Westminster Declaration Highlights Threat of Digital Censorship

The “Westminster Declaration,” a public proclamation issued on October 18th, 2023, raises the alarm about the escalating censorship in numerous nations, a trend that is being accelerated by the digital revolution.

The declaration is the result of a collaborative effort by a diverse group of individuals, including journalists, artists, authors, activists, technologists, and academics. These individuals are deeply troubled by the growing tendency to label protected speech as ‘misinformation,’ ‘disinformation,’ and other vaguely defined terms. They caution against the emergence of a ‘Censorship-Industrial Complex’ that involves both governments and tech companies.

This complex often manifests through direct government policies. For instance, authorities in India and Turkey have assumed the power to remove political content from social media. Meanwhile, in Germany and Brazil, political speech is being criminalized by the legislature and the Supreme Court, respectively. Other countries have introduced measures such as Ireland’s ‘Hate Speech’ Bill, Scotland’s Hate Crime Act, the UK’s Online Safety Bill, and Australia’s ‘Misinformation’ Bill that threaten to severely limit expression and create a chilling effect. The declaration also highlights more covert methods of censorship like visibility filtering, labeling, and manipulation of search engine results.

Read: https://westminsterdeclaration.org/

Instagram Chief says Threads Censorship only “Temporary,” Despite No Official Deadline

Social media platform Threads’ ban on search terms related to COVID-19 is only temporary, Instagram chief Adam Mosseri has revealed. In an October 17 Threads post, Mr. Mosseri said he didn’t have a firm date on when the ban would be lifted, but he didn’t think it would be a permanent situation.

“I don’t have an ETA to give you, unfortunately, but it is temporary, and we are working on it. We’re just getting pulled in a lot of directions at once right now,” Mr. Mosseri said. “The broader team is working on deeper integrations into Instagram and Facebook, graph building, EU compliance, Fediverse support, trending, and generally making sure Threads continues to grow.”

Following Threads’ July release, parent company Meta rolled out several updates, including a new search function similar to that on X, formerly known as Twitter. However, users soon discovered the new search function blocked access to certain posts related to COVID-19, such as those concerning vaccines and long-term COVID-19. Users searching for some COVID-related terms were reportedly met with a blank screen and redirected to the Centers for Disease Control and Prevention.

“Censorship doesn’t work. Misinfo still gets circulated by code names & other platforms, tech companies should invest in real solutions like moderation/education,” Lucky Tran, director of science communication at Columbia University, said at the time in an X post.

Another Tech CEO, Michael Robertson, was far more scathing, saying in an X post that Meta CEO Mark Zuckerberg “treats users like children.” He called for a boycott of Threads and for people to “embrace” rival platform X.

Meta confirmed in a previous statement to The Epoch Times that Threads is blocking users from searching for words that could bring up “sensitive” posts for now, but people would be able to search for keywords such as “COVID” in the future once the company is “confident in the quality of the results.”

Read:
https://www.zerohedge.com/technology/threads-ban-search-terms-related-covid-19-temporary-instagram-chief

Cookie Hijacking Attempt on Okta Support System May Have Exposed Customer Files

BeyondTrust, a cybersecurity service provider for authentication giant Okta, reports that the company suffered a security breach in early October that may have granted the perpetrators access to customer files related to support cases. The attackers were able to steal a session cookie from the Okta support system and access an administrator account, providing them with further access to customer environments.

The report indicates that some standard Okta environment security protocols may have prevented the attackers from doing anything consequential in these environments, but individual customers would have had to enable them to be protected and would have had to notice the security breach quickly enough to cut off access. In the wake of an official confirmation of the breach from Okta, each customer will need to evaluate their own environment to determine if the hackers accessed anything in it.

In a recent blog post, BeyondTrust noted that the security breach took place on October 2. The company says that none of its own files were accessed but that the attackers potentially had access to other sensitive files uploaded to the Okta support system by customers.

