by crissly | Oct 23, 2023 | Uncategorized
Ahmed alleges that the companies are failing to implement systems that automatically detect violent extremist content as effectively as they detect some other kinds of content. “If you have a snatch of copyrighted music in your video, their systems will detect it within a microsecond and take it down,” Ahmed says, adding that “the fundamental human rights of the victims of terrorist attacks” should carry as much urgency as the “property rights of music artists and entertainers.”
The lack of details about how social platforms plan to curb the use of livestreams is, in part, because they are concerned about giving away too much information, which may allow Hamas, Palestinian Islamic Jihad (PIJ), and other militant groups or their supporters to circumvent the measures that are in place, an employee of a major platform who was granted anonymity because they are not authorized to speak publicly claimed in a communication with WIRED.
Adam Hadley, founder and executive director of Tech Against Terrorism, a United Nations-affiliated nonprofit that tracks extremist activity online, tells WIRED that while maintaining secrecy around content moderation methods is important during a sensitive and volatile conflict, tech companies should be more transparent about how they work.
“There has to be some degree of caution in terms of sharing the details of how this material is discovered and analyzed,” Hadley says. “But I would hope there are ways of communicating this ethically that don’t tip off terrorists to detection methods, and we would always encourage platforms to be transparent about what they’re doing.”
The social media companies say their dedicated teams are working around the clock right now as they await the launch of Israel’s expected ground assault in Gaza, which Hadley believes could trigger a spate of hostage executions.
And yet, for all of the time, money, and resources these multibillion-dollar companies appear to be putting into tackling this potential crisis, they are still reliant on Tech Against Terrorism, a tiny nonprofit, to alert them when new content from Hamas or PIJ, another paramilitary group based in Gaza, is posted online.
Hadley says his team of 20 typically knows about new terrorist content before any of the big platforms. So far, while tracking verified content from Hamas’ military wing or the PIJ, Hadey says the volume of content on the major social platforms is “very low.”
by crissly | Oct 9, 2023 | Uncategorized
Musk deleted his recommendation soon after posting it, but not before it was viewed over 11 million times. Later on Sunday, Musk wrote: “As always, please try to stay as close to the truth as possible, even for stuff you don’t like.”
Experts believe that the proliferation of disinformation on X around the Israel-Hamas conflict this weekend is largely the result of changes Musk has made to the platform over the past year, including his decision to fire most of the people responsible for tackling disinformation.
“Elon Musk’s changes to the platform work entirely to the benefit of terrorists and war propagandists,” Emerson Brooking, a researcher at the Atlantic Council Digital Forensics Research Lab, tells WIRED. “Changes in profit and incentive structure mean that there’s a lot more tendency for people to share at high volume information which may not be true because they are trying to maximize view counts. Anyone can buy one of those little blue checks and change their profile picture to something that’s seemingly a media outlet. It takes quite a bit of work to vet who’s telling the truth and who’s not.”
X, which eliminated its entire PR team last year, responded to WIRED’s request for comment on the proliferation of disinformation on its platform with the automated message: “Busy now, please check back later.”
Peden says the Twitter algorithm has been designed to boost content that gets the most engagement, which incentivizes bad actors to share disinformation.
“The videos and images that you’re seeing of air strikes, they’re very prolific,” Peden says. “They’re very hard-hitting, and unfortunately that means engagement does incredibly, incredibly well. These images are horrible and dramatic, and they perform well. So there is an incentive by others, especially those trying to push a narrative to share an old video from years ago, just because people love looking at the stuff.”
In an echo of what happened when Russia invaded Ukraine in 2022, much of the primary footage emerging from the Israel-Hamas conflict over the weekend was posted first on the encrypted message platform Telegram. From there, it was taken and reshared on other platforms, but in most cases the footage was not fact-checked first or it was taken out of context to suit the narrative being pushed by the poster.
“There’s an immense amount of primary content that was first posted in Telegram groups in one form or another, but there’s essentially no way to vet that information. Then that primary information hits others platforms, notably Twitter, where there’s an immense battle of spin and narrative taking place,” Brooking says. “You have artisans on every side, as well as sympathizers from one group or another, who are also joining this [battle].”
The situation is so bad on X right now that even seasoned OSINT researchers are being duped by fake accounts, including one that shared a false claim about Israeli prime minister Benjamin Netanyahu being hospitalized over the weekend.
“Any sort of ground truth, which was always hard to get on Twitter, is now entirely out of reach,” Brooking says.
by crissly | Sep 30, 2023 | Uncategorized
WIRED broke the news on Wednesday that SoundThinking, the company behind the gunshot-detection system ShotSpotter, is acquiring some assets—including patents, customers, and employees—from the firm Geolitica, which developed the notorious predictive policing software PredPol. WIRED also exclusively reported this week that the nonprofit Electronic Privacy Information Center is calling on the US Justice Department to investigate potentially biased deployment of ShotSpotter in predominantly Black neighborhoods.
