News of evidence - via a Dartmouth research program team (Julia Dressel and Hany Farid) - of potentially flawed prediction algorithms in a mission critical software product (Correctional Offender Management Profiling for Alternative Sanctions (COMPAS)) utilized by a large number of jurisdiction in the United States and Canada... Read the abstract and full research report in J. Dressel el al., “The accuracy, fairness, and limits of predicting recidivism,” Science Advances 4, No. 1 (17 January 2018) (DOI: 10.1126/sciadv.aao5580) or download the study's PDF. Enjoy.
Citation: J. Dressel, H. Farid, The accuracy, fairness, and limits of predicting recidivism. Sci. Adv. 4, eaao5580 (2018).
Rebecca (Becca) Rick's has published a highly informative interactive graphic (along with the data source) detailing the Paypal data sharing efforts, in which, your data is published to a multitude of said entities. Astonishing.
Folks, the easiest method to explore this super-graphic is to click this post's title, or the "published" link above, and magically visit the interactive graphic on Ms. Rick's site. Rated Highly Entertaining by Infosecurity.US!
Thanks for the H/T!
Now Accepting Contest Submissions
The Federal Information Systems Security Educators Association (FISSEA) Conference is accepting security related training material contest submissions for the organization's 31st Conference - Hardening the Human: The Power of Cybersecurity Awareness and Training slated for March 14-15 2018.
Contact FISSEA Phone: (301) 975-2489 Mail:NIST/FISSEA Liaison, NIST, 100 Bureau Drive Stop 2000 Gaithersburg, MD 20899-2000 Email: email@example.com
Quick, entertaining and yet commendable 'digital tour' of a Amazon Web Services Data Center illustrating the security, thereof. Displaying the Datacenters security fundamentals, Security Controls inherent in their designs and People involved with securing and auditing the data assets of the company's customers. Recommended for executives and managers, and certainly light on the tech...
As is typical of Intel Corporation (Nasdaq: INTC) the firm is attempting to shirk responsability for this attack and transfer the blame onto the company's vendors, not to mention the glad-handing exhibited by the company's CEO at CES.
It's time to rein in Intel Corporation's significantly flawed software development practice (as evidenced by the output), as the ramifications for the company's vulnerability touch many - if not all - systems worldwide. Further, what else is flawed in the company's other products (for example, automotive chips, medical device systems where the firm's hardware and software reside)?
'But the latest vulnerability—discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post—is more of a feature than a bug. Notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer—even bypassing BIOS passwords, Trusted Platform Module personal identification numbers, and Bitlocker disk encryption passwords—by rebooting the computer, entering its BIOS boot menu, and selecting configuration for Intel’s Management Engine BIOS Extension (MEBx).' - via Sean Gallagher - writing at Ars Technica