Tech News - Cybersecurity

It was only two days ago when Jamie Kyle, a Lerna Developer decided to modify the Lerna’s license to ban companies who are the U.S. Immigration and Customs Enforcement ( ICE ) contractors from using the software. This decision has now been reverted by the Lerna Core team and Kyle has been removed from the development project. Now, any organization who wishes to use the Lerna software is free to use it. Kyle stated, on Wednesday, over Github how he has been deeply disturbed by ICE’s behavior with American immigrants and the companies who have collaborated with ICE “don’t have any licensing rights” and “any use of Lerna will be considered theft”. Daniel Stockman, a core Lerna contributor, removed Kyle from the project, yesterday morning and pointed out that the license change was a “rash decision” that was “unenforceable”. He also added that there were “several past violations of [Lerna’s] code of conduct” as there were instances when Kyle’s behavior was rude and impolite. As reported to Motherboard, Kyle thinks his removal from the team is a result of Stockman’s discussion of the issue with Microsoft employees. But, Stockman denied the characterization to Motherboard. “I think developers can be activists if they so choose, and I support tools and licenses designed to make this easier,” said Stockman. He also added that because he is willing to revoke the relicensing doesn’t mean that he is an ICE supporter, and described ICE as “monstrous” and “must be abolished”. Public opinion about Lerna’s current decision is varied: https://twitter.com/alicegoldfuss/status/1035214998375559173 https://twitter.com/xander76/status/1034842377775529984 https://twitter.com/chriseppstein/status/1034863523493339136 https://twitter.com/benwiley4000/status/1035031630333796352 https://twitter.com/siziyman/status/1035051041111326720 “Open source, even in a project where there is only one active contributor, is never just about one individual. Even acquiescence from multiple core contributors is not sufficient to justify a change like this,” says Stockman. For more coverage on the news, check out the post by Motherboard. Skepticism welcomes Germany’s DARPA-like cybersecurity agency – The federal agency tasked with creating cutting-edge defense technology Amazon calls Senator Sanders’ claims about ‘poor working conditions’ as “inaccurate and misleading” Google slams Trump’s accusations, asserts its search engine algorithms do not favor any political ideology  

On Wednesday, the German government announced the creation of a new federal agency to develop cutting-edge cyber defense technology. The agency would resemble the U.S. Defense Advanced Research Projects Agency (DARPA) and would be managed by the Ministry of Defense and the Ministry of the interior. Germany has always had background of rising numbers of cyber attacks. German Defense Minister Ursula von der Leyen affirms that the agency would encourage Germany’s investment in new technologies and in the protection of critical digital infrastructure. The agency will also be partnering with other EU countries on agency projects. The agency akin to DARPA will make Germany more independent in its fight against cyber threats. Ministers in Chancellor Angela Merkel’s government said on Wednesday that Germany will invest €200 million over the next five years to launch this agency that will develop its own cyber defense capabilities. The news, however, was not taken well by some lawmakers who have expressed their concerns about the new agency. The issue of military-led and cyber warfare has been a  disputable topic in Germany. Anke Domscheit-Berg, digital policy spokeswoman for the Left Party, expressed her concern on this matter. She believes that more digital security would definitely help Germany, however, her apprehension lies in the fact that the agency is located between the Defense Ministry and the Interior Ministry. Green Party spokesman Konstantin von Notz argued that the agency will work against the Foreign Ministry’s work. In a statement released to DW, Noz mentioned that the agency would massively undermine the Foreign Ministry’s efforts at the UN to outlaw cyber weapons Instead of promoting a spiraling escalation in the digital space, the government needs to make a U-turn on IT security.” Read the entire coverage of this article on DW for more insights on the matter. Facebook’s AI algorithm finds 20 Myanmar Military Officials guilty of spreading hate and misinformation, leads to their ban Google Employees Protest against the use of Artificial Intelligence in Military Fitness app Polar reveals military secrets

