position:chief security officer

  • Facebook says it has removed 1.5 million copies of the New Zealand terror attack video - MIT Technology Review
    https://www.technologyreview.com/the-download/613133/facebook-says-it-has-removed-15-million-copies-of-the-new-zealand-

    The sheer scale of efforts by Facebook, YouTube, and Twitter to take down clips of the video shows how hard it is to stop people from spreading horrific content.

    The news: Facebook has said that in the first 24 hours after the attack it removed 1.5 million versions of the video filmed by the gunman who killed over 50 people in two mosques in Christchurch, New Zealand. Of those, 1.2 million were blocked while they were uploading, so they never made it onto the site. YouTube and Twitter are yet to release figures.

    The gunman live-streamed the shooting over 17 minutes on Facebook, and it was quickly re-posted by people both on that platform and others. There are almost certainly still versions of the video available online, despite the efforts to remove them.

    What next: There are growing calls for social-media companies to change their policies after the outrage—but it’s not always clear exactly what that means in practice. Bloomberg reports that New Zealand’s prime minister, Jacinda Ardern, is seeking talks with Facebook over live-streaming but hasn’t set out any specific demands.

    Supply and demand: The problem, according to Facebook’s former chief security officer, Alex Stamos, is not just virality. It’s that the biggest tech companies have much less control over whether people in free societies trade data than you might think. It also reflects a systemic issue, which is that social platforms often don’t even see themselves as arbiters of content in the first place. And perhaps a more profound question: do we really want them to be?

    #Facebook #NZ_massacre #Vidéo #Alt_right #Fascisme

  • The Laborers Who Keep Dick Pics and Beheadings Out of Your Facebook Feed | WIRED
    https://www.wired.com/2014/10/content-moderation

    Les travailleurs et travailleuses sous-payées du nettoyage dans le cyberespace. Un article ancien, pourtant toujours d’actualité. Et ce ne sont pas les intelligences artificielles qui résoudront ce problème.

    Baybayan is part of a massive labor force that handles “content moderation”—the removal of offensive material—for US social-networking sites. As social media connects more people more intimately than ever before, companies have been confronted with the Grandma Problem: Now that grandparents routinely use services like Facebook to connect with their kids and grandkids, they are potentially exposed to the Internet’s panoply of jerks, racists, creeps, criminals, and bullies. They won’t continue to log on if they find their family photos sandwiched between a gruesome Russian highway accident and a hardcore porn video. Social media’s growth into a multibillion-dollar industry, and its lasting mainstream appeal, has depended in large part on companies’ ability to police the borders of their user-generated content—to ensure that Grandma never has to see images like the one Baybayan just nuked.

    “EVERYBODY HITS THE WALL. YOU JUST THINK, ‘HOLY SHIT, WHAT AM I SPENDING MY DAY DOING?’”

    So companies like Facebook and Twitter rely on an army of workers employed to soak up the worst of humanity in order to protect the rest of us. And there are legions of them—a vast, invisible pool of human labor. Hemanshu Nigam, the former chief security officer of MySpace who now runs online safety consultancy SSP Blue, estimates that the number of content moderators scrubbing the world’s social media sites, mobile apps, and cloud storage services runs to “well over 100,000”—that is, about twice the total head count of Google and nearly 14 times that of Facebook.

    This work is increasingly done in the Philippines.

    #Fake_news #Modération #Hébergeurs

  • Uber Pushed the Limits of the Law. Now Comes the Reckoning - Bloomberg
    https://www.bloomberg.com/news/features/2017-10-11/uber-pushed-the-limits-of-the-law-now-comes-the-reckoning

    The ride-hailing company faces at least five U.S. probes, two more than previously reported, and the new CEO will need to dig the company out of trouble.

    Illustration: Maria Nguyen
    By Eric Newcomer
    October 11, 2017, 10:11 AM GMT+2

    Shortly after taking over Uber Technologies Inc. in September, Dara Khosrowshahi told employees to brace for a painful six months. U.S. officials are looking into possible bribes, illicit software, questionable pricing schemes and theft of a competitor’s intellectual property. The very attributes that, for years, set the company on a rocket-ship trajectory—a tendency to ignore rules, to compete with a mix of ferocity and paranoia—have unleashed forces that are now dragging Uber back down to earth.

