Chicago Sun-Times: People in Arizona may soon have to give up their DNA for a statewide database. “Arizona could soon be one of the first states to maintain a massive statewide DNA database. And if the proposed legislation passes, many people — from parent school volunteers and teachers to real estate agents and foster parents — will have no choice but to give up their DNA.” And apparently pay 250 smackeroos to do it.
Security & Legal Issues
Security & Legal issues and news. May be about patches, hacks, or court decisions.
Git money, git paid: GitHub waves larger wads of dollar bills to tempt bug hunters (The Register)
The Register: Git money, git paid: GitHub waves larger wads of dollar bills to tempt bug hunters . “Social code storage biz GitHub, now a ward of Microsoft, on Tuesday divulged plans to make itself more attractive to hackers by flashing larger sums of cash and offering better indemnity.”
Business Insider: Google says the built-in microphone it never told Nest users about was ‘never supposed to be a secret’
Business Insider: Google says the built-in microphone it never told Nest users about was ‘never supposed to be a secret’. “In early February, Google announced that its home security and alarm system Nest Secure would be getting an update. Users, the company said, could now enable its virtual-assistant technology, Google Assistant. The problem: Nest users didn’t know a microphone existed on their security device to begin with.”
Wired: NATO Group Catfished Soldiers to Prove a Point About Privacy
Wired: NATO Group Catfished Soldiers to Prove a Point About Privacy. “The phony Facebook pages looked just like the real thing. They were designed to mimic pages that service members use to connect. One appeared to be geared toward a large-scale, military exercise in Europe and was populated by a handful of accounts that appeared to be real service members. In reality, both the pages and the accounts were created and operated by researchers at NATO’s Strategic Communications Center of Excellence, a research group that’s affiliated with NATO.”
‘We paid little attention to vulnerabilities in machine learning platforms’: DARPA (The Sociable)
The Sociable: ‘We paid little attention to vulnerabilities in machine learning platforms’: DARPA. “Dr. Hava Siegelmann, program manager in the Defense Advanced Research Projects Agency‘s (DARPA) Information Innovation Office (I2O), introduced the Guaranteeing AI Robustness against Deception (GARD) program earlier this month to address vulnerabilities in machine learning (ML) platforms and to develop a new generation of defenses against adversarial deception attacks on ML models.”
The Hacker News: How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link
The Hacker News, with a side of “good grief” (this issue has been fixed, though): How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link. “It’s 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into clicking on a link.”
TechCrunch: India’s state gas company leaks millions of Aadhaar numbers
TechCrunch: India’s state gas company leaks millions of Aadhaar numbers . “Another security lapse has exposed millions of Aadhaar numbers. This time, India’s state-owned gas company Indane left exposed a part of its website for dealers and distributors, even though it’s only supposed to be accessible with a valid username and password. But the part of the site was indexed in Google, allowing anyone to bypass the login page altogether and gain unfettered access to the dealer database.”
