Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing

The Intercept: “Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio from meetings. With millions of people around the world working from home in order to slow the spread of the coronavirus, business is booming for Zoom, bringing more attention on the company and its privacy practices, including a policy, later updated, that seemed to give the company permission to mine messages and files shared during meetings for the purpose of ad targeting. Still, Zoom offers reliability, ease of use, and at least one very important security assurance: As long as you make sure everyone in a Zoom meeting connects using “computer audio” instead of calling in on a phone, the meeting is secured with end-to-end encryption, at least according to Zoom’s website, its security white paper, and the user interface within the app. But despite this misleading marketing, the service actually does not support end-to-end encryption for video and audio content, at least as the term is commonly understood. Instead it offers what is usually called transport encryption, explained further below…”

Commentary – Maybe we shouldn’t use Zoom after all

FBI warns Zoom, teleconference meetings vulnerable to hijacking: “…The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts..to prevent against unwanted participants… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues March 28, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues March 28, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

NIST Updates and Expands Its Flagship Catalog of Information System Safeguards

NIST: “After your organization forms a general plan for tackling its cybersecurity and privacy risk management issues, it needs particular state-of-the-art tools to make that plan a reality. Computer security and privacy experts at the National Institute of Standards and Technology (NIST) have the answer with an updated toolbox of safeguards for protecting an organization’s… Continue Reading

Pete Recommends Weekly highlights on cyber security issues March 8, 2020

Via LLRX – Pete Recommends Weekly highlights on cyber security issues March 8, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly… Continue Reading

Firefox enables network privacy feature for users in US

CNET – “Mozilla has begun enabling a Firefox privacy feature for everyone in the US that should make it harder for ISPs or others to track you online. The technology, called DNS over HTTPS — DOH for short — protects a crucial internet addressing technology with encryption. Testing has been underway for months, but on… Continue Reading

How Google Is Stopping Malicious Office Docs From Targeting Gmail Users

PC Magazine: “At the RSA security conference today, Google offered a rare look into the kinds of malicious attachments hackers will send to Gmail users. It turns out Microsoft Office documents secretly rigged to download malware are in vogue. In recent weeks, about 56 percent of the malicious attachments detected and blocked by Gmail’s filters… Continue Reading

Artificial intelligence What Think Tanks are thinking

European Parliamentary Research Service Blog: “Artificial intelligence (AI) is usually understood as the ability for a machine to display human-like capabilities such as reasoning, learning, planning and creativity. The ‘Holy Grail’ for many governments and companies seeking to benefit from the digital revolution, the first to invent and apply true AI could achieve an enormous… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues February 22, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues February 22, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

Oversight Subcommittee Seeks Information About Ring’s Agreements with Police, Local Governments

Washington, D.C. (Feb. 19, 2020)—”Today, Rep. Raja Krishnamoorthi, the Chairman of the Subcommittee on Economic and Consumer Policy, sent a letter to Amazon seeking information about its subsidiary Ring Inc.’s partnerships with city governments and local police departments, along with the company’s policies governing the data it collects. Ring sells internet-connected home surveillance equipment, such… Continue Reading

Carnegie Mellon built ‘opt-out’ system for nearby tracking devices

engadget: “It’s getting easier to control what your smart home devices share, but what about the connected devices beyond your home? Researchers at Carnegie Mellon’s CyLab think they can give you more control. They’ve developed an infrastructure and matching mobile app (for Android and iOS) that not only informs you about the data nearby Internet… Continue Reading