Category: national security policy

Auto Added by WPeMatico

OpenAI Is Not Training on Your Dropbox Documents—Today

Posted on By infossl
artificial intelligence, data collection, national security policy, Security technology, trust, Uncategorized

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are more nuanced, but there’s still a lot of confusion. It seems not to be true. Dropbox isn’t sharing all of your documents with OpenAI. But here’s the problem: we don’t … Read More “OpenAI Is Not Training on Your Dropbox Documents—Today” »

Spying through Push Notifications

Posted on By infossl
metadata, national security policy, privacy, Security technology, spyware, surveillance, transparency, Uncategorized

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands. Sen. Wyden is trying to get to the bottom of this: In a statement, Apple said … Read More “Spying through Push Notifications” »

EPA Won’t Force Water Utilities to Audit Their Cybersecurity

Posted on By infossl
cybersecurity, infrastructure, national security policy, Security technology, Uncategorized, utilities

The industry pushed back: Despite the EPA’s willingness to provide training and technical support to help states and public water system organizations implement cybersecurity surveys, the move garnered opposition from both GOP state attorneys and trade groups. Republican state attorneys that were against the new proposed policies said that the call for new inspections could … Read More “EPA Won’t Force Water Utilities to Audit Their Cybersecurity” »

Child Exploitation and the Crypto Wars

Posted on By infossl
child pornography, children, crypto wars, encryption, laws, national security policy, privacy, Security technology, surveillance, Uncategorized

Susan Landau published an excellent essay on the current justification for the government breaking end-to-end-encryption: child sexual abuse and exploitation (CSAE). She puts the debate into historical context, discusses the problem of CSAE, and explains why breaking encryption isn’t the solution. Powered by WPeMatico

AI Risks

Posted on By infossl
artificial intelligence, essays, national security policy, regulation, Security technology, Uncategorized

There is no shortage of researchers and industry titans willing to warn us about the potential destructive power of artificial intelligence. Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. The reality, … Read More “AI Risks” »

NSA AI Security Center

Posted on By infossl
artificial intelligence, cybersecurity, national security policy, nsa, Security technology, Uncategorized

The NSA is starting a new artificial intelligence security center: The AI security center’s establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge with immense transformative potential for both good and evil. Nakasone said it would become “NSA’s … Read More “NSA AI Security Center” »

You Can’t Rush Post-Quantum-Computing Cryptography Standards

Posted on By infossl
cryptography, encryption, national security policy, nist, quantum computing, security standards, Security technology, Uncategorized

I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in quantum understanding and interest. Yet seven years later, we have … Read More “You Can’t Rush Post-Quantum-Computing Cryptography Standards” »

New SEC Rules around Cybersecurity Incident Disclosures

Posted on By infossl
cyberattack, cybersecurity, disclosure, national security policy, risk assessment, risks, Security technology, Uncategorized

The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules: Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk. Public companies must “describe their processes, if any, for assessing, … Read More “New SEC Rules around Cybersecurity Incident Disclosures” »

Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy

Posted on By infossl
cybersecurity, national security policy, Security technology, Uncategorized

The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits. So far, at least three trends emerge: First, the plan contains a (somewhat) more concrete list of actions than its parent strategy, with useful delineation of lead and supporting agencies, … Read More “Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy” »

Paragon Solutions Spyware: Graphite

Posted on By infossl
israel, national security policy, Security technology, spyware, Uncategorized

Paragon Solutions is yet another Israeli spyware company. Their product is called “Graphite,” and is a lot like NSO Group’s Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragon’s strategy. The company sought a list of allied nations that the … Read More “Paragon Solutions Spyware: Graphite” »