CategoryComputer Security
DeepSeek: Honing In on the Challenges It Presents
Although the program is admirably streamlined, censorship, data breaches, copyright violation, and lack of guardrails are among the most prominent challenges
Is Your Online Data for Sale? The Tik Tok Hearings May Shed Light
To enable total state surveillance, telecom companies in China, for example, must supply data that can include everything from bank accounts to keystrokes
The Man Behind the First Billion-Dollar AI Business
Robert Hecht-Nielsen (1947‒2019) was a significant figure in the second wave of AI. His company specialized in fraud detection
“Personhood Credentials”: The Next Big Thing in online security?
“I’m a human” credentials, intended to combat fraud, would likely start out voluntary but then, by degrees, become mandatoryRather than simplifying our lives, the internet has made our lives more complicated, what with having to continually change passwords, the use of multiple security levels, the threat of hacking, and the like. Now, with the threat of AI creating fraudulent content, some technologists are proposing “personhood credentials” to thwart incursions and impersonations. From the MIT Technology Review story: Personhood credentials work by doing two things AI systems still cannot do: bypassing state-of-the-art cryptographic systems, and passing as a person in the offline, real world. To request credentials, a human would have to physically go to one of a number of issuers, which could be a government or other kind of trusted organization, where they would be asked to provide evidence that they’re Read More ›
Yes, the Billion-Records Data Breach Is Real
My family and I were victims. Here’s how to find out if you are too and what you can do about it
What We Can Learn From the Crowdstrike Fiasco
A lot of things that we try to do to remove risk actually make the problem worse — but also less visible
The Backdoor to Control the Internet
We almost lost the Internet last week, but open-source developers saved the day.
A Timely Leak Offers a Peek Into Chinese Cyberespionage Worldwide
What Chinese hackers are doing can sound as exciting as a spy movie — but it is much more dangerous
We’re Slowly Learning About China’s Extensive Hacking Network
China’s state-backed hackers have embedded malware within U.S. programs used to manage clean drinking water, the power grid, and air traffic, among others
This is Digital McCarthyism
Far from being liberated by these technologies, we have been plunged back into the worst abuses of surveillance and privacy violation.The notion that we’re getting somewhere, making progress, is remarkably durable. It survives wars, financial collapse, riots, scandals, stagnating wages, and climate change (to name a few). Though techno-futurists are also fond of AI apocalypse scenarios, where artificial intelligence somehow “comes alive,” or at any rate uses its superior intelligence to make an autonomous decision to wipe out humanity, much more ink has been spilled this century prognosticating indomitable technical progress, which somehow stands in for human progress generally. But sanguine belief in progress is belied by the actual events of the twenty-first century. Computers have gotten faster and AI more powerful, but digital technology has also been used to spread misinformation, make deep fakes, and conduct relentless cyberwarfare. Financial Read More ›
Why the Turing Test Is Becoming Obsolete
Chatbots can easily pass the test without doing any thinking at all
Spies and Lies: China’s Cyberespionage Is on an Unprecedented Level
Chinese cybertheft is an ever-increasing threat.
