April 27, 2022
Russia is leaking a report on a war game run by a Polish think tank with a retired General. Not very interesting in terms of impact, but interesting as an operation in broad terms.
What I really love about this research is that they used the ads they were served as a means to measure what information was collected. This allowed them to demonstrate that Amazon Echo was collecting voice data and sharing it with data brokers. How cool is that?
[2204.10920] Tracking, Profiling, and Ad Targeting in the Alexa Echo Smart Speaker Ecosystem
Smart speakers collect voice commands, which can be used to infer sensitive information about users. Given the potential for privacy harms, there is a need for greater transparency and control over the data collected, used, and shared by smart speaker platforms as well as third party skills supported on them. To bridge this gap, we build a framework to measure data collection, usage, and sharing by the smart speaker platforms. We apply our framework to the Amazon smart speaker ecosystem. Our results show that Amazon and third parties, including advertising and tracking services that are unique to the smart speaker ecosystem, collect smart speaker interaction data. We also find that Amazon processes smart speaker interaction data to infer user interests and uses those inferences to serve targeted ads to users. Smart speaker interaction also leads to ad targeting and as much as 30X higher bids in ad auctions, from third party advertisers. Finally, we find that Amazon's and third party skills' data practices are often not clearly disclosed in their policy documents.
Wonderfully clear explanation of a well known issue.
What is the pin code for this door?
(I tried to take a good picture that minimized glare. Take a good close look first.)
Note: I have validated it. So there is a correct answer.
The intelligence war has been far more impactful than cyber. It’s not fair.
Some forever-root “feature” in windows.
Good news though:
“The NSA is going beyond information-sharing to defend US companies against growing threats from Russia and China”
This sounds like maybe a big deal.
NSA Goes Beyond Info-Sharing to Defend US Firms From Russia, China
The NSA, through its Cybersecurity Collaboration Center, is combating cyber threats to the US's defense industrial base, the center's director writes.
New Thinkst coverage of infosec talks.
You can read our top picks - with commentary and overviews at thinkst.com/ts ¹
__ ¹ As usual, no paywall, no registration needed
Russian disinformation activity by diplomats.
Vuln dev talk.
Now this is really cool work! Identifying micro scratches on gorilla glass to determine the PIN code
Here is a dose of cool old illustrations. 13th century Arabic illustrations from Marvels of Things Created and Miraculous Aspects of Things Existing which is such an awesome title.
Behold Fantastical Illustrations from the 13th Century Arabic Manuscript Marvels of Things Created and Miraculous Aspects of Things Existing | Open Culture
Religion, history, medicine, poetry, ethnography, zoology, cosmology, political philosophy—in many a medieval text, these categories all seem to melt together. Or rather, they don’t exist separately in the way we think of them, as labels on a library shelf and courses in a catalogue.
Great explanation of when AI is a good solution.
"Why the hell even use Deep Learning?" -- You Asked for a Sentence But You're Getting a Thread edition.
1/