As the US federal government inches closer to a possible shutdown, we took a look at the sprawling conservative media apparatus and deep bench of right-wing hardliners in Congress that are exploiting their leverage to block a compromise in the House of Representatives.
Satellite imaging from the Conflict Observatory at Yale University is providing harrowing insight and crucial information about the devastation wrought in the city of Khartoum by Sudan’s civil war. Meanwhile, researchers from the cybersecurity firm eQualitie have developed a technique for hiding digital content in satellite TV signals—a method that could be used to circumvent censorship and internet shutdowns around the world. And the productivity data that corporations have increasingly been gathering about their employees using monitoring software could be mined in an additional way to train AI models and eventually automate entire jobs.
Plus, there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.
A China-linked hacking group, dubbed BlackTech, is compromising routers in the US and Japan, secretly modifying their firmware and moving around company networks, according to a warning issued by cybersecurity officials this week. The United States Cybersecurity and Infrastructure Security Agency (CISA), the NSA, FBI, and Japan’s National Police Agency and cybersecurity office issued the joint alert saying the BlackTech group was “hiding in router firmware.”
The officials said they had seen the Chinese-linked actors using their access to the routers to move from “global subsidiary companies” to the networks of companies’ headquarters in the US and Japan. BlackTech, which has been operating since around 2010, has targeted multiple router types, the officials said, but they highlighted that it compromised Cisco routers using a customized backdoor. “TTPs against routers enable the actors to conceal configuration changes, hide commands, and disable logging while BlackTech actors conduct operations,” the alert says.
Microsoft and US government officials said in July that Chinese government hackers had breached the cloud-based Outlook email systems of about 25 organizations, including the US State Department and Department of Commerce. On Wednesday, an anonymous staffer for Senator Eric Schmitt told Reuters that the State Department incident exposed 60,000 emails from 10 accounts. Nine of the accounts were used by State Department employees focused on East Asia and the Pacific, while one was focused on Europe. The Congressional staffer learned the information in a State Department IT briefing for legislators and shared the details with Reuters via email.
The zero-day market, where new vulnerabilities and the code needed to exploit them are traded for cash, is big business. And it is, maybe, getting more lucrative. Russian zero-day seller Operation Zero this week announced it would increase some of its payments from $200,000 to $20 million. “As always, the end user is a non-NATO country,” the group said, indicating it means Russian private and government organizations.
Unlike bug bounties, where security researchers find flaws in companies’ code and then disclose them to the firms to fix for payments, the zero-day market encourages the trade in flaws that can potentially be exploited by the purchasers. “Full chain exploits for mobile phones are the most expensive products right now and they’re used mostly by government actors,” Operation Zero CEO Sergey Zelenyuk told TechCrunch. “When an actor needs a product, sometimes they’re ready to pay as much as possible to possess it before it gets into the hands of other parties.”
The European Union’s proposed law to clamp down on child sexual abuse content—by scanning people’s messages and potentially compromising encryption—is one of the continent’s most controversial laws of the last decade. This week, a series of revelations from a group of reporters has shown how the law’s main architect was heavily lobbied ahead of proposing the law and that police wanted access to the message data. First, an investigation revealed the close connections between the European Union’s home affairs commissioner, Ylva Johansson, and child protection groups. A second report shows the European police agency Europol pushed to get access to data collected under the proposed law. In response to the investigations, Europe’s Committee on Civil Liberties, Justice, and Home Affairs has written to Johansson asking questions about the relationships.
by crissly | Sep 28, 2023 | Uncategorized
The United States Justice Department (DOJ) is being asked to investigate whether a gunshot-detection system widely in use across the US is being selectively deployed to justify the over-policing of mainly Black neighborhoods, as critics of the technology claim.
Attorneys for the nonprofit Electronic Privacy Information Center—a leading US-based civil liberties group—argue that “substantial evidence” suggests American cities are disproportionately deploying an acoustic tool known as ShotSpotter in majority-minority neighborhoods. Citing past studies, EPIC alleges that data derived from these sensors has encouraged some police departments to spend more and more time patrolling areas where the fewest number of white residents live—an allegation disputed by SoundThinking, the system’s manufacturer.
In a letter today to Merrick Garland, the US attorney general, attorneys for EPIC call for an investigation into whether cities using ShotSpotter are running afoul of the Civil Rights Act—namely, Title VI, which forbids racial discrimination by anyone who receives federal funds.
“State and local police departments around the country have used federal financial assistance to facilitate the purchase of a slew of surveillance and automated decision-making technologies, including ShotSpotter,” EPIC says. Despite mounting evidence of ShotSpotter’s discriminatory impact, there is no indication that its Title VI compliance has ever been seriously assessed.
A spokesperson for SoundThinking says a statement by the company is forthcoming.
