Digital Sovereignty & Cyber Security

LAST SUMMER, A sign appeared on the door to a stuffy, windowless room at the office of Manhattan artificial-intelligence startup Clarifai. “Chamber of secrets,” it read, according to three people who saw it.

The notice was a joking reference to how the small team working inside was not permitted to discuss its work with others at Clarifai. Former and current employees say the group was working on a controversial Pentagon project using machine-learning algorithms to interpret drone-surveillance imagery—and that Clarifai’s secrets were less safe than they should have been.

A lawsuit filed by former employee Amy Liu this month alleges that Clarifai’s computer systems were compromised by one or more people in Russia, potentially exposing technology used by the US military to an adversary. The lawsuit says Clarifai learned of the breach last November, but that Clarifai’s CEO and other executives did not promptly report it to the Pentagon.

In her complaint, Liu, a former Air Force captain who worked in military intelligence, says she was unfairly terminated from her position as director of marketing for arguing that the company needed to disclose the incident. Another former employee told WIRED that his concerns over executives’ handling of the hack prompted him to leave the company.

India will enlist the help of artificial intelligence to develop weapons, defense, and surveillance systems, government officials announced today.

“The world is moving towards an artificial intelligence-driven ecosystem,” Dr. Ajay Kumar, secretary at the defense ministry, said in a statement. “India is also taking necessary steps to prepare our defense forces for the war of the future.”

A 17-person task force is working on an AI roadmap for India’s armed forces, the Times of India reports. Within the next two years, the task force will recommend ways machine learning can be incorporated into the country’s aviation, naval, land, cybersecurity, nuclear, and biological resources, specifically as it relates to the areas of autonomous weapons systems and unmanned surveillance.

The elite group of stakeholders, which is headed by Tata Sons chairman Natarajan Chandrasekaran and includes members of the Army, Navy Air Force, Atomic Energy Commission, and Finance Ministry, was established in February and is expected to submit its first report in the next three months.

“The task force will make recommendations on […] establishing tactical deterrence in the region and visualizing potential transformative weaponry, [and] developing intelligent, autonomous robotic systems, and bolstering cyber defence,” an official told The Times of India.

The push for AI-enhanced defense platforms is a top priority for India Prime Minister Narendra Modi, who said at the Defence Expo 2018 in Chennai, India in April that AI and robots would be “the most important determinants” of the readiness of future militaries. “India, with its leadership in [the] information technology domain, [will] strive to use this technology to its advantage,” he said.

The development follows hard on the heels of news that China is testing autonomous tanks, aircraft, reconnaissance robots, and supply convoys as part of a 1.11 trillion yuan ($173.5 billion) plan to modernize its armed forces.

Russia is also believed to be investing in AI-enabled defense. Its new T-14 Armata battle tank, part of its Universal Combat Platform, is said to have autonomous capabilities.

Amid the global AI arms race, prominent researchers are protesting the use of AI in the development of weapons.

Twitter is asking all of its more than 330 million monthly active users to consider changing their passwords “out of an abundance of caution” after discovering an internal bug.

Le terme le plus approprié est «data embassy».

Il exprime plus clairement de quoi on parle, puisqu’il s’agit d’un centre de données auquel on accorde les privilèges et immunités d’une ambassade classique. Autrement dit, la salle de serveurs qui hébergera des données de l’Estonie au Luxembourg bénéficiera des accords diplomatiques prévus par la convention de Vienne de 1961, de la même façon que les ambassades installées boulevard Royal.

La data embassy offre la possibilité à l’Estonie de protéger des données sensibles dans un pays ami. C’est un point important quand on se rappelle que l’Estonie a déjà été victime d’une cyber-attaque qui a paralysé ses sites gouvernementaux, des banques et des médias pendant deux semaines. La data embassy stockera donc au Luxembourg des informations gouvernementales dont le contenu est évidemment confidentiel.

Dès cet été, les hauts fonctionnaires français pourront utiliser une application de messagerie sans crainte d'intrusion. L'Agence nationale de la sécurité des systèmes d'information (Anssi) a en effet confirmé ce mardi que le gouvernement devrait disposer cet été de sa propre messagerie chiffrée, plus sécurisée que les applications privées actuelles.