The attacker, who has not yet been identified, was apparently somehow able to hijack a session cookie from an Okta administrator. BeyondTrust says that it recognized and responded to the breach in its own environment within 30 minutes and alerted Okta right away but did not get confirmation of the incident from the company until October 19.

What prevented the attacker from doing any damage to BeyondTrust’s own Okta environment was a custom policy configuration for admin console access. The attacker was able to get around this by pivoting to using admin API actions authenticated with the stolen session cookie, something that Okta policies cannot be configured to stop. They used this technique to create a backdoor user account, but BeyondTrust identified and disabled it before it could be accessed by the threat actor.

Read:
https://www.cpomagazine.com/cyber-security/okta-support-system-compromised-by-cookie-hijacking-security-breach-may-have-exposed-customer-files/

Weibo CEO Tests Forced Removal of Online Anonymity

In an unprecedented move toward restricting online anonymity, the CEO of China’s social media behemoth, Weibo, Wang Gaofei, is testing a controversial new policy on his personal account. Weibo, often compared to Twitter/X, may soon require online commentators discussing politics and finance to publicly display their real names. Amid rising worries over China’s growing internet censorship and increased government scrutiny, this motion raises pressing concerns about personal privacy and the overreach of digital surveillance.

The news broke when Gaofei, amassing a hefty following of 957,000 users on Weibo, had his true identity revealed on his account, a test run of the proposed policy. Upon noticing the change, a user queried Gaofei, who duly confirmed the experiment.

This brewing change has triggered considerable social media discourse, with rumors spreading that users engaging in dialogue about politics, entertainment, and finance boasting a following of 1 million or above may soon be compelled to reveal their identities.

However, it remains unclear whose instructions these users are receiving to prepare for such a change, with China’s official cyberspace regulator conspicuously silent on the matter.

In a further expansion of this impending regulation, Gaofei also raised the possibility of applying the policy to accounts with a following of 500,000 or above. A novel suggestion attached to the plan is that users could potentially delete followers to evade the strict adherence to the real-name revelation.

Read:
https://reclaimthenet.org/chinas-weibo-tests-forcing-users-to-reveal-their-real-name-ending-online-anonymity

Cruise’s Driverless Taxis Face Suspension in San Francisco

In a significant development, the state of California has put a halt to the operation of Cruise’s autonomous taxis on the streets of San Francisco. The decision, taken by the Department of Motor Vehicles (DMV), comes in the wake of safety concerns. The specifics of the suspension, however, have not been disclosed by the DMV.

The incident that led to this suspension involved a Cruise car and a pedestrian. The pedestrian was hit by another vehicle and was subsequently thrown into the path of the Cruise car. The autonomous vehicle detected and stopped to avoid the collision, but as it tried to pull over, it dragged the individual forward for about 20 feet.

This suspension is a major blow to Cruise, which had only recently started its operations in San Francisco and had plans for expansion. It’s worth noting that this suspension does not affect Waymo, another company that offers paid taxi services with driverless cars in San Francisco.

Read: https://www.bbc.com/news/technology-67212093

Elsewhere online: 

SpyNote Android Trojan Marks Its Entry in Spyware Scene
Read: https://latesthackingnews.com/2023/10/20/spynote-android-trojan-emerges-as-recent-spyware-threat-for-android/


Million More Genetic Profiles Exposed in Second 23andMe Data Breach
Read: https://www.cpomagazine.com/cyber-security/second-leak-from-23andme-data-breach-includes-4-million-more-genetic-profiles/

Critical vCenter Server RCE Vulnerability Patch Released by VMware
Read: https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html

12 Million Patients at Risk – 7TB of Healthcare Data Leaked Due to Database Error
Read: https://www.hackread.com/database-mess-up-7tb-healthcare-data-leak/

Seiko Group Corporation Confirms Security of 60,000 Records Following Data Breach
Read: https://www.infosecurity-magazine.com/news/seiko-blackcat-breach-affects-60000/

Previously on #AxisOfEasy