NPR: https://www.npr.org/2022/12/20/1144519602/congress-is-about-to-ban-tiktok-from-u-s-government-phones
Tech

The leader of the National Security Agency is worried that TikTok could be involved in Chinese influence operations

admin

TikTok, ByteDance, and Vice Society: How to Keep Your Personal Information Safe in the Context of the Russian War on Nuclear Forces

TikTok has long denied that its handling of user data is cause for concern, alleging that US user data is not stored in China and that information isn’t shared with the Chinese government. The company promised to “meaningfully address any security concerns that have been raised at both the federal and state level” in a statement last week following Congress’s passing of the spending bill.

After learning that employees of ByteDance have accessed data of US users over the last few years, there is now a growing movement to ban the app.

Ukrainian forces have proven to be resilient despite the war being waged against them by Russia. But as the conflict evolves, it is entering an ominous phase of drone warfare. Russia has begun launching a series of recent attacks using Iranian “suicide drones” to inflict damage that is difficult to defend against. NATO is closely watching for any signs of movement by Russia, and as a consequence we are examining what indicators the world has of Russia being prepared to use nuclear weapons.

Researchers have raised the alarm that Microsoft’s Exchange server isn’t getting the development resources it needs anymore and customers should consider moving to cloud email hosting. New research shows howWikipedia’s owners ferret out state-sponsored propaganda in its entries.

If you’re worried about the ongoing threat of ransomware attacks around the world, researchers pointed out this week that middle-of-the-pack groups like the notorious gang Vice Society are maximizing profits and minimizing their exposure by investing very little in technical innovation. Instead, they simply run the most sparse and unremarkable operations they can to target under-funded sectors like health care and education. We have a guide to setting up passKeys on both mobile and web browsers to help you keep your personal information safe.

A Roundup on Cloud Misconfigurations and Security Risks for the Across-Continuum and Intra-Security Community

But wait, there’s more! Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

Microsoft said this week that a misconfiguration exposed the data of some prospective customers of its cloud services. The company quickly closed the exposure after researchers from the threat intelligence firm SOCRadar disclosed the leak to Microsoft. The exposed information went back as far as the year’s first quarter of the year, according to the report. The researchers linked the data to more than 65,000 organizations from 111 countries. The exposed details included names, company names, phone numbers, email addresses, email content, and files sent between potential customers and Microsoft or one of its authorized partners. Cloud misconfigurations are a longstanding security risk that have led to countless exposures and, sometimes, breaches.

Source: https://www.wired.com/story/tiktok-bytedance-americans-data-security-roundup/

Why is the Internet of Things so Secure? The U.S. approach to protecting the Internet from attacks on China and Iran during the Trump era

There are no easy solutions to improve security inDumpster fire caused by undefended internet of things devices in businesses and homes around the world After years of problems, Singapore and Germany found that adding security labels to internet-linked video cameras, printers, and other objects made them safer. The labels give consumers a better understanding of the protections built into different devices—and give manufacturers an incentive to improve their practices and get a gold seal. This week, the United States took a step in this direction. The White House wants to make sure the Internet of Things is labeled with the kind of EnergyStar for security. The administration held a summit with industry organizations and companies this week to discuss standards and guidelines for the labels. A labeling program for such devices would provide American consumers with the peace of mind that the technology being brought into their homes is safe, and incentivize manufacturers to meet higher cybersecurity standards, according to a National Security Council spokesman.

Sources told The Washington Post this week that sensitive information related to Iran‘s nuclear program and the United States’ own intelligence operations in China were included in documents seized by the FBI this summer at former President Trump‘s Mar-a-Lago estate in Florida. Unauthorized disclosures of specific information in the documents poses a number of risks. People aiding US intelligence efforts could be endangered, and collection methods could be compromised,” the Post wrote. The information could also motivate other countries to retaliate against us.

An American candidate defeated a Russian challenger to win the election to run the International Telecommunications Union, an important international standards body used for cross-border communications. We took a look at how vulnerable the internet infrastructure is in the world.

