Jake Tapper was refused by the executive of TikTok to acknowledge China’s treatment of Uyghurs

What Do We Know About State-Sponsored Nuclear Threats? A Comparative Study of U.S. and Russian Attacks on TikTok, ByteDance and Exchange Server

Those worries have prompted the US government to ban TikTok from official devices, and more than half of US states have taken similar measures, according to a CNN analysis.

The call to ban the app has grown more vociferous since it was revealed that employees of ByteDance have accessed the data of US users multiple times.

As Russia’s war in Ukraine drags on, Ukrainian forces have proved resilient and mounted increasingly intense counterattacks on Kremlin forces. The conflict enters an ominous phase of drone warfare as it progresses. Russia has begun launching a series of recent attacks using Iranian “suicide drones” to inflict damage that is difficult to defend against. With Russian president Vladimir Putin escalating his rhetoric about the potential for a nuclear strike, and NATO officials watching closely for any signs of movement, we examine what indicators are available to the global community in assessing whether Russia is actually preparing to use nuclear weapons.

Meanwhile, an unrelenting string of deeply problematic vulnerabilities in Microsoft’s Exchange Server on-premises email hosting service has left researchers to raise the alarm that the platform isn’t getting the development resources it needs anymore, and customers should seriously consider migrating to cloud email hosting. And new research examines how Wikipedia’s custodians ferret out state-sponsored disinformation campaigns in the crowdsourced encyclopedia’s entries.

The gang Vice Society maximized profits and minimized their exposure by investing very little in technical innovation, which was noted by researchers this week. They run the most sparse and unremarkable operations they can to target sectors like health care and education. We’ve got a guide that will show you how to set up passkeys on the web and on the phone.

More on cloud misconfigurations and cybersecurity roundup — the tiktokbytedance-americans-data-security-roundup

And there’s more. We highlight the news we did not cover in-depth. Click on the headline to read the full story. And remain safe out there.

The data of some prospective customers of Microsoft’s cloud service was exposed due to a misconfiguration. Researchers from the threat intelligence firm SOCRadar disclosed the leak to Microsoft on September 24, and the company quickly closed the exposure. The exposed information spanned from last year to this year in a report. The researchers linked the data to more than 65,000 organizations from 111 countries. The exposed details included company names, phone numbers, and email addresses, as well as files sent between potential customers and Microsoft or one of its authorized partners. Cloud misconfigurations are a longstanding security risk that have led to countless exposures and, sometimes, breaches.

Source: https://www.wired.com/story/tiktok-bytedance-americans-data-security-roundup/

Security Labeling for Internet of Things Devices: The Case of the U.S., Iran, China, and the Security of Internet-connected Devices

There are no easy remedies to improve the security of homes and businesses because of cheap, undefended internet of things devices. But after years of problems, countries like Singapore and Germany have found that adding security labels to internet-connected video cameras, printers, toothbrushes, and more. The labels give consumers a better understanding of the protections built into different devices—and give manufacturers an incentive to improve their practices and get a gold seal. This week, the United States took a step in this direction. The White House announced plans for a labeling scheme that would be a sort of EnergyStar for IoT digital security. The administration had a summit with industry providers this week to discuss standards and guidelines for the labels. A labeling program to secure devices would give Americans the assurance of knowing their technology is safe, and make it harder for retailers to market secure devices, stated a spokeswoman for the National Security Council.

The Washington Post reported this week that the documents that the FBI seized at Mar-a-Lago were full of sensitive information about Iran’s nuclear program and the US’ intelligence operations in China. The risks of unauthorized disclosures in the documents are numerous, experts say. People aiding US intelligence efforts could be endangered, and collection methods could be compromised,” the Post wrote. The information could potentially make other countries retaliate against the US.

The election of an American to run the International Telecommunications Union was good news for the open internet community. Meanwhile, though, we took a look at the fragility of the world’s internet infrastructure and the vulnerability of crucial undersea cables.