« Ce n'est pas une messagerie secret-défense, c'est une messagerie qui se veut fonctionnelle comme Whatsapp ou Telegram », a expliqué Guillaume Poupard, le directeur général de l'Agence. L'application Whatsapp, propriété de Facebook, est basée aux Etats-Unis, tandis que Telegram, qui a été fondée par deux Russes, les frères Durov, est officiellement enregistrée aux îles Vierges britanniques.

La nouvelle messagerie du gouvernement a été développée par un informaticien de la Direction interministérielle du numérique et du système d'information et de communication de l'Etat (DINSIC) à partir d'un code « open source ». Elle est actuellement testée par une vingtaine de hauts responsables et hauts fonctionnaires.

Des serveurs en France

Le directeur interministériel du numérique Henri Verdier avait évoqué ce projet « avec l'idée qu'il n'y a pas de fatalité à ce que les autorités utilisent des messageries pour lesquelles l'Anssi n'arrête pas de répéter qu'il n'y a pas de confiance », a noté le directeur de l'Anssi.

Par exemple, « ce serait bien que les messages échangés par les membres du gouvernement passent par des serveurs hébergés par la Dinsic plutôt que par des serveurs je ne sais trop où ».

Ce projet de « messagerie sécurisée interne à l'Etat » avait déjà été évoqué  vendredi dernier sur France Inter , par le secrétaire d'Etat au Numérique, Mounir Mahjoubi. « Nous travaillons à une messagerie sécurisée publique qui ne sera pas dépendante d'offres privées », avait-il indiqué.

Selon la porte-parole du secrétaire d'Etat chargé du numérique, cette messagerie chiffrée pourra, à terme, être mise à la disposition de tous les citoyens français.

Grayshift has been shopping its iPhone cracking technology to police forces. The firm, which includes an ex-Apple security engineer on its staff, provided demonstrations to potential customers, according to one email.

“I attended your demo presentation recently held at the Montgomery County Police Headquarters and was pleased by your product’s potential,” an Assistant Commander from the Technical Investigations Section at the Maryland State Police wrote in an email to Grayshift in March.

The GrayKey itself is a small, 4x4 inches box with two lightning cables for connecting iPhones, according to photographs published by cybersecurity firm Malwarebytes. The device comes in two versions: a $15,000 one which requires online connectivity and allows 300 unlocks (or $50 per phone), and and an offline, $30,000 version which can crack as many iPhones as the customer wants. Marketing material seen by Forbes says GrayKey can unlock devices running iterations of Apple’s latest mobile operating system iOS 11, including on the iPhone X, Apple’s most recent phone.

The issue GrayKey overcomes is that iPhones encrypt user data by default. Those in physical possession normally cannot access the phone’s data, such as contact list, saved messages, or photos, without first unlocking the phone with a passcode or fingerprint. Malwarebytes’ post says GrayKey can unlock an iPhone in around two hours, or three days or longer for 6 digit passcodes.

And police forces are ready to use GrayKey. David R. Bursten, chief public information officer from the Indiana State Police, wrote in an email to Motherboard that the force had only recently obtained the GrayKey device, but that “this investigative tool will be used, when legally authorized to do so, in any investigation where it may help advance an investigation to identify criminal actors with the goal of making arrests and presenting prosecutable cases to the proper prosecuting authority.”

Greg Shipley, Maryland State Police spokesperson, told Motherboard “the connection of electronic devices to a wide range of crimes continues to increase, so the need to obtain investigative information from these devices during a criminal investigation continues to grow.” Last week Maryland State Police told Motherboard that the force is in the early stage of procuring GrayKey; one of the documents obtained includes a price quote from GrayKey dated March 22.

Multiple employees of Grayshift did not respond to requests for comment

Russian military spies hacked several hundred computers used by authorities at the 2018 Winter Olympic Games in South Korea, according to U.S. intelligence.