    Uber faces at least five criminal probes from the Justice Department—two more than previously reported. Bloomberg has learned that authorities are asking questions about whether Uber violated price-transparency laws, and officials are separately looking into the company’s role in the alleged theft of schematics and other documents outlining Alphabet Inc.’s autonomous-driving technology. Uber is also defending itself against dozens of civil suits, including one brought by Alphabet that’s scheduled to go to trial in December.

    “There are real political risks for playing the bad guy”
    Some governments, sensing weakness, are moving toward possible bans of the ride-hailing app. London, one of Uber’s most profitable cities, took steps to outlaw the service, citing “a lack of corporate responsibility” and specifically, company software known as Greyball, which is the subject of yet another U.S. probe. (Uber said it didn’t use the program to target officials in London, as it had elsewhere, and will continue to operate there while it appeals a ban.) Brazil is weighing legislation that could make the service illegal—or at least treat it more like a taxi company, which is nearly as offensive in the eyes of Uber.

    Interviews with more than a dozen current and former employees, including several senior executives, describe a widely held view inside the company of the law as something to be tested. Travis Kalanick, the co-founder and former CEO, set up a legal department with that mandate early in his tenure. The approach created a spirit of rule-breaking that has now swamped the company in litigation and federal inquisition, said the people, who asked not to be identified discussing sensitive matters.

    Kalanick took pride in his skills as a micromanager. When he was dissatisfied with performance in one of the hundreds of cities where Uber operates, Kalanick would dive in by texting local managers to up their game, set extraordinary growth targets or attack the competition. His interventions sometimes put the company at greater legal risk, a group of major investors claimed when they ousted him as CEO in June. Khosrowshahi has been on an apology tour on behalf of his predecessor since starting. Spokespeople for Kalanick, Uber and the Justice Department declined to comment.

    Kalanick also defined Uber’s culture by hiring deputies who were, in many instances, either willing to push legal boundaries or look the other way. Chief Security Officer Joe Sullivan, who previously held the same title at Facebook, runs a unit where Uber devised some of the most controversial weapons in its arsenal. Uber’s own board is now looking at Sullivan’s team, with the help of an outside law firm.

    Salle Yoo, the longtime legal chief who will soon leave the company, encouraged her staff to embrace Kalanick’s unique corporate temperament. “I tell my team, ‘We’re not here to solve legal problems. We’re here to solve business problems. Legal is our tool,’” Yoo said on a podcast early this year. “I am going to be supportive of innovation.”

    From Uber’s inception, the app drew the ire of officials. After a couple years of constant sparring with authorities, Kalanick recognized he needed help and hired Yoo as the first general counsel in 2012. Yoo, an avid tennis player, had spent 13 years at the corporate law firm Davis Wright Tremaine and rose to become partner. One of her first tasks at Uber, according to colleagues, was to help Kalanick answer a crucial question: Should the company ignore taxi regulations?

    Around that time, a pair of upstarts in San Francisco, Lyft Inc. and Sidecar, had begun allowing regular people to make money by driving strangers in their cars, but Uber was still exclusively for professionally licensed drivers, primarily behind the wheel of black cars. Kalanick railed against the model publicly, arguing that these new hometown rivals were breaking the law. But no one was shutting them down. Kalanick, a fiercely competitive entrepreneur, asked Yoo to help draft a legal framework to get on the road.

    By January 2013, Kalanick’s view of the law changed. “Uber will roll out ridesharing on its existing platform in any market where the regulators have tacitly approved doing so,” Kalanick wrote in a since-deleted blog post outlining the company’s position. Uber faced some regulatory blowback but was able to expand rapidly, armed with the CEO’s permission to operate where rules weren’t being actively enforced. Venture capitalists rewarded Uber with a $17 billion valuation in 2014. Meanwhile, other ride-hailing startups at home and around the world were raising hundreds of millions apiece. Kalanick was determined to clobber them.

    One way to get more drivers working for Uber was to have employees “slog.” This was corporate speak for booking a car on a competitor’s app and trying to convince the driver to switch to Uber. It became common practice all over the world, five people familiar with the process said.

    Staff eventually found a more efficient way to undermine its competitors: software. A breakthrough came in 2015 from Uber’s office in Sydney. A program called Surfcam, two people familiar with the project said, scraped data published online by competitors to figure out how many drivers were on their systems in real-time and where they were. The tool was primarily used on Grab, the main competitor in Southeast Asia. Surfcam, which hasn’t been previously reported, was named after the popular webcams in Australia and elsewhere that are pointed at beaches to help surfers monitor swells and identify the best times to ride them.