Researchers see evidence that the US’s new legal climate for abortion access is promoting a culture of community surveillance, a hallmark of authoritarian states in which neighbors and friends are encouraged to report possible wrongdoing. Soccer stadiums around the world are being monitored more and more. The eight stadiums in use during the 2022 World Cup in Turkey are packed with more than 15,000 cameras.

Rust Security Roundup: Why Do We Need More Vulnerabilities? Liz Truss and the London Mail revealed the Russian Cell Phone Attack

The more secure, “memory safe” programming language Rust is making inroads across the tech industry, offering hope that a massive swath of common vulnerabilities could eventually be preempted and eliminated. The most important vulnerabilities that you can patch right now are included in our list.

Liz Truss is having a rough time. The Mail on Sunday said that agents of Russia had hacked into her cell phone when she was foreign minister. Some Russian operatives were able to see messages between Truss and other people in other countries. The Mail report further claims that former prime minister Boris Johnson and cabinet secretary Simon Case suppressed the breach. Labor Party officials called for an investigation into their opponents, after the breach was unconfirmed. “There are immensely important national security issues raised by an attack like this by a hostile state which will have been taken extremely seriously by our intelligence and security agencies,” Labor Party shadow home secretary Yvette Cooper said last weekend. “There are also serious security questions around why and how this information has been leaked or released right now, which must also be urgently investigated.”

Source: https://www.wired.com/story/tiktok-eu-privacy-policy-security-roundup/

The Rise of Cash Crime in the U.S. and Beyond: An Update on Jack Dorsey’s Expansion and the Impact on TikTok

Another of Jack Dorsey’s corporate creations is facing new heat this week. Sex traffickers in the US and elsewhere are said to be helped by the Cash App. The investigation discovered rampant use of the Cash App in sex trafficking and other crimes based on police records, court files and former Cash App employees. The company is owned by Dorsey’s Block Inc., and it doesn’t tolerate illegal activity on the Cash App. According to Forbes, a center for missing and exploited children says Block has never provided any tips about child abuse since they started using their services.

The US Treasury Department this week said US financial institutions facilitated ransomware payments totaling nearly $1.2 billion in 2021—a 200 percent increase since 2020. The report landed amid an international White House summit aiming to combat the rise of ransomware, a type of malware that allows attackers to encrypt a target’s files and hold them for ransom until the victim pays. The acting Director of the Treasury Department’s Financial Crimes Enforcement Network said that attacks by Russian-linked actors remain a threat to our national and economic security. The $1.2 billion in payments is painful, but they don’t take into account the costs and other financial consequences that come with cyberattacks outside of the payment itself.

The legislation, of course, is unlikely to go anywhere. But it reflects a new trend sweeping across the country in which Republicans showcase how hawkish they are on China by taking a hardline stance on TikTok with proposals or the enactment of legislation and rules that do little to actually limit its broad reach.

The proposed legislation would block and prevent all transactions by social media companies that have a million or more users that are based in, or under the influence, of, countries that are considered foreign adversaries.

Government restrictions on apps or online services are rare in the US. In June 2020 India banned TikTok, the world’s biggest online marketplace, in the largest-ever ban on the site.

While infighting continues in the administration over the future of TikTok, the video streaming giant is trying to convince the public that it is a safe platform.

“The agreement under review by CFIUS will meaningfully address any security concerns that have been raised at both the federal and state level,” Oberwetter said. “These plans have been developed under oversight of our country’s top national security agencies that we are well underway in implementing to further secure our platform in the United States and we will continue to brief lawmakers on them.”

The Emerging Media Landscape: How the U.S. Becomes a TikTok App for Marketing, Recruitment, and Research

A version of the article was published in the newsletter. It’s good to subscribe to the daily digest for the evolving media landscape here.

Some public universities and government agencies have used the app for marketing and recruiting purposes, but at least sixteen states are taking steps to forbid the use of the app while using state government networks

The Senate-passed bill would provide exceptions for “law enforcement activities, national security interests and activities, and security researchers.”