A culture of community surveillement is a hallmark of authoritarian states in which neighbors and friends are encouraged to report possible wrongdoing, as seen by the evidence that the new legal climate for abortion access is promoting. And surveillance is on the rise in soccer stadiums around the world as well. The eight stadiums in use during the 2022 World Cup in Qatar, for example, will be packed with more than 15,000 cameras to monitor spectators and to conduct biometric scanning.

The UK Foreign Minister Liz Thompson is Having a Hard Time: An Update on the Roust P2P Roundup and the Security of Ukraine

The more secure, “memory safe” programming language Rust is making inroads across the tech industry, offering hope that a massive swath of common vulnerabilities could eventually be preempted and eliminated. In the meantime, we’ve got a roundup of the most important vulnerabilities that you can—and should!—patch right now.

Liz is having a hard time. According to a Mail on Sunday report, agents working for Russia hack into her cell phone while she was the UK’s foreign minister. The Russian operatives were able to intercept messages about Ukraine after the breach. According to the Mail, Boris Johnson and Simon Case suppressed the breach. While the breach remains unconfirmed, Labor Party officials are calling for an “urgent investigation” into their Conservative opponents. “There are immensely important national security issues raised by an attack like this by a hostile state which will have been taken extremely seriously by our intelligence and security agencies,” Labor Party shadow home secretary Yvette Cooper said last weekend. There are several serious security questions around why and how this information was released and should be immediately investigated.

Source: https://www.wired.com/story/tiktok-eu-privacy-policy-security-roundup/

Comments on the Jack Dorsey Cash App, an $E_T$-funded company that allegedly exploits sex traffickers, and implications for TikTok

This week, another corporate creation by Jack Dorsey is under fire. The Cash App is being used to fuel sex traffickers, according to a Forbes investigation. The investigation found rampant use of the Cash App for sex crime and other crimes based on police records, and claims by former Cash App employees. The company, which is owned by Block Inc., claims that it doesn’t tolerate illegal activity on the Cash App and has staff dedicated to working with law enforcement. The National Center for missing and Exploited Children says Block hasn’t given them any tips about potential child abuse, even if they do offer tips from other payment platforms.

The US Treasury Department stated this week that the amount of money handled by US financial institutions is going up 200 percent. The report landed amid an international White House summit aiming to combat the rise of ransomware, a type of malware that allows attackers to encrypt a target’s files and hold them for ransom until the victim pays. Himamauli Das, acting director of the Treasury Department’s Financial Crimes Enforcement Network, said in a statement that “ransomware—including attacks perpetrated by Russian-linked actors—remain a serious threat to our national and economic security. With $1.2 billion in payments already painful, the number doesn’t take into account the consequences of a cyberattack outside of the payment itself.

The app used by millions of Americans would be banned under a bill proposed by Marco Rubio and two bipartisan members of the House.

The proposed legislation would “block and prohibit all transactions” in the United States by social media companies with at least one million monthly users that are based in, or under the “substantial influence” of, countries that are considered foreign adversaries, including China, Russia, Iran, North Korea, Cuba and Venezuela.

The Senate is considering banning TikTok on federal devices as part of its end-of- year spending bill, and 16 GOP governors have recently made that step at the state level.

One reason the discussions have lagged is a split in the White House. Some senior national security officials are pushing for an agreement that forces TikTok to fully separate from its Beijing parent company ByteDance. Others say that the new safeguards put in place by TikTok are enough to improve concerns about Chinese influence.

“The agreement under review by CFIUS will meaningfully address any security concerns that have been raised at both the federal and state level,” Oberwetter said. “These plans have been developed under the supervision of our country’s top national security agencies, which is why they are well underway in implementing and we will continue to brief lawmakers on them.”

The Emerging Media Landscape: Why TikTok is Popular in the United States and What it Tells Us About the U.S. Ukraine’s Cold War

A version of this article first appeared in the “Reliable Sources” newsletter. Sign up for the daily digest chronicling the evolving media landscape here.

