Most Americans are not confident election systems are secure from hacking: Pew Research

Americans are confident local poll workers will run elections smoothly and that votes will be counted accurately, but they are less sure about nationwide elections and worry about foreign hacking.

Schneier's "Click Here To Kill Everybody pervasive connected devices mean we REALLY can't afford shitty internet policy

Bruce Schneier (previously) has spent literal decades as part of the vanguard of the movement to get policy makers to take internet security seriously: to actually try to make devices and services secure, and to resist the temptation to blow holes in their security in order to spy on "bad guys." In Click Here to Kill Everybody: Security and Survival in a Hyper-connected World, Schneier makes a desperate, impassioned plea for sensible action, painting a picture of a world balanced on the point of no return.

CCleaner, popular computer-cleaning tool, contained malware

CCleaner is a clean-your-computer app beloved of people who own inexplicably slow PCs. If you installed recent editions of it, you were installing malware. But the company behind it hasn't gone rogue, reports Reuters. Hackers compromised their systems.

A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s (CSCO.O) Talos unit said.

Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software.

“There is nothing a user could have noticed,” Williams said, noting that the optimization software had a proper digital certificate, which means that other computers automatically trust the program.

The infected version is 5.33, and you likely have it if you installed the Windows version of CCleaner between August 15 and September 13. That's 2.3 million installs, admits Avast.

CCleaner's owner, Avast-owned Piriform, has sought to ease concerns. Paul Yung, vice president of product at Piriform, wrote in a post Monday: "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process.

"The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker.

"Users of CCleaner Cloud version 1.07.3191 have received an automatic update.

Read the rest

Fun interactive game theory simulator shows how trust and mistrust evolve

This simulation, called The Evolution of Trust starts with a variation of the prisoners' dilemma. You can choose to put a coin into a slot. Another person has the same choice on a different machine. You can't communicate with the other person. The only thing you know is this: if the other person put a coin in their slot, you will receive 3 coins. And if you put a coin in your slot, the other person will get 3 coins. What's the best strategy?

Case 1: other person inserts coin. If you put a coin in the slot, you will have a net gain of 2 coins. If you don't put a coin in the slot you will gain 3 coins. So the best thing to do is not put a coin in the slot.

Case 2: other person doesn't insert coin. If you put a coin in the slot, you will have a net loss of 1 coin. If you don't put a coin in the slot you lose nothing. So the best thing to do is not put a coin in the slot.

In either case, it's to your advantage not to put a coin in the slot. But what happens when you play several rounds of the game with the same person? Are there better strategies? Read the rest

Anonymous infiltrated the KKK by friending Blue Lives Matter supporters on Facebook

The Anonymous activists behind "OpKKK" -- which infiltrated and unmasked Klan members, including many in US military and police departments -- began by creating thin-but-plausible fake identities on Facebook that signalled support for "Blue Lives Matter." By friending other accounts that indicated support for Blue Lives Matter, they found themselves being auto-suggested friendships with KKK members. Read the rest