Zoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’t

Posted on By infossl
artificial intelligence, privacy, Security technology, surveillance, terms of service, Uncategorized, videoconferencing

This is why we need regulation: Zoom updated its Terms of Service in March, spelling out that the company reserves the right to train AI on user data with no mention of a way to opt out. On Monday, the company said in a blog post that there’s no need to worry about that. Zoom … Read More “Zoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’t” »

China Hacked Japan’s Military Networks

Posted on By infossl
china, cyberespionage, cybersecurity, espionage, hacking, japan, military, Security technology, Uncategorized

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story: The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current … Read More “China Hacked Japan’s Military Networks” »

Friday Squid Blogging: NIWA Annual Squid Survey

Posted on By infossl
Security technology, squid, Uncategorized

Results from the National Institute of Water and Atmospheric Research Limited annual squid survey: This year, the team unearthed spectacular large hooked squids, weighing about 15kg and sitting at 2m long, a Taningia—­which has the largest known light organs in the animal kingdom­—and a few species that remain very rare in collections worldwide, such as … Read More “Friday Squid Blogging: NIWA Annual Squid Survey” »

The Inability to Simultaneously Verify Sentience, Location, and Identity

Posted on By infossl
academic papers, identification, Security technology, trust, Uncategorized

Really interesting “systematization of knowledge” paper: “SoK: The Ghost Trilemma” Abstract: Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been … Read More “The Inability to Simultaneously Verify Sentience, Location, and Identity” »

Using Machine Learning to Detect Keystrokes

Posted on By infossl
machine learning, Security technology, side-channel attacks, smartphones, Uncategorized

Researchers have trained a ML model to detect keystrokes by sound with 95% accuracy. “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” Abstract: With recent developments in deep learning, the ubiquity of microphones and the rise in online services via personal devices, acoustic side channel attacks present a greater threat to keyboards than … Read More “Using Machine Learning to Detect Keystrokes” »

You Can’t Rush Post-Quantum-Computing Cryptography Standards

Posted on By infossl
cryptography, encryption, national security policy, nist, quantum computing, security standards, Security technology, Uncategorized

I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in quantum understanding and interest. Yet seven years later, we have … Read More “You Can’t Rush Post-Quantum-Computing Cryptography Standards” »

Microsoft Signing Key Stolen by Chinese

Posted on By infossl
authentication, backdoors, china, cybersecurity, hacking, keys, microsoft, Security technology, Uncategorized

A bunch of networks, including US Government networks, have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers. The phrase “negligent security practices” is being tossed about—and with good reason. Master signing keys are not supposed to … Read More “Microsoft Signing Key Stolen by Chinese” »

Political Milestones for AI

Posted on By infossl
artificial intelligence, ChatGPT, essays, policy, Security technology, Uncategorized

ChatGPT was released just nine months ago, and we are still learning how it will affect our daily lives, our careers, and even our systems of self-governance. But when it comes to how AI may threaten our democracy, much of the public conversation lacks imagination. People talk about the danger of campaigns that attack opponents … Read More “Political Milestones for AI” »