In episode 16 of The AI Fix, Mark and Graham meet GPT-4o1 and ask if it knows how many cousins Alice’s sister has, a top cop wants AI injected into his colleagues "like heroin", Mark finds an AI that might actually be able to help with that, and our hosts start a conspiracy theory about an AI that stops you believing in conspiracy theories.
Graham peers into his crystal ball and discover's Reddit's bargain basement John Connor, and Mark is tired of waiting for the "tens of millions" of driverless cars we were promised.
All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Category: police
Ford has a new patent application for a system where cars monitor each other’s speeds, and then report then to some central authority.
Slashdot thread.
The US Department of Homeland Security has unveiled a dog-like robot that it says has been adapted to jam the connectivity of smart home devices.
Read more in my article on the Hot for Security blog.
The Washington Post is reporting on the FBI’s increasing use of push notification data—”push tokens”—to identify people. The police can request this data from companies like Apple and Google without a warrant.
The investigative technique goes back years. Court orders that were issued in 2019 to Apple and Google demanded that the companies hand over information on accounts identified by push tokens linked to alleged supporters of the Islamic State terrorist group.
But the practice was not widely understood until December, when Sen. Ron Wyden (D-Ore.), in a letter to Attorney General Merrick Garland, said an investigation had revealed that the Justice Department had prohibited Apple and Google from discussing the technique.
[…]
Unlike normal app notifications, push alerts, as their name suggests, have the power to jolt a phone awake—a feature that makes them useful for the urgent pings of everyday use. Many apps offer push-alert functionality because it gives users a fast, battery-saving way to stay updated, and few users think twice before turning them on.
But to send that notification, Apple and Google require the apps to first create a token that tells the company how to find a user’s device. Those tokens are then saved on Apple’s and Google’s servers, out of the users’ reach.
The article discusses their use by the FBI, primarily in child sexual abuse cases. But we all know how the story goes:
“This is how any new surveillance method starts out: The government says we’re only going to use this in the most extreme cases, to stop terrorists and child predators, and everyone can get behind that,” said Cooper Quintin, a technologist at the advocacy group Electronic Frontier Foundation.
“But these things always end up rolling downhill. Maybe a state attorney general one day decides, hey, maybe I can use this to catch people having an abortion,” Quintin added. “Even if you trust the U.S. right now to use this, you might not trust a new administration to use it in a way you deem ethical.”
A 33-year-old man has been sentenced to two years in prison after admitting his part in a series of ransomware and malware attacks that hit more than one thousand individuals, businesses, and organisations — including three police departments.
Read more in my article on the Hot for Security blog.
Add pharmacies to the list of industries that are giving private data to the police without a warrant.
British police say that they are investigating reports that a girl under the age of 16 was sexually assaulted... in an online virtual reality game.
More unconstrained surveillance:
Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription drug suppliers.
They include the seven largest pharmacy chains in the country: CVS Health, Walgreens Boots Alliance, Cigna, Optum Rx, Walmart Stores, Inc., The Kroger Company, and Rite Aid Corporation. The lawmakers also spoke with Amazon Pharmacy.
All eight of the pharmacies said they do not require law enforcement to have a warrant prior to sharing private and sensitive medical records, which can include the prescription drugs a person used or uses and their medical conditions. Instead, all the pharmacies hand over such information with nothing more than a subpoena, which can be issued by government agencies and does not require review or approval by a judge.
Three pharmacies—CVS Health, The Kroger Company, and Rite Aid Corporation—told lawmakers they didn’t even require their pharmacy staff to consult legal professionals before responding to law enforcement requests at pharmacy counters. According to the lawmakers, CVS, Kroger, and Rite Aid said that “their pharmacy staff face extreme pressure to immediately respond to law enforcement demands and, as such, the companies instruct their staff to process those requests in store.”
The rest of the pharmacies—Amazon, Cigna, Optum Rx, Walmart, and Walgreens Boots Alliance—at least require that law enforcement requests be reviewed by legal professionals before pharmacists respond. But, only Amazon said it had a policy of notifying customers of law enforcement demands for pharmacy records unless there were legal prohibitions to doing so, such as a gag order.
'Ello ello ello. What's all this then?
Just days after it was learned that the police had exposed the details of their 10,000 staff in Northern Ireland, another force has admitted to an embarrassing breach of sensitive data.
Read more in my article on the Hot for Security blog.
Earlier this week, the details of all 10,000 staff at the Police Service of Northern Ireland (PSNI) were exposed after a spreadsheet containing the data was mistakenly published online.