The Kitchen Sync

December 4, 2020

Supreme Court Reviewing Anti-Hacking Law

What's new: The US Supreme Court is now hearing arguments concerning the 1986 Computer Fraud and Abuse Act (CFAA). 

Why this matters: Depending on how this case is resolved, future cybersecurity research could be greatly helped or greatly constrained. 

Key points:

  • CFAA has long been seen by researchers as too vague, too outdated, and too aggressive.

  • For example, the law's prohibition on the use of computers without authorization, or in excess of authorization, has been used to sue people for things as innocuous as downloading free academic articles off of a publicly available database.

  • Cybersecurity researchers, on the other hand, often manipulate code or hardware "in excess of authorization" as a normal part of their work -- including bug and threat hunting.

  • The case now before SCOTUS involves defendant Nathan Van Buren, a former police officer accused of accepting a bribe to look up license plate information in a law enforcement database.

  • His lawyers say that a broad reading of the law would further criminalize trivial online activities.

  • The US government counters that the petitioner exaggerates the potential pitfalls of a broader reading.

What we're thinking: Right now, we're agnostic on the merits of this specific case. The CFAA, however, can certainly be updated and we should be able to figure out a way to accommodate aggressive cybersecurity research without assuming unacceptable risks. Such research, after all, is one of the most important ways we protect ourselves online in the first place.


Baltimore schools closed by ransomware

What's new: Earlier this week, ransomware attacks closed public schools in Baltimore County, MD, according to the New York Times.

Why this matters: The attack disrupted the district’s websites and remote learning programs, as well as its grading and email systems.

Key points:

  • On Sunday, the district said on Twitter that, though schools would be closed, the Chromebooks it had issued to students were safe to use, as were school-linked Google accounts. The district said students should not use Windows-based devices it had issued “until further notice.”

  • At a news conference on Wednesday afternoon, officials were unable to say when school operations would resume. “We don’t know, at this point, of a timeline,” Dr. Darryl L. Williams, the superintendent, said.

What we're thinking: We remember when you had to turn on the fire sprinklers between classes to shut down the school (er, we mean, we heard that happened somewhere).


What AI pros really think about working with DoD

What's new: The rock stars at CSET have a new report on how AI professionals feel about working with the Pentagon.

Why this matters: There have been a number of high-profile dust-ups between DoD and the tech community and this report provides some needed clarity.

Key points (from the report):

  • Most AI pros are positive or neutral about working on DOD-funded AI projects. Less than a quarter of respondents feel extremely or somewhat negative about working on a DOD-funded AI project.

  • AI pros consider interesting research opportunities and the ability to do good to be the most compelling reasons to work on DOD-funded AI projects.

  • AI pros’ discomfort with how DOD will use the technology and concerns about causing harm were the most common reasons not to work on DOD-funded AI projects. 

  • AI pros are more willing to work on DOD-funded AI projects with humanitarian applications, as opposed to battlefield or back-office applications. Additionally, the ability to provide a global humanitarian benefit is the most frequently cited factor that would increase willingness to work on a DOD AI contract.

  • AI pros’ willingness to work on DOD-funded AI projects is also increased if the funding is used solely for basic research.

  • AI pros who worked at an employer with DOD contracts and those more familiar with DOD tend to be more positive about working on DOD-funded AI projects.

  • AI pros consider their employer and academia to be the most trustworthy actors to develop AI in the public interest. A minority of AI professionals trust the U.S. government and military to develop AI in the interest of the public.

  • Compared to surveys of the broader American public, AI professionals have lower levels of trust in the U.S. military’s ability to develop AI but higher levels of general trust in the U.S. government.

What we're thinking: First, there's a reason why we regularly cite reports from CSET -- because they regularly produce helpful analysis like this. Second, this report demonstrates that, while distrust between AI pros and the US military may not be as bad as some fear, there is still a great deal of education and engagement necessary between these communities if we're going to secure the nation.


AI cracks differential equations (it's a big deal)

What's new: Caltech researchers have a new deep-learning technique for solving partial differential equations (PDEs) that is much better than previous efforts, according to MIT Technology Review.

Why this matters: PDEs describe everything from planetary motion to plate tectonics, but they’re notoriously hard to solve.

Key points:

  • PDEs are a kind of math equation that are great at showing change over time and space, but they're crazy hard to solve.

  • Because PDEs are complex and computationally intensive, most researchers rely on supercomputers to do the math.

  • If, however, this could be done faster with AI, it could do a whole lot of good for scientific inquiry and engineering.

  • Now researchers at Caltech have introduced a new deep-learning technique for solving PDEs that is dramatically more accurate (like, 1,000x faster) than deep-learning methods developed previously.

What we're thinking: The whole thing is pretty complex but the linked article does a good job of explaining it in a relatively accessible way. Or, you can just take our word for it that this is pretty cool.


Infographic: The top 100 websites

What's new: The Visual Capitalist has a new infographic on the Net's top 100 websites.

Why this matters: To be the 100th spot on this list, you need around 350 million visits in a single month.

Key points (from the article):

  • The 100 biggest websites generated a staggering 206 billion visits in June 2019.

  • Google, YouTube, and Facebook took the top spots, followed by Baidu and Wikipedia, with Google the undisputed champ around the world.

  • Search engines accounted for the majority of website traffic in the top 100.

  • If international domain suffixes of companies like Amazon and Google are counted, 60 of the 100 websites in the ranking are American.

  • China is a strong runner-up, with 15 websites in the Top 100. While most of these Chinese companies are focused on the sizable domestic market, some are also making global inroads through investment.