In July, Google had announced the Titan Security keys built with hardware chip to verify key integrity. Now they are available for purchase from the Google store. The security key looks like a dongle and provides two factor authentication which is more secure than just a username and password. These Titan keys are based on the FIDO standards which Google considers as the strongest and most phishing resistant two factor authentication method. This security key was initially made available to Google Cloud users. Now it is available to the public. How does the Google Titan key protect your account? Security keys are based on a standard public key cryptography protocol. The client registers a public key with the online service initially and during the authentication. Then for authentication, the online service asks the client to prove its ownership of the private key with a cryptographic signature. Google jointly contributed to the two factor authentication technical specifications to the FIDO Alliance and launched support for Gmail in 2014. The company has been working with Yubico and NXP to develop security keys internally from 2012. In a Google Cloud Blog post, Christiaan Brand, Product Manager, Google Cloud stated, “At Google, we have had not reported or confirmed account takeovers due to password phishing since we began requiring security keys as a second factor for our employees.” Google has engineered the firmware in the chips with security in mind. This firmware is permanently sealed in a secure hardware chip and is resilient to hardware attacks. Therefore the security factor is sealed in the chip itself during manufacture. FIDO has standardized the authentication protocol used between the client and server. This protocol is being implemented in popular operating systems like Android and Chrome and also the Chrome browser. The security keys can be used to authenticate services like Google, Dropbox, Facebook, GitHub, Salesforce, Stripe, and Twitter. Do you need it? If you have important information in your accounts or would like stronger security as an individual or for your organization, the Google Titan key is a good option. It is available for $50 in the Google store (only US for now) and includes a Bluetooth and USB key with the required connectors. For more details visit the Google Cloud Blog. Google introduces Cloud HSM beta hardware security module for crypto key security Google’s Protect your Election program: Security policies to defend against state-sponsored phishing attacks, and influence campaigns Defending Democracy Program: How Microsoft is taking steps to curb increasing cybersecurity threats to democracy

Mozilla is taking a stand against web advertising practices with an announcement today that its Firefox browser will soon block web trackers by default. Users can expect a series of updates over the next few months while this feature comes into reality. This proactive approach to protect consumer privacy, aims to give them more choice over what information they share with third party sites. Mozilla has been always in the forefront of giving users the assurity of data privacy. They started off by blocking pop-up ads in the very first public Firefox release in 2004. The wholesale blocking of ads and trackers in private browsing mode starting in 2015 is another testament to the fact. Mozilla has made it clear that even though some sites will continue to want user data in exchange for content, they will have to ask users for it. This gives advertising platforms a reason to care about their users’ experience and is a positive change for people who up until now had no idea of the value exchange they were asked to make. Mozilla’s three key initiatives to put this approach into practice: #1 Improving page load performance A new feature will be introduced in Firefox Nightly that will blocks trackers slowing down page loads. Loading third party trackers makes it slow for a website to load as a whole. For users on slower networks, the effect is worse. This messes with the user’s experience on the web. Firefox will study the effects of blocking trackers and test the new feature using a shield study in September.  If the approach succeeds in improving page performance well, slow-loading trackers will be blocked by default in Firefox 63. #2 Removing cross-site tracking Users expect a certain level of privacy on the web. However, many web browsers fail to help users obtain the level of privacy that they should be entitled to. Taking this into account, Firefox will strip cookies and block storage access from third-party tracking content. This is already available for Firefox Nightly users to try out. A shield study will be carried out with some beta users in September to check this feature. All Firefox 65 users can expect this update coming their way soon. After all, no one appreciates the thought of being constantly tracked by third-party sites to obtain information in secret. #3 Mitigating harmful practices The third approach Mozilla is taking is to block harder-to-detect practices like fingerprinting-a technique that allows them to invisibly identify users by their device properties. This will also put a stop on crypto mining scripts that silently mine cryptocurrencies on the user’s device. The Twitter community has received this news well and many Firefox users have expressed their appreciation over this initiative. Source: Twitter The November release of Firefox 57, added an option to let people block all trackers. Worldwide, 1.3 percent of people enable Firefox tracking protection today which means out of   250 million monthly active users, it represents the choice of about 3 million people. Now as a bonus, users can block add trackers as well! Source: Cnet.com This goes to show the level of trust that users have in Firefox and we are sure that like always firefox will not disappoint. You can read the detailed news of the upcoming update on Mozilla’s official blog. Mozilla’s new Firefox DNS security updates spark privacy hue and cry Mozilla, Internet Society, and web foundation wants G20 to address “techlash” fuelled by security and privacy concerns Firefox Nightly’s Secure DNS Experimental Results out  

Following Facebook’s move to restrict cross-posts from other platforms earlier this month via changes to its API platform, many users noticed their old Twitter posts disappearing from Facebook this week. The cross-posting option lets users publish their Twitter posts to Facebook automatically. The absence of cross posting was first noticed by users who heavily relied on cross-posting to keep their Facebook active. Without that feature, the Twitter app for Facebook was not of much use. This had caused a lot of old posts to disappear, first noticed around August 26, leaving users furious. Some of the users’ profiles were left fairly empty since they relied on cross-posting to keep their accounts active. Facebook API platform changes are a part of Facebook’s plan to take strict measures on misuse of its platform after the Cambridge Analytica scandal at the start of this year. Since then, Facebook has been taking a variety of efforts to prevent data misuse; stopping third-parties from being able to post to Facebook is one of them. TechCrunch was the first to report on the issue is sudden disappearance of cross-posts from Twitter, and Facebook confirmed to them the same day that it is checking the issue. Common belief is that changes in the API to prevent cross-posting would not have mass-deleted all the older posts. Following these changes from Facebook, Twitter asked Facebook for its app to be deleted from their platform. The result was users’ old Twitter posts on Facebook getting deleted. Turns out that this was just a bug and now it is fixed. In a statement to Axios, Facebook cleared the confusion saying "A Twitter admin requested their app be deleted, which resulted in content that people had cross-posted from Twitter to Facebook also being temporarily removed from people’s profiles. However, we have since restored the past content and it's now live on people’s profiles." You can find the original report on TechCrunch. Facebook Watch is now available world-wide challenging video streaming rivals, YouTube, Twitch, and more A new conservative employee group within Facebook to protest Facebook’s “intolerant” liberal policies Facebook’s AI algorithm finds 20 Myanmar Military Officials guilty of spreading hate and misinformation, leads to their ban

