With
the 2020 election on the horizon, one of Washington’s best minds on regulating
tech shares his fears about social media manipulation and discusses Congress’s
failure to tackle election security and interference.
Senator
Mark Warner has proved himself to be a sort of braintrust on tech issues in the
Senate. Through his questioning of tech execs in hearings and the oft-cited
white papers produced by his office, the Virginia Democrat has arguably raised
the Senate’s game in understanding and dealing with Big Tech.
After
all, Warner and tech go way back. As a telecom guy in the
1980s, he was among the first to see the importance of wireless networks. He
made his millions brokering wireless spectrum deals around FCC auctions. As a
venture capital guy in the ’90s, he helped build the internet pioneer America
Online. And as a governor in the 2000s, he brought 700 miles of broadband cable
network to rural Virginia.
Government
oversight of tech companies is one thing, but in this election year Warner is
also thinking about the various ways technology is being used to threaten democracy
itself. We spoke shortly after the Donald Trump impeachment trial and the
ill-fated Iowa caucuses. It was a good time to talk about election
interference, misinformation, cybersecurity threats, and the government’s
ability and willingness to deal with such problems.
The following
interview has been edited for clarity and brevity.
Fast Company: Some news
outlets portrayed the Iowa caucus app meltdown as part
of a failed attempt by the Democratic party to push their tech and data game forward. Was that
your conclusion?
Mark Warner: I think it was a
huge screwup. Do we really want to trust either political party to run an
election totally independently, as opposed to having election professionals
[run it]? We have no information that outside sources were involved.
I
think it was purely a non-tested app that was put into place. But then you saw
the level and volume of [social media] traffic afterwards and all the conspiracy theories [about the legitimacy of
the results]. One of the things I’m still trying to get from our intel
community is how much of this conspiracy theory was being manipulated by
foreign bots. I don’t have that answer yet. I hope to have it soon. But it goes
to the heart of why this area is so important. The bad guys don’t have to come
in and change totals if they simply lessen American’s belief in the integrity
of our voting process. Or, they give people reasons not to vote, as they were
so successful in doing in 2016.
THE
BAD GUYS DON’T HAVE TO COME IN AND CHANGE TOTALS IF THEY SIMPLY LESSEN
AMERICAN’S BELIEF IN THE INTEGRITY OF OUR VOTING PROCESS.”
SENATOR
MARK WARNER
FC: Do you think that
the Department of Homeland Security is interacting with state election officials
and offering the kind of oversight and advice they should be?
MW: Chris Krebs [the director
of the Cybersecurity and Infrastructure Security Agency (CISA) in DHS] has done
a very good job. Most all state election systems now have what they call an
Einstein (cybersecurity certification) program, which is a basic protection
unit. I think we are better protected from hacking into actual voting machines
or actual election night results. But we could do better.
There
were a number of secretaries of state who in the first year after 2016 didn’t
believe the problem was real. I’m really proud of our [Senate Intelligence]
committee because we kept it bipartisan and we’ve laid [the problem] out—both
the election interference, and the Russian social media use. I don’t think
there’s an election official around that doesn’t realize these threats are
real.
But
I think the White House has been grossly irresponsible for not being willing to
echo these messages. I think it’s an embarrassment that Mitch McConnell has not
allowed any of these election security bills to come to the floor of
the Senate. I think it’s an embarrassment that the White House continues to
fight tooth and nail against any kind of low-hanging fruit like [bills
mandating] paper ballot backups and post-election audits. I’m still very
worried that three large [election equipment] companies control 90% of all the
voter files in the country. It doesn’t have to be the government, but there’s
no kind of independent industry standard on safety and security.
FC: When you think
about people trying to contaminate the accuracy or the legitimacy of the
election, do you think that we have more to worry about from foreign actors, or
from domestic actors who may have learned some of the foreign actors’ tricks?
MW: I think it’s a bit of
both. There are these domestic right-wing extremist groups, but a network that
comes out of Russia—frankly, comes out of Germany almost as much as
Russia—reinforces those messages. So there’s a real collaboration there.
There’s some of that on the left, but it doesn’t seem to be as pervasive.
China’s efforts, which are getting much more sophisticated, are more about
trying to manipulate the Chinese diaspora. There’s not that kind of
nation-state infrastructure to support some of this on the left. Although
ironically, some of the Russian activity does promote some of the leftist
theories, some of the “Bernie Sanders is getting screwed” theories. Because
again, it undermines everybody’s faith in the process.
FC: Are you worried
about deepfakes in this election cycle?
IT
UNDERMINES EVERYBODY’S FAITH IN THE PROCESS.”
SENATOR
MARK WARNER
MW: The irony is that there
hasn’t been a need for sophisticated deepfakes to have this kind of
interference. Just look at the two things with Pelosi—the one with the slurring of her speech, or the more
recent video where they’ve made it appear that she was
tearing up Trump’s State of the Union speech at inappropriate times during the
speech. So instead of showing her standing up and applauding the Tuskegee
Airmen, the video makes it look like she’s tearing up the speech while he’s
talking about the Tuskegee Airmen.
