TechLetters #162 Tampering with medical diagnostic results; iPhone apps collecting detailed sensor readouts; Unmanned systems in army branch; fighting disinformation is tough.
Security
Cyber risk of tampering with health results data. Let's talk about the cyber risk of tampering health data, and consider an attacker modifying doses of drugs or radiation. Other case could involve imaging data modification, leading to unneeded, in fact harmful treatment. None of such events were detected in practice. But... Scenario follows. Attacker could change the pixel values of an MRI scan, leading the AI system to falsely categorize a tissue as malignant rather than benign. The result can be harmful: a healthy patient may receive a false diagnosis. In my book I consider other scenarios of cyberattacks on healthcare, including on implantable devices.
AI wargames scenario. AI/GPT/LLM wouldn't hesitate to go in escalatory paths, deploying nuclear strikes. This highlights the needs for human control, limits, restraint, risk assessment, including unlikely scenarios. One model's explanation for using nuclear attack: "I just want to have peace".
Spyware vendors. Google's TAG report on spyware "used to monitor and collect data from high-risk users like journalists, human rights defenders, dissidents and politicians" (not only opposition party). There are 40 commercial surveillance system vendors (like Pegasus). Those headline-grabbing garnet most of attention, and to some degree used it as a free PR. But many prefer to be silent and less known, offering exclusive, boutique "products". "As long as there is a demand from governments to buy commercial surveillance technology, CSVs will continue to develop and sell spyware". And there will always be some demand by some governments? So there it goes… Where are the companies based? For example Italy, Cyprus/Grece, Israel, Spain, and probably elsewhere, too.
Privacy
iPhone apps appear to be collecting quite A LOT OF user private data. Extremely verbose, allowing to fingerprint, perhaps even track users. Some context from my works about privacy risks of light data. And about risks of of battery information. Example data below.
Amazon is purchasing first-party data based on user activity on website. To address Google Chrome's phase out of third-party cookies. A deal with a publisher Reach. Privacy-proofing that will be a challenge...
Technology Policy
Unmanned systems as an army branch. The President of Ukraine announced the creation of a new arm of the Armed Forces. Unmanned Systems Force. Military strategy history happening before our eyes.
Other
Fighting disinformation is complex. Example. People's memories are biased. Impressions of the COVID-19 pandemic’s severity, and of measures taken to limit the spread are reliably skewed by vaccination status. Those vaccinated overestimate their earlier perception of their risk of catching COVID-19. Those unvaccinated - are inclined to consider the opposite.
In case you feel it's worth it to forward this content further:
Subscribed
If you’d like to share: