Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Politico

Auto Added by WPeMatico

Judge temporarily halts Trump’s TikTok download ban

tiktok-773.jpg

A federal judge halted the Trump administration’s executive order to ban downloads of Chinese-owned video-sharing platform TikTok from U.S. mobile-app stores on Sunday, hours before it was set to take effect.

The decision: Washington, D.C., District Judge Carl Nichols granted TikTok’s request for a temporary injunction against the ban, set to take effect at 11:59 p.m. Sunday. It’s the latest development in an ongoing legal battle between TikTok and the Trump administration over the president’s efforts to restrict the app’s U.S. operations.

President Donald Trump ordered the TikTok ban in August, citing fears U.S. users’ personal information could fall into the hands of Chinese government officials. TikTok — owned-by Chinese tech giant ByteDance — sued the administration over the move, arguing the government violated its rights and that Trump’s actions “clearly reflect a political decision to campaign on an anti-China platform.”

The backdrop: The court ruling comes as the Trump administration separately conducts a national security review of a deal that would give U.S. companies Walmart and Oracle a stake in the popular app. Trump appeared to approve the proposal between ByteDance and the other companies last weekend, but on Monday said he would not support it unless Walmart and Oracle gained a controlling stake in the company. The deal the companies put forth would give Walmart and Oracle minority stakes in the new TikTok global.

TikTok has maintained throughout that it would not provide any U.S. user data to the Chinese government. The company has said its proposed deal with U.S. companies should satisfy the Trump administration’s national security concerns about the app.

What’s next: The contents of the ruling remain under seal. The two parties are set to review them Monday to determine if the full ruling can be unsealed. They then will meet by Wednesday at the latest to propose a schedule for next steps in the case, which will weigh whether Trump’s executive orders on TikTok violated the company’s rights.

Source: https://www.politico.com/news/2020/09/27/judge-temporarily-halts-trumps-tiktok-download-ban-422416
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Cristiano Lima

Russia, China and Iran trying to hack presidential race, Microsoft says

200116-msft-gty-773.jpg

Russian, Chinese and Iranian hackers have mounted cyberattacks against hundreds of organizations and people involved in the 2020 presidential race and U.S.-European policy debates, with targets including the campaigns of both Donald Trump and Joe Biden, Microsoft said Thursday.

The report is the most expansive public warning to date about the rapid spread of foreign governments’ efforts to wield hackers to undermine U.S. democracy.

The perpetrators include the same Kremlin-aligned Russian hacking group whose thefts and leaks of confidential Democratic Party documents helped torpedo Hillary Clinton’s presidential hopes in 2016, said Microsoft, which offers products designed to detect such attacks.

Targets this time include the Trump and Biden campaigns, administration officials and an array of national and state parties, political consultants and think tanks, as well as groups such as the German Marshall Fund and Stimson Center that promote international cooperation.

“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated,” Microsoft said in a blog post. It added that its security tools detected and blocked “the majority of these attacks.”

The company did not answer numerous questions from POLITICO seeking more details about the attacks.

The revelations come amid a feud between congressional Democrats and the administration over what it knows about foreign threats against the election, in particular the Democrats’ accusations that Trump’s intelligence leaders are failing to alert the public about the Kremlin’s activities. Trump and his supporters have pushed a message that the Chinese are trying to help Biden — a claim not supported by intelligence officials, who have told POLITICO that Russia’s efforts pose the most active and acute danger.

An official intelligence community statement last month said China prefers that Trump not be reelected, that Russia is denigrating Biden and that Iran is undermining the president.

Some of the hackers’ targets confirmed Microsoft’s reporting, though none said the cyberattacks had succeeded.

“As President Trump’s re-election campaign, we are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff,” said Thea McDonald, deputy press secretary for the president’s campaign team. “We work closely with our partners, Microsoft and others, to mitigate these threats. We take cybersecurity very seriously and do not publicly comment on our efforts.”

Likewise, the Republican National Committee has “been informed that foreign actors have made unsuccessful attempts to penetrate the technology of our staff members,” an RNC spokesperson said.

Biden’s campaign did not immediately respond to a request for comment.

Microsoft has also alerted SKDKnickerbocker, one of Biden’s chief communications and strategy firms, that Russian hackers had unsuccessfully targeted its networks, Reuters said early Thursday ahead of the report’s release. Those attempts also failed, Reuters reported. The firm did not respond to later requests for comment.

The attacks on the Stimson Center were first observed in May, spokesperson David Solimini said, and Microsoft notified the think tank about the nature and source in late July. He and German Marshall Fund spokesperson Sydney Simon both said they’d seen no evidence that the attacks succeeded.

Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said Microsoft’s findings are “consistent with earlier statements by the Intelligence Community on a range of malicious cyber activities targeting the 2020 campaign.”

“It is important to highlight that none [of the targets] are involved in maintaining or operating voting infrastructure and there was no identified impact on election systems,” Krebs said in a statement. He added, “Everyone involved in the political process should stay alert against these sorts of attacks.”

The Treasury Department announced its own steps to combat Kremlin interference Thursday, saying it had designated the pro-Russian Ukrainian lawmaker Andriy Derkach for sanctions for promoting discredited allegations against Biden.

Graham Brookie, director of the Atlantic Council’s Digital Forensic Research Lab, confirmed that his group had been the target of apparently unsuccessful attacks from Chinese hackers, but cautioned that those did not appear election-related.

“It is not surprising that we would be targeted by China, based on the substance of our work,” Brookie said. “This appeared to be about information gathering and espionage as opposed to election interference of any kind.”

Among other details, Microsoft reported that:

— The hacking group popularly known as Fancy Bear, which is linked to Russian military intelligence and played a major role in the 2016 attacks on Democrats, has gone after more than 200 organizations in recent months. The targets include political campaigns, national and state party organizations, consultants for both parties and think tanks. (The group is also known as APT28, and Microsoft refers to it as Strontium.)

— A Chinese hacking group called Zirconium or APT31 has attacked high-profile people in Biden’s campaign and at least one prominent person in Trump’s campaign, the tech giant said.

— Phosphorus, an Iranian hacker group often called Charming Kitten, has gone after Trump campaign staffers and administration officials.

Microsoft’s blog post said that it had blocked the majority of the attacks.

The company’s analysis offered some new details on the hackers’ methods.

For instance, in 2016 the Russian group primarily relied on so-called spearphishing, which tricks victims into clicking on malicious email links to gain access to documents that it later released through outlets like WikiLeaks. But in recent months, Russia has shifted toward more crude “brute force” attacks and a technique called password spray, in which hackers input many passwords in a bid to guess their way into a system.

“Strontium also disguised these credential harvesting attacks in new ways, running them through more than 1,000 constantly rotating IP addresses, many associated with the Tor anonymizing service,” wrote Tom Burt, corporate vice president for customer security and trust. “Strontium even evolved its infrastructure over time, adding and removing about 20 IPs per day to further mask its activity.”

This is far from the first time that a company in the cybersecurity business, not the federal government, has been the first to go public with details about major attacks against their customers by nation-states. Previous examples include a landmark 2013 report by the cyber firm Mandiant on Chinese Army-connected hackers conducting cyber espionage against U.S. critical infrastructure like the electrical power grid.

Meridith McGraw and Natasha Bertrand contributed to this report.

Source: https://www.politico.com/news/2020/09/10/russia-china-iran-cyberhack-2020-election-411853
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Tim Starks

Trump launches his salvo against social media — will it land?

200528-trump-barr-ap-773.jpg

President Donald Trump’s attempt to punish companies like Twitter, Google and Facebook for alleged anti-conservative bias takes aim at the online industry’s most-cherished legal protections — but the shot could ultimately be a glancing blow.

Trump announced the action Thursday, signing an executive order that he said would “defend free speech from one of the greatest dangers” — tech platforms that have amassed “unchecked power to censor, restrict, edit, shape, hide, alter virtually any form of communication between private citizens or large public audiences.”

“We can’t allow that to happen,” Trump said in the Oval Office. He was accompanied by Attorney General William Barr, who said the administration would also push legislation to rein in the online companies.

Under the executive order, Trump said he is asking regulators to reinterpret a law that shields internet companies from lawsuits over content on their sites, a safeguard that has allowed Silicon Valley’s giants to generate some of the world’s biggest fortunes.

“My executive order calls for new regulations … to make it that social media companies that engage in censoring or any political conduct will not be able to keep their liability shield,” he said,

But any such action depends on independent agencies and state attorneys general agreeing with the administration’s stance, and would certainly provoke a legal fight that would last long past November’s election.

Trump told reporters he would gladly quit Twitter — the platform where he has amassed 80.4 million followers — if the mainstream media weren’t biased against him. He has frequently used the platform to attack publications and individual news reports he deems “fake.”

He also singled out Yoel Roth, the head of site integrity for Twitter, holding up his picture on the cover of the New York Post. Roth has drawn attacks from conservatives in recent days after people unearthed old tweets in which he appeared to disparage Trump and his supporters.


The executive order isn’t the end of the administration’s actions, Trump said. The Justice Department is drafting legislation that would target Section 230 of the Communications Decency Act, a 1996 law that shields online platforms from liability for content created or shared by their users. Lawmakers created the statute with the rationale that online sites are conduits of information, rather than publishers that pick and choose what content to offer — a principle Trump and Barr accuse the Big Tech platforms of violating.

Barr declined to provide details on the legislation, saying the department is still considering options, but indicated litigation was likely on the horizon as well.

“One of the things that I found has the broadest bipartisan support these days is the feeling that this provision, Section 230, has been stretched way beyond its original intention, and people feel that on both sides of the aisle,” Barr said.

An early draft of the text drew swift condemnation from both internet industry advocates and civil liberties groups, including some who regularly criticize Silicon Valley, after the language began circulating on social media and news reports. Some called it dangerous; some dismissed it as bluster.

“This reads like a stream of consciousness tweetstorm that some poor staffer had to turn into the form of an Executive Order,” said Daphne Keller, a former Google attorney who now leads the Program on Platform Regulation at Stanford’s Cyber Policy Center.

The order nevertheless adds more ammunition to a talking point that resonates with Trump’s online base and will appease some Washington conservatives who are skeptical of the tech industry’s influence over political discourse. And Trump’s escalation of the issue could have a chilling effect on internet companies weighing whether to make rulings on misinformation or other content as Election Day nears.

Source: https://www.politico.com/news/2020/05/28/trump-social-media-executive-order-287834
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Steven Overly

Senate passes FISA renewal bill, sends it back to the House

200422-doj-seal-ap-773.jpg

The Senate approved legislation Thursday to renew a handful of key domestic surveillance powers, but only after civil libertarians attached language that the Justice Department warns would “unacceptably degrade” national security.

Now the bill goes back to the House for possibly more tinkering, leaving a cloud over its chances for swift final approval.

The USA Freedom Reauthorization Act of 2020 passed the Senate by an 80-16 vote more than two months after the House approved it by a wide, bipartisan margin. But Thursday’s vote came a day after Senate privacy hawks successfully amended the bill to expand legal protections for certain groups of individuals targeted by federal surveillance — a change that DOJ labeled unacceptable.

“We appreciate the Senate’s reauthorization of three expired national security authorities,” department national security spokesman Marc Raimondi said in a statement. But he said the amended bill “would unacceptably degrade our ability to conduct surveillance of terrorists, spies and other national security threats.”

President Donald Trump, who has accused a government “deep state” of misusing its spying powers, also has not indicated whether he would sign the bill.

The vote occurred mere hours after the announcement that Sen. Richard Burr (R-N.C.), who in March argued passionately against letting the authorities lapse, will temporarily step down as chairman of the Senate Intelligence Committee amid a probe into his stock trades.

House Speaker Nancy Pelosi didn’t say during her weekly news conference Thursday when the chamber would take up the amended measure.

A Democratic leadership aide told POLITICO that it won’t be considered on Friday when the House convenes to vote on the latest Covid-19 relief package. The aide said the leadership was “assessing next steps.”

The FISA renewal bill includes new privacy protections that Attorney General William Barr had helped negotiate and would impose new requirements on the FISA court system. Those were inspired in part by Trump’s allegations that the Obama administration improperly used the spying tools to wiretap his former campaign adviser Carter Page during the initial probe of Russian interference in the 2016 election.

The bill would also permanently end an already deactivated NSA program that had allowed the agency to obtain, with judicial approval, Americans’ phone records in terrorism probes.

Thursday’s successful passage came months after the House voted to reauthorize the authorities with modest changes. The Senate, however, couldn’t reach an agreement for quick passage of the House bill in March amid objections from the chamber’s privacy advocates. The chamber eventually adopted a 77-day extension as a short-term solution, but the House never took it up.

The intelligence tools the authorities enabled have remained offline ever since.

The measure now kicks back to the House, where progressives and libertarians could use the Senate’s changes as leverage to reopen debate on the legislation and try to amend it even further. That’s especially a possibility for those GOP members who have demanded that the chamber reopen for business as usual despite the pandemic.

Sen. Mike Lee (R-Utah), who along with Sen. Patrick Leahy (D-Vt.) secured the amendment expanding legal protections, called the legislation a “good bill.”

“We got some good reforms here. They are consistent with many of the aims that House members who negotiated the last House bill had in mind,” Lee told POLITICO before the final vote. He had previously lobbied Trump to veto the measure if it reached his desk unaltered.

“I’m certainly not going to tell them what to do with it,” Lee added, though he suggested he might support something similar to a proposed amendment from Sens. Ron Wyden (D-Ore.) and Steve Daines (R-Mont.) that would have protected Americans’ internet browsing and search histories from federal surveillance. It came up just one vote shy of the 60-vote threshold.

Rep. Zoe Lofgren (D-Calif.) said the Leahy-Lee amendment “took us a step closer to properly protecting Americans’ civil liberties, and it’s clear we need to go farther.” She had successfully scuttled the House’s first surveillance package in February just hours before the House Judiciary Committee was due to mark it up.

On Thursday, she specifically cited the Wyden-Daines amendment, saying that “it’s now the House’s responsibility to curb this violation of Americans’ rights. I know it’s still within our grasp as lawmakers to push for the significant privacy reforms we need.”

Other House members also seem itching for a fresh surveillance fight.

“Although I am pleased that the Lee-Leahy Amendment passed, I oppose the bill without further amendment. If permitted by House rules, I will offer amendments,” Rep. Warren Davidson (R-Ohio) said in a statement to POLITICO. He and Lofgren co-sponsored an alternative renewal bill to the one the House passed.

Source: https://www.politico.com/news/2020/05/14/senate-passes-fisa-renewal-259064
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Martin Matishak