Connect with us

Tech News

Cybersecurity expert Alex Stamos on Facebook’s counter terrorism team and the private-public divide – TechCrunch

Published

on

Alex Stamos rose to fame as the former chief security officer for Yahoo and then Facebook. But today he’s the director of Stanford’s Internet Observatory, where he’s immersed in teaching and research safe tech — and understands better than most the threats that the U.S. is facing, particularly as we sail toward the next U.S. presidential election.

Last night, at a StrictlyVC event in San Francisco, he talked with New York Times cybersecurity correspondent Sheera Frenkel about a small number of these massively impactful issues, first by revisiting what happened during the 2016 president election, then catching up the audience on whether the country’s defenses have evolved since. (The short version: they haven’t. If there’s any good news at all, it’s that the federal and state governments are at least aware now there’s an issue, whereas they appeared largely blindsided by it the last time around.)

What worries Stamos most are “direct attacks on our election infrastructure” because there’s been so little to bolster it. In fact, a big theme of the interview was the growing inability of the public sector to protect Americans or U.S. democracy against actors who would do the country harm.

As it relates to election infrastructure specifically, Stamos used a hyperlocal example to underscore what the U.S. is dealing with right now. As he told Frenkel, “I live in San Mateo County. I’ve met the CIO of San Mateo County. Really nice guy. I’m sure he has a staff of very hard-working people. The idea that the CIO of San Mateo County has to stand up and protect himself against the [Russian military intelligence agency known as the] GRU or China’s Ministry of State Security or Iran’s Islamic Revolutionary Guard Corps or the Lazarus Group of North Korea . . . that’s frickin’ ridiculous. Like, we don’t ask the San Mateo County Sherriff’s department to get ready to repel an invasion by the People’s Liberation Army, but we ask for the cyber equivalent in the United States.”

Put into perspective, San Mateo County is one of about about 10,000 local governments in the United States that are involved in elections, said Stamos. “Nobody else in the world runs their elections this way.”

In fact, in nearly every conceivable way, “responsibilities that were once clearly public sector responsibilities are now private sector responsibilities,” he told Frenkel during a later part of their discussion. He would know, having seen it first-hand.

“When I was the chief security officer at Facebook,” he told the audience, “I had a child safety team. We probably put more bad guys away than almost any law enforcement agency outside of the FBI or [Homeland Security Investigations unit] in the child safety realm. Like, there’s no local police department in the United States that put away more child predators than the Facebook child safety team. That is a crazy stat.

Facebook also has a counter terrorism team — which not everyone realizes — and which has become in many ways the country’s first responder, he suggested. Indeed, Stamos said that “there are several terrorist attacks that you’ve never heard of because they didn’t happen because we caught them. Now, there’s some local law enforcement agency took credit for it, but it was actually our team that found it and turned it over to them with a bow on it.”

Americans might shrug off this continuing shift in who is tackling what, but they do it at their peril, suggested Stamos — who managed to keep the crowd laughing, even as he painted a bleak picture. As he noted, the big tech “companies are exercising this power without any kind of democratic oversight.” Consider, he said, that “[Facebook’s] authorization is the terms of service that people click through and never read when they join Facebook or Instagram. That’s a bizarre set of rules to be bound by when you have such incredible power.”

Another huge blind spot, said Stamos, is the apparently inability — as well as the collective lack of determination required — of the public and the increasingly powerful private sector to coordinate their work.  Here, he offered another broad example to make it accessible. “Say you had an organized group in the United States that’s running a bunch of Facebook ads, but their money is coming from bitcoin from St. Petersburg,” said Stamos. “That is completely invisible to Facebook. That is perhaps visible to FBI . . .but they don’t have access to that actual content [on FB]. And figuring out a way for these two groups to work with each other without massively violating the privacy of everybody on the platform turns out to be super hard.”

Yet it’s worse than even that sounds, he continued. The reason: there’s no decision-tree in part because the issue has grown so unmanageable that no one wants to own what goes awry. “There’s effectively nobody in charge of this right now, which is one of the scariest things we’re facing as a country. Almost nobody is in defense of cyber, and certainly nobody is in charge of the big picture, [meaning] how do we defend against election [interference] both from a cybersecurity perspective and a disinformation perspective.”

Stamos even jokingly referred to “pockets of people in the U.S. government who are effectively hiding from the White House and trying very, very hard” to escape its attention, given the daunting job they’d be tasked with figuring out. Except, all kidding aside, with no one at the helm and “no real cross-agency process, there’s really nobody in charge,” said Stamos.

That means the “tech companies are effectively the coordinating body for this. And that’s actually really screwed up.”



Source link

Continue Reading

Tech News

Ring Car Cam leaks: This could be Amazon’s Alexa dash-cam

Published

on

Details and what appears to be an image of Ring’s upcoming Car Cam have leaked, with the connected dash cam expected to add security both when the vehicle is parked and while it’s on the move. The newest addition to Ring’s line-up was actually announced in September 2020 as part of Amazon’s big device launch, though at the time no pictures of the Car Cam hardware itself were shared.

Still, Ring’s description painted a fairly comprehensive picture of what it was intended to do. As well as tracking bumps and attempted break-ins, and notifying owners via the Ring smartphone app, it can also be used to record journeys and summon emergency services in the case of an accident being detected.

If you’re being pulled over by the police, meanwhile, saying “Alexa, I’m being pulled over” will automatically begin video and audio recording. At the same time as that’s being uploaded to the cloud, the system will send a notification to pre-selected family members to let them know the stop has taken place. Ring said there would be a physical privacy shutter, too, and a choice of WiFi or LTE connectivity. The whole thing would be $199.99, though cellular plans would be on top of that.

