Tech Brief: Google Says It’s Fixed Security Vulnerabilities the CIA Allegedly Exploited

Washington Brief

  • Researchers have found several “critical” security vulnerabilities in Confide, an encrypted messaging app that’s said to be used by federal employees to communicate and leak information. (CNN)

  • Federal Bureau of Investigation Director James Comey expressed opposition to the idea of hacking back, saying the retaliatory practice runs the risk of “tremendous confusion in a crowded space.” Last week Republican Rep. Tom Graves (Ga.) introduced a bill that would allow counterattack measures for companies trying to fend off hackers. (Vice News)
  • Contractors likely breached security and provided documents detailing the Central Intelligence Agency’s use of hacking tools to WikiLeaks, according to U.S. officials. Intelligence agencies have been aware of the breach since last year. (Reuters)

Business Brief

  • Google Inc. says its Android and Chrome products are now strong enough to defend some of the vulnerabilities the CIA may have exploited to carry out surveillance, as described in the documents published by WikiLeaks. (Recode)
  • Federal Communications Commission Chairman Ajit Pai said the agency is investigating a brief outage of 911 service for AT&T Inc. customers across the country. The outage has since been resolved, but left AT&T users nationwide unable to call 911. (NBC News)
  • Uber Technologies Inc. says it will end the practice of showing fake versions of its app to government officials believed to conduct sting operations on drivers. (Bloomberg News)

Chart Review

Events Calendar (All Times Local)

FTC hosts event on artificial intelligence and blockchain 9 a.m.
NTIA webinar in BroadbandUSA series 2 p.m.
No events scheduled.



Google, a Cloud Computing Upstart, Seeks Credibility
Jack Nicas and Jay Greene, The Wall Street Journal

Google conquered internet search. It is having a tougher time winning the rapidly growing cloud-computing industry.

The head of Uber’s AI labs is latest to leave the company
Ina Fried, Axios

Gary Marcus, a research scientist who joined Uber four months ago as director of its AI labs, is leaving the company, according to sources. Uber bought Marcus’ startup, Geometric Intelligence, in December, using its 15 employees to form a new artificial intelligence unit.

Oil Extends Slump as Euro Gains Before ECB Meet: Markets Wrap
Samuel Potter, Bloomberg News

Crude’s selloff deepened, with prices slumping a fourth day amid a broad commodities retreat that dragged down European stocks. Bonds moved higher, while the euro strengthened with the dollar as investors prepare for key central bank meetings.

Intellectual Property and Antitrust

Songwriters call for bigger cut of digital music revenues
Anna Nicolaou, Financial Times

The songwriters of the world’s most popular music are waging a war in Washington to get a bigger share of the spoils of the digital streaming boom. A court hearing on Wednesday kicks off what is expected to be a months-long process for US regulators to decide how much music publishers should be paid from online streaming, the format which has revived the industry after decades of declining album sales.

Telecom, Wireless and TV

FCC Investigating Coast-to-Coast 911 Outage for AT&T Wireless Users
Alex Johnson and Christopher Essner, NBC News

The Federal Communications Commission is investigating a brief but an apparently nationwide outage of 911 service for customers of AT&T, its chairman said Wednesday night. A spokesperson for AT&T confirmed to NBC News late Wednesday that the company encountered a “service issue” that affected “some calls to 911 for wireless customers.” A few minutes later, the company tweeted that service had been restored for all customers.

Blackburn bill would roll back broadband privacy regulations
Harper Neidig, The Hill

Rep. Marsha Blackburn (R-Tenn.) will introduce her own bill to block the Federal Communications Commission’s 2016 broadband privacy rules from going into effect. Blackburn’s spokeswoman confirmed to The Hill that the chairwoman of the House Commerce Committee’s technology panel would be introducing a resolution to use Congressional Review Act (CRA) authority to invalidate the privacy rules on Wednesday afternoon.

Trump’s FCC chairman says he won’t just do what Trump tells him to
Jon Brodkin, Ars Technica

Federal Communications Commission Chairman Ajit Pai today pledged to US senators that he will operate independently of the White House. Sen. Tom Udall (D-N.M.) raised questions about the chairman’s independence two days after Pai met with President Donald Trump and declined to disclose the topics of discussion. Trump appointed Pai chairman in January and yesterday nominated Pai for another five-year term on the FCC.

Mobile Technology and Social Media

Uber Will Stop Using ‘Greyball’ Program to Block Government Officials
Eric Newcomer, Bloomberg News

Uber Technologies Inc. will end the practice of showing fake versions of its app to government officials suspected of conducting sting operations on drivers. The program, which is sometimes referred to as “Greyball,” blocks users who the company believes are in violation of its terms of service agreement.

Uber’s Self-Driving Cars Returning to California Roads
Greg Bensinger, The Wall Street Journal

Uber Technologies Inc. has ended its spat with California regulators over self-driving cars, yielding to the state’s demand to get a $150 permit before testing two of them. The ride-hailing company on Wednesday was granted a permit to test the vehicles on public roads, a provision Uber had earlier said was unnecessary and overreaching.

Life after Uber: How Austin moved on from a breakup
Matt McFarland, CNN

Nine months after Uber and Lyft pulled out of Austin, the city has put a much publicized breakup in its rear-view mirror. A thriving, largely homegrown collection of ride-sharing apps have filled the void created when Uber and Lyft halted service on May 9 of last year.

