AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.
X ITM Cloud News
Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.
X ITM Cloud News

Sofia .

Leave a Reply

Next Post

11 Weeks of Android: Privacy and Security

Mon Jun 29 , 2020
<div><span class="byline-author">Posted by Charmaine D'Silva, Product Lead, Android Privacy and Framework, Narayan Kamath, Engineering Lead, Android Privacy and Framework, Stephan Somogyi, Product Lead, Android Security and Sudhi Herle, Engineering Lead, Android Security </span> <p><em>This blog post is part of a weekly series for <a href="https://twitter.com/search?q=%2311WeeksOfAndroid&src=typed_query">#11WeeksOfAndroid</a>. For each <a href="https://twitter.com/search?q=%2311WeeksOfAndroid&src=typed_query">#11WeeksOfAndroid</a>, we’re diving into a key area so you don’t miss anything. This week, we spotlighted <strong>Privacy and Security</strong>; here’s a look at what you should know.</em></p> <a href="https://4.bp.blogspot.com/-ToTHczoB3DI/XvoVpyHZf5I/AAAAAAAAPLI/BBFAq_RagfU3AmzNKZuIroY3MYtAfXFhACLcBGAsYHQ/s1600/trustandsafety.png"><img id="imgHalf" border="0" src="https://4.bp.blogspot.com/-ToTHczoB3DI/XvoVpyHZf5I/AAAAAAAAPLI/BBFAq_RagfU3AmzNKZuIroY3MYtAfXFhACLcBGAsYHQ/s1600/trustandsafety.png" data-original-width="1485" data-original-height="1485" alt="mobile security illustration"></a> <p>Privacy and security is core to how we design Android, and with every new release we increase our investment in this space. Android 11 continues to make important strides in these areas, and this week we’ll be sharing a series of updates and resources about Android privacy and security. But first, let’s take a quick look at some of the most important changes we’ve made in Android 11 to protect user privacy and make the platform more secure. </p><p>As shared in the “<a href="https://www.youtube.com/watch?v=5w5h_UdIiqs">All things privacy in Android 11</a>” video, we’re giving users even more control over sensitive permissions. Throughout the development of this release, we have engaged deeply and frequently with our developer community to design these features in a balanced way - amplifying user privacy while minimizing developer impact. Let’s go over some of these features: </p><p><strong>One-time permission</strong>: In Android 10, we introduced a granular location permission that allows users to limit access to location only when an app is in use (aka foreground only). When presented with the new runtime permissions options, users choose foreground only location more than 50% of the time. This demonstrated to us that users really wanted finer controls for permissions. So in Android 11, we’ve introduced <a href="https://developer.android.com/preview/privacy/permissions#one-time">one time permissions</a> that let users give an app access to the device microphone, camera, or location, just that one time. As an app developer, there are no changes that you need to make to your app for it to work with one time permissions, and the app can request permissions again the next time the app is used. Learn more about building privacy-friendly apps with these new changes <a href="https://youtu.be/MXlVj-EYgIQ">in this video</a>. </p><p><strong>Background location:</strong> In Android 10 we added a background location usage reminder so users can see how apps are using this sensitive data on a regular basis. Users who interacted with the reminder either downgraded or denied the location permission over 75% of the time. In addition, we have done extensive research and believe that there are very few legitimate use cases for apps to require access to location in the background. </p><p>In Android 11, background location will no longer be a permission that a user can grant via a run time prompt and it will require a more deliberate action. If your app needs background location, the system will ensure that the app first asks for foreground location. The app can then broaden its access to background location through a separate permission request, which will cause the system to take the user to Settings in order to complete the permission grant. </p><p>In February, we <a href="https://support.google.com/googleplay/android-developer/answer/9799150">announced</a> that Google Play developers will need to get approval to access background location in their app to prevent misuse. We're giving developers more time to make changes and won't be enforcing the policy for existing apps until 2021. Check out this helpful video <a href="https://www.youtube.com/watch?v=xTVeFJZQ28c&feature=youtu.be">to find possible background location usage in your code</a>. </p><p><strong>Permissions auto-reset: </strong>Most users tend to download and install over 60 apps on their device but interact with only a third of these apps on a regular basis. If users haven’t used an app that targets Android 11 for an extended period of time, the system will “<a href="https://developer.android.com/preview/privacy/permissions#auto-reset">auto-reset</a>” all of the granted runtime permissions associated with the app and notify the user. The app can request the permissions again the next time the app is used. If you have an app that has a legitimate need to retain permissions, you can prompt users to turn this feature OFF for your app in Settings. </p><p><strong>Data access auditing APIs: </strong>Android encourages developers to limit their access to sensitive data, even if they have been granted permission to do so. In Android 11, developers will have access to <a