In 2021, TikTok announced it had reached one billion monthly global users. In the U.S., two-thirds of all teens say they use it, according to the Pew Research Center.

The administration’s contradictory approach to TikTok — its embrace of the app as a vital conduit to the public, and its fear of the app as a potential tool of foreign influence — is perhaps a fitting response to the utterly unique problem that TikTok poses. Seemingly overnight, TikTok has managed to remake American culture both low and high, from media and music to memes and celebrity, in its own image. TikTok turned Olivia Rodrigo into a household name and propelled the author Colleen Hoover to the top of the best-seller list, with more copies sold this year than the Bible. TikTok coined “quiet quitting,” one of the hallmark phrases of 2022, and introduced a whole new dialect of algospeak — “seggs,” “unalive,” “le dollar bean” — that is now spreading across pop culture. Corporations and brands, from Goldfish crackers to Prada, have redirected billions of dollars worth of advertising to the platform in recognition of its all-encompassing reach, which can, at seemingly any moment, turn even a decades-old product into a must-have item. Last year, TikTok had more site visits and time spent in the United States than did other sites. Facebook took nine years to reach a billion users while TikTok only took five.

TikTok: Protecting the U.S. from the Cosmic Government with Social Media and Social Networks, a Theoretically Counterexample

While the company denies it would ever be used for nefarious purposes, national security experts say China-based businesses usually have to give unfettered access to the authoritarian regime if information is ever sought.

So the ban on federal government devices is an incremental restriction: Most drastic measures have not advanced, since the efforts lacked the political will, or courts intervened to stop them.

“I think some concern about TikTok is warranted,” said Julian McAuley, a professor of computer science at the University of California San Diego, who noted that the main difference between TikTok and other social media apps is that TikTok is much more driven by user-specific recommendations.

“While ByteDance claims that it maintains its operations in the United States separately, there is no easy way to determine the extent to which that claim is true,” said Sameer Patil, a professor at the University of Utah who studies user privacy online.

“While social media companies are certainly harvesting all kinds of data about users, I think it’s usually overblown to what extent they ‘know’ about users on an individual level,” he said.

The video app TikTok, Ober Wetter stated, has faith in the process of keeping it out of the hands of the Chinese government.

Another possible resolution is that the committee is satisfied with the steps TikTok has taken to ensure there is a firewall between U.S. user data and ByteDance employees in Beijing and the Chinese government.

It is very rare for deliberations to happen behind closed doors. It is not clear when the committee might finish its investigation, nor is it known which way it is leaning.

Why Doesn’t China Need Human Rights Violation? A Comment on a Critique of TikTok and the American Civil Libertarian Movement

“Michael absolutely did acknowledge that there are human rights violations happening in China,” said Brooke Oberwetter, spokeswoman for TikTok, in a statement. “But he stipulated that that determination is outside his area of expertise as the head of public policy for TikTok. His main role as head of public policy for TikTok is to explain the approach to the content that Jake asked about.

Security experts say the data can allow China to find intelligence opportunities, or to influence Americans in ways that aren’t obvious.

“Look, I think there are many human rights violations that are happening in China and around the world,” Beckerman said. These are very important to me. I’m not here to be the expert on human rights violations around the world.”

In a report published last week, the nonprofit Center for Countering Digital Hate found that it can take less than three minutes after signing up for a TikTok account to see content related to suicide and about five more minutes to find a community promoting eating disorder content.

Beckerman disagreed with the idea that some American parents may be seeing the study and believe that the Chinese government is trying to destroy our kids. Beckerman nodded to the app’s parental controls, but he called Tapper’s argument hypocritical.

“The same people that are complaining about employees in China and acts from China, and all these things … they are also suggesting that here in the US, we should apply Chinese-style media rules,” Beckerman said. “We have freedom of speech, among other things here in the United States.”

Is China’s National Intelligence Law Enough? Reply to the State of the Matter in a Campaign against the TikTok App

Since 2020, Nebraska has had a ban on all state devices. So has the Florida Department of Financial Services. There were partial bans announced by Louisiana and West Virginia.

In fact, China’s 2017 National Intelligence Law requires Chinese companies to furnish any customer information relevant to China’s national security. TikTok collects astonishing amounts of user information, more than some other popular social media apps. There’s no evidence that ByteDance has ever turned over this information to the Chinese government. ByteDance fired some employees in China and the US for wrongly snooping on American journalists and private information, even though they knew it was a bad idea.

“There is no more time to waste on meaningless talks with a company,” he said in a statement. It is time to stop Beijing-controlled TikTok.

It’s understandable why U.S. soldiers would want to be warned against using the app because of it’s sharing of location information with other entities. “But that’s also true of the weather app and then lots of other apps that are existing in your phone, whether they’re owned by China or not.”

If a ban on TikTok could actually be put in place, it would solve our national security concerns about the app. Such a ban might put our national security at greater risk. Moreover, it would sidestep a broader problem — our nation’s overall failure to address concerns over the huge amount of personal data collected in our digital lives, especially when that data could be used by foreign adversaries.

“The truth of the matter is, if the sophisticated Chinese intelligence sector wanted to gather information on particular state employees in the United States, it wouldn’t probably have to go through TikTok.”

He says, “It’s easy to say a foreign government is a threat when it happens across the world.” I think it’s important to be cautious about how politicized that can be in a way that surpasses the real threat to achieve political ends.

Tech Giants and the Taxpayer’s Choice: Implications of a TikTok ban for the American Economy and the First Amendment

Even if a TikTok ban were to happen, Calo and Chander are not sure it would gain much political traction, and they are concerned that it would raise First Amendment concerns. But Calo believes the conversation could push policy in a positive direction for Americans.

“I think that we’re right in the United States to be finally thinking about the consequences of having so much commercial surveillance taking place of U.S. citizens and residents,” he said. “We should address it by passing comprehensive privacy laws, which is something that the Federal Trade Commission seems very interested in doing, but not in this ad hoc posturing way, because we should do something to address it.”

Tech giants have repeatedly deployed their CEOs to Capitol Hill, who in some cases have made arguments citing the threat of Chinese competition. They’ve also leaned on help from trade associations they’re members of and relied on advertising campaigns to make the case against some of the biggest legislative threats to their business.

The stark difference between the two is indicative of how simple narratives, wellfunded lobbying and genuinely thorny policy questions can make or break a bill. It also hints at how a select few Big Tech companies continue to maintain their dominance in the market and their centrality in the lives of countless US households.

A TikTok official said under its new server reorganization as part of Project Texas, China-based employees would never have this kind of access to American accounts.

“We think a lot of the concerns are maybe overblown,” Beckerman told CNN’s Jake Tapper on Tuesday, “but we do think these problems can be solved” through the ongoing government negotiations.

The AICOA of the Tech Industry: How Digital Companies Can Get Their Own? The Case of ByteDance, Amazon, YouTube, and Google

ByteDance spent $270,000 on lobbying in the last year, according to public records. By the end of last year, its lobbyist count had more than doubled and the company had spent nearly $5.2 million on lobbying.

Meta was the biggest internet industry lobbying giant last year, spending upward of $20 million. Next was Amazon at $19 million, followed by more than 10 million dollars from Google. A total of almost 50 million dollars was spent on lobbying by TikTok’s parent, which ranked fourth on the list.

One of those bills, the American Innovation and Choice Online Act (AICOA), would erect new barriers between tech platforms’ various lines of business, preventing Amazon, for example, from being able to compete with third-party sellers on its own marketplace. The legislation was the culmination of a 16-month investigation by the House into the tech industry and it was found that many big tech companies were effectively monopolies.