Meta Fined Over 1.3 Billion
The EU is penalizing the tech giant for shipping data across the AtlanticEuropean Union regulators have fined Meta over a billion dollars for sending users’ data to the United States. Many companies operate using a free flow of data across the Atlantic, so the ruling will complicate other companies’ modes of business. Sam Schechner reports, The steep fine represents a step change from EU privacy regulators, who are increasing their enforcement of the GDPR, the bloc’s privacy law, some five years after it came into effect. A board of EU regulators has taken more control over cross-border decisions—and has insisted on bigger fines, people familiar with the deliberations say. -Sam Schechner, Facebook Owner Meta Fined $1.3 Billion Over Data Transfers to U.S. – WSJ Meta is not pleased with the decision, unsurprisingly, Read More ›
Ransomware Attacks on Public Institutions
Hackers are always coming up with new approaches, keeping IT staff on their toesby Karl Stephan In what is just the latest of a lengthening series of ransomware attacks, the sheriff’s office of San Bernardino County, California reportedly paid over $1 million in ransom to an Eastern-Europe-based hacking group. About half the money was paid by insurance and the county paid the rest from its risk-management fund. Reporters for the Los Angeles Times were unable to determine exactly who authorized the payments, which enabled the county to restore its email servers, in-car computers, and law enforcement databases. According to the report, the FBI discourages payments to ransomware hackers, but almost half of the state and local governments attacked worldwide pay anyway. A survey conducted by the British security firm Sophos was cited in the report, which said that Read More ›
Swatting Goes Into Politics — as Congresswoman Greene Discovered
Swatting — calling the police and pretending that a violent incident is taking place at a given address — can kill the victimThis has been a summer to remember for U.S. Congresswoman Marjorie Taylor Greene (R-Georgia). She was “swatted” twice. The first false report that brought the police to her home was Wednesday, August 23: According to the first Rome PD report, five officers responded to a call on Wednesday during the initial attempted swatting. The caller claimed that a man had been “shot five times in a bathtub” at Greene’s home, and there was a woman and possibly children still in potential danger. On the way to Greene’s house, police realized who the homeowner was, but “due to the nature of the call,” police “formed up” at a nearby intersection and made a “tactical approach.” Rome PD provided Ars with no Read More ›
What To Do If Your Business Is Hit With a Ransomware Demand
A roundup of advice for small businesses and their employees and contract workers, on site or remoteRansomware attacks have reportedly continued to grow in 2022, as criminals hone their skills in grabbing our data and wanting money to release it. Today, it’s not just government and large businesses that are at risk. Small to mid-size businesses are at greatest risk. That’s because a) they often don’t have enough security in place and b) let’s face it, today’s attacker might be content with $300,000 each from a cluster of them rather than $30 million from a giant firm. Attracts less attention, for one thing. Here’s Blackfog’s monthly list of publicly reported attacks in 2022. In the first 30 minutes… Don’t just panic and agree to pay: [Kevin] Epstein says international law enforcement and white hat hackers usually Read More ›
Deep Web? Dark Web? What’s Dangerous? What’s to Know?
The Deep Web hosts information like bank statements and health records so a search on your name won't turn them upThe terms deep and dark sound glamorous and forbidding, maybe criminal. Both terms just mean that we can’t reach a site on that portion of the web via a conventional search engine. The Surface Web, the part that we can reach via a conventional search engine like Google, DuckDuckGo, or Brave, is estimated roughly to be 0.03% of the internet (Britannica). The Deep Web contains email accounts, bank statements, health records, and other services that can only be accessed by passwords. It’s the main reason that our private business can’t be accessed just by searching on our names. Both the Surface Web and the Deep Web are growing as more people go online. Now, about the Dark Web: By comparison, Read More ›
Largest Data Grab Ever Stole Shanghai’s Mass State Surveillance
The police, dutiful in monitoring everyone, flunked data security. Now it’s all for sale on the Dark WebBeijing wants to create a centralized database with personal information on everyone living in China. To do that, the government saves massive amounts of data acquired through surveillance technologies such facial and voice recognition and cell phone monitoring. In a previous article, we saw that the Chinese government’s surveillance network is much more extensive than once thought. However, while the Chinese government has prioritized collecting massive amounts of data, it has not prioritized protecting it. Thus, a hacker has acquired police data files on 1 billion Chinese residents (approximately 23 terabytes of data) from the Shanghai National Police database. The files include name, national ID number, cell phone number, birthdate, birthplace, ethnicity, education level, marital status, and delivery records. They Read More ›
Three Simple Words Can Find Any Place on Earth
The “what3words system” of geolocation is easier to remember than many street addresses and may also work for passwordsWhat3words is an app and web-based service that can convert practically any location within 3 × 3 meters (or 10 × 10 feet) — the size of a typical small bedroom or den — to just three short English words if you can give it an address. Don’t believe that? Try it. The address of the Library of Congress is person.hotels.canny The address of the Louvre Museum in France is started.pelting.pops And … bluffs.alas.skater? That’s the address of a Canadian Tire store somewhere in Ottawa. Clicking Bing Maps at the What3Words site will give you that store’s street address, satellite image and tell you how to get there. So why do this? Math prof Mary Lynn Reed explains: This new Read More ›