Collaborating Authors


Top hacks from Black Hat and DEF CON 2020


We take a closer looking at some of the more unusual security research that was presented at this year's virtual Hacker Summer Camp The annual Hacker Summer Camp traversed from Las Vegas into the wilds of cyberspace this year, thanks to the coronavirus pandemic, but security researchers still rose to the challenge of maintaining the traditions of the event in 2020. As well as tackling core enterprise and web security threats, presenters at both Black Hat and DEF CON 2020 took hacking to weird and wonderful places. Anything with a computer inside was a target – a definition that these days includes cars, ATMs, medical devices, traffic lights, voting systems and much, much more. Security researcher Alan Michaels brought a new meaning to the phrase "insider threat" with a talk about the potential risk posed by implanted medical devices in secure spaces at Black Hat 2020. An aging national security workforce combined with the burgeoning, emerging market for medical devices means that the risk is far from theoretical.

Michigan University study advocates ban of facial recognition in schools


A newly published study by University of Michigan researchers shows facial recognition technology in schools presents multiple problems and has limited efficacy. Led by Shobita Parthasarathy, director of the university's Science, Technology, and Public Policy (STPP) program, the research say the technology isn't suited to security purposes and can actively promote racial discrimination, normalize surveillance, and erode privacy while institutionalizing inaccuracy and marginalizing non-conforming students. The study follows the New York legislature's passage of a moratorium on the use of facial recognition and other forms of biometric identification in schools until 2022. The bill, which came in response to the launch of facial recognition by the Lockport City School District, was among the first in the nation to explicitly regulate or ban use of the technology in schools. That development came after companies including Amazon, IBM, and Microsoft halted or ended the sale of facial recognition products in response to the first wave of Black Lives Matter protests in the U.S. The Michigan University study -- a part of STPP's Technology Assessment Project -- employs an analogical case comparison method to look at previous uses of security technology like CCTV cameras and metal detectors as well as biometric technologies and anticipate the implications of facial recognition.

Class action comedy: Is Microsoft stealing its business customers' data? (Uh, no)


Last week three individuals filed a lawsuit against Microsoft Corporation in the United States District Court for the Northern District of California, with a request for class action certification. Microsoft's multitude of Business and Enterprise editions offer more advanced feature sets than the Home and Personal editions, with collaborative applications and management tools designed for meeting enterprise security and compliance challenges. The plaintiffs contend that Microsoft is routinely violating the privacy of customers who pay for business subscriptions to Microsoft 365 (formerly Office 365). They allege that "Microsoft shares its business customers' data with Facebook and other third parties, without its business customers' consent." The complaint also accuses Microsoft of sharing business customers' data with third-party developers and with "hundreds of subcontractors ... without requiring the subcontractors to keep the data private and secure." And they maintain that Microsoft uses their business customers' private data "to develop and sell new products and services--and otherwise benefit itself."

MLOps: What You Need To Know – Tech Check News


Its about how to best manage data scientists and operations people to allow for the effective development, deployment and monitoring of models. "MLOps is the natural progression of DevOps in the context of AI," said Samir Tout, who is a Professor of Cybersecurity at the Eastern Michigan University's School of Information Security & Applied Computing (SISAC) .

Rite Aid Used Facial Recognition in Stores for Nearly a Decade


Just over two weeks after an unprecedented hack led to the compromise of the Twitter accounts of Bill Gates, Elon Musk, Barack Obama, and dozens more, authorities have charged three men in connection with the incident. The alleged "mastermind" is a 17-year-old from Tampa, who will be tried as an adult. There are still plenty of details outstanding about how they might have pulled it off, but court documents show how a trail of bitcoin and IP addresses led investigators to the alleged hackers. A Garmin ransomware hack disrupted more than just workouts during a days-long outage; security researchers see it as part of a troubling trend of "big game hunting" among ransomware groups. In other alarming trends, hackers are breaking into news sites to publish misinformation through their content management systems, giving them an air of legitimacy.