These
are pretty low-tech examples of deepfakes. If there’s this much ability to
spread [misinformation] with such low tech, think about what we may see in the
coming months with more sophisticated deepfake technology. You even have some
of the president’s family sending out some of those doctored videos. I believe
there is still a willingness from this administration to invite this kind of
mischief.
FC: Are there other
areas of vulnerability you’re concerned about for 2020?
MW: One of the areas that I’m
particularly worried about is messing with upstream voter registration files.
If you simply move 10,000 or 20,000 people in Miami Dade County from one set of
precincts to another, and they show up to the right precinct but were listed in
a different precinct, you’d have chaos on election day. I’m not sure how often
the registrars go back and rescreen their voter file to make sure people are
still where they say they are.
One
area I want to give the Trump administration some credit for is they’ve allowed
our cyber capabilities to go a bit more on offense. For many years, whether you
were talking about Russian interference or Chinese intellectual property
thefts, we were kind of a punching bag. They could attack us with a great deal
of impunity. Now we have good capabilities here, too. So we’ve struck back a
little bit, and 2018 was much safer. But we had plenty of evidence that Russia
was going to spend most of their efforts on 2020, not 2018.
That’s
all on the election integrity side. Where we haven’t made much progress at all
is with social media manipulation, whether it’s the spreading of false theories
or the targeting that was geared at African Americans to suppress their vote in
2016.
FC: We’ve just come off a big
impeachment trial that revolved around the credibility of our elections, with
Trump asking a foreign power to help him get reelected. As you were sitting
there during the State of the Union on the eve of his acquittal in the Senate,
is there anything you can share with us about what you were thinking?
MW: In America, we’ve
lived through plenty of political disputes in our history and plenty of
political divisions. But I think there were rules both written and unwritten
about some level of ethical behavior that I think this president has thrown out
the window. While a lot of my Republican colleagues privately express chagrin
at that, so far they’ve not been willing to speak up. I’m so worried about this
kind of asymmetric attack from foreign entities, whether they’re for Trump or not
for Trump. If Russia was trying to help a certain candidate, and the candidate
didn’t want that help and that leaks out, that could be
devastating to somebody’s chances. [Warner proved prescient here. Reports of that very thing happening to Bernie
Sanders emerged days later on February 21.]
If
you add up what the Russians spent in our election in 2016, what they spent in
the Brexit vote a year or so before, and what they spent in the French
presidential elections . . . it’s less than the cost of one new F-35 airplane.
In a world where the U.S. is spending $748 billion on defense, for $35 million
or $50 million you can do this kind of damage. I sometimes worry that maybe
we’re fighting the last century’s wars when conflict in the 21st century is
going to be a lot more around cyber misinformation and disinformation, where
your dollar can go a long way. And if you don’t have a united opposition
against that kind of behavior, it can do a lot of damage.
FC: Do you think Congress is
up to the task of delivering a tough consumer data privacy bill anytime soon?
MW: We haven’t so far and
it’s one more example of where America is ceding its historic technology
leadership. On privacy, obviously the Europeans have moved with GDPR.
California’s moved with their own version of privacy law. The Brits, the
Australians, and the French are moving on content regulation. I think the only
thing that’s holding up privacy legislation is how much federal preemption
there ought to be. But I think there are ways to work through that.
I
do think that some of the social media companies may be waking up to the fact
that their ability to delay a pretty ineffective Congress may come back and
bite them. Because when Congress [is ready to pass regulation], the bar’s going
to be raised so much that I think there will be a much stricter set of
regulations than what might’ve happened if we’d actually passed something this
year or the year before.
I’ve
been looking at what I think are the issues around pro-competition, around more
disclosure around dark patterns. I’ve got a half dozen bills—all of them
bipartisan—that look at data portability, [data value] evaluation, and dark patterns. I’ve been working on some of the
election security stuff around Facebook. We are looking at some Section 230
reforms. My hope is that you have a privacy bill that we could then add a
number of these other things to, because I think the world is moving fast
enough that privacy legislation is necessary but not sufficient.
FC: You’re referencing
Section 230 of the Telecommunications Act of 1996, which protects tech
companies from being liable for what users post on their platforms and how they
moderate content. To focus on the Section 230 reforms for a moment, are you
contemplating a partial change to the language of the law that would make tech
platforms legally liable for a very specific kind of toxic content? Or are you
talking about a broader lifting of tech’s immunity under the law?
MW: Maybe Section 230
made some sense in the late ’90s when [tech platforms] were startup ventures.
But when 65% of Americans get some or all their news from Facebook and Google
and that news is being curated to you, the idea that [tech companies] should
bear no responsibility at all about the content you’re receiving is one of the
reasons why I think there’s broad-based interest in reexamining this.
