Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Posts Tagged ‘public policy

Dezinformatsiya

leave a comment »

If you’ve had any interest in following all those alleged goings on by Russia in the 2016 elections, today was a good day. 

The Washington Post wrote that a new report that was prepared for the U.S. Senate “provides the most sweeping analysis yet of Russia’s disinformation campaign” and “used every major social media platform to deliver words, images, and videos tailored to voters’ interests to help elect President Trump.”

It was the product of a bipartisan effort from the Senate Intelligence Committee, and you can download the full report here.

Me, I’m neither going to wade into or attempt to drown that particular swamp, but I will say one of the revelations was what a significant role Instagram seemed to play in the Russia Internet Research Agency’s efforts (as opposed to the prior focus on Twitter and Facebook).

I guess a picture’s worth a thousand kompromat!

Meanwhile, more political heat on the search and social media front as The Intercept reports that Google was forced to shut down a data analysis system that it had been using to develop a censored search engine for China “after members of the company’s privacy team raised internal complaints that it had been kept secret from them.”

The internal rift over the system has had massive ramifications, effectively ending work on the censored search engine, known as Dragonfly, according to two sources familiar with the plans. The incident represents a major blow to top Google executives, including CEO Sundar Pichai, who have over the last two years made the China project one of their main priorities.

You gotta go deep to get to the bottom of this one, but it does appear that the Grinch may have stolen Google’s Chinese search gift this holiday season. I’ll leave it up.

Queue up Dr. Seuss:

And the more the Grinch thought of this Who Christmas Sing,
The more the Grinch thought, “I must stop this whole thing!”
“Why, for fifty-three years I’ve put up with it now!”
“I MUST stop this Christmas from coming! But HOW?”

Written by turbotodd

December 17, 2018 at 2:40 pm

Google in the Hot Box

leave a comment »

Google CEO Sundar Pichai is in the hotbox today on Capitol Hill as he testifies before the House Judiciary Committee.

I’ve had some of the later testimony on in the background, and there have already been lots of questions about data and data sharing, preloaded apps, privacy, DoubleClick cookies and the merging of offline data (which I found sooo 1999!).

The New York Times is following much more closely, and here are some highlights of what they’ve observed:

Republican lawmakers displayed the party’s growing distrust toward Google, raising a broad array of tough questions on the search giant’s market power, plans to relaunch service in China, and whether the site suppresses conservative content. At the core of their questions was a concern over the company’s commitment to free expression.

Kevin McCarthy, House Republican Leader, had this to say:

“All of these topics — competition, censorship, bias, and others — point to one fundamental question that demands the nation’s attention. Are America’s technology companies serving as instruments of freedom or instruments of control?”

There was also discussion around liberal-leaning biases of employees and whether or not those biases “affect[ed] filtering decisions for its search engine,” a claim many right-leaning leaders have suggested in the past.

Location information was also prevalent, and Texas Republican Ted Poe held up his own smartphone and asked Pichai if Google was tracking his whereabouts if we walked to the other side of the room.

Pichai’s response: “Not by default,” suggesting it depended on the congressman’s app settings.

The Times also observed that Google’s been taking heat both internally and externally for “Project Dragonfly,” it’s initiative to build a censored search engine that could be used in the Chinese market.

My observation: Regulation of American Internet giants is not a question of if, but when, and how much. They’ve amassed too much personal data far too quickly and treated it with reckless abandon, and now the question becomes what measures can an American regulatory regime take that has both teeth for the consumer but doesn’t stifle innovation for industry.  

It’s a tall order and a complicated ask, but they, that’s why all those lobbyists get paid the big bucks! ; )

Written by turbotodd

December 11, 2018 at 12:43 pm

A New Class Of Security

leave a comment »

Click to enlarge. This graph outlines some of the key types of security attacker types and techniques that the 2011 IBM X-Force Trends Report identified as being most common. By the end of last year, the frequency and scope of these incidents persisted, and continue to bring awareness to the basic tenants of operating a business and protecting its assets in an increasingly connected world.

As hackers increasingly find new and nefarious ways to threaten the global digital infrastructure, recent policy advancements such as the proposed “Cybersecurity Act of 2012” in the U.S. have been introduced as solutions to the world’s growing cybersecurity problem.

