Thursday, December 13, 2018

China, as a state actor, seems to be behind Marriott hack


Mike Pompeo has “accused” Beijing, as a state actor, of hacking the Starwood systems of Marriott hotels, as explained in Politco here.
That could be “good news” for average American consumers who don’t travel abroad to non-western countries.  It is extremely unlikely that the information would be used to create fake identities for normal crime, or that the personal information could be used for financial credit card fraud or for Internet spam or other targeted attacks.  However, in a few cases, people with passports to travel to China or to other authoritarian countries could need to be wary. 

Note how Fox News emphasizes "Communist" China.  How true. 

Tuesday, December 04, 2018

"Deep Fakes" can incriminate people online



CNN has a video explaining the growing problem of “deep fakes” online, which can manipulate videos and make it appear a different person is making an offensive statement or committing some sort of act. (There is a scene in my novel where a defendant in a shoplifting case tries to claim this was done.)

NBC News has a similar recent video on the problem. It cannot be managed by the usual rules involving "revenge porn". 


A company called Truepic is developing counter strategies. 
  
This story is likely to become more important with time.

Sunday, December 02, 2018

Marriott Hotels data breach still of unknown consequences for consumers



Marriott has reported that between 300 million and 500 million hotel guests’s personal information could have been compromised by unauthorized access that it had detected in September.

The hacks occurred on the Starwood reservation system, including the Westin, St. Regis and Shearton hotels, for stays within the past four years.

It was unclear whether the second internal degree of encryption had been compromised.
   
The problem may be less serious if over time a customer’s credit cards have replaced by normal expiration.


But it is possible that other PII could have been compromised, facilitating new identities, which might get created overseas without a person’s knowledge.
  
I’ve wondered about emails, apparently spam from “Apple”, claiming I had purchased video games in Jakarta or even Belarus.  Could something turn up if I were to travel overseas (especially to a country like Russia)?

Update: Dec. 4

A New York Times story today by Ron Lieber discusses the threat, however remote, to passport holders who would travel to certain countries.  The article also mentions the "deep fake" technology as a possible complication (see Dec 4 posting on that specifically, above this one).