point solution fallacy. Businesses are assumed to be negligent if they have a data breach. That’s correct in some cases, but in others, businesses, particularly small and medium-sized businesses, suffer increased compliance costs or have been bankrupted by data breaches that they Read More ›

Close up businesswoman collecting data information converting into statistics, planning strategy gathering resources creating visual graphical graphs using computer laptop and smart mobile device

^{Type
post

Author
News
Date
May 9, 2022

Categorized
Computer Security

Tagged
David Kruger, Human data collectors (HDCs)}

How Online Human Data Collectors Get Free From Responsibility

_{Cybersecurity expert David A. Kruger talks about the Brave Old World in which you have much less power than Big Tech does} _{News

May 9, 2022

8

Computer Security}

Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here as a series. Last week, we looked at how search engine results can be distorted. This week, we look at how HDCs (human data collectors) free themselves from any responsibility for outcomes. Brave Old World HDCs’ licensing strategy is designed to free them from any vestige of fiduciary duty. Fiduciary law traces its roots back to the Code of Hammurabi in 1790 BC, through the Roman Empire, early British law, and up to the present day. The purpose of fiduciary law is to compensate for two sad facts of human nature. In unequally powered business relationships, 1) businesses with more Read More ›

close up man hand type on keyboard laptop to use search engine optimization (SEO) tools for finding customer or promote and advertise about content online for marketing technology and business concept

^{Type
post

Author
News
Date
April 27, 2022

Categorized
Computer Security

Tagged
David Kruger, search engines}

How Search Engine Results Can Be Distorted

_{Search providers such as Google are able to increase their ad revenues by distorting the search results delivered to users} _{News

April 27, 2022

11

Computer Security}

Veteran software developer David A. Kruger offered some thoughts on computer security recently at Expensivity and we appreciate the opportunity to republish them here as a series. Last week, we looked at the way data is collected on us for and marketed. This week we look at how search engine results can not be what they seem: Off Target The promise and purpose of search technology is that with it a user can find what they are looking for, not what the search engine provider deems worthy of being found. That creates an inherent conflict of interest when search providers such as Google are able to increase their ad revenues by distorting the search results delivered to users. Distortion, in Read More ›