19 Matching Annotations
  1. Last 7 days
  2. Nov 2020
    1. According to the World Economic Forum’s Global Risks Report 2020, the interconnectedness of our global business supply chains has made the world more vulnerable to societal and economic disruption from local infectious-disease outbreaks.
    2. 3. They're fighting misinformation.

      Agree or disagree with how they obtained info and what that means for digital rights; how much the Chinese government informed or not their people - this is what China did in terms of alerting their population of covid cases.

  3. Oct 2020
    1. The NSA told Wyden staffers in 2018 that there was a “lessons learned” report about the Juniper incident and others, according to Wyden spokesman Keith Chu.“NSA now asserts that it cannot locate this document,” Chu told Reuters.

      They lost a government document??

    2. In at least one instance, a foreign adversary was able to take advantage of a back door invented by U.S. intelligence, according to Juniper Networks Inc, which said in 2015 its equipment had been compromised. In a previously unreported statement to members of Congress in July seen by Reuters, Juniper said an unnamed national government had converted the mechanism first created by the NSA.

      NSA gets Juniper to put a backdoor in one of their products. The product gets compromised by a foreign government in 2015.

    1. Australia's Cyber Security Strategy: $1.66 billion dollar cyber security package = AFP gets $88 million; $66 million to critical infrastructure organisations to assess their networks for vulnerabilities; ASD $1.35 billion (over a decade) to recruit 500 officers.

      Reasons Dutton gives for package:

      • child exploitation
      • criminals scamming, ransomware
      • foreign governments taking health data and potential attacks to critical infrastructure

      What is defined as critical infrastructure is expanded and subject to obligations to improve their defences.

      Supporting cyber resilience of SMEs through information, training, and services to make them more secure.

    1. they co-operate with law enforcement by providinglawful access to encrypted communications and engage in consultation with governmentsand other stakeholders to facilitate legal access in a way that is substantive and genuinelyinfluences design decisions

      So DHA wants tech companies to provide the government access to the contents of encrypted communications. -- I'm not sure how this can be done without putting inadvertent vulnerabilities in.

      Maybe a solution is for tech companies just pass metadata to law enforcement, similar to the way telecommunications companies do. The tech companies could be put in the same bucket at telco companies and be subject to Australia's data retention obligations. https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/data-retention-obligations

    2. Mr Dutton will renew his attack on Facebook and other companies for moving to end-to-end encryption, saying it will hinder efforts to tackle online crime including child sexual abuse.This month, Australia joined its "Five-Eyes" intelligence partners – the United States, Britain, New Zealand and Canada – along with India and Japan, in signing a statement calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted messages.

      Countering child exploitation is an extremely important issue. It's a tough job and encryption makes it harder. But making encryption insecure is counter intuitive and has negative impacts on digital privacy. So poking a hole in encryption, while it can assist with countering child exploitation, can also inadvertently be helping, for example, tech-enabled domestic abuse.

      Hopefully DHA understands this and thus have thrown it back at the tech companies to come up with a solution for law enforcement.

    3. The government is looking to impose new obligations on owners and operators of critical infrastructure to provide details about their networks. The Home Affairs Minister will be able to declare an emergency to give agencies such as the Australian Signals Directorate the power to plug into the networks of critical infrastructure to fend off major attacks.

      View this panel to get clarity on what this actually means for businesses and what it means to have ASD “plug in” https://www.aspi.org.au/event/aspi-webinar-australias-cyber-security-strategy-focus

    1. Testing data provided to the Senate showed the effectiveness of the Australian app, particularly on Apple iPhones, remains an issue. The app only worked 25 to 50 per cent of the time during locked iPhone-to-iPhone testing on May 26. At launch, it was worse, working only 25 per cent of the time or less for locked iPhone to locked iPhone. When running in the background, it also didn't work well.

      CovidSafe app effectiveness on iPhones low

    2. "As for the Apple Google app, it fundamentally changes the locus of control and takes out the middle person and the middle person is the contact tracer, the people who have kept us safe," Dr Coatsworth told Channel Ten's The Project. "There's no way we're shifting to a platform that will take out the contact tracers."

      not going to use the #Google #Apple app (do they mean the Google-Apple API?) because it takes out the contact tracer.

    1. Similarly, technology can help us control the climate, make AI safe, and improve privacy.

      regulation needs to surround the technology that will help with these things

    2. When technology does create new risks, it is usually new technology that counters them.
    1. Two Chinese dissidents –– Yang Jianli and Times Wang –– have argued that the ban violates America’s liberal principle of openness, and ignores practical considerations, emphasizing that there is “no reasonable alternative that can sustain the same level of grass-roots communication flows between people in China and people outside of it.”

      thoughts by two Chinese dissidents on the US WeChat ban