Recently hacked, here’s Microsoft’s statement on pending cybersecurity legislation
Microsoft recently published that it too, as with Facebook and Apple, was the victim of a hacking incursion. The company stated that it was “infected by malicious software using techniques similar to those documented by other organizations.”
As TNW reported after the facts were initially aired by Microsoft, “[a] previously unknown Java vulnerability that was patched on Mac computers by Apple after the hacking was uncovered was used in all cases.” Given the sheer quantity of public airing of the specific weakness and vector in question, security is likely to be tightened.
This apparently targeted and successful breach of security at key American technology companies is part of the larger discussion concerning cybersecurity in the United States, a topic that recently hit a new plane after the New York Times reported that it had been compromised. The publication later reported that the Chinese army was directly infiltrating US companies at will, findings based on an explosive report by Mandiant, a security company.
Legislation regarding cybersecurity has been a rough patch for Congress in the past legislative cycle, and hasn’t shown much in the way of fresh legs in the new session. The President, as long threatened, enacted an executive order, but given the limited purview of that dictum, it is universally agreed upon that action from Congress will be required to address the issue.
We are grazing the lower slopes of what could be a key legislative battle in the coming months concerning mandatory cybersecurity standards for critical infrastructure elements, and how to share information between the public and private sectors.
To that end, enter the Cyber Intelligence Sharing and Protection Act (CISPA). Reintroduced in the House exactly as it was, the controversial bill is back from the dead. Previously, it was ignored by the Senate and stuck with a threatened veto.
Microsoft was in favor of it. This is not to single out the company, but merely to frame the upcoming discussion, one that the company directly joined this morning by publishing the findings of its own hacking assault.
This time around, however, Microsoft has softened its tone slightly on the issue. Here is the company, last year, reaffirming its support for the bill:
“Microsoft’s position remains unchanged. We supported the work done to pass cybersecurity bills last week in the House of Representatives and look forward to continuing to work with all stakeholders as the Senate takes up cybersecurity legislation.”
At the request of TNW, Microsoft has provided a fresh statement regarding CISPA, which strikes a slightly different note:
“Microsoft believes that any proposed legislation should facilitate the voluntary sharing of cyber threat information in a manner that allows us to honor the privacy and security promises we make to our customers. Legislation introduced in mid-February reflects important changes resulting from an active, constructive dialogue about a prior version of the bill, and that dialogue must continue. We look forward to continuing to work with policymakers and others to improve cyber security while protecting consumer privacy.”
For those in favor of detail, the second statement is attributable to Scott Charney, Microsoft’s Corporate Vice President of its Trustworthy Computing unit.
Parsing the statement, Microsoft demands that the “dialogue must continue,” falling short of supporting the bill as it stands, citing the need to honor “the privacy and security promises we make to our customers.” Good. This is progress.
Microsoft showed good conscience coming out against SOPA, following earlier positions that placed the company at odds with many of its supporters; Microsoft in fact has been on the right side of other modern issues, such as gay marriage.
By removing its full support for CISPA, the bill has lost an ally that could have been used as a prop by legislative actors intent on bullying something through the lower chamber of Congress yet again.
Again, I do not wish to point a finger at Microsoft in this case more than any other firm; the company however is a bellwether and key technology player. Thus, its views are more than relevant to the discussion of cybersecurity, most especially after its recent disclosures.
Gear up, dear readers, this is an issue that will take months to ravel.
Top Image Credit: Robert Scoble
Read more here: Recently hacked, here’s Microsoft’s statement on pending cybersecurity legislation
Bill Gates takes to Reddit for an AMA: Only has $100 in his wallet, will not give you $1 million
Bill Gates is currently hosting an AMA session on Reddit. An AMA, short for ‘Ask Me Anything,’ is an informal text-based interview with the social website’s userbase. As Reddit’s size has grown, so too has the level of celebrity of individual that can be attracted to spend time on the site. Famously President Obama took the time to answer a handful of questions during his last campaign.
In a new turn, Bill put together a short, animated video clip answering three popular questions. Given his immense wealth, it’s not a surprise that two involved money: how much do you have in your wallet, and can I have $1 million?
Enjoy the clip, and if Bill posts anything eye-popping in his AMA session, we’ll bring you the highlights.
Hat tip to Donna Tam of CNET for surfacing the clip to our attention.
Go here to read the rest: Bill Gates takes to Reddit for an AMA: Only has $100 in his wallet, will not give you $1 million
Congresswoman Proposes “Aaron’s Law” In Honor Of Late Internet Activist
In the wake of Internet activist Aaron Swartz’s suicide before his impending court case, Silicon Valley Congresswoman Zoe Lofgren (CrunchGov Grade: A) has proposed a bill that may have prevented the government from overzealous prosecution. Swartz reportedly faced an astounding 50+ years in prison and a $4 million fine after releasing millions of pay-walled academic articles from the popular JSTOR database. “Aaron’s Law” would amend the Computer Fraud and Abuse Act (CFAA) in the hopes of limiting the prosecutorial power against citizens who merely release information from certain types of databases.
“We should prevent what happened to Aaron from happening to other Internet users,” the Congresswoman wrote on popular content aggregator Reddit.com–a fitting tribute, considering Swartz was an early builder of the site. She continued:
The government was able to bring such disproportionate charges against Aaron because of the broad scope of the Computer Fraud and Abuse Act (CFAA) and the wire fraud statute. It looks like the government used the vague wording of those laws to claim that violating an online service’s user agreement or terms of service is a violation of the CFAA and the wire fraud statute.
Prosecution against Swartz was apparently so aggressive that MIT has ordered an investigation into the handling of the case.
You can read the full bill here [PDF]. Lofgren writes that she will be seeking co-sponsors and support in the coming days.
We will have more analysis of the bill soon.
See more here: Congresswoman Proposes “Aaron’s Law” In Honor Of Late Internet Activist
Splid is your ‘virtual witness’, an iOS app that locks photos from editing to help prove your story
If you’ve ever wanted authentic photographic evidence of something without being accused of Photoshop-fakery, this new iOS app could be what you’re looking for.
Splid officially launches today, promising a ‘virtual witness’ for anyone who, say, has been in a minor car accident, so they can store a believable record of the scene as it happened.
Photos taken within the app are locked…they can’t be edited or doctored in any way. With registration, you can also store them all in a cloud-based vault.
How it works
When you first launch the app, you’re good to go.
You point, shoot, and it’s stored within the app, untouchable. You can’t import any images in from other sources, or alter the image in any way.
Splid also lets you create multiple albums with separate photo collections within the app. One potential use-case could be for designers, or those wishing to prove a piece of work was created by them, on a certain date or time. That said, it is actually easy to falsify this data, simply by altering the date/time setting on your iDevice, which I managed easily.
As noted already, Splid also offers an optional registration that brings added functionality, including the ability to lock photos independently on Splid’s servers. They’re stored full-size, with zoom included for additional detail.
It’s probably also worth mentioning that photos cannot be seen within Splid by anyone who doesn’t have the user’s express permission. And your iOS device gives each photo a unique ID as it uploads.
The app was launched by a company called “FDJ Partners”, founded 35 years ago, after it embarked on a lengthy complaints procedure against a ‘Big Six’ utility company in a bid to rectify a quarterly electricity bill overcharge of £700. Now, by “FDJ Partners”, we’re really talking about a couple who have been together for 35 years…it seems there isn’t actually a proper company here called FDJ Partners. But that’s fine with us.
“Inaccurate or badly estimated bills, together with erroneous or faulty readings, are the main causes for complaint against the utilities and yet very few people follow the complaints procedure to its full conclusion,” explains Fiona Jack, of “FDJ Partners”.
“Ten phone calls, 68 emails and 3 letters later and it’s easy to see why,” she continued. “The system, which lacked continuity and was overly complicated, seemed geared towards discouraging consumers from standing up for their rights. Even the seemingly obvious, such as speaking to the relevant billing adviser, was not permitted.
“Our story ended well, and eight weeks later the utility company issued its bill with a 100% rebate, plus an additional £600.00 in compensation, but our case is the exception rather than the rule,” she adds. “The utilities have had it too good for too long but we hope that, armed with The Splid app, many more consumers will join in the campaign for fairer treatment.”