AI from Darktrace transforms cybersecurity in Las Vegas - Intelligent CIO North America


Las Vegas's search for an adaptive security solution led it to deploy Darktrace AI across its enterprise, cloud and industrial networks. Background In recent years, Las Vegas has become a prototypical Smart City. As riders glide down the Strip aboard the first completely autonomous shuttle ever deployed on a public roadway, they are unlikely to notice much trash on the sidewalk – the city's surveillance cameras stream to an AI service that directs clean-up crews towards concentrations of litter. And when rush hour approaches, its passengers can rest assured that an array of connected sensors are helping officials anticipate gridlock at busy intersections. But while smart infrastructure enables Las Vegas to achieve new heights of efficiency, conventional security tools are largely ill-equipped to defend the hybrid cloud and industrial networks that power this infrastructure.

Video games becoming a new frontier in digital rights

The Japan Times

New York – Critical digital rights battles over privacy, free speech and anonymity are increasingly being fought in video games, a growing market that is becoming a "new political arena," experts and insiders said on Thursday. With the industry set to more than double annual revenues to $300 billion by 2025, questions about how video game operators, designers and governments handle sensitive issues take on added urgency, said participants at RightsCon, a virtual digital rights conference. In recent months, a Hong Kong activist staged a protest against Beijing's rule inside a popular social simulator game called Animal Crossing, and a member of the U.S. Congress, Alexandria Ocasio-Cortez, campaigned in the game as well. The game Minecraft, meanwhile, has been used to circumvent censorship, with groups using it to create digital libraries and smuggle banned texts into repressive countries. "Video games have become this new political arena," said Micaela Mantegna, founder of GeekyLegal, an Argentinian group that focuses on tech policy.

GPT-3 Creative Fiction


What if I told a story here, how would that story start?" Thus, the summarization prompt: "My second grader asked me what this passage means: …" When a given prompt isn't working and GPT-3 keeps pivoting into other modes of completion, that may mean that one hasn't constrained it enough by imitating a correct output, and one needs to go further; writing the first few words or sentence of the target output may be necessary.

Top Five Data Privacy Issues that Artificial Intelligence and Machine Learning Startups Need to Know - insideBIGDATA


In this special guest feature, Joseph E. Mutschelknaus, a director in Sterne Kessler's Electronics Practice Group, addresses some of the top data privacy compliance issues that startups dealing with AI and ML applications face. He also assists with district court litigation and licensing issues. Based in Washington, D.C. and renown for more than four decades for dedication to the protection, transfer, and enforcement of intellectual property rights, Sterne, Kessler, Goldstein & Fox is one of the most highly regarded intellectual property specialty law firms in the world. Last year, the Federal Trade Commission (FTC) hit both Facebook and Google with record fines relating to their handling of personal data. The California Consumer Privacy Act (CCPA), which is widely viewed the toughest privacy law in the U.S., came online this year.

How WWII Was Won, and Why CS Students Feel Unappreciated

Communications of the ACM

Observations of the 75th anniversary of the end of World War II in Europe (May 8, 1945) included remembrances of such searing events as the struggle on Omaha Beach on D-Day, the Battle of the Bulge, and at least some recognition of the enormous contribution made by the Russian people to the defeat of Fascism. Yet in all this, I suspect the role of the first "high-performance computing" capabilities of the Allies--known as Ultra in Britain, Magic in the U.S.--will receive too little attention. The truth of the matter is that the ability to hack into Axis communications made possible many Allied successes in the field, at sea, and in the air. Alan Turing and other "boffins" at Britain's Bletchley Park facility built the machine--a much-improved version of a prototype developed by the Poles in the interwar period--that had sufficient computing power to break the German Enigma encoding system developed by Arthur Scherbius. The Enigma machine was a typewriter-like device with three rotors, each with an alphabet of its own, so each keystroke could create 17,576 possible meanings (26 x 26 x 26).