They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a “false-flag” operation, said two U.S. officials who spoke on the condition of anonymity to discuss a sensitive matter.

Officials in PyeongChang acknowledged that the Games were hit by a cyberattack during the Feb. 9 Opening Ceremonies but had refused to confirm whether Russia was responsible. That evening there were disruptions to the Internet, broadcast systems and the Olympics website. Many attendees were unable to print their tickets for the ceremony, resulting in empty seats.

Analysts surmise the disruption was retaliation against the International Olympic Committee for banning the Russian team from the Winter Games due to doping violations. No officials from Russia’s Olympic federation were allowed to attend, and while some athletes were permitted to compete under the designation “Olympic Athletes from Russia,” they were unable to display the Russian flag on their uniforms and, if they won medals, their country’s anthem was not played.

As of early February, the Russian military agency GRU had access to as many as 300 Olympic-related computers, according to an intelligence report this month.

The Office of the Director of National Intelligence declined to comment.

The Opening Ceremonies were disrupted. Some are concerned the Closing Ceremonies might be targeted, too.

AI and facial recognition technology are being used to turn China into a "total surveillance state." These sunglasses are just the latest example

China’s police have a new weapon in their surveillance arsenal: sunglasses with built-in facial recognition. According to reports from local media, the glasses are being tested at train stations in the “emerging megacity” of Zhengzhou, where they’ll be used to scan travelers during the upcoming Lunar New Year migration. This is a period of extremely busy holiday travel, often described as the largest human migration event on Earth, and police say the sunglasses have already been used to capture seven suspects wanted in major cases, as well as 26 individuals traveling under false identities.

The sunglasses are the latest component in China’s burgeoning tech-surveillance state. In recent years, the country has poured resources into various advanced tracking technologies, developing artificial intelligence to identify individuals and digitally tail them around cities. One estimate suggests the country will have more than 600 million CCTV cameras by 2020, with Chinese tech startups outfitting them with advanced features like gait recognition.

Apple's Face ID is supposed to be the most secure biometric security system ever put into a smartphone. The company claims a false-positive rate of just one in a million under normal circumstances.

A Vietnamese security firm claims to have bypassed the iPhone X’s Face ID system using a silicone mask, a 3-D printed frame, and 2-D images of the eyes and mouth. It’s not a simple process, but it does mean that the iPhone X is technically defeatable.

The system starts with a 3-D printed frame that copies the underlying topography of the subject’s face. Face ID’s biggest innovation is the 3-D image scan of the user’s face that it relies on, which sets it apart from other facial recognition systems that just use a color 2-D image. To the 3-D frame, researchers added a silicone layer to resemble skin, areas of “special processing” along the forehead, and 2-D images of the subject’s eyes and mouth.

In a video, the security firm shows the mask unlocking the iPhone X on its own, as well as when placed on a person’s face.

In practice, the mask doesn’t present a threat to casual users. Any hack using the system would require a huge amount of research and preparation, which isn’t feasible for most criminals.

But for police forces executing a particularly valuable search warrant, for example, it could be possible to secretly scan a suspect’s face, make a mask, and then catch him unawares. Users can quickly disable Face ID by pressing the lock button five times in a row, but it would hypothetically be possible to steal someone’s phone and use the mask to unlock it before Face ID could be locked out.

For some years now, there has been a tension between the world’s largest tech companies— Alphabet, Amazon.com, Facebook, Apple, Microsoft, Baidu, and Alibaba Group Holding—and the chip companies they rely on, especially Intel and Nvidia.

While the giants buy massive quantities of Intel’s (ticker: INTC) microprocessors, and Nvidia’s (NVDA) graphics chips, or GPUs, to power their data centers, they are also in an arms race to have the best artificial-intelligence-based machine-learning functions. Because of this, there was always the possibility the giants might decide to buy fewer off-the-shelf parts and make their own custom chips to get an edge on one another.

That prospect burst onto the scene again last week as Bloomberg reported that job listings at Facebook (FB), and remarks by unnamed sources, indicate that the social-networking giant is working on making its own chips.