It’s an interesting idea for sure, though what will be even more interesting will be whether photos taken with the app will be taken any more seriously by the relevant authorities.
Splid is available to download now for $0.99, or your local currency equivalent.
Image Credit: Thinkstock
Disclosure: This article contains an affiliate link. While we only ever write about products we think deserve to be on the pages of our site, The Next Web may earn a small commission if you click through and buy the product in question. For more information, please see our Terms of Service.
The rest is here: Splid is your ‘virtual witness’, an iOS app that locks photos from editing to help prove your story
A Few Actual Harms To Be Concerned About From Today’s Government Spying Law
“Other than the vague threat of an Orwellian dystopia, as a society we don’t really know why surveillance is bad,” writes Washington University Law Professor, Neil Richards [PDF]. Today, the United State Senate reauthorized a controversial Obama-supported surveillance law, the Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008 (FISA), which permits intelligence agencies to monitor international communications, sometimes without a warrant and little court oversight.
Civil libertarians are up in arms, but in the face of deadly terrorist threats, does government monitoring actually harm people? Richards’ attempts to argue that brazen government spying does, indeed, have real-world harms, including mass self-censorship and blackmail, and supplies moderately compelling evidence that will appeal to those naturally scared of the government.
Without the Senate’s support, FISA’s powers were set to expire at the end of the year. Fierce FISA critic, Senator Ron Wyden (CrunchGov Grade: A), who released a hold he put on the bill in exchange for limited congressional debate, worries that evidence of government overreach means that FISA could lead to more unnecessary spying. The scope of monitoring and the admitted breaches of the 4th Amendment are themselves shrouded in secrecy. Proponents, such as Representative Lamar Smith, (CrunchGov Grade: F) argue that national security concerns are worth the trade-off.
Under the worst-case scenarios, how could spying from democratic governments actually hurt people in a way that would offset the increased risk of terrorism?
Self-Censorship
“Freedom to think as you will and to speak as you think are means indispensable to the discovery and spread of political truth,” wrote Supreme Court legend, Louis Brandeis. However, “surveillance inclines us to the mainstream and the boring,” writes Richards, who argues that the omnipresent threat of government monitoring makes our discussions risk-averse and devoid of important contentious dialog. Certainly in Soviet-era Russia, the very real threat of being hauled off to the icy gulags undercut democratic debate.
There is some evidence that users self-censor in the presence of a watchful eye. In one experimental study, monitored participants were less likely to engage is neutral topics or discuss issues that were incriminating or critical of their colleagues.
There is no equivalent study of government spying or its effect on mass dialog. Certainly there is no shortage of criticism on President Barack Obama’s Facebook page. But, perhaps the effect only applies to government officials with actual knowledge of government malfeasance. Without good evidence on the chilling effects, we’ll let readers decide whether self-censoring behavior extends to government employees.
Blackmail and Coercion
“Information collected surreptitiously can be used for other purposes, whether blackmail or the discrediting of opponents by revealing embarrassing secrets,” Richards writes. Under constant surveillance, governments invariably pick up unintended bits of incriminating evidence. For instance, Richards points to how FISA-surveillance led to the discovery of evidence that a terrorist suspect murdered his own daughter for dating the wrong boy. “Whether these discoveries are important, incidental, or irrelevant, all of them give
greater power to the watcher.”
Perhaps a more compelling example was how the Federal Food and Drug Administration spied on scientists who alleged that the agency was approving dangerous medical devices. According to ABC, only one of the scientists being monitored still works for the FDA. The others were either fired or their contracts were not renewed. Thus, overactive government spying could potentially be used to snuff out important critics.
Richards makes a valiant attempt, but one would think that the over-the-top rhetoric from the Electronic Frontier Foundation and The American Civil Liberties Union would be supported by some jaw-dropping evidence. Instead, it mostly appeals to those who are naturally afraid of the government, and willing to bet that the worst-case scenarios, even without much evidence, will come true.
Civil libertarians aren’t making an unreasonable bet that the government will overstep its authority, but they’re just as reasonable as the many congressmen who voted to authorize the bill for the sake of saving American lives.
[Image Credit: Flicker user aussiegall]
Original post: A Few Actual Harms To Be Concerned About From Today’s Government Spying Law