Many of the lawmakers’ concerns have to do with location tracking services within the app, which they fear could be used for espionage. It’s standard for location tracking to be a feature in social media apps.

The Senate-passed bill would provide exceptions for “law enforcement activities, national security interests and activities, and security researchers.”

In 2021, TikTok stated it had one billion monthly users. In the U.S., two-thirds of all teens say they use it, according to the Pew Research Center.

A group of 30 prominent TikTok creators were invited to a teleconference by the White House two weeks after Russia invaded Ukraine. The creators of the social media platform were briefed on the latest news from the conflict by Jen Psaki, the White House press secretary and the National Security Council staff. The meeting followed a similar effort the previous summer, in which the White House recruited dozens of TikTokers to help encourage young people to get vaccinated against Covid.

China-based businesses have to give access to the authoritarian regime if information is ever desired, according to national security experts.

Inappropriate TikTok: a Social Media Platform That Protects the U.S. from China’s Government, and a Reply to the House Intelligence Committee

Most drastic measures have not advanced since the efforts lacked political will or courts stopped them, and the ban on federal government devices is anIncremental restriction.

“I think that there is some concern about TikTok and I think the main difference between TikTok and other platforms is that it is driven by users,” said a professor of computer science at the University of California San Diego, who went on to say that the main difference between Tik

According to testimony given to the House committee on Tuesday night, byteDance is not an agent of China or any other country.

“I don’t believe that social media companies should be getting all the data about users, just because they know more about them on an individual level,” he said.

The Committee on Foreign Investment in the United States (CFIUS) began examining TikTok during the Trump administration, but the investigation is still going on.

Another possible resolution is that the committee is satisfied with the steps TikTok has taken to ensure there is a firewall between U.S. user data and ByteDance employees in Beijing and the Chinese government.

It is not possible to see the deliberations that happen behind closed doors. It is not clear when the committee will finish its work or which way it will go.

Canada announced it would also be banning the app on government devices beginning as soon as Tuesday, and the European Commission last week issued its own prohibition on the app on official devices, citing cybersecurity concerns.

China has a national intelligence law that requires Chinese companies to give customer information related to national security. TikTok collects astonishing amounts of user information, more than some other popular social media apps. There is no indication that ByteDance gave this information to the Chinese government. Yet in an episode that revealed the possibility of future government interference, ByteDance itself admitted in December that it had fired some China and U.S.-based employees for wrongfully snooping on American’s private information, including that of journalists, collected through TikTok.

“Can you design a service such as TikTok that is owned by a Chinese government in a way that completely protects it from the demands of China’s government?” I’m not sure if anything we saw on site this week really spoke to that.

It makes sense for the US soldiers to not use the app because it could put their location information in the wrong hands. That is also true of the weather app as well, and lots of other apps, whether they are owned by China or not.

If a ban of TikTok were enacted, national security concerns about the app would be solved. But such a ban might ultimately put our national security at greater risk. Our nation is not addressing concerns over the huge amount of personal data collected in our digital lives due to the fact that it could be used by foreign adversaries.

TikTok is a threat that everyone is talking about because of how it could enable the Chinese Communist Party to spy in the US or facilitate the spread of malign influence. Before TikTok, however, it was Huawei and ZTE, which threatened our nation’s telecommunications networks,” Warner said in a statement Tuesday. We aren’t playing ” Whac-A-Mole” and scrambling to catch up once they’re already ubiquitous, so we need a comprehensive, risk-based approach that tackles potentially dangerous technology before they gain a foothold.

“It’s always easy – and this happens across the world – to say that a foreign government is a threat, and ‘I’m protecting you from that foreign government,’ he says. “I think that we should be careful about how politicized that can be in order to achieve political ends, since it can be far beyond the actual threat.”

Tech giants and the threat of competition from China: How big are we? What do tech giants want to tell us about Silicon Valley, Silicon Valley and Silicon Valley?

Even if TikTok were banned, it wouldn’t gain much political traction, and neither would banning a communication platform, as both Calo and Chander argue. Calo thinks the conversation could push the policy in a positive direction.