The development, if true, is not surprising. Barron’s wrote 2½ years ago about how AI might push the giants to make their own parts (“Watch Out Intel, Here Comes Facebook,” Oct. 31, 2015). One of the chief sources in that article was none other than Facebook’s guru of machine learning, Yann LeCun.

Facebook declined to make LeCun available, but in that 2015 interview he outlined a dilemma Facebook confronts with machine learning that has probably not changed since then.

Facebook receives hundreds of millions of photographs from its users on a daily basis. Its computers must analyze, within a couple of seconds of a picture being uploaded, whether to show that picture to one of your friends, to block it for questionable content, and to tag the images with your friends’ names, using facial recognition—all examples of machine learning.

As LeCun explained, machine learning is breaking the current generation of chips. The amount of media continues to rise and down the road is more complex media. Imagine a future where people upload 3-D models of places they’ve been from their next-generation smartphones.

“The amount of infrastructure if we use the current type of CPU [central processing unit] is just going to be overwhelming,” he remarked.

LeCun said that Facebook is receptive to Intel or another vendor making its own neural-network processor, but he warned, “If they don’t, then we’ll have to go with an industry partner who will build hardware to specs, or we’ll build our own.”

LeCun and Facebook may have decided now is the time to go it alone. Intel’s plans to have its own AI chip have not yet borne fruit in terms of shipping parts. Nvidia is really the undisputed leader in AI chips. That brings with it a certain anxiety of relying on a single vendor.

Nvidia, moreover, increasingly views its software for programming its chips, called CUDA, as a kind of vast operating system that would span all of the machine learning in the world, an operating system akin to what Microsoft (MSFT) was in the old days of PCs. That sort of preeminence is doubtless disturbing to the giants, who want their AI to have a unique flavor and advantage.

But the main reason for custom chips is that Facebook and the others simply think they can do better. Chips for machine learning rely on algorithms and data, and the giants know both of those more intimately than the chip makers. They have the intellectual property that really matters.

LeCun and other scholars of machine learning know that if you were starting with a blank sheet of paper, an Nvidia GPU would not be the ideal chip to build. Because of the way machine-learning algorithms work, they are bumping up against limitations in the way a GPU is designed. GPUs can actually degrade the machine learning’s neural network, LeCun observed.

“The solution is a different architecture, one more specialized for neural networks,” said LeCun.

All that seemed mere speculation back in 2015, but it may now be a conclusion Facebook and others can’t avoid. Alphabet’s Google has already made its own chip—the TPU, as it’s called—for machine learning. Google and its brethren have the funds to pursue almost limitless experiments to see what they can make.

At the same time, AI chip start-ups such as Silicon Valley’s Cerebras Systems are pursuing radically new chip designs. Although Cerebras is in stealth mode, its work appears to rest on a completely different kind of math than what GPUs use—“sparse matrix” math—which may be better suited to machine learning.

The risks to Nvidia are minimal at present. The company can still sell tons of chips to every company that doesn’t have the deep pockets of Facebook or Google. The reality of machine learning and chip design, however, means a future in which Nvidia’s role is going to diminish. Advanced Micro Devices (AMD) is Nvidia’s closest competitor, and it has an opportunity as the challenger. Intel, Qualcomm (QCOM), and Broadcom (AVGO) also may prove to be contenders, but their ability to compete is probably less than the start-ups building the right designs from scratch.

As for mergers and acquisitions, except for the smallest companies, such as Cerebras, it’s unlikely Facebook wants to buy Nvidia or any large chip maker. They already know that at the end of the day, the most valuable intellectual property in AI is found in the algorithms chugging away in their own data centers. 

Google has long struggled with how best to get dozens of Android smartphone manufacturers—and hundreds of carriers—to regularly push out security-focused software updates. But when one German security firm looked under the hood of hundreds of Android phones, it found a troubling new wrinkle: Not only do many Android phone vendors fail to make patches available to their users, or delay their release for months; they sometimes also tell users their phone's firmware is fully up to date, even while they've secretly skipped patches.

