A Review of the Best News of the Week on AI, IoT, & Mobile Security

China Facial Recognition Database Leak Sparks Fears (Forbes, Feb 19 2019)
The news is a concern – and not just for the millions affected in China. Chinese surveillance isn’t like anything we have seen in the Western World: the country has a social credit score system and it’s using facial recognition for everything from policing to tracking people’s movements to predict crime, as seen in the film Minority Report.

Apple App Store stuffed with hardcore porn and gambling apps (Naked Security – Sophos, Feb 14 2019)
The apps, which violate content policies, got in there via the same Enterprise Certificate program that Facebook and Google exploited.

How we fought bad apps and malicious developers in 2018 (Android Developers Blog, Feb 19 2019)
“In 2018, we introduced a series of new policies to protect users from new abuse trends, detected and removed malicious developers faster, and stopped more malicious apps from entering the Google Play Store than ever before. The number of rejected app submissions increased by more than 55 percent, and we increased app suspensions by more than 66 percent.”

Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.

Fake text generator is so good its creators don’t want to release full version (Naked Security – Sophos, Feb 19 2019)
OpenAI has created what amounts to a text version of a deepfake – and it’s too scared for humanity to release the full version.

The Pentagon Doubles Down on AI–and Wants Help from Big Tech (Wired, Feb 12 2019)
A new Defense Department strategy calls for rapid adoption of AI across the military, and Google, Oracle, IBM, and SAP have signaled interest in a partnership.

A New Tool Protects Videos From Deepfakes and Tampering (Wired, Feb 14 2019)
Many of the body cameras worn by police are woefully vulnerable to hacking and manipulation. Amber Authenticate wants to fix that—with the blockchain.

Twitter Still Can’t Keep Up With Its Flood of Junk Accounts, Study Finds (Wired, Feb 14 2019)
Iowa researchers built an AI engine they say can spot abusive apps on Twitter months before the service itself identifies them.

This Website Uses AI to Generate the Faces of People Who Don’t Exist (Motherboard, Feb 14 2019)
Thispersondoesnotexist.com serves up a new AI-generated face every time you hit refresh.

Academics Confirm Major Predictive Policing Algorithm is Fundamentally Flawed (Motherboard, Feb 14 2019)
PredPol uses an algorithm based on earthquake prediction to “predict crime.” Academics say it’s simplistic and harmful.

Machine learning fundamentals: What cybersecurity professionals need to know (Help Net Security, Feb 15 2019)
Head of Security Analytics at Vectra, talks about machine learning fundamentals, and illustrates what cybersecurity professionals should know.

Mozilla will use AI coding assistant to preemptively catch Firefox bugs (Help Net Security, Feb 15 2019)
Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more efficient and to prevent the introduction of bugs in the code.

Detecting Trojan attacks against deep neural networks (Help Net Security, Feb 19 2019)
A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan attacks on deep neural network models. Although it has yet to be tested in the text and voice domain, their system is highly effective when it comes to spotting trojan attacks on DNN-based computer vision applications.

Scientists call for a ban on AI-controlled killer robots (Futurism, Feb 19 2019)
But not everybody agrees.

AI reveals 2018’s biggest cyber-threats: Part two — to err is human (Darktrace Blog, Feb 08 2019)
In the second installment of a two-part series, Darktrace’s Max Heinemeyer analyzes the rise of deceptive attacks and insider threats that Darktrace AI detected in 2018.

Picnic’ Passes Test for Protecting IoT From Quantum Hacks (Dark Reading, Feb 12 2019)
Researchers from DigiCert, Utimaco, and Microsoft Research gives thumbs-up to a new algorithm for implementing quantum hacking-proof digital certificates.

Europe Intros Global IoT Security Standard (Infosecurity Magazine, Feb 19 2019)
ETSI standard is based on UK government initiative

UK cyber-security: Huawei risk manageable (BBC, Feb 18 2019)
UK intelligence chiefs conclude the Chinese tech giant Huawei can bid for work on telecoms projects.

Love Bug Found in OkCupid Android App (Infosecurity Magazine, Feb 14 2019)
A security failure in MagicLinks allowed attackers to access user info.

Thousands of Android apps bypass Advertising ID to track users (Naked Security – Sophos, Feb 19 2019)
Six years after it was introduced, it looks as if Android’s Advertising ID (AAID) might no longer be the privacy forcefield Google claimed it would be.