During July 2018, a planned Firefox Nightly experiment was performed involving secure DNS via the DNS over HTTPS (DoH) protocol. About 25,000 Firefox Nightly 63 users had agreed to be part of Nightly experiments and participated in this study. Cloudflare operated the DoH servers that were used according to the privacy policy they had agreed to with Mozilla. Each user was additionally given information directly in the browser about the project. That information included the service provider, and an opportunity to decline participation in the study. Browser users are currently experiencing spying and spoofing of their DNS information due to reliance on the unsecured traditional DNS protocol. Using a trusted DoH cloud based service in place of traditional DNS is a significant change in how networking operates and it raises many things to consider as we go forward when selecting servers. However, the initial experiment focused on validating two separate important technical questions: Does the use of a cloud DNS service perform well enough to replace traditional DNS? Does the use of a cloud DNS service create additional connection errors? The experiment is now complete and here are the finding highlights: The HTTPS with a cloud service provider shows a minor performance impact on the majority of non-cached DNS queries as compared to traditional DNS. Most queries were around 6 milliseconds slower, which seems to be an acceptable cost for the benefit of securing the data. However, the slowest DNS transactions performed much better with the new DoH based system than the traditional one – sometimes hundreds of milliseconds better. Source: Firefox Nightly The above chart shows the net improvement of the DoH performance distribution vs the traditional DNS performance distribution. The fastest DNS exchanges are at the left of the chart and the slowest at the right. The slowest 20% of DNS exchanges are radically improved (improvements of several seconds are truncated for chart formatting reasons at the extreme), while the majority of exchanges exhibit a small tolerable amount of overhead when using a cloud service. It shows a good result. The Firefox team hypothesized the improvements at the tail of the distribution derived from 2 advantages DoH provides compared to traditional DNS. First, the consistency of the service operation – when dealing with thousands of different operating system that are overloaded, unmaintained, or forwarded to strange locations. Second, HTTP’s use of modern loss recovery and congestion control allow it to better operate on very busy or low quality networks. The experiment also considered connection error rates and found that users using the DoH cloud service in ‘soft-fail’ mode experienced no statistically significant different rate of connection errors than users in a control group using traditional DNS. Soft-fail mode primarily uses DoH, but it will fallback to traditional DNS when a name does not resolve correctly or when a connection to the DoH provided address fails. The connection error rate measures whether an HTTP channel can be successfully established from a name and therefore incorporates the fallbacks into its measurements. These fallbacks are needed to ensure seamless operation in the presence of firewalled services and captive portals. “We’re committed long term to building a larger ecosystem of trusted DoH providers that live up to a high standard of data handling. We’re also working on privacy preserving ways of dividing the DNS transactions between a set of providers, and/or partnering with servers geographically. Future experiments will likely reflect this work as we continue to move towards a future with secured DNS deployed for all of our users.” says the Firefox Nightly team. Mozilla’s new Firefox DNS security updates spark privacy hue and cry Firefox Nightly browser: Debugging your app is now fun with Mozilla’s new ‘time travel’ feature Firefox has made a password manager for your iPhone