He believes that the United States should be talking about the consequences of having so much commercial snooping in the country. “And we should do something to address it, but not in this ad hoc posturing way, but by passing comprehensive privacy rules or laws, which is something that, for example, the Federal Trade Commission seems very interested in doing.”

Some CEOs of tech giants have made arguments regarding the threat of competition from China while in Capitol Hill. They relied on trade associations and advertising campaigns to make their case against some of the biggest legislative threats to their business.

The stark difference between the two illustrates how simple narratives, well-funded lobbying and genuinely thorny policy questions can make or break a bill. A few Big Tech companies are able to maintain their dominance in the US because of how many US households rely on them.

US officials have expressed concerns that China could use its laws to push TikTok and ByteDance to give user data to the Chinese government.

“We think a lot of the concerns are maybe overblown,” Beckerman told CNN’s Jake Tapper on Tuesday, “but we do think these problems can be solved” through the ongoing government negotiations.

The Rise and Fall of the Tech Industry: Transparency and Cross-Coupling in 2019 ByteDance, Google, Amazon, and Meta

In 2019, ByteDance had 17 lobbyists and spent $270,000 on lobbying, according to public records gathered by the transparency group OpenSecrets. The company spent more than five million dollars on lobbying last year, and its lobbyist count doubled.

Last year, Meta spent up to $20 million on internet industry lobbying. Next was Amazon at $19 million, then Google at almost $10 million. Combined, that’s roughly $49 million in lobbying — almost 10 times what was spent by TikTok’s parent, which nevertheless clocked in at number four on the list.

The American innovation and Choice Online Act is a piece of legislation that would prevent Amazon from being able to compete with third-party sellers on its own marketplace. Many of the biggest tech companies are effectively monopolies according to a House antitrust investigation that concluded in 2020.

For a brief moment this month, lawmakers seemed poised to pass a bill that could force Meta, Google and other platforms to pay news organizations a larger share of ad revenues. But the legislation stumbled after Meta warned it could have to drop news content from its platforms altogether if the bill passed.

Time and again, Silicon Valley’s biggest players have maneuvered expertly in Washington, defending their turf from lawmakers keen to knock them down a peg.

By contrast, decisions about the rules government might impose on tech platforms have called into question how those regulations may affect different parts of the economy, from small businesses to individual users to the future of the internet itself.

In some cases, as with proposals to revise the tech industry’s decades-old content moderation liability shield, Section 230 of the Communications Decency Act, legislation may raise First Amendment issues as well as partisan divisions. Section 230 allows social media companies to leave some hate speech and offensive content out, which Democrats have argued should be changed, while Republicans believe it should be changed to make it easier to get platforms to remove less objectionable content.

The technical challenges of regulating an entire sector of technology are combined with cross-cutting politics to make it harder for legislators to reach an accord.

Why Apple should stop using TikTok, or why you can’t use it on work phones? An analysis of Apple CEO Zi Chew’s recent White House press conference

“It’s really important to establishing a Republican brand. “Republicans now stand up to China, and that’s a central principle of what they are all about,” says Kousser, professor of political science at U.C. San Diego.

The Biden administration has intensified pressure on TikTok, the most-downloaded app in the world in 2022, as Zi Chew’s much- anticipated appearance in Washington comes.

According to a recent report, the chair of the Senate Intelligence Committee is planning on introducing a bill to prohibit a broader category of apps that pose security risks.

The app, owned by Bytedance, Inc., was under fire when the former president signed an executive order to ban the app, but ByteDance sued and it never went through.

The guidance penned by Shalanda Young, the director of the Office of Management and Budget, said that all executive agencies and those they contract with must remove applications from Tik Tok or ByteDance within 30 days of the notice. Within 90 days, agencies must include in contracts that short-form video can’t be used on devices, and must cancel contracts that necessitate the app’s use.

At last year’s New York Times DealBook summit, the CEO of TikTok spoke candidly about the company’s plan to move all data from Virginia and Singapore to the US.

“I suspect that as government takes the significant step of telling all federal employees that they can no longer use TikTok on their work phones many Canadians from business to private individuals will reflect on the security of their own data and perhaps make choices,” Trudeau said.

Unlike Google, Apple has a lot to lose regarding its relationship with both the US and China. Much of Cook’s success at Apple can be attributed to his ability to maintain working relationships with the Chinese government and manufacturers.

Trump’s High-Relevance Impact of the India’s TikTok Blockade and the Indian-Embedded Censored Planet

Some people think Washington will take action. Mira Ricardel is a former vice president of national security at the White House and now works for the Chertoff Group. “There is a unanimity of view that will lead to doing something.” Here is what that something may look like.

The India’s TikTok blockade is not easy to break. A few small ISPs permit access, according to NetBlocks. And Ram Sundara Raman, lead developer for the University of Michigan’s Censored Planet project, says he was able to watch videos during a visit to India using the app he had downloaded in the US. The ban caused many Indian users to turn to rival services, including from Google and Facebook, which caused turmoil for people who built businesses on TikTok.

Trump’s order would have immediately prohibited app stores from distributing TikTok, and nearly two months later would have barred cloud providers and internet infrastructure services from doing business with the company. The companies or people could have faced prison sentences if caught dodging the order. “We wanted to start at the root, where it comes into the US, and extract it that way,” says Ivan Kanapathy, who was China director for Trump’s National Security Council and is now vice president at policy consultancy Beacon Global Strategies.

The company recently launched a full-fledged charm offensive that has included rapid-fire meetings in Washington with TikTok CEO Shou Zi Chew, new transparency tools on the app and a first-ever tour to members of the media of its corporate campus in the Los Angeles area.

Adam Segal, a Chinese technology policy expert at the Council on Foreign Relations said there was a lot of performative action going on. “It’s a desire to show toughness on China,” he said.

It’s easy to take out social media in the US right now because of its affect on children, U.S. democracy, and Chinese owned TikTok.

Now, all U.S. user traffic is routed through Oracle’s servers, according to TikTok officials, who also spelled out how Oracle engineers will be able to inspect all of TikTok’s source code, including the powerful algorithm that determines how videos go viral. In case that misses anything, a third party monitor will inspect TikTok’s data.

USDS is expected to hire 2,500 people who have undergone high-level background checks similar to those used by the U.S. government, TikTok officials said on Tuesday. None of those hires would be Chinese.

Still, aggregate data, like what kind of content is trending on the app or in what regions certain kind of videos are popular, can be analyzed by corporate employees in Beijing who would need to be granted special permission from the U.S. data security team.

The Security Plan for TikTok and its Proposals for Future Locations of the Project at the Tevatron, China, and Washington, Dublin and Singapore

Jim Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that there’s no guarantee that the plan will be approved, but that it addresses many of the security concerns officials have.

Lewis said that the plan would work. “This kind of thing is easy to do.” TikTok has become so emotional, however, that a reasonable solution may not be enough.”

The company has previously said that it welcomes “the opportunity to set the record straight about TikTok, ByteDance, and the commitments we are making.”

Segal agreed that the deal will address the data security concerns by allowing inspections of its software and transferring US user data to Oracle.

The New York Times and Wall Street Journal have published details about Project Texas but Tuesday’s gathering marked the first time the company gave an official presentation on the plan.

TikTok is planning on opening these centers in Washington, Dublin and Singapore and provide tours to journalists, lawmakers and civil society groups in order to give a glimpse at how the secretive app operates.

Then there was a game of sorts that put people in the position of a TikTok content moderator, where they decided if a video violated TikTok’s rules or not.

The facilities will also feature server rooms where visitors who sign non-disclosure agreements can review TikTok’s entire source code, though journalists are not given an opportunity to do this.

Tech journalist Casey Newton: We Don’t Wanna Have a Smartphone? A Sen. Rubio, a South Dakota senator, warns that an app on the phone might be used to weaponize political debate

Tech journalist Casey Newton of the newsletter Platformer said the content moderation game brought home just how tricky it is for the thousands of people who have to make trade-offs every day on an endless flood of videos, but it was largely beside the point.