href="https://developer.android.com/preview/privacy/data-access-auditing">new APIs</a> that will give them more transparency into their app’s usage of private and protected data. The APIs will enable apps to track when the system records the app’s access to private user data. </p><p><strong>Scoped Storage: </strong>In Android 10, we introduced <a href="https://developer.android.com/training/data-storage#scoped-storage">scoped storage</a> which provides a filtered view into external storage, giving access to app-specific files and media collections. This change protects user privacy by limiting broad access to shared storage in many ways including changing the storage permission to only give read access to photos, videos and music and improving app storage attribution. Since Android 10, we’ve incorporated developer feedback and made many improvements to help developers adopt scoped storage, including: updated permission UI to enhance user experience, direct file path access to media to improve compatibility with existing libraries, updated APIs for modifying media, <a href="https://developer.android.com/preview/privacy/storage#all-files-access">Manage External Storage</a> permission to enable select use cases that need broad files access, and protected external app directories. In Android 11, scoped storage will be mandatory for all apps that target API level 30. Learn more in this <a href="https://youtu.be/RjyYCUW-9tY">video</a> and check out the <a href="https://developer.android.com/preview/privacy/storage">developer documentation</a> for further details. </p><p><strong>Google Play system updates: </strong>Google Play system updates were introduced with Android 10 as part of <a href="https://android-developers.googleblog.com/2019/05/fresher-os-with-projects-treble-and-mainline.html">Project Mainline</a>. Their main benefit is to increase the modularity and granularity of platform subsystems within Android so we can update core OS components without needing a full OTA update from your phone manufacturer. Earlier this year, thanks to Project Mainline, we were able to quickly fix a critical vulnerability in the media decoding subsystem. Android 11 adds new modules, and maintains the security properties of existing ones. For example, Conscrypt, which provides cryptographic primitives, maintained its FIPS validation in Android 11 as well. </p><p><strong>BiometricPrompt API:</strong> Developers can now use the <a href="https://developer.android.com/preview/features#biometric-auth">BiometricPrompt API</a> to specify the biometric authenticator strength required by their app to unlock or access sensitive parts of the app. We are planning to add this to the <a href="https://developer.android.com/jetpack/androidx/releases/biometric">Jetpack Biometric library</a> to allow for backward compatibility and will share further updates on this work as it progresses. </p><p><strong>Identity Credential API: </strong>This will unlock new use cases such as mobile drivers licences, National ID, and Digital ID. It’s being built by our security team to ensure this information is stored safely, using security hardware to secure and control access to the data, in a way that <a href="https://www.brookings.edu/techstream/privacy-preserving-credentials-for-smartphones-are-coming/">enhances user privacy</a> as compared to traditional physical documents. We’re working with various government agencies and industry partners to make sure that Android 11 is ready for such digital-first identity experiences. </p><p>Thank you for your flexibility and feedback as we continue to build an increasingly more private and secure platform. You can learn about more features in the <a href="https://developer.android.com/preview/">Android 11 Beta developer site</a>. You can also learn about general best practices related to <a href="https://developer.android.com/privacy/best-practices">privacy</a> and <a href="https://developer.android.com/topic/security/best-practices">security</a>. </p><p>Please follow Android Developers on <a href="https://twitter.com/androiddev">Twitter</a> and <a href="https://www.youtube.com/user/androiddevelopers">Youtube</a> to catch helpful content and materials in this area all this week. </p><p><strong>Resources</strong></p><p><em>You can find the entire playlist of #11WeeksOfAndroid video content <a href="https://www.youtube.com/user/androiddevelopers">here</a>, and learn more about each week <a href="http://d.android.com/android11">here</a>. We’ll continue to spotlight new areas each week, so <a href="https://android-developers.googleblog.com/">keep an eye out</a> and follow us on <a href="https://twitter.com/androiddev">Twitter</a> and <a href="https://www.youtube.com/user/androiddevelopers">YouTube</a>. Thanks so much for letting us be a part of this experience with you! </em></p><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/GoogleOnlineSecurityBlog?a=yDHp3qtV0bU:SXazn9jzfbQ:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/GoogleOnlineSecurityBlog?d=yIl2AUoC8zA" border="0"></a> <a href="http://feeds.feedburner.com/~ff/GoogleOnlineSecurityBlog?a=yDHp3qtV0bU:SXazn9jzfbQ:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/GoogleOnlineSecurityBlog?i=yDHp3qtV0bU:SXazn9jzfbQ:V_sGLiPBpWU" border="0"></a> </div><img src="http://feeds.feedburner.com/~r/GoogleOnlineSecurityBlog/~4/yDHp3qtV0bU" height="1" width="1" alt=""></div>
X- ITM

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware

.

Cloud Services Live Updates Contact Us




X ITM