On 27th August, a self-proclaimed ‘retired vulnerability researcher’ who goes by the name ‘SandboxEscaper’  tweeted about a local privilege escalation exploit for Windows. The unknown Windows zero-day vulnerability found in the Windows OS could allow a local user or a malicious one to obtain system privileges on the targeted machine. Will Dorman, an engineer of CERT/CC, confirmed the vulnerability and issued an official CERT/CC alert on the same day. He said that the vulnerability is a privilege escalation issue and resides in the Windows' task scheduler program. It occurred due to errors in the handling of Advanced Local Procedure Call (ALPC) systems. ALPC interface is a Windows-internal mechanism and works as an inter-process communication system. With ALPC, a client process running within the OS can ask a server process running within the same OS to provide some information or perform some action. Proof-of-concept (PoC) code to exploit the ALPC interface on GitHub SandboxEscaper released a proof-of-concept (PoC) code on GitHub on 7th May,  in order to exploit the ALPC interface to gain SYSTEM access on a Windows system. This PoC can largely attract malware authors as it allows benign malware to gain an admin access on targeted systems. At present, there are no known solutions for this vulnerability, which has been awarded a Common Vulnerability Scoring System (CVSS) score of 6.4 - 6.8. A CVSS score ranging between 4.0 - 6.9 is said to have medium severity as per the Qualitative Severity Rating Scale. SandboxEscaper did not notify Microsoft about the vulnerability, which leaves all the Windows 64-bit users prone to attack. However, Microsoft has acknowledged the 0-day flaw and we can expect this flaw to be resolved in Microsoft's next security updates scheduled for September 11, the company's next ‘Patch Tuesday’. The person behind the Windows zero-day hack:  SandboxEscaper This vulnerability was discovered by a self-educated blogger named ‘Sandbox escaper’. Her previous work can be found at https://sandboxescaper.blogspot.com/p/disclosures_8.html What is intriguing is that the blogger calls herself a ‘retired vulnerability researcher’ who now blogs on travel. However, she has just started looking for a job in vulnerability research a week before her now famous Windows 0day hack. She says on her post on her current job hunt, “I have mainly focused on logic bugs so far. So ideally I would prefer a place that is willing to mentor me, and doesn't just expect me to start breaking all the hard targets and sandboxes by myself. I would also prefer an onsite job in the UK (I'm currently a citizen of Belgium and also living there).” She also goes forth to mention that being a transgender, her transition has been really difficult. Dealing with social pressure and anxiety isn’t easy, but this vulnerability researcher is causing heads to turn thanks to this discovery! She’s definitely got Microsoft’s attention now. Would be interesting to see if Microsoft decides to give her a chance at a job interview. On a related note, this story also underscores the existing toxic culture in tech and highlights why it is important for tech companies to push inclusion and diversity as a key CxO performance metric. A person should be judged on merits and capabilities, not on their personal lifestyle choices or their traits/features, physical, emotional, sexual, political or otherwise. Further updates to this story After SandboxEscaper’s first tweet caused friction in the flaw disclosure process. She followed up with another tweet stating "Enjoy the 0day. It will get patched really fast. I guess I had fun today. Now I'm gone for a while, bye." Publicly releasing Windows vulnerabilities before Microsoft has issued a patch is quite rare. Microsoft, and many other companies offer bug bounties, or rewards, for information on software flaws. However, publicly disclosing the flaw vindicates someone from earning a bug bounty. As per Microsoft's rules, detailed proof-of-concept code similar to the one that SandboxEscaper posted, must not be disclosed until 30 days after Microsoft issues a patch. Her GitHub video might have violated Microsoft's terms and conditions for bug rewards. Yesterday, SandboxEscaper tweeted, "I screwed up, not MSFT (they are actually a cool company)." SandboxEscaper received an overwhelmingly positive response and compliments for her vulnerability discovery from various tech geeks, including from the cybersecurity training company Hacker House. Read more about this 0day exploit’s technical details on Kevin Beaumont’s Medium post. Note: Updated on 30th Aug, to include section on ‘Further updates to this story’. Epic games CEO calls Google “irresponsible” for disclosing the security flaw in Fortnite Android Installer before the patch was ready Sugar operating system: A new OS to enhance GPU acceleration security in web apps Meet ‘Foreshadow’: The L1 Terminal Fault in Intel’s chips

The Lerna team has taken a strong stand against the U.S. Immigration and Customs Enforcement ( ICE ) by modifying their MIT license to ban companies who have collaborated with ICE from using Lerna. Lerna is a tool for managing large-scale JavaScript projects with multiple packages. Lerna lets you add dependencies to multiple packages with a single command. It made monorepos available to everyone, which were earlier very expensive and used only by big companies. A comment on Github by a Lerna developer, Jamie Kyle earlier this day, stated how he has been deeply disturbed by ICE’s behavior with American immigrants, especially with the way ICE has acted with immigrant children and wants it to stop. “The actions of ICE have had a lifelong lasting impact on these children, and many of them won't even remember it happening. I have trouble expressing how angry this makes me feel. And the worst part is that I feel helpless to improve the situation. There is one thing I have control over, and that's open source”, reads the post. Kyle states that major tech giants such as Facebook, Uber, Google, Amazon, etc, carry out “a lot of shady things behind the scenes. These companies care only about the millions of dollars that ICE is paying them and are willing to ignore all the horrible things that ICE does.” Now, these companies are also using Lerna, and “it's really hard for me to sit back and ignore what these companies are doing with my code” says Kyle. Reinforcing Lerna’s ethical beliefs, the updated Lerna license bans companies that are known collaborators with US Immigration and Customs Enforcement such as Microsoft, Palantir, and Amazon, among the others from using Lerna. These companies don’t have any licensing rights and “any use of Lerna will be considered theft”. They cannot pay for a license, and if they wish to use Lerna, they need to publicly end their contracts with ICE. For everyone else, Lerna will remain MIT licensed. Public opinion about Lerna’s decision against ICE is varied: https://twitter.com/AdrienDittrick/status/1034716993323184128 https://twitter.com/sarah_federman/status/1034633564065656832 https://twitter.com/_juandjara/status/1034716644667473921 https://twitter.com/stefanpenner/status/1034687675066970112 “Now, it's not news to me that people can use open source for evil. But it's really hard for me to sit back and ignore what these companies are doing with my code. It doesn't feel like there are enough steps in between me and the horrible things ICE is doing” says Kyle. For more information, check out the official Github post. Facebook’s AI algorithm finds 20 Myanmar Military Officials guilty of spreading hate and misinformation, leads to their ban Intel faces backlash on Microcode Patches after it prohibited Benchmarking or Comparison Homebrew’s Github repo got hacked in 30 mins. How can open source projects fight supply chain attacks?  

Facebook has banned 20 military officials from Myanmar for spreading hate and misinformation about the ethnic violence in Myanmar. They have also removed a total of 18 Facebook accounts, one Instagram account, and 52 Facebook Pages. This action was a result of a report conducted by the UN Human Rights Council-authorized Fact-Finding Mission on Myanmar. They found evidence of many organizations and individuals committing or assisting in serious human rights abuses in the country. Following this, Facebook banned these individuals to prevent further inflammation of ethnic and religious tensions. The 20 military officials and organizations removed include Senior General Min Aung Hlaing, commander-in-chief of the armed forces, and the military’s Myawady television network. They have removed six pages and six accounts from Facebook and one account from Instagram connected to these individuals and organizations. The rest don’t have a Facebook or Instagram presence but are banned nevertheless. Facebook has also removed 46 Pages and 12 accounts for engaging in coordinated inauthentic behavior. These pages used independent news and opinion pages to secretly push the messages of the Myanmar military. Earlier this year, Facebook created a dedicated team across product, engineering, and policy to work on issues specific to Myanmar. They use sophisticated artificial intelligence to proactively flag posts that break Facebook policies. In the second quarter of 2018, these algorithms identified about 52% of the content that Facebook removed for hate speech in Myanmar. They also updated their credible violence policies to deal with misinformation that may contribute to imminent violence or physical harm. They are also improving Facebook reporting tools and introducing new tools on the Messenger mobile app for people to report conversations that violate Community Standards. Read the entire report on this decision on the Facebook newsroom. Facebook takes down hundreds of fake accounts with ties to Russia and Iran Facebook bans another quiz app and suspends 400 more due to concerns of data misuse Facebook is reportedly rating users on how trustworthy they are at flagging fake news

The Election officials in Los Angeles County gave final approval, last Tuesday, to a new system of counting ballots, named “Voting Solutions for All People (VSAP) Tally 1.0”. The VSAP Tally 1.0 system is created to make the upcoming elections more secure. The new tally system, VSAP Tally 1.0, is an open-source platform that runs on technology owned by the county instead of a private vendor. This is the first publicly-owned, open-source election tally system certified under the California voting system standards. The certification process of VSAP Tally 1.0 involved rigorous functional and security testing conducted by the Secretary of State’s staff as well as a certified voting system test lab. The testing ensured that the new system complies with California Voting System Standards (CVSS). According to Secretary of State, Alex Padilla, “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security, and transparency -- the newly designed VBM is the first step in implementing a new voting experience for LA County voters that is more accessible and convenient.” John Sebes, the chief technology officer, Open Source Election Technology Institute, points out that " their intention is to make it freely available to other organizations, which it is not as of now. It's open source in the sense that it was paid for by public funds and the intent is to share it." The certification of the VSAP Tally 1.0 solution enables the Los Angeles County to move forward for November 6, 2018, General Elections, with its newly redesigned VSAP Vote by Mail (VBM) ballots. “This is a significant milestone in our efforts to implement a new voting experience for the voters of Los Angeles County. The VSAP Tally System ensures that the new Vote by Mail ballots cast in the upcoming November election will be counted accurately and securely”, says Dean C. Logan, County Clerk. No information on how they plan to verify these votes has been disclosed yet. Also, even though the VSAP Tally 1.0 is an open source system, there are no codes made available on GitHub so far. For more information, be sure to check out the official press release. Facebook, Twitter takes down hundreds of fake accounts with ties to Russia and Iran, suspected to influence the US midterm elections Jack Dorsey to testify explaining Twitter algorithms before the House Energy and Commerce Committee DCLeaks and Guccifer 2.0: How hackers used social engineering to manipulate the 2016 U.S. elections  

With more and more attacks happening via emails and hackers intruding into presidential elections and still influencing various ongoing campaigns, Google has recently shared their ongoing work to provide protection against: State-sponsored phishing attacks Technical attribution of a recently-reported influence campaign from Iran Detection and termination of activity on Google properties Due to the advanced techniques used by hackers, users are often tricked by an email camouflaged as a legitimate one. As a countermeasure, Google says it has invested in robust systems, For detecting any phishing or hacking attempts on user’s email network To identify influence operations launched by foreign governments To protect political campaigns from digital attacks via Google’s Protect Your Election program. Google’s Threat Analysis Group is working with their partners at Jigsaw and Google’s Trust & Safety team to identify bad actors and disable their accounts. The group will further warn users about these bad actors, and also share intelligence with other companies and law enforcement officials. State-sponsored phishing attacks Email phishing is the most common yet the most popular attack. Google has improved their security policies for Gmail users such as automated protections, account security (like security keys), specialized warnings, and so on. Google, via these attempts, plans to significantly decrease the volume of phishing emails that get through to its users. On 20th August 2018, Google issued a series of notifications to Gmail users who were subject to suspicious emails from a wide range of countries. They posted about the different warnings about Government-backed phishing on their blog post and asked users to take immediate actions if they came across the attack or pop-up mentioned. FireEye detected suspicious Google accounts linked to Iran Google has also integrated with FireEye cybersecurity group, and other top security consultants, to provide them with intelligence. FireEye’s recent help to Facebook by detecting the identified suspicious accounts with links to Russia and Iran is worth mentioning. For the last two months, Google and Jigsaw have worked closely with FireEye on the influence operation linked to Iran that FireEye identified last week. FireEye identified some suspicious Google accounts (three email accounts, three YouTube channels, and three Google+ accounts), which were swiftly disabled. Google Security team suspects the malicious actors are linked to IRIB In addition to FireEye’s intelligence report, Google’s team have investigated a broader range of suspicious actors linked to Iran who has engaged in setting up the malicious accounts. Following this, Google has informed the U.S. lawmakers and law enforcement agencies about the results of their investigation, including its relation to political content in the United States. Google’s technical research team further identified with evidence that these actors are associated with the IRIB, the Islamic Republic of Iran Broadcasting. Their observations are as follows: Technical data associated with these actors is strongly linked to the official IRIB IP address space. Domain ownership information about these actors is strongly linked to IRIB account information. Account metadata and subscriber information associated with these actors is strongly linked to the corresponding information associated with the IRIB, indicating common ownership and control. Detecting and terminating activity on Google properties All content influenced by the malicious actors violating Google’s policies are swiftly removed from Google services and terminates these actors’ accounts. It also uses several robust methods, including IP blocking, to prevent individuals or entities in Iran from opening advertising accounts. Google identified and terminated a number of accounts linked to the IRIB organization that disguised their connection to this effort, including while sharing English-language political content in the U.S., these include: 39 YouTube channels that had 13,466 total US views on relevant videos 6 blogs on Blogger 13 Google+ accounts The state-sponsored phishing attacks and the actors associated with the IRIB are not the only state-sponsored actors at work on the Internet. Google had also disclosed information about actors linked to the Internet Research Agency (IRA) in 2017. They detected and removed 42 YouTube channels, which had 58 English-language political videos (these videos had a total of fewer than 1,800 U.S. views). Read more about Google’s plan to protect users against phish attacks on their Safety & Security blog. DC Airport nabs the first imposter using its newly deployed facial recognition security system Intel faces backlash on Microcode Patches after it prohibited Benchmarking or Comparison Mozilla, Internet Society, and web foundation wants G20 to address “tech-lash” fuelled by security and privacy concerns

House Energy and Commerce Committee announced that Twitter CEO Jack Dorsey will testify before the committee regarding Twitter algorithms and content monitoring. The hearing will take place on the afternoon of Wednesday, September 5, 2018. https://twitter.com/HouseCommerce/status/1033099291185827841 A few days back, Jack Dorsey announced plans to rethink how Twitter works to combat fake news and data scandals. Last month, Twitter deleted 70 million fake accounts in an attempt to curb fake news and improve Twitter algorithms. It has been constantly suspending fake accounts which are inauthentic, spammy or created via malicious automated bots. Earlier this month, Apple, Facebook, and Spotify took action against Alex Jones. Initially, Twitter allowed Jones to continue using its service. But later Twitter imposed a seven-day “timeout” on Jones after he encouraged his followers to get their “battle rifles” ready against critics in the “mainstream media”. "Twitter is an incredibly powerful platform that can change the national conversation in the time it takes a tweet to go viral," said House Energy and Commerce Committee Chairman Greg Walden, in a statement. "When decisions about data and content are made using opaque processes, the American people are right to raise concerns.” The committee will deal with Twitter algorithms and will ask tough questions revolving around how Twitter monitors and polices content. E&C expects Twitter to adhere to content judgment calls and be transparent regarding the complex processes behind the social media’s algorithms. On Friday, U.S. President Donald Trump accused social media companies of silencing “millions of people” in an act of censorship, but without offering evidence to support the claim. https://twitter.com/realDonaldTrump/status/1032954224529817600 House Majority Leader Kevin McCarthy, commented on the hearing saying, "We all agree that transparency is the only way to fully restore Americans’ trust in these important public platforms." https://twitter.com/GOPLeader/status/1033118278728777729 Following Twitter, representatives from Google and Facebook are also scheduled to appear at next month's hearing. Twitter takes down hundreds of fake accounts with ties to Russia and Iran. Twitter’s disdain for third-party clients gets real. Time for Facebook, Twitter, and other social media to take responsibility or face regulation.

The initial apprehension to having facial recognition technology is beginning to move on to acceptance as the incident at the D.C airport stands witness of this fact.  Just three days after the technology was implemented at Washington Dulles International Airport, the system identified an imposter attempting to make his way into the US using a fake passport. On August 23, the US Customs and Border Protection (CBP) released a news about the 26-year-old male, who was traveling from Sao Paulo, Brazil, who presented a French passport to the CBP officer in the primary investigation phase. The facial comparison biometric system confirmed that his face did not match the picture in the passport. He was then sent to secondary inspections for a thorough examination. He appeared nervous during the checks and doubts were confirmed when a search revealed the man's authentic Republic of Congo identification card concealed in his shoe. NEC has collaborated with a total of 14 airports across the US to use the facial recognition technology in order to screen out people arriving in the US with false documents. This has reduced the average wait time for arriving international passengers by around four minutes. According to the International Trade Administration that Quartz quoted back in February 2017,  about 104,525 people arrive from overseas into the US (that number excludes people entering from Mexico and Canada) every day. Scanning such a large number of travelers each day is a daunting task for the CBP. Facial Recognition technology will definitely reduce the complexity that comes with traveler identification. A gist of how the biometric system works The CBP first constructs a photo gallery of all the travelers on US-bound international aircraft using flight manifests and travelers’ documents (mainly passports and visas). When they touch down in America, TSA officers guide travelers to a camera next to a document checking podium. This camera snaps a picture and compares it to the one on their travel documents to determine if they’re indeed who they claim to be. The CBP asserts that the system will not only help in nabbing terrorists and criminals before they can enter the US, but also speed up airport checks, and eventually allow travelers to get through security processes without a boarding pass. CBP is  clearly trying its best to use technology to make its operations more efficient and to detect security breaches at a scale never seen before. It remains to be seen if the benefits of using of facial recognition such as protecting the American people from external threats outweighs the dangers of over-reliance on this tech such as wrongly tagging people or infringing on individual freedom. You can gain more insights to this article on techspot.com. Google’s new facial recognition patent uses your social network to identify you! Admiring the many faces of Facial Recognition with Deep Learning Amazon is selling facial recognition technology to police  

"Authenticity matters and people need to be able to trust the connections they make on Facebook." -Mark Zuckerberg After Facebook announced last month that it had identified suspicious accounts that were engaged in "coordinated inauthentic behavior," it successfully took down 652 fake accounts and pages that published political content. Facebook had then declined to specify which country or countries may have been leading the campaign, but officials said the campaign was consistent with previous Russian attacks. These pages were suspected to have been intended to influence the US midterm elections set to take place in November this year. The campaigns were first discovered by FireEye, a cybersecurity firm that worked with Facebook on investigating the fake pages and accounts. Earlier this week, Facebook confirmed in a blog post that these campaigns had links to Russia and Iran. The existence of the fake accounts was first reported by The New York Times. Taking down Inauthentic Behaviour The conspiracy started unravelling in July,  when FireEye tipped Facebook off to the existence of a network of pages known as “Liberty Front Press”. The network included 70 accounts, three Facebook groups, and 76 Instagram accounts, which had 155,000 Facebook followers and 48,000 Instagram followers. The network had undisclosed links to Iranian state media, Facebook said, and spent more than $6,000 between 2015 and today. The network also hosted three events. On investigating those pages, it was found that they linked them back to Iranian state media using website registration information and internet protocol addresses. Pages created in 2013, posted political content that was focused on the Middle East, Latin America, Britain and the United States. Other fake pages also had a far more international spread than the earlier batches uncovered. They carried a number of pro-Iranian themes. The aim of the pages also included promoting Palestinians. Some included anti-Trump language and were tied to relations between the United States and Iran, including references to the Iranian nuclear weapons deal. Newer accounts, created in 2016 targeted cybersecurity by spreading malware and stealing passwords. The accounts that originated in Russia focused on activity in Ukraine and Syria. They did not appear to target the United States. But the aim of the latest campaigns can be summed up to be on similar lines as to those of past operations on the social network. Mainly to distribute fake news that might cause confusion among people, as well as to alter people’s thinking to become more biased or pro-government on various issues. Mark Zuckerberg, Facebook’s chief executive, officially made a statement in a conference call late Tuesday saying, “We believe these pages, groups, and accounts were part of two sets of campaigns, One from Iran, with ties to state-owned media. The other came from a set of people the U.S. government and others have linked to Russia.” Closely following suit, Twitter also went ahead and suspended 284 accounts for engaging in coordinated manipulation. Their analysis supports the theory that many of these accounts originated from Iran. Another social media giant, YouTube, deleted a channel called ‘Liberty Front Press’, which was a website linked to some of the fake Iranian accounts on Facebook. This was done because the account violated its community guidelines. Facebook has come under heavy audit for how its policies are exploited by third parties for fake news, propaganda, and other malicious activity especially after the debacle of the coordinated election interference from Russia’s IRA before, during, and after the 2016 US election. The criticism has only aggravated as the US heads toward the midterms. Facebook has been making an effort to prepare its products and moderation strategy for any manipulation. Now Facebook has taken a step further and is working with researchers to study social media-based election interference. The social media giant hopes to understand how this interference functions and to find ways to stop it. Read the the new york times post for further analysis of this evolving situation. Facebook and NYU are working together to make MRI scans 10x faster Four 2018 Facebook patents to battle fake news and improve news feed Facebook is investigating data analytics firm Crimson Hexagon over misuse of data  

