A draft manufacturing implementation of the Cybersecurity Framework, or Profile, has been developed by the National Institute of Standards and Technology (NIST) to establish a roadmap for reducing cybersecurity risk for manufacturers. The Profile focuses on how cybersecurity can support typical manufacturing business objectives and is aligned with industry best practices, including NIST Special Publication 800-82 Guide to Industrial Control System Security . The Manufacturing Profile can be used by organizations to express desired state, as well as assess current state. It provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to manufacturing systems. The Manufacturing Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines used by manufacturers.
Please send you questions and comments, including reviews of the Manufacturing Profile, to NIST at firstname.lastname@example.org
Public comment period: September 7 through November 4, 2016
So much of the discussion about the potential harms of surveillance and data collection are unfocused, and often when you’re in one of those conversations you end up with nothing more than a vague notion that that someday, maybe, bad things will happen. But destructive algorithms — “weapons of math destruction” — already exist and are already harming us.
... I designate “weapon of math destruction” as algorithms with three primary characteristics — they’re widespread, mysterious, and destructive. Widespread because I only care about algorithms that affect a lot of people and have important consequences for those people. So if the algorithm decides whether someone gets a job, or goes to jail for longer, or gets a loan, or votes, then it’s a big deal. ... I call WMDs mysterious because the algorithms I worry about are secret. They come from hidden formulas owned by private companies and organizations and are guarded as valuable “secret sauce.” That means the people targeted by their scoring systems are unaware of how their scores are computed, and they’re often even unaware that they are being scored in the first place.
"Canadians have until October 7, 2016 to provide their feedback to the Parliamentary Special Committee on Electoral Reform, which is studying the possibility of national online voting, along with having consultations about using electronic voting machines in national elections."
Please Canada, don't be stupid like the US.
According to the memorandum of understanding, the Navy is expected to obligate more than $500 million to the OASIS and OASIS Small Business contracts from February 2016 to December 2017. Navy officials said they will use the contracts for services related to program management, management consulting, logistics, engineering, and scientific and financial activities.
In the Washington Post, Jeff Heath tells the story of Humanyze, an employee analytics company that took technology developed at MIT and spun it into identification badges meant to hang off employees' necks via a lanyard. The badge has two microphones that do real-time voice analysis, with sensors that follow where you are and motion detectors that record how much you move while working.
A report in Bloomberg reveals the origins of the company. In 2014, 57 stock and bond traders "lent their bodies to science" by allowing MIT finance professor Andrew Lo to monitor their actions in a conference room. The study subjects were given a $3 million risk limit and told to make money in various markets. Lo discovered that the successful subjects were "emotional athletes. Their bodies swiftly respond to stressful situations and relax when calm returns, leaving them primed for the next challenge." Traders who encountered problems "were hounded by their mistakes and remained emotionally charged, as measured by their heart rate and other markers such as cortisol levels, even after the volatility subsided."
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large a large nation state.
A person can end up in one of these databases by doing nothing more than sitting on a public park bench or chatting with an officer on the street. Once there, these records can linger forever and be used by police agencies to track movements, habits, acquaintances and associations – even a person’s marital and job status, The Post and Courier found in an investigation of police practices around the nation.
... What began as a method for linking suspicious behavior to crime has morphed into a practice that threatens to turn local police departments into miniature versions of the National Security Agency. In the process, critics contend, police risk trampling constitutional rights, tarnishing innocent people and further eroding public trust.
The United States has largely avoided ISDS attacks because past treaties were with nations that did not have many investors here. But the TPP and a similar deal with European nations, called the Transatlantic Trade and Investment Partnership (TTIP), would change that. Under existing U.S. treaties, other countries have paid nearly $3 billion to corporations for toxics bans, water and timber policies, land-use rules regulatory permits, and more. Another $70 billion in claims are now pending against climate and energy laws, medicine pricing policies, pollution cleanup orders and other public interest policies.
... Nationwide, the TPP would roughly double U.S. exposure to ISDS attacks and a TTIP would quadruple the exposure, spelling an unprecedented increase in U.S. ISDS liability.
UberEats launched in London in June, promising “the food you want, from the London restaurants you love, delivered at Uber speed”. In a bid to recruit self-employed couriers to ferry food from restaurants to customers, UberEats initially offered to pay £20 an hour. But as customer demand increased, the company began to reduce pay. By August, the couriers were on a piece rate with a fiddly formula: £3.30 a delivery plus £1 a mile, minus a 25 per cent “Uber service fee”, plus a £5 “trip reward”. Then, one day, the couriers woke up to find the app had been updated again. The “trip reward” had been cut to £4 for weekday lunch and weekend dinner times, and to £3 for weekday dinner and weekend lunch times. Outside those periods, it had been cut altogether.
Banks know a tremendous amount of personal information about their customers — what better insight is there than how people spend their money? — but given the amount of trust that is assumed in a banking relationship, they have to be especially careful about showing their customers they know them without creeping them out.
... "There are a lot of things that we could do with the data. But we have a strong set of rules and governance around how we use it, and we don't ever cross that line. We've done customer research to identify where that line is, and believe me, there is a lot of space between how we can improve the relevance and timeliness of what we say to our customers and that line.
Difficult not to be queasy about all this.
Their popularity relies on the notion they are objective, but the algorithms that power the data economy are based on choices made by fallible human beings. And, while some of them were made with good intentions, the algorithms encode human prejudice, misunderstanding, and bias into automatic systems that increasingly manage our lives. Like gods, these mathematical models are opaque, their workings invisible to all but the highest priests in their domain: mathematicians and computer scientists. Their verdicts, even when wrong or harmful, are beyond dispute or appeal. And they tend to punish the poor and the oppressed in our society, while making the rich richer.
Just when Apple chief executive Tim Cook's week looked like it couldn't get any worse after fielding a monster tax bill from the European Union, it now appears the US tech giant is also on the hook for an interest bill estimated at $US5.4 billion ($7.2 billion).
... That's on top of the $US14.5 billion tax bill that the EU ordered Ireland to levy on Apple on Tuesday, taking the total hit to Apple's bottom line to $US19.9 billion ($26.4 billion).
Facebook’s ability to figure out the “people we might know” is sometimes eerie. Many a Facebook user has been creeped out when a one-time Tinder date or an ex-boss from 10 years ago suddenly pops up as a friend recommendation. How does the big blue giant know?
... While some of these incredibly accurate friend suggestions are amusing, others are alarming, such as this story from Lisa*, a psychiatrist who is an infrequent Facebook user, mostly signing in to RSVP for events. Last summer, she noticed that the social network had started recommending her patients as friends—and she had no idea why. ... “I haven’t shared my email or phone contacts with Facebook,” she told me over the phone.
What could possibly go wrong?
In "Open Source Software and the Department of Defense," CNAS argues that a number of cultural factors, biases and regulatory barriers are keeping DOD from embracing open-source options.
... ...Industry relies heavily on open-source software with great success, and DOD's continued reliance on proprietary code is more expensive, slows innovation and puts America's warfighters at greater risk, according to CNAS.
!07/11 PDP a ni deppart m'I !pleH