US Government Appeals Injunction Against TikTok Ban

· Andrew Orr · Link

Walmart Enters the TikTok Purchase War - article

The U.S. government is appealing an injunction from S. District Court Judge Carl Nichols that blocked its ban of TikTok.

The Trump administration had raised concerns over the video-sharing app due to its Chinese ownership by way of parent company ByteDance, and the potential risk of TikTok’s U.S. user data being accessed by the Chinese government.

[…]

Judge Nichols in the separate case led by TikTok ruled that Trump overstepped his authority in trying to ban the app from the U.S., referring to the agency’s action as “arbitrary and capricious.”

Russian ‘Cozy Bear’ Hacking Team Hits US Government Networks

· Andrew Orr · Link

Alert symbol of an exclamation point inside triangle

A group of Russian hackers known as Cozy Bear has hacked several U.S. government agencies like the Treasury and Commerce departments.

On Sunday night, FireEye said the attackers were infecting targets using Orion, a widely used business software app from SolarWinds. After taking control of the Orion update mechanism, the attackers were using it to install a backdoor that FireEye researchers are calling Sunburst.

How the U.S. Used the Patriot Act to Track Web Browsing

· Andrew Orr · Link

Person using a macbook

Government entities have been using Section 215 of the Patriot Act as justification to collect logs of web browsing activity.

In fact, “one of those 61 orders resulted in the production of information that could be characterized as information regarding browsing,” Mr. Ratcliffe wrote in the second letter. Specifically, one order had approved collection of logs revealing which computers “in a specified foreign country” had visited “a single, identified U. S. web page.”

How to Vote According to Apple News

· Andrew Orr · How-To

Apple News has a section to help people register to vote, how to become a poll worker in your state, and more.

How the United States is Ensuring Votes are Secure

· Andrew Orr · Link

Max Eddy writes an examination of election engineering and how the U.S. can ensure voting security. The part I think is fascinating is the work of Sam Curry, CSO of cybersecurity company Cybereason. His team has been simulating election attacks to figure out how best to protect our elections.

He’s observed numerous strategies and has advice on how best to protect an election. The people playing the role of defenders, usually given the role of law enforcement, “must create open lines of communication between government departments and also media sources and social media companies,” said Curry. Knowing who to call and when to call them and having a reliable back-up system in case one fails (or is intentionally sabotaged) are all critical.

CISA Believes China Hacked US Government Systems

· Andrew Orr · Link

Generic image displaying the word hacked.

According to the Cybersecurity and Infrastructure Security Agency, Chinese-affiliated hackers have compromised U.S. government computer systems.

“This beaconing is a result of cyber threat actors successfully completing cyber operations that are often designed around emergent vulnerabilities and reliant on existing exploitation tools,” the advisory states. “CISA observed activity from a Federal Government IP address beaconing out to the threat actors’ [command and control] server.”

Get we just get it together for 10 seconds, please?

Congressman Wants Apple to Increase Security Over Foreign-Linked Apps

· Andrew Orr · Link

Rep. Stephen Lynch, chairman of the House subcommittee on national security, sent separate letters to Apple and Google, wanting assurances these companies could warn users about apps with foreign ties.

At a minimum, Apple and Google should take steps to ensure that users are aware of the potential privacy and national security risks of sharing sensitive information with applications that store data in countries adversarial to the United States, or whose developers are subsidiaries of foreign companies.

Apple can only do so much. They probably can’t check the source code of every app to see if it contains Chinese spying code. And what about U.S. spying code?

Senators Introduce COVID-19 Consumer Data Protection Act

· Andrew Orr · Link

Supreme court

Today a group of Republican senators announced plans to introduce the COVID-19 Consumer Data Protection Act.

The legislation would provide all Americans with more transparency, choice, and control over the collection and use of their personal health, geolocation, and proximity data. The bill would also hold businesses accountable to consumers if they use personal data to fight the COVID-19 pandemic.

A good move, I think. We need thoughtful legislation passed to preempt the contact tracing train.