    Surfcam raised alarms with at least one member of Uber’s legal team, who questioned whether it could be legally operated in Singapore because it may run afoul of Grab’s terms of service or the country’s strict computer-crime laws, a person familiar with the matter said. Its creator, who had been working out of Singapore after leaving Sydney, eventually moved to Uber’s European headquarters in Amsterdam. He’s still employed by the company.

    “This is the first time as a lawyer that I’ve been asked to be innovative.”
    Staff at home base in San Francisco had created a similar piece of software called Hell. It was a tongue-in-cheek reference to the Heaven program, which allows employees to see where Uber drivers are in a city at a given moment. With Hell, Uber scraped Lyft data for a view of where its rival’s drivers were. The legal team decided the law was unclear on such tactics and approved Hell in the U.S., a program first reported by technology website the Information.

    Now as federal authorities investigate the program, they may need to get creative in how to prosecute the company. “You look at what categories of law you can work with,” said Yochai Benkler, co-director of Harvard University’s Berkman Klein Center for Internet and Society. “None of this fits comfortably into any explicit prohibitions.”

    Uber’s lawyers had a hard time keeping track of all the programs in use around the world that, in hindsight, carried significant risks. They signed off on Greyball, a tool that could tag select customers and show them a different version of the app. Workers used Greyball to obscure the actual locations of Uber drivers from customers who might inflict harm on them. They also aimed the software at Lyft employees to thwart any slog attempts.

    The company realized it could apply the same approach with law enforcement to help Uber drivers avoid tickets. Greyball, which was first covered by the New York Times, was deployed widely in and outside the U.S. without much legal oversight. Katherine Tassi, a former attorney at Uber, was listed as Greyball supervisor on an internal document early this year, months after decamping for Snap Inc. in 2016. Greyball is under review by the Justice Department. In another case, Uber settled with the Federal Trade Commission in August over privacy concerns with a tool called God View.

    Uber is the world’s most valuable technology startup, but it hardly fits the conventional definition of a tech company. Thousands of employees are scattered around the world helping tailor Uber’s service for each city. The company tries to apply a Silicon Valley touch to the old-fashioned business of taxis and black cars, while inserting itself firmly into gray areas of the law, said Benkler.

    “There are real political risks for playing the bad guy, and it looks like they overplayed their hand in ways that were stupid or ultimately counterproductive,” he said. “Maybe they’ll bounce back and survive it, but they’ve given competitors an opening.”

    Kalanick indicated from the beginning that what he wanted to achieve with Yoo was legally ambitious. In her first performance review, Kalanick told her that she needed to be more “innovative.” She stewed over the feedback and unloaded on her husband that night over a game of tennis, she recalled in the podcast on Legal Talk Network. “I was fuming. I said to my husband, who is also a lawyer: ‘Look, I have such a myriad of legal issues that have not been dealt with. I have constant regulatory pressures, and I’m trying to grow a team at the rate of growth of this company.’”

    By the end of the match, Yoo said she felt liberated. “This is the first time as a lawyer that I’ve been asked to be innovative. What I’m hearing from this is I actually don’t have to do things like any other legal department. I don’t have to go to best practices. I have to go to what is best for my company, what is best for my legal department. And I should view this as, actually, freedom to do things the way I think things should be done, rather than the way other people do it.”

    Prosecutors may not agree with Yoo’s assumptions about how things should be done. Even when Yoo had differences of opinion with Kalanick, she at times failed to challenge him or his deputies, or to raise objections to the board.

    After a woman in Delhi was raped by an Uber driver, the woman sued the company. Yoo was doing her best to try to manage the fallout by asking law firm Khaitan & Co. to help assess a settlement. Meanwhile, Kalanick stepped in to help craft the company’s response, privately entertaining bizarre conspiracy theories that the incident had been staged by Indian rival Ola, people familiar with the interactions have said. Eric Alexander, an Uber executive in Asia, somehow got a copy of the victim’s medical report in 2015. Kalanick and Yoo were aware but didn’t take action against him, the people said. Yoo didn’t respond to requests for comment.

    The mishandling of the medical document led to a second lawsuit from the woman this year. The Justice Department is now carrying out a criminal bribery probe at Uber, which includes questions about how Alexander obtained the report, two people said. Alexander declined to comment through a spokesman.