Legislators looked like they were going to pass a bill that would force platforms to pay more money for news. Meta warned it could be forced to stop publishing news content if the bill passed.

Silicon Valley’s biggest players have maneuvered cleverly in Washington, defending their turf from lawmakers who want to knock them down.

In contrast, decisions about the rules government might impose on tech platforms have put into question how those regulations may affect different parts of the economy from small businesses to individual users.

Legislation that is related to the tech industry’s outdated content moderation liability shield, as well as proposals to strengthen partisan divisions, may raise First Amendment issues. Democrats have said Section 230 should be changed because it gives social media companies a pass to leave some hate speech and offensive content unaddressed, while Republicans have called for changes to the law so that platforms can be pressured to remove less content.

The cross-cutting politics and the technical challenges of regulating an entire sector of technology, not to mention the potential consequences for the economy of screwing it up, have combined to make it genuinely difficult for lawmakers to reach an accord.

What do social media professors and students need to know about the U.S. Senate Intelligence Committee’s ban on TikTok?

It’s important for the Republicans to have a brand. Kousser, a political scientist at U.C. San Diego, says that “standing up to China is seen as a central tenet of what unite Republicans now.”

Teaching and research on social media has become standard in higher education. Modern communication has changed with the app, with its aesthetic, practices, and story-telling.

How can we train students to be savvy content creators and consumers when we don’t teach a pillar of the modern media landscape? Even though students can still access TikTok from their homes, professors are not allowed to show them TikToks in PowerPoint slides or use a classroom web browser. Brands, companies, and novel forms of storytelling all rely on TikTok, and professors will no longer be able to train their students in best practices for these purposes. Students can see things they are learning in real time when they use TikTok.

The world keeps turning as the states that implemented their ban implement their ban, leaving their citizens in a fast-paced media world. Students in the states will have a disadvantage when it comes to applying for jobs as they will only be able to receive education and training from their peers in other states.

Professors must do research as well. Social media scholars in these states quite literally cannot do what they have been hired to do and be experts in if these bans persist. The university compliance offices say that the bans will only be on campus wi-fi and mobile data, who will foot the bill for a more expensive data plan on their phone? The answer is no one. Faculty employees who work on campus are expected to be on campus regularly to show they are actually working, even if they work at home. This means any social media professor attempting to research TikTok on campus will have to rely on video streaming via mobile data, which can be quite expensive, either through having to individually pay for unlimited data, or accidentally going over one’s limits.

TikTok CEO Shou Zi Chew will testify before Congress in March, amid nationwide efforts to ban the social media app among government employees and schools due to concerns about privacy and its effect on young people’s mental health.

The chair of the Senate Intelligence Committee, Senator Mark Warner, was thought to be considering a bill that would ban a broader category of applications that pose security risks.

When the former president signed an executive order to ban the app, the app’s owners, ByteDance, sued, but it never went through.

The letter was addressed to the executives of both Apple andGoogle, asking for them to remove the TikTok app from their stores.

At a media briefing on Tuesday at its Los Angeles office, top TikTok officials described a data security plan, dubbed “Project Texas” because it relies on Austin-based software company Oracle.

The chance to set the record straight was welcomed by Brooke Oberwetter. Oberwetter said TikTok plans to discuss its “comprehensive plans” to protect US user safety during the March 23rd hearing.

Trump’s charm offensive against Silicon Valley censorship in the US is aimed at reducing the size of the Internet infrastructure infrastructure – the case of TikTok

Apple has to be careful with its relationship with both the US and China. Cook is able to maintain relationships with Chinese manufacturers and the Chinese government, which is a major factor in Apple’s success.

Observers expect Washington to take action. “We will see limitations this year,” says Mira Ricardel, a former White House deputy national security adviser now at the Chertoff Group advising businesses on regulations. The unanimity of opinion will lead to something. Here is what that something may look like.