Since then, we’ve not heard anything more about the new dash camera. A leak on The Tape Drive, though, has revealed what it could look like, and it’s certainly an unusual design.

The camera assembly looks to be mounted on some sort of bracket, either to be positioned above the dashboard or potentially hung from above the rearview mirror. There’s presumably a fish-eye camera on both sides – only visible from one side in the render – to capture footage both inside and outside of the car.

As for functionality, ZatzNotFunny spotted a seemingly prematurely-published Ring Car Cam information document on the company’s support site. It reconfirms some of the details which Ring told us late last year, but also adds a few extra tidbits.

For example, the camera will connect via the vehicle’s data port, not just hook up to a USB or 12V outlet for power. “Ring Car Cam easily installs directly to the OBD-II port in your vehicle, located behind your steering wheel in most cars,” Ring explains. “It securely attaches to the windshield and dashboard of the car, and the cable can be neatly tucked away and out of sight.”

It’s unclear what extra data Ring might be gathering by using that approach. The OBD-II port typically grants access to various driving metrics, and though originally intended as a way for vehicle technicians to diagnose faults and issues in increasingly computerized models, has also gained traction as a way for third-party devices to tap that same stream of information. Amazon had also announced Ring Car Alarm, a cellularly-connected dongle that plugs into the ODB-II port.

The Ring Car Cam itself won’t require a subscription, though you won’t get all of the features in that case. “You can access video stored locally on the device via the Ring app when the car is within range of wifi,” the company explains. “With an optional Ring connectivity plan, you can access video from anywhere via LTE as well as advanced features like Emergency Crash Assist.”

The connectivity plan for Ring Car Cam will also unlock features like real-time tracking, to help locate a stolen vehicle.

What remains to be seen is how Ring Car Cam will fit into Ring’s existing sharing policies with police departments. The Amazon-owned company has found itself mired in controversy in recent years, after inking deals with law enforcement that saw many requests for footage from connected security cameras and video doorbells. Ring had been accused of fueling privacy infringement and supporting racial profiling.

Earlier this month, the company announced a new policy around sharing with public safety and law enforcement agencies. Moving forward, such agencies will ahem to request information or video from communities through a publicly-viewable category on Ring’s Neighbors app. This new section, “Request for Assistance,” will allow communities to see just what sort of data is being shared, Ring says.

“All Request for Assistance posts will be publicly viewable in the Neighbors feed, and logged on the agency’s public profile,” Ring explains. “This way, anyone interested in knowing more about how their police agency is using Request for Assistance posts can simply visit the agency’s profile and see the post history.”

Continue Reading

Tech News

YouTube on iOS PiP makes it much easier to watch videos while multitasking

Published

on

YouTube is now rolling out the ability for all users to watch videos with picture-in-picture mode, which reduces the video players to a small floating screen on one’s phone or tablet. This feature won’t be limited to only premium customers as some had previously speculated, though those premium customers will get access to the PiP support first.

Android users have had access to YouTube’s picture-in-picture mode for a while; it has become increasingly useful as devices get larger, higher-resolution displays, leaving ample room for using more than one app at a time. With PiP, someone can watch a video in a small corner of their device’s display while doing something else, such as browsing social media, messaging, or playing games.

There have been concerns over recent months that YouTube wouldn’t only make its picture-in-picture mode available to paying Premium subscribers on iOS, but that’s not the case, according to confirmation given to MacRumors.

The feature is now rolling out to all iOS users in the United States, with Premium customers getting it first followed by free users ‘soon.’ Some iOS users have already had access to the YouTube picture-in-picture feature, though its availability has been touch and go with it working only sometimes.

The official support will eliminate the need to deal with difficult workarounds and buggy Safari streaming, though you may need to remain patient if you’re not a Premium user. The feature will be most useful on larger iPhone models where there’s enough screen space to watch a video in the mini player and engage in a second activity.

Continue Reading

Tech News

Researchers say they’ve found the ideal strategy to pay off student loans

Published

on

When many people near college graduation, they begin to contemplate how they’ll deal with the student loans they’ve racked up over the past few years. The burden — which grows more substantial with every generation — can result in stress and, if not managed properly, may throw one’s life plans off track for several years. Mathematicians with the University of Colorado at Boulder may have a solution, explaining that they developed a mathematical model to explore the ideal repayment strategy.

Generally speaking, college graduates get a brief grace period after graduation during which time they aren’t required to make payments on their loans. Two different options are available once payments start: an income-based repayment strategy that involves paying a certain amount monthly based on one’s salary or simply throwing as much money at the loan as possible to pay it off in a shorter period of time.

In many cases, graduates are often advised to pay the loans off as quickly as possible if the funding amount is on the smaller side. On the flip side, graduates are typically told to take the income-based repayment option if they’ve taken out a substantial amount of funds in the form of student loans. The new study suggests a hybrid approach may be more ideal.

The mathematical model takes into account things like compounding interest rates, the income tax that may need to be paid, and more. The findings indicate that some graduates may benefit from a hybrid-style repayment approach that involves paying off as much as possible for the first several years, then switching over to an income-based repayment plan for the remainder of the balance.

The team of researchers hasn’t made their work available as a calculator for the public, but they do plan to improve it and potentially make it available to existing repayment calculators that may integrate the model. The ideal repayment method will ultimately depend on personal factors that must be accounted for, including things like anticipated salary and more.

Continue Reading

Trending