Tag: rights | Page 2

Another way to protect voting rights: Hack-proof our elections

March 8, 2022/in Internet Security

In his State of the Union address, President Joe Biden made a pitch once again for his failed voting reform bill, the “Freedom to Vote Act [1].” But there was a conspicuous lack of attention on what’s arguably the most serious issue pertaining to elections: Protection against foreign cybersecurity threats.

From the Colonial Pipeline ransomware attack [2] to the SolarWinds hack [3], we have seen time and again that malicious cyber interference is a clear and present danger to our economic security. Increasingly, it’s also a danger to our election security.

In recent years, leading computer scientists and network security experts have found real vulnerabilities [4] in election technology that could allow even lower-tier hackers to pose threats. As this technology ages, dozens of states [5] are now in dire need of new equipment and support for managing security issues. Public reports from the Director of National Intelligence [6] and other cybersecurity experts [7] suggest that threats could come from Russia, Iran, China or North Korea, as well as non-state actors with radical agendas.

But all is not lost.

There is growing agreement across the political spectrum on how to improve election security: voter-verified paper ballots that create permanent, physical records of votes; risk-limiting audits that use robust statistical analysis to ensure accurate counts and ample, consistent funding for state and local election administrators in order to carry out trustworthy elections for years to come. There is also support for even stronger protection from hackers and foreign interference through improved federal oversight of voting machine vendors and by keeping voting and tabulation infrastructure off the internet.

None of these reforms create any partisan advantages, only increased confidence in the security in our elections. Perhaps that is why we have seen repeated bipartisan support for many of these ideas, from the PAPER Act of 2017 [8] to the Secure Elections Act of 2018 [9] to the Election Security Act of 2019 [10]. But while lawmakers have passed some meaningful funding [11] support in recent years, further action is needed.

This is why I recently…

Source…

Pegasus hack reported on iPhones of Human Rights Watch official

January 27, 2022/in Computer Security

Human Rights Watch official Lama Fakih was at a meeting in Beirut, where she lives and works, when a strange message appeared on her iPhone on Nov. 24: “ALERT,” it said. “State-sponsored attackers may …

Source…

How digital loan providers breach data privacy, violate rights of Nigerians

December 10, 2021/in Computer Security

In July, Piye Garuba needed N10,000 for an important task. So when he saw 9Credit, an online platform, offering short-term loans, he grabbed the offer.

The 31-year-old Abuja-based lawyer was elated when the approval of his loan request arrived shortly after filling, on the app, the Know Your Customer (KYC) form with necessary details such as his Bank Verification Number (BVN).

Little did Mr Piye know that it was the beginning of a relationship that would turn sour.

After repaying the initial N10,000 with an additional 20 per cent, being the interest for seven days, Mr Garba turned to 9credit for another loan. He repeated the cycle until the eleventh time when he defaulted.

“When I defaulted, that was sometimes at the end of August, I began to receive multiple text messages from different sources saying they are Recovery Agents from 9Credit. The agents kept sending threatening messages to all my contact lists including my wife, colleagues, mother-in-law and uncles,” said Mr Garba.

“The harassment went further with several threats and curses. Also, using all manners of offensive adjectives like “Chronic and Unremorseful Debtor” some of the text messages stated that I had been declared ‘wanted.”

Mr Garuba said despite the insults and embarrassment to him and members of his family, he was not bitter because he understood that he had breached an agreement by not paying up when due.

A Defamatory text message sent to Mr Garuba's wife from 9Credit — A Defamatory text message sent to Mr Garuba’s wife from 9Credit

“It was my fault because I defaulted and it was for a reason because I was going through a tough time. And not that I wasn’t going to pay, or that I had ulterior motives to run away with their money.”

The legal practitioner eventually sometime early in September made attempts to repay the loan on the app but was unsuccessful. He then decided to make a direct bank transfer to the money-lending platform’s bank account.

Screenshot of another threatening message sent to Mr. Garuba

“I began to experience trouble with the app so I wasn’t able to pay up at the initial time. After trying several times without success, and whereas there was this particular agent who had been calling me for…

Source…

New partnership formed to protect human rights organisations from cyber-attacks

November 28, 2021/in Computer Security

UNSW and Neutrality partner to develop secure computer operating systems that will protect critical humanitarian infrastructure.

UNSW Sydney has signed a research agreement with Swiss technology company Neutrality to develop cyber network safeguards for organisations whose integrity and trust is essential in protecting people.

For human rights organisations operating in conflict zones, communication and computer systems security is crucial.

“This project aims at protecting communications of humanitarian and other non-government organisations from cyber-attacks, which often result in loss of lives,” said UNSW Trustworthy Systems leader and John Lions Chair, Scientia Professor Gernot Heiser.

“UNSW’s Trustworthy Systems group will work with Neutrality in the development of such secure communication, leveraging the mathematically proved security enforcement provided by our seL4 microkernel technology.”

The pioneering seL4 technology provides bullet-proof isolation between running computer programs, thus stopping an affected component from compromising others.

“We will utilise seL4 to isolate operating system services from each other, thus limiting the damage a compromised service can cause,” said Prof. Heiser.

“Specifically, the Trustworthy Systems team will provide the ‘virtual-machine monitor’ layer that enables running mutually-isolated Linux services on seL4.”

The need for this technology was highlighted by the ongoing conflict in Syria, which has seen hospitals attacked numerous times over the past decade – some facilitated by cyber-attacks.

Neutrality Co-CEO and Chief Technology Officer Stevens Le Blond said the organisation was looking forward to collaborating with UNSW to leverage their computer security technological know-how.

“Neutrality tackles highly technical challenges in partnership with strategic academic groups, including UNSW who, through centuries of combined research experience, have laid the foundations for our products,” said Le Blond.

“As the inventor of seL4, the first formally-verified microkernel, the Trustworthy Systems team at UNSW is one of the most impactful academic groups in systems security in the world and a key partner of…

Source…

Tag Archive for: rights