Category: Cyber-Crime

A man widely seen as the godfather of artificial intelligence (AI) has quit his job, warning about the growing dangers from developments in the field.

Geoffrey Hinton, aged 75, announced his resignation from Google in a statement to the New York Times, saying he now regretted his work.

And in a BBC interview on Monday, he said: “I can now just speak freely about what I think the dangers might be.

A new law that seeks to give Canadian artists a leg up online has left many influencers and tech giants alike seeing red.

They took out subway ads, they posted TikToks, but in the end, the score was Silicon Valley-0, Ottawa-1.

After many twists and turns, and over two-and-a-half years of review, the Canadian government has passed a new law that makes tech giants like YouTube and TikTok support Canadian cultural content.

The law, dubbed Bill C-11, gives the Canadian Radio-television and Telecommunications Commission (CRTC) broad authority to regulate these platforms, much like they already do with radio and television.

The government says it is necessary to stop streaming giants from getting a free ride, and to promote local artists.

Although it’s still unclear what those final regulations will look like, the law has raised the ire of everyone from TikTokers to esteemed author Margaret Atwood.

E2EE is a widely used technology that protects everyone’s privacy and security by encoding the contents of digital communications and files so that they’re decipherable only by the sender and intended recipients. Not even the provider of the E2EE service can read or hear its users’ conversations. E2EE is built in by default to popular apps such as WhatsApp, iMessage, FaceTime, and Signal, thereby securing billions of people’s messages and calls for free. Default E2EE is also set to expand to Meta’s Messenger app and Instagram direct messages later this year. 

E2EE’s growing ubiquity seems like a clear win for personal privacy, security, and safety, as well as national security and the economy. And yet E2EE’s popularity has its critics – including, unfortunately, Sen. Durbin. Because it’s harder for providers and law enforcement to detect malicious activity in encrypted environments than unencrypted ones (albeit not impossible, as I’ll discuss), law enforcement officials and lawmakers often demonize E2EE. But E2EE is a vital protection against crime and abuse, because it helps to protect people (children included) from the harms that happen when their personal information and private conversations fall into the wrong hands: data breaches, hacking, cybercrime, snooping by hostile foreign governments, stalkers and domestic abusers, and so on.

That’s why it’s so important that national policy promote rather than dissuade the use of E2EE – and why it’s so disappointing that STOP CSAM has turned out to be just the opposite: yet another misguided effort by lawmakers in the name of online safety that would only make us all less safe. 

First, STOP CSAM’s new criminal and civil liability provisions could be used to hold E2EE services liable for CSAM and other child sex offenses that happen in encrypted environments. Second, the reporting requirements look like a sneaky attempt to tee up future legislation to ban E2EE outright.

First Republic Bank, on the brink of collapse in the weeks after the Silicon Valley Bank crisis, has finally fallen over, but with a relatively quick resolution into its next chapter: today the FDIC announced that it was being closed by the the California Department of Financial Protection and Innovation, that the FDIC was appointed as receiver, and that the FDIC would be selling the assets to JPMorgan.

Its assets and deposits total just over $330 billion together.

Specifically, “to protect depositors, the FDIC is entering into a purchase and assumption agreement with JPMorgan Chase Bank, National Association, Columbus, Ohio, to assume all of the deposits and substantially all of the assets of First Republic Bank,” it said.

The FDIC also confirmed deposits will continue to be insured by the FDIC at an estimated cost of about $13 billion to its insurance fund.

In February, Hong Kong proposed a set of welcoming rules to regulate crypto-related activities. Under the new legal regime, retail investors will be allowed to trade certain digital assets on licensed exchanges, replacing a 2018 framework that restricted trading to only accredited investors.

The city is also paving the way to legalize stablecoins. One startup, which is backed by popular exchange KuCoin and USDC issuer Circle, recently launched an offshore Chinese yuan (CNH)-pegged stablecoin, the first of its kind in Greater China.

To create a favorable environment for web3 businesses, the city is facilitating communication between banks and crypto startups, many of which are scrambling to find alternatives following Silvergate Bank’s meltdown.

These moves are contrasting with Beijing’s heavy-handed crackdown on the crypto industry; they also highlight the degree to which the former British colony enjoys policy exceptions in certain areas, such as finance.

The U.S. government has sounded the alarm about a critical software vulnerability found in genomics giant Illumina’s DNA sequencing devices, which hackers can exploit to modify or steal patients’ sensitive medical data.

In separate advisories released on Thursday, U.S. cybersecurity agency CISA and the U.S. Food and Drug Administration warned that the security flaw — tracked as CVE-2023-1968 with the maximum vulnerability severity rating of 10 out of 10 — allows hackers to remotely access an affected device over the internet without needing a password. If exploited, the bug could allow hackers to compromise devices to produce incorrect or altered results, or none at all.

A United States judge has ordered a South African executive to pay more than US$3.4 billion (S$4.5 billion) in restitution and fines for a fraud scheme involving Bitcoin – the highest-ever civil monetary penalty in any US Commodity Futures Trading Commission (CFTC) case.

Cornelius Johannes Steynberg, the founder and chief executive officer of Mirror Trading International Proprietary, committed fraud tied to retail foreign currency transactions, among other violations, the agency said in a statement that announced the order by US District Judge Lee Yeakel.

Hackers have stolen email addresses, direct messages, and other personal data from users of two dating websites, according to a data breach expert.

Earlier this week, someone alerted Troy Hunt, the founder and maintainer of the data breach alerting website Have I Been Pwned, that hackers had breached two dating websites, CityJerks and TruckerSucker. Hunt told TechCrunch that he analyzed the stolen data and found usernames, email addresses, passwords, profile pictures, sexual orientation, users’ date of birth, their city and state, their IP addresses, and biographies. The stolen passwords are scrambled with a weak algorithm that could potentially be broken and allow hackers to see the actual passwords.”

Two commanders in the Massachusetts Air National Guard were temporarily suspended last week in connection with a federal investigation into alleged classified intelligence leaker Jack Teixeira, the Air Force confirmed Thursday.

Col. Sean Riley, commander of the 102nd Intelligence Wing at Otis Air National Guard Base on Cape Cod, suspended the head of the subordinate 102nd Intelligence Support Squadron where Teixeira worked. The commander in charge of supporting airmen like Teixeira, who are mobilized on full-time, active-duty Title 10 orders, was suspended as well, according to Air Force spokesperson Rose Riley.

In addition to temporarily removing the commanders from their jobs, the Department of the Air Force has also revoked their access to classified networks and information, Riley told Air Force Times. Reuters first reported the development on Wednesday.

Lyft said Thursday it will cut 26% of its workforce, or about 1,072 people, as part of a restructuring plan aimed at rebuilding its core ride-hailing product and boosting profits.

The company also said in a regulatory filing Thursday that it decided to scale back hiring plans and will eliminate 250 open job positions.

Lyft estimates that it will incur a cost of about $41 million to $47 million related to severance and employee benefits in the second quarter of 2023. The ride-hailing company also said it expects additional costs related to stock-based compensation and the corresponding payroll tax expense related to employees who were impacted by this restructuring.

Last week, Lyft’s newly appointed CEO David Risher told employees in an email that the company would significantly reduce its workforce as part of a restructuring effort. Risher said the restructuring would be part of Lyft’s plan to “better meeting the needs of riders and drivers.”

Senator Brian Schatz is one of the more thoughtful Senators we have, and he and his staff have actually spent time talking to lots of experts in trying to craft bills regarding the internet. Unfortunately, it still seems like he still falls under the seductive sway of this or that moral panic, so when the bills actually come out, they’re…

Two decades of misconduct records will be now trickling out of the NYSP’s hands. One assumes it will be a very slow drip, one perhaps interrupted by last-minute admissions the NYSP has, say, destroyed records it was required to retain. A lot can happen over twenty years, but hopefully it won’t take twenty years for records requesters to obtain what they’re entitled to possess.

The Superior Court (basically the first level of state courts in New York) decision [PDF] is short and sweet. It not only directs the NYSP to comply with the law, but draws some other helpful legal conclusions along the way, like this one, which says cop shops can’t withhold information about officers who were investigated for misconduct, but later cleared of wrongdoing.

It is clear that the mere fact that the complaint was determined to be unsubstantiated does not categorically exempt the records from disclosure.

So, we’re just handing out top secret security clearance to everyone, I guess. It was clear from the documents posted to Discord (before spreading everywhere), the person behind them would soon be located.

The folded security briefings were obviously smuggled out of secure rooms in someone’s pocket and then photographed carelessly, in one case on top of a hunting magazine. I mean, that narrows it down to people who still buy stuff printed on physical media, a number that shrinks exponentially by the day.

On top of that, the entry level for the leaked info — much of it related to the current invasion of Ukraine by Russia — was Discord, which no one has considered to be the equivalent of Signal or any other secure site for the dissemination of sensitive material.

Various treaties and multi-national proposals to combat cybercrime have been around for years. I’m not exaggerating. These have been floating around for more than a decade. (Do you want to feel old? This cybercrime treaty proposal would be old enough to legally obtain a social media account in the United States if it were still viable.)

The UN has been pushing its own version. But its idea of “crime” seems off-base, especially when it’s dealing with a conglomerate of countries with varying free speech protections. The “Cybercrime Treaty” proposed by the UN focuses on things many would consider ugly, distasteful, abhorrent, or even enraging. But it’s not things most people consider to be the sort of “crimes” a unified world front should be addressing — not when there’s plenty of financially or personally damaging cybercrime being performed on the regular.

One of the most notorious privacy-breaching tech companies in operation, Clearview AI, has, according to its CEO, scraped 30 billion social media photos, packaged and curated them, and passed them along to the surveillance state authorities to do with what they will (in the dark, with no oversight, naturally, as the Founders warned such authorities would if left unchecked). Clearview’s…

When Member of Parliament Kenny Chiu was contacted by the Canadian Security Intelligence Service (CSIS) ahead of Canada’s federal election in 2021, he was puzzled. He had never expected to be part of a CSIS investigation, let alone one that required an in-person talk at the height of Canada’s COVID-19 pandemic. “At that time, everything had moved online, so it was…