The Mozilla organization, Internet Society, and the web foundation have spoken out about the current “techlash” that is posing a strong risk to the Internet on their blogs. They want the G20 to address the issues causing techlash at the ongoing G20 Digital Economy Ministerial Meeting this week. Techlash, a term originally coined by The Economist last year, refers to a strong response against major tech companies due to concerns over power, user privacy, and security. This techlash is caused by security and privacy concerns for users on the web. As mentioned in their (Mozilla, Internet Society, web foundation) blog post, “once thought of as the global equalizer, opening doors for communication, work opportunities, commerce and more – the Internet is now increasingly viewed with skepticism and wariness. We are witnessing a trend where people are feeling let down by the technology they use”. The Internet is estimated to contribute US$6.6 trillion a year in the G20 countries by 2020. For developing nations, the rate at which digital economy is growing is 15 to 25 percent a year. Yet, the internet seems to be at continuous risk. This is largely due to the reasons like data breaches, silence around how data is utilized and monetized, cybercrime, surveillance as well as other online threats that are causing mistrust among users. The blog reads that “It is the priority of G20 to reinject hope into technological innovation: by putting people, their rights, and needs first”. With over 100 organizations calling on the leaders at the G20 Digital Economy Ministerial Meeting this week, the urgency speaks highly of how the leaders need to start putting people at “the center of the digital future”. G20 comprises of the world’s largest advanced and emerging economies. It represents, about two-thirds of the world’s population, 85% of global gross domestic product and over 75% of global trade These member nations engage with guest countries and other non-member countries to make sure that the G20 presents a broad range of international opinion. The G20 is famous for addressing issues such as connectivity, future of work and education. But, topics such as security and privacy, which are of great importance and concern to people across the globe, haven’t featured equally as prominently on discussion forums. According to the blog post, “It must be in the interest of the G20 as a global economic powerhouse to address these issues so that our digital societies can continue to thrive”. With recent data issues such as a 16-year-old hacking Apple’s “super secure” customer accounts, idle Android devices sending data to Google, and governments using surveillance tech to watch you, it is quite evident that the need of the hour is to make the internet a secure place. Other recent data breaches include Homebrew’s Github repo getting hacked in 30 minutes, TimeHop’s data breach, and AG Bob Ferguson asking Facebook to stop discriminatory ads. Companies should be held accountable for their invasive advertising techniques, manipulating user data or sharing user data without permission. People should be made aware of the ways their data is being used by the governments and the private sector. Now, there are measures being taken by organizations at an individual level to make the internet more safe for the users. For instance, DARPA is working on AI forensic tools to catch deepfakes over the web, Twitter deleted 70 million fake accounts to curb fake news, and EU fined Google with $5 billion over the Android antitrust case. But, with G20 bringing more focus to the issue, it can really help protect the development of the Internet on a global scale. G20 members should aim at protecting information of all the internet users across the world. It can play a detrimental role by taking into account people’s concerns over internet privacy and security. The techlash is ”questioning the benefits of the digital society”. Argentine President, Mauricio Macri, said that to tackle the challenges of the 21st century “put the needs of people first” and it's time for G20 to do the same. Check out the official blog post by Mozilla, Internet Society and Web Foundation. 1k+ Google employees frustrated with continued betrayal, protest against Censored Search engine project for China Four 2018 Facebook patents to battle fake news and improve news feed Time for Facebook, Twitter, and other social media to take responsibility or face regulation