https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html
LexisNexis, which generates consumer risk profiles for the insurers, knew about every trip G.M. drivers had taken in their cars, including when they sped, braked too hard or accelerated rapidly.
https://mastodon.social/@simonbs/112045502577892427
With iOS 17.4 released, you can go to Settings → Face ID & Passcode → Stolen Device Protection and make the security delay required even when you are at a familiar location.
https://www.wired.com/story/here-come-the-ai-worms/
Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.
https://www.theguardian.com/world/2024/feb/16/air-canada-chatbot-lawsuit
Canada’s largest airline has been ordered to pay compensation after its chatbot gave a customer inaccurate information, misleading him into buying a full-price ticket.
Air Canada came under further criticism for later attempting to distance itself from the error by claiming that the bot was “responsible for its own actions”.
https://www.theguardian.com/world/2024/feb/05/hong-kong-company-deepfake-video-conference-call-scam
Police investigate after employee tricked into transferring money to fraudsters posing as senior officers of her firm
Chinese authorities recently said they’re using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that’s outlawed in that country.
https://www.schneier.com/blog/archives/2024/01/tiktok-editorial-analysis.html
TikTok seems to be skewing things in the interests of the Chinese Communist Party.
https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/
On Friday, genetic testing company 23andMe announced that hackers accessed the personal data of 0.1% of customers, or about 14,000 individuals. The company also said that by accessing those accounts, hackers were also able to access “a significant number of files containing profile information about other users’ ancestry.” But 23andMe would not say how many “other users” were impacted by the breach that the company initially disclosed in early October.
As it turns out, there were a lot of “other users” who were victims of this data breach: 6.9 million affected individuals in total.
In an email sent to TechCrunch late on Saturday, 23andMe spokesperson Katie Watson confirmed that hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe’s DNA Relatives feature, which allows customers to automatically share some of their data with others. The stolen data included the person’s name, birth year, relationship labels, the percentage of DNA shared with relatives, ancestry reports and self-reported location.
https://www.schneier.com/blog/archives/2023/12/ai-and-trust.html
In this talk, I am going to make several arguments. One, that there are two different kinds of trust—interpersonal trust and social trust—and that we regularly confuse them. Two, that the confusion will increase with artificial intelligence. We will make a fundamental category error. We will think of AIs as friends when they’re really just services. Three, that the corporations controlling AI systems will take advantage of our confusion to take advantage of us. They will not be trustworthy. And four, that it is the role of government to create trust in society. And therefore, it is their role to create an environment for trustworthy AI. And that means regulation. Not regulating AI, but regulating the organizations that control and use AI.
https://www.theguardian.com/business/2023/dec/04/sellafield-nuclear-site-hacked-groups-russia-china
It is still not known if the malware has been eradicated. It may mean some of Sellafield’s most sensitive activities, such as moving radioactive waste, monitoring for leaks of dangerous material and checking for fires, have been compromised.
Sources suggest it is likely foreign hackers have accessed the highest echelons of confidential material at the site, which sprawls across 6 sq km (2 sq miles) on the Cumbrian coast and is one of the most hazardous in the world.
Sellafield covers 6 sq km on the Cumbrian coast and is one of the most hazardous nuclear sites in the world. Photograph: David Levene/The Guardian
The full extent of any data loss and any ongoing risks to systems was made harder to quantify by Sellafield’s failure to alert nuclear regulators for several years, sources said.