    In 2015, Kalanick hired Sullivan, the former chief security officer at Facebook. Sullivan started his career as a federal prosecutor in computer hacking and intellectual property law. He’s been a quiet fixture of Silicon Valley for more than a decade, with stints at PayPal and EBay Inc. before joining Facebook in 2008.

    It appears Sullivan was the keeper of some of Uber’s darkest secrets. He oversees a team formerly known as Competitive Intelligence. COIN, as it was referred to internally, was the caretaker of Hell and other opposition research, a sort of corporate spy agency. A few months after joining Uber, Sullivan shut down Hell, though other data-scraping programs continued. Another Sullivan division was called the Strategic Services Group. The SSG has hired contractors to surveil competitors and conducts extensive vetting on potential hires, two people said.

    Last year, Uber hired private investigators to monitor at least one employee, three people said. They watched China strategy chief Liu Zhen, whose cousin Jean Liu is president of local ride-hailing startup Didi Chuxing, as the companies were negotiating a sale. Liu Zhen couldn’t be reached for comment.

    Sullivan wasn’t just security chief at Uber. Unknown to the outside world, he also took the title of deputy general counsel, four people said. The designation could allow him to assert attorney-client privilege on his communications with colleagues and make his e-mails more difficult for a prosecutor to subpoena.

    Sullivan’s work is largely a mystery to the company’s board. Bloomberg learned the board recently hired a law firm to question security staff and investigate activities under Sullivan’s watch, including COIN. Sullivan declined to comment. COIN now goes by a different but similarly obscure name: Marketplace Analytics.

    As Uber became a global powerhouse, the balance between innovation and compliance took on more importance. An Uber attorney asked Kalanick during a company-wide meeting in late 2015 whether employees always needed to follow local ride-hailing laws, according to three people who attended the meeting. Kalanick repeated an old mantra, saying it depended on whether the law was being enforced.

    A few hours later, Yoo sent Kalanick an email recommending “a stronger, clearer message of compliance,” according to two people who saw the message. The company needed to adhere to the law no matter what, because Uber would need to demonstrate a culture of legal compliance if it ever had to defend itself in a criminal investigation, she argued in the email.

    Kalanick continued to encourage experimentation. In June 2016, Uber changed the way it calculated fares. It told customers it would estimate prices before booking but provided few details.

    Using one tool, called Cascade, the company set fares for drivers using a longstanding formula of mileage, time and demand. Another tool called Firehouse let Uber charge passengers a fixed, upfront rate, relying partly on computer-generated assumptions of what people traveling on a particular route would be willing to pay.

    Drivers began to notice a discrepancy, and Uber was slow to fully explain what was going on. In the background, employees were using Firehouse to run large-scale experiments offering discounts to some passengers but not to others.

    “Lawyers don’t realize that once they let the client cross that line, they are prisoners of each other from that point on”
    While Uber’s lawyers eventually looked at the pricing software, many of the early experiments were run without direct supervision. As with Greyball and other programs, attorneys failed to ensure Firehouse was used within the parameters approved in legal review. Some cities require commercial fares to be calculated based on time and distance, and federal law prohibits price discrimination. Uber was sued in New York over pricing inconsistencies in May, and the case is seeking class-action status. The Justice Department has also opened a criminal probe into questions about pricing, two people familiar with the inquiry said.

    As the summer of 2016 dragged on, Yoo became more critical of Kalanick, said three former employees. Kalanick wanted to purchase a startup called Otto to accelerate the company’s ambitions in self-driving cars. In the process, Otto co-founder Anthony Levandowski told the company he had files from his former employer, Alphabet, the people said. Yoo expressed reservations about the deal, although accounts vary on whether those were conveyed to Kalanick. He wanted to move forward anyway. Yoo and her team then determined that Uber should hire cyber-forensics firm Stroz Friedberg in an attempt to wall off any potentially misbegotten information.

    Alphabet’s Waymo sued Uber this February, claiming it benefited from stolen trade secrets. Uber’s board wasn’t aware of the Stroz report’s findings or that Levandowski allegedly had Alphabet files before the acquisition, according to testimony from Bill Gurley, a venture capitalist and former board member, as part of the Waymo litigation. The judge in that case referred the matter to U.S. Attorneys. The Justice Department is now looking into Uber’s role as part of a criminal probe, two people said.

    As scandal swirled, Kalanick started preaching the virtues of following the law. Uber distributed a video to employees on March 31 in which Kalanick discussed the importance of compliance. A few weeks later, Kalanick spoke about the same topic at an all-hands meeting.

    Despite their quarrels and mounting legal pressure, Kalanick told employees in May that he was promoting Yoo to chief legal officer. Kalanick’s true intention was to sideline her from daily decisions overseen by a general counsel, two employees who worked closely with them said. Kalanick wrote in a staff email that he planned to bring in Yoo’s replacement to “lead day to day direction and operation of the legal and regulatory teams.” This would leave Yoo to focus on equal-pay, workforce-diversity and culture initiatives, he wrote.

    Before Kalanick could find a new general counsel, he resigned under pressure from investors. Yoo told colleagues last month that she would leave, too, after helping Khosrowshahi find her replacement. He’s currently interviewing candidates. Yoo said she welcomed a break from the constant pressures of the job. “The idea of having dinner without my phone on the table or a day that stays unplugged certainly sounded appealing,” she wrote in an email to her team.

    The next legal chief won’t be able to easily shed the weight of Uber’s past. “Lawyers don’t realize that once they let the client cross that line, they are prisoners of each other from that point on,” said Marianne Jennings, professor of legal and ethical studies in business at Arizona State University. “It’s like chalk. There’s a chalk line: It’s white; it’s bright; you can see it. But once you cross over it a few times, it gets dusted up and spread around. So it’s not clear anymore, and it just keeps moving. By the time you realize what’s happening, if you say anything, you’re complicit. So the questions start coming to you: ‘How did you let this go?’”

    #Uber #USA #Recht

  • Uber Paid Hackers to Delete Stolen Data on 57 Million People - Bloomberg
    https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data

    Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

    Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

    “None of this should have happened, and I will not make excuses for it.”
    At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

    Dara KhosrowshahiPhotographer: Matthew Lloyd/Bloomberg
    “None of this should have happened, and I will not make excuses for it,” Dara Khosrowshahi, who took over as chief executive officer in September, said in an emailed statement. “We are changing the way we do business.”

    After Uber’s disclosure Tuesday, New York Attorney General Eric Schneiderman launched an investigation into the hack, his spokeswoman Amy Spitalnick said. The company was also sued for negligence over the breach by a customer seeking class-action status.

    Hackers have successfully infiltrated numerous companies in recent years. The Uber breach, while large, is dwarfed by those at Yahoo, MySpace, Target Corp., Anthem Inc. and Equifax Inc. What’s more alarming are the extreme measures Uber took to hide the attack. The breach is the latest scandal Khosrowshahi inherits from his predecessor, Travis Kalanick.

    Kalanick, Uber’s co-founder and former CEO, learned of the hack in November 2016, a month after it took place, the company said. Uber had just settled a lawsuit with the New York attorney general over data security disclosures and was in the process of negotiating with the Federal Trade Commission over the handling of consumer data. Kalanick declined to comment on the hack.

    Joe Sullivan, the outgoing security chief, spearheaded the response to the hack last year, a spokesman told Bloomberg. Sullivan, a onetime federal prosecutor who joined Uber in 2015 from Facebook Inc., has been at the center of much of the decision-making that has come back to bite Uber this year. Bloomberg reported last month that the board commissioned an investigation into the activities of Sullivan’s security team. This project, conducted by an outside law firm, discovered the hack and the failure to disclose, Uber said.

    Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

    A patchwork of state and federal laws require companies to alert people and government agencies when sensitive data breaches occur. Uber said it was obligated to report the hack of driver’s license information and failed to do so.

    “At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals,” Khosrowshahi said. “We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”

    Uber has earned a reputation for flouting regulations in areas where it has operated since its founding in 2009. The U.S. has opened at least five criminal probes into possible bribes, illicit software, questionable pricing schemes and theft of a competitor’s intellectual property, people familiar with the matters have said. The San Francisco-based company also faces dozens of civil suits.

    U.K. regulators including the National Crime Agency are also looking into the scale of the breach. London and other governments have previously taken steps toward banning the service, citing what they say is reckless behavior by Uber.

    In January 2016, the New York attorney general fined Uber $20,000 for failing to promptly disclose an earlier data breach in 2014. After last year’s cyberattack, the company was negotiating with the FTC on a privacy settlement even as it haggled with the hackers on containing the breach, Uber said. The company finally agreed to the FTC settlement three months ago, without admitting wrongdoing and before telling the agency about last year’s attack.