Didi beat Uber in China and now it’s opening an R&D center on its turf
Andrew J. Hawkins, The Verge

Didi Chuxing, the ride-hail app that bought Uber’s Chinese business last summer after a lengthy and expensive battle, is now opening an R&D center in Uber’s backyard. Didi Labs will be based in Mountain View, California and will be focused on hiring (and probably poaching) top engineering talent to work on artificial intelligence and self-driving car technology.

Cybersecurity and Privacy

Google says it fixed a lot of the security holes the CIA exploited
April Glaser, Recode

Google says Android and Chrome are now strong enough to defend against at least some of the vulnerabilities that the CIA may have exploited to carry out covert surveillance programs. A cache of more than 8,000 documents released by WikiLeaks yesterday outlined how the CIA targeted Google’s Android smartphone operating system.

CIA contractors likely source of latest WikiLeaks release: U.S. officials
John Walcott and Mark Hosenball, Reuters

Contractors likely breached security and handed over documents describing the Central Intelligence Agency’s use of hacking tools to anti-secrecy group WikiLeaks, U.S. intelligence and law enforcement officials told Reuters on Wednesday. Two officials speaking on condition of anonymity said intelligence agencies have been aware since the end of last year of the breach, which led to WikiLeaks releasing thousands of pages of information on its website on Tuesday.

CIA Listed BlackBerry’s Car Software as Possible Target in Leak
Gerrit De Vynck, Bloomberg News

BlackBerry Ltd.’s QNX automotive software, used in more than 60 million cars, was listed as a potential target for the Central Intelligence Agency to hack, according to documents released by WikiLeaks. CIA meeting notes mention QNX as one of several “potential mission areas” for the organization’s Embedded Devices Branch.

Security holes found in chat app popular with White House staffers
Selena Larson, CNN

A supposedly secure chat app popular with White House staffers contained serious security flaws, according to a new report. Researchers discovered several “critical” security vulnerabilities in some versions of Confide, an app that has gained popularity following reports that federal employees use it to communicate and to leak information securely. White House press secretary Sean Spicer has checked aides’ phones for encrypted apps including Confide.

FBI Director Tells Companies Not to ‘Hack Back’ Against Hackers
Joseph Cox, Vice News

Last week, a congressman proposed a bill that would allow companies to legally counterattack against hackers. But it’s not just the law that companies should take note of, Comey suggests.

How Homeland Security plans to end the scourge of DDoS attacks
Aliya Sternstein, The Christian Science Monitor

In late October, in Surprise, Ariz., more than 100 phone calls bombarded the police department’s emergency dispatch line. Calls also overwhelmed the nearby city of Peoria’s 911 system and departments across California and Texas.

No Quick Fixes for Small Business Cybersecurity
Joseph Marks, Nextgov

Small businesses are frequent targets for cyberattacks and their results can be devastating, but there’s no quick fix, advocates told lawmakers during a Wednesday hearing. There’s no uniform standard small businesses can adopt to ensure they won’t suffer a cyber breach, denial-of-service or ransomware attack or to ensure they won’t be pummeled with financial losses and lawsuits when they do.

UN expert urges states to work toward cyber surveillance treaty
Tom Miles, Reuters

The world needs an international treaty to protect people’s privacy from unfettered cybersurveillance, which is being pushed by populist politicians preying on fear of terrorism, according to a U.N. report debated on Wednesday. The report, submitted to the U.N. Human Rights Council by the U.N. independent expert on privacy, Joe Cannataci, said traditional privacy safeguards such as rules on phone tapping were outdated in the digital age.

Opinions, Editorials and Perspectives

How Trump Became the First Silicon Valley President
Charles Duhigg, The New York Times

Last summer, not long after Donald J. Trump secured the Republican nomination for president, his recently installed campaign manager, Stephen K. Bannon, met with top officials from the Republican National Committee to discuss management of the general election. Mr. Trump’s staff had remained unusually small throughout the grueling primaries — a compactness, his advisers believed, that had given them a nimble edge.

How the CIA’s Hacking Hoard Makes Everyone Less Secure
Andy Greenberg, Wired

When WikiLeaks yesterday released a trove of documents purporting to show how the CIA hacks everything from smartphones to PCs to smart televisions, the agency’s already shadowy reputation gained a new dimension. But if you’re an average American, rather than Edward Snowden or an ISIS jihadi, the real danger clarified by that leak wasn’t that someone in Langley is watching you through your hotel room’s TV.

‘This is an all hands on deck thing’: A former Obama technology adviser on robots, jobs and cyberwarfare
Brian Fung, The Washington Post

During the Obama administration, R. David Edelman was one of the president’s top advisers. As a part of Obama’s National Security Council and his National Economic Council, Edelman was among those responsible for crafting U.S. policies on cybersecurity, technology and innovation — at a time when all three were making national headlines.

Tech’s ruling class casts a big shadow
Walt Mossberg, Recode

Back in 2011, I was talking with Eric Schmidt, the executive chairman of Google, backstage at our D9 conference, when he made a casual reference to a “Gang of Four” companies that he believed ruled the consumer tech industry. Once onstage, I asked him about that term.

Why not all forms of artificial intelligence are equally scary
Sean Illing, Vox

How worried should we be about artificial intelligence? Recently, I asked a number of AI researchers this question. The responses I received vary considerably; it turns out there is not much agreement about the risks or implications.

Research Reports

Benchmarking U.S. Government Websites
Alan McQuinn and Daniel Castro, The Information Technology and Innovation Foundation

One of the most important ways that the U.S. government provides Americans access to government services and information is through more than 6,000 websites on more than 400 domains. Unfortunately, many of these websites are not fast, mobile friendly, secure, or accessible.