At least one cyber security expert disagrees. John Scott-Railton, a researcher with watchdog Citizen Lab who has studied NSO for years, told Fast Company that in 2016 researchers used NSO’s Pegasus to infect a phone that was located in the United States. (Last year, Scott-Railton was the target of a surveillance campaign waged against some of NSO’s critics.) Bill Marczak, a senior research fellow at Citizen Lab, said that if there is a restriction on U.S. phones, users could still infect a device by sending a link through media other than a telephone number, such as through a messaging app. … [Read more...] about How Saudi Arabia allegedly hacked Jeff Bezos
Miss universe 2017 crowning
Letting machine bias in? However, as artificial intelligence experts have cautioned, systems that aim to reduce bias through AI could be complicated by AI itself. Automated systems will only be as good as the underlying data, says Rashida Richardson, director of policy research at AI Now Institute, a think tank at New York University that studies machine bias and algorithmic accountability. And since admissions are embedded with many subjective judgments, Richardson believes attempting to automate it can result in “embedding and possibly concealing these subjective decisions,” quietly replicating the problems that these systems purport to address. … [Read more...] about Schools are using software to help pick who gets in. What could go wrong?
In 2018, the Journal of Applied Digital Forensics noted that there hasn’t been much research into the type of data logged by a car’s computer systems, how long these user artifacts remain, whether or not they can be removed, and if certain cars provide more data than others. In their study, researchers noted that today’s “connected cars” feature systems that “function like computers, storing information they process including user data from devices synced to the system.” The researchers studied cars of different makes and models with either a Uconnect® system or a Toyota™ Extension Box. The Toyota system provided a “significant amount of user information” like contacts, call logs, media file information, and locations, while the Uconnect system only provided location data. The study also noted that these systems can also log social media feed data. … [Read more...] about Despite the controversy, plenty of smaller tech startups work with ICE
A market of exploits Karsten Nohl, a cryptographer and managing director at Security Research Labs, says that there are two dimensions to lawful intercept tools: is the smartphone an iPhone or not, and does the exploit require “help” from the phone’s user. Some exploits require users to do something like install a security update—despite warnings—that downloads malware onto their device. Nohl says the simplest exploits are those for Android phones, and that the preferred exploits work over the internet, while others only work in Wi-Fi range. Nohl says that NSO Group can hack most versions of the iPhone and many Android phones, and that this usually happens remotely. … [Read more...] about Inside the shadowy world of spyware makers that target activists and dissidents
As he demonstrated, a malicious hacker can execute a search for an Elasticsearch database with these tools by defining a port, an index, and a keyword. In less than a minute, Wethington found 33,000 open Elasticsearch databases, a small percentage of which would be related to facial recognition or artificial intelligence. “The point is that the data is easy to find if it’s even remotely insecure,” he says. In short order, Wethington found a database in China that is using facial recognition technology. He says the tools to access these systems are freely available and often require zero authentication. “Technically, they aren’t being hacked—they are simply not being secured,” says Wethington. … [Read more...] about Due to weak oversight, we don’t really know how tech companies are using facial recognition data