While IBM accepts it is an imperative to properly secure critical systems, private sector advancements should be balanced with pragmatic legislative policies that avoid overly-prescriptive mandates that can inhibit the very innovation needed to ensure cybersecurity.

Consequently, IBM moved quickly and sent a letter urging the U.S. Senate to address flaws in the proposed cybersecurity bill.

According to IBM’s X-Force 2011 Trend and Risk Report, cyber attackers are adapting and moving quickly to target newer information technologies such as social networks and mobile devices. This rapidly evolving nature of cyber attacks necessitates a new approach to enabling cybersecurity.

Responding to the ever-changing nature and volume of attacks requires agility, risk-based management, and a commitment to innovative defensive measures. IBM supports bipartisan, cybersecurity legislation, but the “Cybersecurity Act of 2012” would add bureaucracy to a process that needs speed to succeed.

Government and industry would be best served by a common-sense approach to cybersecurity that allows for investment in R&D, improved information sharing between public and private sectors, better security for federal IT networks, and criminal penalties for cyber-crimes.

Industry Solutions To A Network Problem

Advanced threats, rapid adoption of social media, and Web applications have also been driving the need for new, intelligent approaches to security.

As employee access to the Web has become ubiquitous, enterprises are struggling with massive increases in malware as well as Advanced Persistent Threats (APTs), which can compromise proprietary data.

Many of today’s security solutions often offer limited visibility and control over network activity, which can put the company at risk.

To help clients proactively protect against evolving security threats, including those posed by social media sites and malicious websites, IBM today announced a new class of network security appliance that delivers a more granular view of a company’s security posture and a simplified security management interface.

This new next-generation intrusion prevention appliance helps clients address advanced attacks targeting their organization, providing visibility into exactly what applications are being used on the network, where users are going on the Web, with the ability to monitor and control this activity, which can result in improved security and reduced operational costs.

IBM Security Network Protection XGS 5000

IBM Security Network Protection XGS 5000 is a next-generation intrusion protection system specifically designed to address the constantly evolving, increasingly sophisticated threats that organizations face today.

It builds on the proven, core security features found in IBM Security Network Intrusion Prevention System, including helping protect against “zero-day” exploits, by adding new levels of visibility and control over the network, applications, data and users to help improve security by helping prevent misuse and identify previously undetectable threats.

IBM Security Network Protection incorporates global threat intelligence from X-Force, including a Web filter database of over 15 billion URLs — capable of monitoring and categorizing millions of Web servers and applications each day to provide superior protection against the changing threat landscape.

Gaining Control, And Visibility, Into Security Events

Once organizations are aware of the nature of activity on their network, the new application control features enable clients to have granular control over what is happening on their network; this means granular user and group-level control over which applications and Websites are permitted, and how they are used down to individual actions or activities within these applications and sites.

IBM Security’s Advanced Threat Protection Platform helps clients by providing the following features and capabilities:

  • Proven security to help protect against zero-day threats: enables preemptive protection against a full spectrum of advanced threats, including Web application attacks and exploits hidden in files. IBM’s protection engine is built upon years of security intelligence gathered by X-Force Research, and can stop entire classes of attacks — including new and unknown threats – without updates; most solutions available today match individual protection signatures — a process that can be too slow to stop evolving threats and can result in higher rates of false positives and false negatives.
  • Visibility and insight: provides application awareness, monitoring and control, with high level dashboards for drilling down into events and reporting. Also provides deep insight into the nature of activities on the network through broad application awareness and flow data analysis. Integrates with QRadar Security Intelligence Platform to provide even greater levels of insight including anomaly detection and event correlation.
  • Control: utilizes intelligence related to Web applications, Websites, and non-Web applications, including Web application and Web site coverage with over 15 Billion URLs across 68 categories and support for 1000+ applications and actions.

IBM Security Network Protection XGS 5000 will be available starting in 3Q12.

 About IBM Security

IBM’s security portfolio provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more.

IBM operates one of the world’s broadest security research and development, and delivery organizations. This comprises nine security operations centers, nine IBM Research centers, 11 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents.

%d bloggers like this: