Monday, 22 January 2018

CYBER: AI - How open data can save AI – World Wide Web Foundation

How open data can save AI – World Wide Web Foundation: "One way to make more data available and to improve data quality is to push governments that use algorithms and AI systems for public service delivery to open up the data upon which these systems rely. All non-personally identifiable datasets used should be released in open formats. When datasets are considered too sensitive for release, appropriate metadata should be provided.

Opening key datasets will help identify potential biases, lead to more competition between potential service providers, ensure better public services, and increase citizen trust in government.

 As governments adopt algorithms and AI systems to improve service delivery, we should take steps to ensure this is done in a transparent way that reassures citizens that these systems will produce fair outcomes, as well as higher quality services. Making the underlying data available is a first step towards public understanding of how public service AI systems make decisions." 'via Blog this'

CYBER DCMS pass the buck on age verification - Pandora Blake

DCMS pass the buck on age verification - Pandora Blake: "Given the DCMS have taken seven months to produce their guidance, which they started before the Digital Economy Act was passed, it seems a little cheeky to expect the BBFC to turn their guidance around instantaneously. Nonetheless, enforcement is meant to begin on 27 April 2018, by which point the regulator needs to have been designated, held a consultation, and produced guidance.

The chances of site owners having any time at all to actually implement age verification by the time all this has happened seem vanishingly slim.

If the BBFC have finished their own process by then it will have been a rush job, without taking sufficient time to make age verification workable and robust. Our best hope at this stage is for the April deadline to be put back to allow time for things to be done properly." 'via Blog this'

Monday, 15 January 2018

Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it | Ars Technica

CYBER: Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it | Ars Technica: "Meltdown, applicable to virtually every Intel chip made for many years, along with certain high-performance ARM designs, is the easier to exploit and enables any user program to read vast tracts of kernel data. The good news, such as it is, is that Meltdown also appears easier to robustly guard against. The flaw depends on the way that operating systems share memory between user programs and the kernel, and the solution—albeit a solution that carries some performance penalty—is to put an end to that sharing.

 Spectre, applicable to chips from Intel, AMD, and ARM, and probably every other processor on the market that offers speculative execution, too, is more subtle. It encompasses a trick testing array bounds to read memory within a single process, which can be used to attack the integrity of virtual machines and sandboxes, and cross-process attacks using the processor's branch predictors (the hardware that guesses which side of a branch is taken and hence controls the speculative execution). Systemic fixes for some aspects of Spectre appear to have been developed, but protecting against the whole range of fixes will require modification (or at least recompilation) of at-risk programs." 'via Blog this'

Friday, 12 January 2018

Inside DuckDuckGo, Google’s Tiniest, Fiercest Competitor

Inside DuckDuckGo, Google’s Tiniest, Fiercest Competitor:

"DUCKDUCKGO’S SECRET WEAPON: HARDCORE PRIVACY

When you do a search from DuckDuckGo’s website or one of its mobile apps, it doesn’t know who you are. There are no user accounts. Your IP address isn’t logged by default. The site doesn’t use search cookies to keep track of what you do over time or where else you go online. It doesn’t save your search history. When you click on a link in DuckDuckGo’s results, those websites won’t see which search terms you used. The company even has its own Tor exit relay, allowing Tor users to search DuckDuckGo with less of a performance lag.

Simply put, they’re hardcore about privacy.

But things didn’t start out that way. Weinberg, who says he has “always been a privacy-minded person,” wasn’t particularly concerned with search privacy issues when he first started building the service. In fact, he knew very little about the matter at all. Then early users started asking questions." 'via Blog this'

CYBER: Public Money, Public Code

Public Money, Public Code: "Free Software gives everybody the right to use, study, share and improve software. This right helps support other fundamental freedoms like freedom of speech, press and privacy.

Do you believe that Free Software should be the default option for publicly financed software?"



'via Blog this'

Thursday, 11 January 2018

CYBER More details emerge of Uber’s tactics for thwarting police raids – TechCrunch

More details emerge of Uber’s tactics for thwarting police raids – TechCrunch: "So what might be the legal implications for companies that put programs in place intended to deliberately destroy or otherwise render information inaccessible at the point it’s being sought by investigators or regulators?

“If they have knowledge of a specific investigation and a specific… search warrant… and they encrypt while that raid’s going on to stop the agents from accessing the computers that they have a court order to access that could be considered obstruction of justice,” says Josh Robbins, partner at litigation law firm Greenberg Gross LLP, discussing the risks of companies trying to thwart regulatory oversight.

 “If they were encrypting computers without knowledge of a specific investigation but encrypting computers as a security measure, just generally, I think it would be hard to make the allegation of obstruction of justice because they’d need to have knowledge of a specific investigation. It’s just a general security measure.

 “But it shouldn’t matter because if they receive a subpoena, say, or a court order to produce records then they have the obligation to use their decryption key and unlock the computers and access the information and provide it to the government — and if they refuse to do that then they would be subject to sanctions, contempt of court and so on.”

 In a civil case, a court could penalize a company for engaging in what’s known as “spoliation of evidence”, he notes" 'via Blog this'

CYBER e-Privacy proposal undermined by EU Member States - EDRi

e-Privacy proposal undermined by EU Member States - EDRi: "Although not every proposed amendment threatens fundamental rights, the Estonian Presidency proposed to broaden the scope of exceptions in significant ways. It suggested authorising some processing that goes beyond what is strictly necessary, not keeping consent as sole legal basis, and not putting up strong safeguards to limit the impact of this broadening on privacy.

This weakening of protections and predictability brings us closer to the kind of security and privacy chaos that the United States is experiencing. It would without doubt create the “chill on discourse and economic activity” that failure to implement privacy and security measures has caused in the US. But at least Facebook and Google will be happy." 'via Blog this'