I
THINK THERE’S A GROWING SENSITIVITY THAT THE STATUS QUO IS NOT WORKING.”
SENATOR
MARK WARNER
I
think there’s a growing sensitivity that the status quo is not working. It’s
pretty outrageous that we’re three and a half years after the 2016 campaign,
when the whole political world went from being techno-optimists to having a
more realistic view of these platform companies, and we still haven’t passed a
single piece of legislation.
I’ve
found some of Facebook’s arguments on protecting free speech
to be not very compelling. I think Facebook is much more comparable to a cable
news network than it is to a broadcasting station that does protect First
Amendment speech. And the way I’ve been thinking about it is that it’s less
about the ability to say stupid stuff or racist stuff—because there may be some
First Amendment rights on some of that activity—but more about the
amplification issue. You may have a right to say a stupid thing, but does that
right extend to guaranteeing a social media company will promote it a million
times or 100 million times without any restriction?
This story is
part of our Hacking Democracy series, which examines the ways in which
technology is eroding our elections and democratic institutions—and what’s been
done to fix them. Read more here.
Geneva: Evolving Censorship Evasion
Join
us and learn about our fight against internet censorship around the world.
Automating Evasion
Researchers
and censoring regimes have long engaged in a cat-and-mouse game, leading to
increasingly sophisticated Internet-scale censorship techniques and methods to
evade them. In this work, we take a drastic departure from the previously
manual evade/detect cycle by developing techniques to automate the
discovery of censorship evasion strategies.
Our Approach
We
developed Geneva (Genetic Evasion), a novel experimental
genetic algorithm that evolves packet-manipulation-based censorship evasion
strategies against nation-state level censors. Geneva re-derived virtually all
previously published evasion strategies, and has discovered new ways of
circumventing censorship in China, India, Iran, and Kazakhstan.
How it works
Geneva runs exclusively on
one side of the connection: it does not require a proxy, bridge, or assistance
from outside the censoring regime. It defeats censorship by modifying network
traffic on the fly (by injecting traffic, modifying packets, etc) in such a way
that censoring middleboxes are unable to interfere with forbidden connections,
but without otherwise affecting the flow. Since Geneva works at the network
layer, it can be used with any application; with Geneva running in the
background, any web browser can become a censorship evasion tool. Geneva cannot
be used to circumvent blocking of IP addresses.
Geneva
composes four basic packet-level actions (drop, duplicate, fragment, tamper)
together to represent censorship evasion strategies. By running
directly against real censors, Geneva’s genetic algorithm evolves strategies
that evade the censor.
Real World Deployments
Geneva
has been deployed against real-world censors in China, India, Iran, and
Kazahkstan. It has discovered dozens of strategies to defeat censorship, and
found previously unknown bugs in censors.
Note
that Geneva is a research prototype, and does
not offer anonymization, encryption, or other protection from censors. Understand
the risks in your country before trying to run Geneva.
All of these strategies and Geneva’s strategy engine and are open
source: check them out on our Github
page.
Learn
more about how we designed and built Geneva here.
Who We Are
This
project is done by students in Breakerspace,
a lab at the University of Maryland dedicated to scaling-up undergraduate
research in computer and network security.
This
work is supported by the Open Technology Fund and the National Science
Foundation.
Contact Us
Interested
in working with us, learning more, getting Geneva running in your country, or
incorporating some of Geneva’s strategies into your tool?
The
easiest way to reach us is by email.
- Dave:
dml (at) cs.umd.edu (PGP key here)
- Kevin:
kbock (at) terpmail.umd.edu (PGP key here)
https://geneva.cs.umd.edu/
Dopamine Nation: Finding
Balance in the Age of Indulgence
by Dr.
Anna Lembke
This book is about
pleasure. It’s also about pain. Most important, it’s about how to find the
delicate balance between the two, and why now more than ever finding balance is
essential. We’re living in a time of unprecedented access to high-reward,
high-dopamine stimuli: drugs, food, news, gambling, shopping, gaming, texting,
sexting, Facebooking, Instagramming, YouTubing, tweeting… The increased
numbers, variety, and potency is staggering. The smartphone is the modern-day
hypodermic needle, delivering digital dopamine 24/7 for a wired generation. As
such we’ve all become vulnerable to compulsive overconsumption.
In Dopamine Nation, Dr. Anna Lembke, psychiatrist and author,
explores the exciting new scientific discoveries that explain why the
relentless pursuit of pleasure leads to pain…and what to do about it.
Condensing complex neuroscience into easy-to-understand metaphors, Lembke
illustrates how finding contentment and connectedness means keeping dopamine in
check. The lived experiences of her patients are the gripping fabric of her
narrative. Their riveting stories of suffering and redemption give us all hope
for managing our consumption and transforming our lives. In essence, Dopamine
Nation shows that the secret to finding balance is combining the
science of desire with the wisdom of recovery.: https://www.goodreads.com/en/book/show/55723020-dopamine-nation
Nav komentāru:
Ierakstīt komentāru