Subject: US government under fire for promoting sales of spyware
Source: The Register
The US International Trade Administration (ITA) has admitted it promotes the sale of American-approved commercial spyware to foreign governments, and won’t answer questions about it, according to US Senator Ron Wyden (D-OR).Wyden, in a letter to US Commerce Secretary Gina Raimondo, has demanded answers about the surveillance and policing tech that ITA – a US government agency – pushes to other countries. And he wants the agency to name names when it comes to which companies’ spyware is being promoted with US tax dollars.
ITA is housed within the US Commerce Department and tasked with promoting American exports. Wyden chairs the Senate Finance Committee, which has responsibility for international trade policy, and he’s not happy.
The senator first requested info from ITA about promoting spyware abroad in May 2022. At that time, the agency confirmed it had promoted this type of technology, but it didn’t answer questions about which products it endorsed and in which markets.
This includes companies selling predictive policing systems; biometric surveillance technologies; high-altitude aerial surveillance systems; international mobile subscriber identity catchers and other cell-site simulators; software or hardware used to gain unauthorized access to a mobile phone, computer, computer service, or computer network; databases containing sensitive personal information; surveillance products that exploit vulnerabilities in SS7 and Diameter to remotely track phones, intercept text messages and calls, and deliver malware; bulk internet monitoring technology; social media monitoring software; gunshot detection systems; and data management systems that provide storage, integration, and analysis of data collected from surveillance technologies.
May 27 (UPI) — Twitter has withdrawn from the European Union’s online disinformation code of practice, a voluntary agreement that most major social media platforms pledged to abide, prompting a warning from the bloc against hiding from legal liability.European Commissioner Thierry Breton revealed that Twitter had abandoned the code in a statement posted on the social media platform Friday.
“Twitter leaves EU voluntary Code of Practice against disinformation. But obligations remain. You can run but you can’t hide,” Breton said.
“Beyond voluntary commitments, fighting disinformation will be legal obligation under [the Digital Services Act] as of August 25. Our teams will be ready for enforcement.”
The DSA, a separate law signed last year, was designed “to create a safer digital space in which the fundamental rights of all users of digital services are protected” which includes protections against the “spread of disinformation.”
https://tinyurl.com/2p86kyht[sharable link]Something to ponder …A lawyer representing a man who sued an airline relied on artificial intelligence to help prepare a court filing. It did not go well….
When Avianca asked a Manhattan federal judge to toss out the case, Mr. Mata’s lawyers vehemently objected, submitting a 10-page brief that cited more than half a dozen relevant court decisions. There was Martinez v. Delta Air Lines, Zicherman v. Korean Air Lines and, of course, Varghese v. China Southern Airlines, with its learned discussion of federal law and “the tolling effect of the automatic stay on a statute of limitations.”
There was just one hitch: No one — not the airline’s lawyers, not even the judge himself — could find the decisions or the quotations cited and summarized in the brief.
That was because ChatGPT had invented everything.
Source: Bleeping Computer
Since the TLD’s release, there has been quite a bit of debate over whether they are a mistake and could pose a cybersecurity risk to users.
While some experts believe the fears are overblown, the main concern is that some sites will automatically turn a string that ends with ‘.zip,’ like setup.zip, into a clickable link that could be used for malware delivery or phishing attacks.
For example, if you send someone instructions on downloading a file called setup.zip, Twitter will automatically turn setup.zip into a link, making people think they should click on it to download the file.
When you click on that link, your browser will attempt to open the https://setup.zip site, which could redirect you to another site, show an HTML page, or prompt you to download a file.
However, like all malware delivery or phishing campaigns, you must first convince a user to open a file, which can be challenging.
A file archiver in the browser