On Friday at the Hack in the Box security conference in Amsterdam, researchers Karsten Nohl and Jakob Lell of the firm Security Research Labs plan to present the results of two years of reverse-engineering hundreds of Android phones' operating system code, painstakingly checking if each device actually contained the security patches indicated in its settings. They found what they call a "patch gap": In many cases, certain vendors' phones would tell users that they had all of Android's security patches up to a certain date, while in reality missing as many as a dozen patches from that period—leaving phones vulnerable to a broad collection of known hacking techniques.

"We find that there's a gap between patching claims and the actual patches installed on a device. It’s small for some devices and pretty significant for others," says Nohl, a well-known security researcher and SRL's founder. In the worst cases, Nohl says, Android phone manufacturers intentionally misrepresented when the device had last been patched. "Sometimes these guys just change the date without installing any patches. Probably for marketing reasons, they just set the patch level to almost an arbitrary date, whatever looks best."

The robotics company that was once owned by Google shows off a new trick — its robot dogs can now tackle door handles, and hold doors open while others go through.

During a keynote address on Nov. 8 at the 2017 CyberSat Summit, a Department of Homeland Security (DHS) official admitted that he and his team of experts remotely hacked into a Boeing 757.

This hack was not conducted in a laboratory, but on a 757 parked at the airport in Atlantic City, N.J. And the actual hack occurred over a year ago. We are only now hearing about it thanks to a keynote delivered by Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate.

“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” Hickey said in an article in Avionics Today. “[That] means I didn’t have anybody touching the airplane; I didn’t have an insider threat. I stood off using typical stuff that could get through security, and we were able to establish a presence on the systems of the aircraft.”

While the details of the hack are classified, Hickey admitted that his team of industry experts and academics pulled it off by accessing the 757’s “radio frequency communications.”

High-altitude spy drones could help China dominate “near space” – a region of the Earth’s atmosphere that is at the heart of a modern-day space race.

Near space, which begins at about 20km above sea level, has until now been regarded a “death zone” for drones – thin air at this altitude makes it hard to generate lift, while extremely low temperatures mean electronic components like batteries are prone to fail.

However, a new type of Chinese-developed drone that is undergoing testing appears to have overcome such difficulties, marking a significant step towards China’s ambitions of exploiting near space for purposes of military intelligence.

Near space has long been seen as a promising frontier for intelligence services, but has remained relatively untapped because it is too high for most aeroplanes to operate, and too low for satellites.

The goal of scientists is to develop a durable near space vehicle capable of observing large areas for weeks, months or even years on end. Drones, which would cost just a fraction of what a satellite with comparable abilities would cost, are seen as one of the best ways of reaching that goal.

Until now, the Northrop Grumman RQ-4 Global Hawk, limited to an altitude of about 19km, has been the highest flying drone in use.

But last month, a research facility in Inner Mongolia successfully tested an experimental drone at an altitude of 25km.

The test involved two experimental unmanned aerial vehicles being sent up on a high pressure balloon before being deployed at different altitudes. The second drone was deployed at an altitude of 9km.

Each of the drones, which are about the size of a bat, was launched using an electromagnetic pulse that accelerated them from zero to 100km/h within a space about the length of an arm.

“It shot out like a bullet,” said Yang Yanchu, lead scientist of the project with the Academy of Optoelectronics at the Chinese Academy of Sciences in Beijing.

The drones then glided towards their targets more than 100km away, adjusting course and altitude in flight without human intervention. On-board sensors beamed data back to a ground station.

The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.

“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef’s report said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.

Vanhoef emphasised that “the attack works against all modern protected wifi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

The vulnerability affects a number of operating systems and devices, the report said, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.

“If your device supports wifi, it is most likely affected,” Vanhoef wrote. “In general, any data or information that the victim transmits can be decrypted … Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”

Vanhoef gave the weakness the codename Krack, short for Key Reinstallation AttaCK.

Britain’s National Cyber Security Centre said in a statement it was examining the vulnerability. “Research has been published today into potential global weaknesses to wifi systems. The attacker would have to be physically close to the target and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping.

“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as wifi safety, device management and browser security.”

The United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.

“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will be affected”.