By giving the full Committee details of our comprehensive plans, Congress can take a deliberative approach to the issues at hand, said the TikTok spokesman.

If you fly a balloon over your airspace and people see it, what makes you not weaponize data? Senate Intelligence Committee Vice Chair Marco Rubio, a Republican from Florida, says an app on the phone of 60 million Americans could be used to influence political debate in this country.

“There’s no question about the fact that they are trying to gather as much data as they can about all aspects of our country, and even the most minuscule, small items can add up to providing them with more data,” says Republican senator Mike Rounds of South Dakota. “There’s a huge amount of data out there, which will never be touched, never be used, but it’s the small pieces that add up. They are doing their job. They are patient. They see us as a threat and are collecting data.

Michael Bennet, a Democrat from Colorado, told congressional reporters after having Chew in his office that none of the suggested efforts were relevant to his concerns.

On the social and financial security of video sharing apps: The case for a public investigation of Russian interference in U.S. elections and an assessment of its role in spying

TORONTO — Canada announced Monday it is banning TikTok from all government-issued mobile devices, reflecting widening worries from Western officials over the Chinese-owned video sharing app.

Last week, Canada’s federal privacy watchdog and its provincial counterparts in British Columbia, Alberta and Quebec said that they would be investigating whether the app complies with Canadian privacy legislation.

Recent media reports raising concerns about Chinese interference in Canadian elections prompted opposition parties to call for a public inquiry into foreign election interference.

Gen. Paul Nakasone testified before the Senate armed Services Committee that it is possible to turn off the message when you have a large audience.

Our status has been discussed in public in a way that ignores the facts of our agreement and what we have achieved already. We will continue to do our part to deliver a comprehensive national security plan for the American people,” Brooke Oberwetter from TikTok said in statement.

A bipartisan Senate bill is expected to be introduced on Tuesday and would give the Commerce Department the authority to make measures to meet the risk of foreign linked technologies.

Like the US government push to ban hardware and other gear made by Huawei, another Chinese technology giant, US officials are often short on specifics when asked to show public proof of collusion between the Chinese government and ByteDance.

In December, the head of the US National Security Agency said people are always looking for a “smoking gun” in new technologies. “I characterize it much more as a loaded gun.”

The TikTok Project: a Large-Scale Survey of U.S. Technology and China’s Technicolor

We also learn that TikTok has 7,000 American employees, which is less than the 10,000 or more that TikTok aimed for in 2020 but a big leap over the 1,400 US headcount that year.

Republican McCaul had called TikTok a “spy balloon in your phone” and fellow congressman Gallagher had called it “digital Fentanyl”.

Tensions between the U.S. and China have been on the rise in recent years, as federal officials worry about China’s growing technological prowess. China is also conducting military shows in the Taiwan Strait and the South China Sea while the US watches.

In,
Previous post The FDA gave the second safety nod to cultivated meat
Next post Taiwan is worried about losing itssilicon shield

More Stories

How to watch the launch of a plane

admin

Boeing is set to launch its Starliner space capsule into orbit on Monday carrying human pilots for the first time. The test flight will come nearly 10 years after NASA awarded Boeing a more than $4 billion contract as part of their effort to pay private companies to help ferry astronauts to and from the International Space Station.

Read Microsoft’s memo on security first

admin

Microsoft has outlined a set of security principles and goals that are tied to compensation packages for its senior leadership team. Microsoft is adding Deputy Chief Information Security Officer to each product team and is moving its threat intelligence team to report directly to the CISO. Microsoft has implemented multifactor by default across over 1 million of its own tenants.

There are side effects of Covid vaccines

admin

Gregory Poland, the 68-year-old editor in chief of Vaccine, a scientific journal, has claimed that a loud whooshing sound in his ears accompanied his first COVID-19 vaccine shot. “Over three years have passed since a ringing in his ears, a racing heart, pain in his eyes, mouth and genitals was experienced by a New York City nurse practitioners,” Poland said.