• Secure multiparty computation protecting privacy at the ballot box

    Shortly after the start of the new year, Americans around the nation will start returning to polling stations to vote in presidential primaries. How confident they feel in the voting process could depend on this thing called secure multiparty computation.

  • New computer attack mimics user's keystroke characteristics, evading detection

    Researchers have developed a new attack called “Malboard,” which evades several detection products that are intended to continuously verify the user’s identity based on personalized keystroke characteristics. 

  • The U.S. needs an industrial policy for cybersecurity

    Industrial policies are appropriate when market failures have led to the under-provision of a good or service. The cybersecurity industry’s growth has been held back for several reasons, including intractable labor shortages. Vinod K. Aggarwal and Andrew W. Reddie write in Defense One that both the United States and United Kingdom suffer from a documented shortage of skilled programmers and computer scientists working on cybersecurity issues, and the U.S. alone is projected to have a shortage of 1.2 million professionals by 2022, according to the Center for Strategic and International Studies. The market has also been hindered by so-called “information problems,” as firms are often not aware of their own vulnerabilities and avoid sharing information about data breaches given the reputation costs associated with disclosure. So what can the government do about it?

  • Many Americans say made-up news is a critical problem that needs to be fixed

    Many Americans say the creation and spread of made-up news and information is causing significant harm to the nation and needs to be stopped, according to a new Pew Research Center survey of 6,127 U.S. adults conducted between 19 February and 4 March 2019, on the Center’s American Trends Panel. Amy Mitchell, Jeffrey Gottfried, Sophia Fedeli, Galen Stocking and Mason Walker write for Pew Research Center that, indeed, more Americans view made-up news as a very big problem for the country than identify terrorism, illegal immigration, racism and sexism that way. Additionally, nearly seven-in-ten U.S. adults (68 percent) say made-up news and information greatly impacts Americans’ confidence in government institutions, and roughly half (54 percent) say it is having a major impact on our confidence in each other.

  • Hackers seek ransoms from Baltimore and communities across the U.S.

    The people of Baltimore are beginning their fifth week under an electronic siege that has prevented residents from obtaining building permits and business licenses – and even buying or selling homes. These types of attacks are becoming more frequent and gaining more media attention. Every user of technology must consider not only threats and vulnerabilities, but also operational processes, potential points of failure and how they use technology on a daily basis.

  • WhatsApp's loophole reveals role of private companies in cyber-surveillance

    Last month, WhatsApp’s latest security flaw was discovered, a flaw which allow governments to spy on dissidents, activists, and journalists. An Israeli cyber company is reportedly behind the loophole — and not for the first time.

  • Undeterred cyber adversaries require a more aggressive American response

    America is under attack. In this case, rather than bombs and bullets, undeterred adversaries are using the cyber domain. Every day, they launch thousands of cyberattacks against American individuals, companies, and government agencies—persistently and incrementally chipping away at our security. Bradley Bowman and Annie Fixler write in RealClear Defense that this relentless barrage may seem like an inevitable reality of 21st century life. However, given the stakes for American national security, simply shrugging and accepting the cyber status quo would be a dangerous mistake. The U.S. has established deterrence in other warfighting domains. Washington can—and must—do the same in the cyber domain.

  • A modest proposal for preventing election interference in 2020

    The years since the 2016 election have been a national trauma that the U.S. shouldn’t be eager to revisit. Yet almost no policy changes have been made as a result of what the country has learned from the Mueller investigation and related events. In this post, I’d like to start assembling a menu of possible reforms that address the lessons learned from what Lawfare sometimes calls L’Affaire Russe. Stewart Baker writes in Lawfare that this is a fraught exercise because the narratives about L’Affaire Russe have diverged so far between Trump supporters and Trump detractors that almost any proposal for change will implicitly contradict the narrative of one camp or the other. “So, to save time, here are my most salient biases in the matter: I’m generally comfortable with most of President Trump’s policy instincts; I’ve spent a lifetime working with intelligence and law enforcement professionals who do battle every day with very real enemies of the United States, Russia among them; and I believe in them and in making government work, which makes me uncomfortable with President Trump’s character and lack of policy-making fine-motor skills,” Baker writes. “With that mixed perspective, I am hopeful there may be room for at least some agreement on things we ought to do differently in future.”

  • Information operations in the digital age

    From the Cambridge Analytica scandal to the spread on social media of anti-Rohingya content in Myanmar and the interference with elections the world over, the past decade has seen democracies around the world become the target of a new kind of information operations.

  • ARCHANGEL: Securing national archives with AI and blockchain

    Researchers are using its state-of-the-art blockchain and artificial intelligence technologies to secure the digital government records of national archives across the globe – including the U.K., Australia, and the United States of America.

  • U.S. measles cases top record, putting measles elimination status at risk

    The U.S. Centers for Disease Control and Prevention (CDC) said Thursday that 971 cases of measles have been reported this year, topping the 1994 modern-record level, and it warned that the United States could lose its measles elimination status. Amid the growing measles crisis, the conspiracy-fueled anti-vaccination campaign of misinformation continues unabated on social media. DHS mulls a travel ban on measles-infected individuals.

  • Outsmarting deep fakes: AI-driven imaging system protects authenticity

    To thwart sophisticated methods of altering photos and video, researchers have demonstrated an experimental technique to authenticate images throughout the entire pipeline, from acquisition to delivery, using artificial intelligence (AI).

  • Facebook, Twitter shut down thousands of Iranian fake accounts

    Social media giant Facebook has announced that it removed dozens of accounts, pages, and groups linked to Iran for “coordinated inauthentic behavior.” The company also disabled several accounts on its sister-platform Instagram.

  • How Russia found a disinformation haven in America

    The Mueller Report definitively established that the Russians, both through the Main Intelligence Directorate (GRU) and the Internet Research Agency (IRA), undertook information operations campaigns. This has been reasonably clear for a long time. Rawi Abdelal Galit Goldstein write in the National Interest that framing the Russian disinformation campaign issue through the debate of whether Donald Trump could have won the presidency without Russian help, or whether the Trump campaign actively conspired with Russia, misses the point. “The goal of the information operations campaigns was not simply to elect Donald Trump president. Nor was it only to polarize American politics further. The point was, rather, to continue undermining America’s ability to agree on the true and not-true,” they write. And Russia’s strategy hinged on the fact that it is nearly impossible for people stuck in alternate realities with competing, incompatible truth claims to undertake civil discourse.

  • More than security: Passwords serve a personal purpose

    A study has shown that people build their passwords from personal information for a variety of reasons including to invoke important memories or achieve future goals. The study found around half of the respondents infused their passwords with autobiographical memories.