Home / Tag Archives: policy

Tag Archives: policy

Caesars Palace not-so-Praetorian guards intimidate DEF CON goers, seize soldering irons

Enlarge / This sign is an invitation for a room search at some Las Vegas hotels. (credit: Getty Images ) In the wake of the mass shooting in Las Vegas in October of 2017, hotels in the city started drafting more aggressive policies regarding security. Just as Caesars Entertainment was rolling out its new security policies, the company ran head on into DEF CON—an event with privacy tightly linked to its culture. The resulting clash of worlds—especially at Caesars Palace, the hotel where much of DEF CON was held—left some attendees feeling violated, harassed, or abused, and that exploded onto Twitter this past weekend. Caesars began rolling out a new security policy in February  that mandated room searches when staff had not had access to rooms for over 24 hours. Caesars has been mostly tolerant of the idiosyncratic behavior of the DEF CON community, but it's not clear that the company prepared security staff for dealing with the sorts of things they would find in the rooms of DEF CON attendees. Soldering irons and other gear were seized, and some attendees reported being intimidated by security staff. Read 8 remaining paragraphs | Comments

Read More »

Caesars Palace not-so-Praetorian guards intimidate DEF CON goers with searches Updated

Enlarge / This sign is an invitation for a room search at some Las Vegas hotels. (credit: Getty Images ) In the wake of the mass shooting in Las Vegas in October of 2017, hotels in the city started drafting more aggressive policies regarding security. Just as Caesars Entertainment was rolling out its new security policies, the company ran head on into DEF CON—an event with privacy tightly linked to its culture. The resulting clash of worlds—especially at Caesars Palace, the hotel where much of DEF CON was held—left some attendees feeling violated, harassed, or abused, and that exploded onto Twitter this past weekend. Caesars began rolling out a new security policy in February  that mandated room searches when staff had not had access to rooms for over 24 hours. Caesars has been mostly tolerant of the idiosyncratic behavior of the DEF CON community, but it's not clear that the company prepared security staff for dealing with the sorts of things they would find in the rooms of DEF CON attendees. Soldering irons and other gear were seized, and some attendees reported being intimidated by security staff. Read 12 remaining paragraphs | Comments

Read More »

Speedier broadband standards? Pai’s FCC says 25Mbps is fast enough

Enlarge (credit: Jan Fabre ) The Federal Communications Commission is proposing to maintain the US broadband standard at the current level of 25Mbps downstream and 3Mbps upstream. That's the speed standard the FCC uses each year to determine whether advanced telecommunications capabilities are "being deployed to all Americans in a reasonable and timely fashion." The FCC raised the standard from 4Mbps/1Mbps to 25Mbps/3Mbps in January 2015 under then-Chairman Tom Wheeler. Ajit Pai, who was then a commissioner in the FCC's Republican minority, voted against raising the speed standard. Read 21 remaining paragraphs | Comments

Read More »

India may become next restricted market for U.S. cloud providers

Data sovereignty is on the rise across the world. Laws and regulations increasingly require that citizen data be stored in local data centers, and often restricts movement of that data outside of a country’s borders. The European Union’s GDPR policy is one example , although it’s relatively porous. China’s relatively new cloud computing law is much more strict, and forced Apple to turn over its Chinese-citizen iCloud data to local providers and Amazon to sell off data center assets in the country . Now, it appears that India will join this policy movement. According to Aditya Kalra in Reuters , an influential cloud policy panel has recommended that India mandate data localization in the country, for investigative and national security reasons, in a draft report set to be released later this year. That panel is headed by well-known local entrepreneur Kris Gopalakrishnan , who founded Infosys, the IT giant. That report would match other policy statements from the Indian political establishment in recent months . The government’s draft National Digital Communications Policy this year said that data sovereignty is a top mission for the country. The report called for the government by 2022 to “Establish a comprehensive data protection regime for digital communications that safeguards the privacy, autonomy and choice of individuals and facilitates India’s effective participation in the global digital economy.” It’s that last line that is increasingly the objective of governments around the world. While privacy and security are certainly top priorities, governments now recognize that the economics of data are going to be crucial for future innovation and growth. Maintaining local control of data — through whatever means necessary — ensures that cloud providers and other services have to spend locally, even in a global digital economy. India is both a crucial and an ironic manifestation of this pattern. It is crucial because of the size of its economy: public cloud revenues in the country are expected to hit $2.5 billion this year , according to Gartner’s estimates, an annual growth rate of 37.5%.

Read More »

New open source effort: Legal code to make reporting security bugs safer

Enlarge / The Disclose.io project: open source contracts to keep white-hat hackers and developers out of legal trouble. (credit: Disclose.io ) Not a week goes by without another major business or Internet service announcing a data breach. And while many companies have begun to adopt bug bounty programs to encourage the reporting of vulnerabilities by outside security researchers, they've done so largely inconsistently. That's the reason for Disclose.io , a collaborative and open source effort to create an open source standard for bug bounty and vulnerability-disclosure programs that protects well-intentioned hackers. The lack of consistency in companies' bug-disclosure programs—and the absence of "safe harbor" language that protects well-intended hackers from legal action in many of them—can discourage anyone who discovers a security bug from reporting it. And vague language in a disclosure program can not only discourage cooperation but can also lead to public-relations disasters and a damaged reputation with the security community, as happened with drone maker DJI last November . Dropbox moved to fix its own vulnerability disclosure terms and was motivated to change its own legal policies following a certain lawsuit against a reporter over a vulnerability disclosure. Companies that manage bug bounties for large organizations, including HackerOne and Bugcrowd, have made their own efforts to get customers to standardize security terms. Read 5 remaining paragraphs | Comments

Read More »

Facebook really doesn’t want users to go to a fake Unite the Right counter-protest next week

According to COO Sheryl Sandberg, getting ahead of an event called “No Unite the Right 2, DC” is the reason behind Facebook’s decision to disclose new platform behavior that closely resembles previous Russian state-sponsored activity meant to sow political discord in the U.S. “We’re sharing this today because the connection between these actors and the event planned in Washington next week,” Sandberg said, calling the disclosure “early” and noting that the company still does not have all the facts. A Facebook Page called “Resisters” created the event, set to take place on August 10, as a protest against Unite the Right 2 — a follow-up event to last year’s deadly rally in Charlottesville, Va. that left peaceful counter-protester Heather Heyer dead. The Page, which Facebook identified as displaying “coordinated inauthentic behavior,” also worked with the admins from five authentic Facebook Pages to co-host the event and arrange transportation and logistics. Facebook has notified those users of its findings and taken down the event page. This isn’t the first event coordinated by fake Facebook accounts with the likely intention of further polarizing U.S. voters. In a call today, Facebook noted that the new inauthentic accounts it found had created around 30 events. While the dates for two have yet to pass, “the others have taken place over the past year or so.” Facebook will not yet formally attribute its new findings to the Russian state-linked Internet Research Agency (IRA). Still, the Resisters Page hosting “No Unite the Right 2, DC” listed a previously identified IRA account as a co-admin for “only seven minutes.” That link, and whatever else the public doesn’t know at this time, is enough for the Senate Intel committee vice chairman Mark Warner to credit the Russian government with what appears to be an ongoing campaign of political influence. “Today’s disclosure is further evidence that the Kremlin continues to exploit platforms like Facebook to sow division and spread disinformation, and I am glad that Facebook is taking some steps to pinpoint and address this activity,” Warner said in a statement provided to TechCrunch. “I also expect Facebook, along with other platform companies, will continue to identify Russian troll activity and to work with Congress on updating our laws to better protect our democracy in the future.” Facebook’s chief security officer, Alex Stamos, maintained that the company “doesn’t think it’s appropriate for Facebook to give public commentary on political motivations of nation states” and calls the IRA link “interesting but not determinant.”

Read More »

Facebook has found evidence of influence campaigns targeting U.S. midterms

In a newsroom post Tuesday , Facebook revealed that it has detected evidence of “coordinated inauthentic behavior” designed to influence U.S. politics on its platform. According to Facebook’s Head of Cybersecurity Policy Nathaniel Gleicher, the company first identified the activity two weeks ago. So far, the activity encompasses eight Facebook Pages, 17 profiles and seven accounts on Instagram. Facebook stated that the activity “violates our ban on coordinated inauthentic behavior” though so far is unable to attribute the activity to Russia or any other entity with an interest in influencing U.S. politics. Facebook has been in contact with Congress and law enforcement about the discovery, which suggests that social platforms should expect to again detect the kind of coordinated disinformation campaigns targeted the 2016 election around U.S. midterm elections this November. The company stated that more than 290,000 accounts followed one of the Pages it identified. The Pages in question were created starting in March 2017 and most recently in May of 2018. The most popular Pages displaying this kind of behavior were “Aztlan Warriors,” “Black Elevation,” “Mindful Being,” and “Resisters.” The other Pages had less than 10 followers each and the Instagram account did not have any followers. That does not necessarily discount other kinds of potential activity like commenting and messaging. According to Facebook, “They ran about 150 ads for approximately $11,000 on Facebook and Instagram, paid for in US and Canadian dollars” between April 2017 and June of this year.

Read More »

Facebook finds evidence of Russia-linked influence campaigns targeting US midterms

In a newsroom post Tuesday , Facebook revealed that it has detected evidence of “ coordinated inauthentic behavior ” designed to influence U.S. politics on its platform. According to Facebook’s head of Cybersecurity, Policy Nathaniel Gleicher, the company first identified the activity two weeks ago. So far, the activity encompasses eight Facebook Pages, 17 profiles and seven accounts on Instagram. Facebook stated that the activity “violates our ban on coordinated inauthentic behavior.” Facebook has declined to attribute the new findings to the Russian government-linked Internet Research Agency (IRA), but an IRA account was found to be a co-admin on one of the newly outed fake events “for only seven minutes.” Facebook has been in contact with Congress and law enforcement about the discovery, which suggests that social platforms should expect to again detect the kind of coordinated disinformation campaigns that targeted the 2016 election around U.S. midterm elections this November. The company stated that more than 290,000 accounts followed one of the Pages it identified. The Pages in question were created starting in March 2017 and most recently in May of 2018. The most popular Pages displaying this kind of behavior were “Aztlan Warriors,” “Black Elevation,” “Mindful Being” and “Resisters.” The other Pages had less than 10 followers each and the Instagram account did not have any followers. That does not necessarily discount other kinds of potential activity, like commenting and messaging. Like the fake Russia-linked ads and Pages formerly released through the House and Senate , the new content specifically amplifies American tensions around race. The examples released by Facebook appear to mostly target the US political left. Some examples contain explicitly anti-Trump content, but most offer appeals to racial identity targeting black and Mexican-American Facebook users. According to Facebook, “They ran about 150 ads for approximately $11,000 on Facebook and Instagram, paid for in US and Canadian dollars” between April 2017 and June of this year

Read More »

Sitrep: The Air Force’s senior-citizen chopper may have to hold off retirement

(video link) The US Air Force has some of the most high-tech aircraft in the world flying missions at the spear's tip. But a remarkably large number of its systems are what would gently be referred to as "vintage"—and those systems are performing some of the Air Force's most important missions. One of those senior-citizen systems earned its wings during the war in Vietnam— the 48-year-old UH-1 Iroquois, also known as the "Huey". We've reported frequently on the role that the A-10 Thunderbolt II fills for the Air Force. The 1970s-era turbofan-powered tank-killer turned close-air-support-provider-extraordinaire is constantly called upon in Afghanistan and Syria to provide firepower to protect US and allied forces. The B-52, the strategic bomber that entered service in the 1950s, has years of service still ahead of it—flying long-duration missions ranging from strategic deterrence to close air support in uncontested skies. And the land leg of the US nuclear triad, the Minuteman III ICBM, entered service in the 1960s. Read 8 remaining paragraphs | Comments

Read More »

Google’s lead lawyer moves into a global policy role

Google is promoting its top lawyer, Kent Walker, into a global policy position, CNBC reports . Walker, Google SVP and general counsel, has already been a public voice in the company’s recent privacy tangles, but will move into a formal role as senior vice president of global affairs, overseeing Google’s policy, trust and safety, corporate philanthropy and legal teams. Last year, Walker joined Richard Salgado, Google’s Director, Law Enforcement and Information Security, to head to Capitol Hill for the first round of reckoning on big tech’s failure to mitigate political disinformation campaigns during the 2016 U.S. presidential election. Since then, Walker has commented publicly on Google’s policies around political ad transparency and extremist content on YouTube, among other policy issues facing the company. With social platforms at an ethical crossroads globally and tech chafing at its newly forced compliance with international privacy laws, any public-facing global policy role will be very much in the spotlight in 2018 and beyond. Google hired Walker away from eBay in 2006, where he served as the company’s deputy general counsel. Prior to his time at eBay (and AOL, prior to that), Walker was an assistant U.S. attorney with the Department of Justice.

Read More »

Trump seems to think F-35 is “literally invisible” in flight

The F-16 pilot totally can't see the F-35. Must be invisible. (credit: US Air Force) In a speech last week before the Veterans of Foreign Wars in Kansas City, President Donald Trump repeated a point he has frequently made about the wonder of American military technology—that the F-35 Lightning II's "super stealth" technology makes it literally invisible. Trump said of the F-35: This is an incredible plane. It's stealth—you can't see it. So when I talk to even people from the other side, they're trying to order our plane. They like the fact that you can't see it.  I said, "How would it do in battle with your plane?" They say, "Well we have one problem—we can't see your plane." That's a big problem. Stealth, super stealth. The best in the world. We make the best military equipment in the world. Also, remember this: jobs

Read More »