Security & Privacy


ABS seeks vendor to deliver 2021 Census in the cloud

ZDNet

The Australian Bureau of Statistics (ABS) is expecting the default for its 2021 Census to be digital, seeking a vendor to help it develop, host, and support its next attempt at country-wide online data collection. In a Request for Tender (RFT), the ABS specifies a cloud-based solution, noting that a "trusted, simple, easy to use contemporary experience will be required to ensure the continued growth in online completion". Specially, the required cloud-based solution is expected to be a responsive web application designed for mobile and desktop use; comprise of an online form that is accessible, secure, and scalable and which may include up to four different form types; and have user services including a "Contact Us" option and the ability for the individual to easily request a paper version of the Census form. It should also work on Census night when households log on. On August 9, 2016, the ABS experienced a series of denial-of-service (DDoS) attacks, suffered a hardware router failure, and baulked at a false positive report of data being exfiltrated, which resulted in the Census website being shut down and citizens unable to complete their online submissions.


Artificial Intelligence, Ratings, and the Small Print

#artificialintelligence

People have always balked at reading terms of service -- the acres of fine print on the bottom of insurance policies and product agreements and in pop-ups on apps and websites. It's so much easier and quicker to click "I agree" than to wade through hours of boring legalese. A 2016 academic study found that 98 percent of people signed up for a fictitious free Wi-Fi service, NameDrop, even though clause 2.3.1 of its terms states: "By agreeing to these Terms of Service, and in exchange for service, all users of this site agree to immediately assign their first-born child to NameDrop, Inc." In this age of big data, AI, and machine learning, there must be a better way for companies to present -- and for consumers to manage -- the small print. A sense of urgency to develop such systems is rising.


The Challenges of Artificial Intelligence (AI) for Organisations - Security Boulevard

#artificialintelligence

AI assists organisations in reducing operational costs, boosting user experience, elevating efficiency and cultivating revenue. But it also creates a number of security challenges for personal data and forms many ethical dilemmas for organisations. Such challenges for information security professionals mean re-calibration of approaches to data security, data classification and privacy. For regulators, this is translated to the General Data Protection Regulation (GDPR). AI's lifeline is data, and one source of data is the Internet of Things (IoT), which feeds by personal data.


Het vizier op de tech industrie

#artificialintelligence

Cosmos Bank in India recently had $13.5 million siphoned off by hackers linked to the Lazarus Group in North Korea. They exploited and succeeded in compromising two of the bank's payment systems – the ATM Switch and the SWIFT payments system. The group is also alleged to have orchestrated the $81 million cyber heist at Bangladesh Bank by siphoning off SWIFT payments from the bank's Federal Reserve account. These attacks emphasize the need for layered fraud defences and controls that effectively mitigate such risks going forward. As the adage says: "There is no silver bullet!"


Defense against adversarial attacks using machine learning and cryptography

#artificialintelligence

Researchers at the University of Geneva have recently developed a new defense mechanism that works by bridging machine learning with cryptography. The new system, outlined in a paper pre-published on arXiv, is based on Kerckhoffs' second cryptographic principle, which states that both defense and classification algorithms are known, but the key is not. In recent decades, machine learning algorithms, particularly deep neural networks (DNNs), have achieved remarkable results in performing a vast array of tasks. Nonetheless, these algorithms are exposed to substantial security threats, particularly adversarial attacks, limiting their implementation on trust-sensitive tasks. "Despite the remarkable progress achieved by deep networks, they are known to be vulnerable to adversarial attacks," Olga Taran, one of the researchers who carried out the study, told TechXplore.


Google's prototype Chinese search engine links users' activity to their phone numbers, report claims

Daily Mail

Google's secretive plans in China are attracting renewed scrutiny from privacy advocates. The tech giant is said to be building a prototype version of a censored Chinese search engine that links users' activity to their personal phone number, according to the Intercept. In doing so, it would be able to comply with the Chinese government's censorship requirements, increasing the chances that such a product would launch there in the future. A bipartisan group of 16 US lawmakers asked Google if it would comply with China's internet censorship and surveillance policies should it re-enter the search engine market there While China is home to the world's largest number of internet users, a 2015 report by US think tank Freedom House found that the country had the most restrictive online use policies of 65 nations it studied, ranking below Iran and Syria. But China has maintained that its various forms of web censorship are necessary for protecting its national security.


Luis von Ahn awarded $500,000 Lemelson-MIT Prize

MIT News

Luis von Ahn, Carnegie Mellon University consulting professor and CEO of Duolingo, has just been announced as the winner of the 2018 $500,000 Lemelson-MIT Prize for invention. He is also the co-founder of Duolingo, the most popular language-learning platform worldwide with the mission of making education free and accessible to everyone. Von Ahn joins a long lineage of inventors to receive the Lemelson-MIT Prize, the largest cash prize for invention in the United States. CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, is a now universally recognizable cybersecurity system, which websites use to prevent automated programs from inflicting large-scale abuse. CAPTCHA requires users to complete a computer-generated test of characters.


Amazon is quietly doubling down on cryptographic security – TechCrunch

#artificialintelligence

Now it appears that one of the leading companies in cloud services is looking for more ways to double down and fight the latter. Amazon's AWS has been working on a range of new cryptographic and AI-based tools to help manage the security around cloud-based enterprise services, and it currently has over 130 vacancies for engineers with cryptography skills to help build and run it all. One significant part of the work has been within a division of AWS called the Automated Reasoning Group, which focuses on identifying security issues and developing new tools to fix them for AWS and its customers based on automated reasoning, a branch of artificial intelligence that covers both computer science and mathematical logic and is aimed at helping computers automatically reason completely or nearly completely. In recent times, Amazon has registered two new trademarks, Quivela and SideTrail, both of which have connections to ARG. Classified in its patent application as "computer software for cryptographic protocol specification and verification," Quivela also has a Github repository within AWS Labs' profile that describes it as a "prototype tool for proving the security of cryptographic protocols," developed by the AWS Automated Reasoning Group.


Hacking The DNA of Humanity with Blockchain and AI

#artificialintelligence

DNA, the famous double helix carrying the genetic instructions used in the growth, development, functioning and reproduction of all living beings, is fundamentally, the critical way of storing the biosphere, and as part of it, all of humanity's information. It is the foundation of life as we scientifically know it. Conventionally, it gathers and encodes instructions for making living things, but it can be encrypted for other purposes and to evolve according to its organic nature evolutionary programming. Scientists and technologists from all kinds of subjects, as they deepen their understanding of its engineering, are adopting the biological DNA to store what seemed unimaginable some years ago, such as books, recordings, GIFs, and even planning things such as an Amazon gift card. In a pioneer experiment, Yaniv Erlich and Dina Zielinski, from the New York Genome Center and Columbia University encoded in a single gram of DNA, one of the first films ever made, Lumiere Brothers "The Arrival of a Train at La Ciotat Station" along with a computer operating system, a photo, a scientific paper, a computer virus, and an Amazon gift card.


Do the benefits of artificial intelligence outweigh the risks?

#artificialintelligence

GDPR compliance has yet to be fully embraced by firms on a global scale, yet headlines this past week show just what the repercussions might be against a new regulatory landscape. As noted late last week, a data breach at British Airways was revealed? The details of the hack itself: The bad guys grabbed on to the transaction data over a period of two weeks, beginning in late August, and lasting into early September. The data that was pilfered includes credit card information and data tied to individuals making reservations online, through the website and the British Airways mobile app. Among the first steps the firm took in the wake of the breach: CEO Alex Cruz apologized to those affected and the victims have been told to contact banks or credit card firms, and has promised that .