India has a blockade called TikTok. A few small ISPs permit access, according to NetBlocks. A University of Michigan’s project lead says he was able to watch videos on his visit to India using an app downloaded in the US. Many Indian users have switched to rivals, including from both Facebook and Google, as a result of the ban.

Trump’s order would have immediately prohibited app stores from distributing TikTok, and nearly two months later would have barred cloud providers and internet infrastructure services from doing business with the company. People or companies caught dodging the order could have faced fines or prison sentences. Kanapathy, who was the China director for Trump’s National Security Council, said they wanted to start at the root of the issue.

the company recently launched a charm offensive that included rapid-fire meetings in Washington with the TikTok CEO and a first-ever visit to the Los Angeles area for members of the media.

“There’s a lot of performative action going on,” said Adam Segal, a Chinese technology policy expert at the Council on Foreign Relations. “It’s a desire to show toughness on China,” he said.

It is easier to take out on Chinese-owned TikTok than it is to take it out on a social media platform like Facebook.

TikTok’s relationship with Oracle started during the Trump administration, when the company was scrambling to find U.S.-based cloud servers as Trump pushed to have put the app out of business in the United States.

Project Texas: An Interactive Public Relations Museum for the Chinese Digital Data Security Collaborative (IDS) Experiment (PDC 2016)

USDS is expected to hire 2,500 people who have undergone high-level background checks similar to those used by the U.S. government, TikTok officials said on Tuesday. None of those hired would be Chinese nationals.

Corporate employees of Beijing can use aggregate data, like what kind of content is on the app or in the region, which can be analyzed if they have special permission from the US data security team.

The plan addresses many of the major security concerns U.S. officials have, said Jim Lewis, a cybersecurity expert at the Center for Strategic and International Studies, but that is no guarantee it will be approved.

Lewis said that the Oracle plan would work. “This kind of thing is pretty standard. TikTok has become too emotional, that a reasonable solution may not be enough.

The company has previously said that it welcomes “the opportunity to set the record straight about TikTok, ByteDance, and the commitments we are making.”

Assuming the deal passes muster, though, Segal agreed that it resolves the bulk of the data security concerns by allowing inspections of its algorithm and transferring U.S. user data to Oracle.

Many details about Project Texas have trickled out in the Wall Street Journal, the New York Times and Reuters, but Tuesday’s gathering marked one of the first times the company has given an official briefing on the plan.

The Transparency and Accountability center felt like an interactive public relations museum when the officials led journalists through it on Tuesday.

There was a game where people were asked to decide if a video violated TikTok’s rules or not.

The facilities will also feature server rooms where visitors who sign non-disclosure agreements can review TikTok’s entire source code, though journalists are not given an opportunity to do this.

Tech journalist Casey Newton in the platformer: Toward a more deliberative Congress on telecommunications, media, and the Internet

Tech journalist Casey Newton of the newsletter Platformer said the content moderation game brought home just how tricky it is for the thousands of people who have to make trade-offs every day on an endless flood of videos, but it was largely beside the point.

“We hope that by sharing details of our comprehensive plans with the full Committee, Congress can take a more deliberative approach to the issues at hand,” the TikTok spokesperson added.

“If you’re certainly willing to fly a balloon over your continental airspace—and have people see it with a naked eye—what would make you not weaponize data? Or use an app that’s on the phone of 60 million Americans to drive narratives in society that try to influence political debate in this country?” says Senate Intelligence Committee vice chair Marco Rubio, a Republican from Florida.

“There’s no question about the fact that they are trying to gather as much data as they can about all aspects of our country, and even the most minuscule, small items can add up to providing them with more data,” says Republican senator Mike Rounds of South Dakota. “There’s a huge amount of data out there, which will never be touched, never be used, but it’s the small pieces that add up. They are working it. They are patient. But they clearly see us as a threat, and they’re collecting data.”

After spending last week with Colorado senator Michael Bennet, he told congressional reporters that nothing the suggestions were particularly relevant to his concerns.