ShotSpotter has been deployed in more than 150 cities in the US, according to the company. It relies on internet-connected acoustic sensors, often attached to utility poles, and aims to detect gunfire using machine algorithms. SoundThinking says “acoustic experts” are on staff around the clock to review alerts and “ensure and confirm that the events are indeed gunfire.” The company claims its sensors have a 97 percent accuracy rate, disputing reports that alerts triggered by fireworks and other high-impact sounds affect the system’s accuracy.
EPIC is urging the DOJ to consider research that suggests ShotSpotter has produced “tens of thousands of false alerts” while simultaneously being deployed “in predominantly Black neighborhoods.” One such study, launched by the city of Chicago’s inspector general in 2021, noted that the “frequency of ShotSpotter alerts in a given area may be substantively changing policing behavior.” The agency concluded that, despite the city’s investment of $23-33 million, ShotSpotter alerts “rarely produce evidence of a gun-related crime, rarely give rise to investigatory stops, and even less frequently lead to the recovery of gun crime-related evidence during an investigatory stop.”
News investigations in Ohio and Texas have similarly raised doubts about the system’s effectiveness, revealing that in some cases its alerts have delayed responses to 911 calls. Working to expand the use of ShotSpotter in Houston in late 2020, the city also green-lit a pilot program that saw sensors deployed across two areas where communities are between 80 and 95 percent people of color.
EPIC is pressing Garland to investigate whether local law enforcement agencies have used federal grant money to buy ShotSpotter, and if so, ascertain whether those grants conformed with Title VI. Moreover, EPIC is seeking new guidelines for funding systems designed to automate police work; rules to ensure such arrangements are “transparent, accountable, and nondiscriminatory.” The attorney general should take additional steps, EPIC says, to ensure agencies dispersing federal funds are careful to assess whether tech companies meet “minimum standards of nondiscrimination,” and that new police technologies are not only justified but necessary to achieve a “defined goal.”
by crissly | May 31, 2023 | Uncategorized
Apple, Google, and Microsoft have released major patches this month to fix multiple security flaws already being used in attacks. May was also a critical month for enterprise software, with GitLab, SAP, and Cisco releasing fixes for multiple bugs in their products.
Here’s everything you need to know about the security updates released in May.
Apple iOS and iPadOS 16.5
Apple has released its long-awaited point update iOS 16.5, addressing 39 issues, three of which are already being exploited in real-life attacks. The iOS upgrade patches vulnerabilities in the Kernel at the heart of the operating system and in WebKit, the engine that powers the Safari browser. The three already exploited flaws are among five fixed in WebKit—tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373.
CVE-2023-32409 is an issue that could allow an attacker to break out of the Web Content sandbox remotely, reported by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. CVE-2023-28204 is a flaw that risks a user disclosing sensitive information. Finally, CVE-2023-32373 is a use-after-free bug that could enable arbitrary code execution.
Earlier in the month, Apple released iOS 16.4.1 (a) and iPadOS 16.4.1 (a)—the iPhone maker’s first-ever Rapid Security Response update—fixing the latter two exploited WebKit vulnerabilities also patched in iOS 16.5.
Apple iOS and iPadOS 16.5 were issued alongside iOS 15.7.6 and iPadOS 15.7.6 for older iPhones, as well as iTunes 12.12.9 for Windows, Safari 16.5, macOS Big Sur 11.7.7, macOS Ventura 13.4, and macOS Monterey 12.6.6.
Apple also released its first security update for Beats and AirPods headphones.
Microsoft
Microsoft’s mid-month Patch Tuesday fixed 40 security issues, two of which were zero-day flaws already being used in attacks. The first zero-day vulnerability, CVE-2023-29336, is an elevation-of-privilege bug in the Win32k driver that could allow an attacker to gain System privileges.
The second serious flaw, CVE-2023-24932, is a Secure Boot security feature bypass issue that could allow a privileged attacker to execute code. “An attacker who successfully exploited this vulnerability could bypass Secure Boot,” Microsoft said, adding that the flaw is difficult to exploit: “Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device.”
The security update is not a full fix: It addresses the vulnerability by updating the Windows Boot Manager, which could cause issues, the company warned. Additional steps are required at this time to mitigate the vulnerability, Microsoft said, pointing to steps affected users can take to mitigate the issue.
Google Android
Google has released its latest Android security patches, fixing 40 flaws, including an already exploited Kernel vulnerability. The updates also include fixes for issues in the Android Framework, System, Kernel, MediaTek, Unisoc, and Qualcomm components.
The most severe of these issues is a high-severity security vulnerability in the Framework component that could lead to local escalation of privilege, Google said, adding that user interaction is needed for exploitation.
Previously linked to commercial spyware vendors, CVE-2023-0266 is a Kernel issue that could lead to local escalation of privilege. User interaction is not needed for exploitation.
