IoT
3/2/2016
10:00 PM
Sara Peters
Sara Peters
Quick Hits
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Liability in the Cyborg Age

At RSA conference, cyborg anthropologists discuss legal quagmires that occur when we invite tech into our bodies and ask machines to start making decisions for us.

SAN FRANCISCO, RSA Conference -- The future requires agile law. So said MJ Petroni and Jessica Long, both cyborg anthropologists from Causeit, Inc., in a session about Law and Ethics in the Cyborg Age at the RSA Conference today.

It might sound futuristic at first, but the conversation, moderated by IAPP research director Rita Heimes, hit on issues that were immediately pressing -- particularly for anyone in the healthcare industry or employing machine learning:

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Causeit
50%
50%
Causeit,
User Rank: Apprentice
3/3/2016 | 6:49:56 PM
Re: Autonomous vehicles
Thanks! We'd love to talk more. We've released two publications related to your point. The first is Digital Platforms for Automobility, which covers the 'what if' of fully digitzed transportation systems of the future and the messier near-term hybrid analog/digital reality. The second is Cybersecurity in the Digital Age, a project we embarked on to try and understand and contextualize these issues in the long term. We'd love your feedback—just write to us on the contact form on our site. You can find all of these articles at c a u s e i t [ do t ] o r g under the research tab. Thanks!

-Jessica Long and MJ Petroni from Causeit, Inc.

ps—we also curate a lot of found articles about these issues on Flipboard

And thanks, Sara!
finkga
50%
50%
finkga,
User Rank: Strategist
3/3/2016 | 2:03:43 PM
Please post an HTML5 version
This looks really interesting and I would love to view it. Unfortunately, it is only offered in the historically broken and insecure Flash format. Since Dark Reading is a security publication, doesn't it make sense they should embrace a more securable format like HTML5 for their videos?
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
3/3/2016 | 7:03:57 AM
Autonomous vehicles
This is a great point and I think could be the most applicable to autonomous cars in the near future. How do we handle that legal quagmire? 

While I don't know if we'll find a decent solution any time soon, keeping an eye on how governments handle cars without a driver behind the wheel (which may not even exist soon) will set precedent for how other industries handle it I feel.
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11763
PUBLISHED: 2018-09-25
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.
CVE-2018-14634
PUBLISHED: 2018-09-25
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerabl...
CVE-2018-1664
PUBLISHED: 2018-09-25
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 echoing of AMP management interface authorization headers exposes login credentials in browser cache. ...
CVE-2018-1669
PUBLISHED: 2018-09-25
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote atta...
CVE-2018-1539
PUBLISHED: 2018-09-25
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentication via a direct request or forced browsing to a page other than URL intended. IBM X-Force ID: 142561.