    The new CEO said his goal is to change Uber’s ways. Uber said it informed New York’s attorney general and the FTC about the October 2016 hack for the first time on Tuesday. Khosrowshahi asked for the resignation of Sullivan and fired Craig Clark, a senior lawyer who reported to Sullivan. The men didn’t immediately respond to requests for comment.

    Khosrowshahi said in his emailed statement: “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”

    The company said its investigation found that Salle Yoo, the outgoing chief legal officer who has been scrutinized for her responses to other matters, hadn’t been told about the incident. Her replacement, Tony West, will start at Uber on Wednesday and has been briefed on the cyberattack.

    Kalanick was ousted as CEO in June under pressure from investors, who said he put the company at legal risk. He remains on the board and recently filled two seats he controlled.

    Uber said it has hired Matt Olsen, a former general counsel at the National Security Agency and director of the National Counterterrorism Center, as an adviser. He will help the company restructure its security teams. Uber hired Mandiant, a cybersecurity firm owned by FireEye Inc., to investigate the hack.

    The company plans to release a statement to customers saying it has seen “no evidence of fraud or misuse tied to the incident.” Uber said it will provide drivers whose licenses were compromised with free credit protection monitoring and identity theft protection.

    #Uber #USA

  • Dan Geer on #IoT | via @cryptome :
    https://securityledger.com/2014/05/security-and-internet-of-things-can-we-talk

    Attendees will hear an address by Dr. Dan Geer, the Chief Security
    Officer at #In-Q-Tel, the U.S. Central Intelligence Agency’s investment
    arm. Dan is one of the smartest and most prescient thinkers in the
    security world, who has made headlines by warning about the dangers
    of our reliance of technology monocultures like Microsoft’s Windows
    operating systems. Most recently, Dan has been sounding similar alarms
    about an (emerging) monoculture of “small devices and the chips that run
    them.” In other words: just because the network of the future doesn’t
    have a Windows sticker and “Intel Inside” logo on it, doesn’t mean that
    the same kinds of problems don’t exist.

    Many of you who have been following this blog know that the Security
    Ledger is particularly interested in covering the (fast) evolving border
    line between “traditional” IT security and the terra incognito of the
    Internet of Things.

    This week, we’re taking that discussion to the next level with our
    first-ever event: The Security of Things Forum (or SECoT for short).
    SECoT is going to be an amazing day of discussion and debate about
    what I consider one of the foremost challenges facing the
    technology community in the next decade: securing a rapidly
    expanding population of intelligent and Internet-connected devices.

  • Web’s Reach Binds N.S.A. and Silicon Valley Leaders - NYTimes.com
    http://www.nytimes.com/2013/06/20/technology/silicon-valley-and-spy-agency-bound-by-strengthening-web.html?pagewanted=al

    When Max Kelly, the chief security officer for Facebook, left the social media company in 2010, he did not go to Google, Twitter or a similar Silicon Valley concern. Instead the man who was responsible for protecting the personal information of Facebook’s more than one billion users from outside attacks went to work for another giant institution that manages and analyzes large pools of data: the National Security Agency.

    (...) The only difference is that the N.S.A. does it for intelligence, and Silicon Valley does it to make money.

    (...) Silicon Valley has what the spy agency wants: vast amounts of private data and the most sophisticated software available to analyze it. The agency in turn is one of Silicon Valley’s largest customers for what is known as data analytics, one of the valley’s fastest-growing markets. To get their hands on the latest software technology to manipulate and take advantage of large volumes of data, United States intelligence agencies invest in Silicon Valley start-ups, award classified contracts and recruit technology experts like Mr. Kelly.

    (...) Despite the companies’ assertions that they cooperate with the agency only when legally compelled, current and former industry officials say the companies sometimes secretly put together teams of in-house experts to find ways to cooperate more completely with the N.S.A. and to make their customers’ information more accessible to the agency

    (...)

    #NSA #PRISM #surveillance #facebook #big_data #privacy #SKype #Paladin #In-Q-Tel #silicon_army

  • Facebook’s Top Cop : Joe Sullivan (Forbes)
    http://www.forbes.com/sites/kashmirhill/2012/02/22/facebooks-top-cop-joe-sullivan

    If Facebook were a country, it would be the third largest in the world and Joe Sullivan would be head of Homeland Security. His actual title is chief security officer. The “terrorists” he’s up against include the “Koobface gang,” a quintet of Russians who unleashed a worm that turned ­Facebookers’ computers into enslaved bots; the spammers who flooded the site with violent and pornographic images in ­December (...) Source: Forbes