Top | |
Newsletter 01/18/2023 |
Back to Contents |
Legislatures Just Plain Don't Get It:
Mmm... Peanut Butter... Mmm... One topic that seems to get all politicians blood boiling these days is the TikTok. Several states have banned TikTok, as have several universities. For those who not see TikTok ads on their Microsoft Solitaire feed, TikTok is best described as: TikTok is a video-sharing app that allows users to create and share short-form videos on any topic. It’s mainly mobile-based, although you can still watch TikTok videos using the web app. The platform allows users to get creative with their content using filters, stickers, voiceovers, sound effects, and background music. ... According to the latest TikTok stats, the app has been installed 3 billion times. It also boasts 1 billion active users on a monthly basis. According to CNN, over half the states have enacted some type of ban on TikTok from all state owned and or used devices. In December 2022, the cable news giant reported that: "at least seven states have said they will bar public employees from using the app on government devices, including Alabama, Maryland, Oklahoma, South Carolina, South Dakota, Utah and Texas. January 2023, CNN followed up on the topic of TikTok bans: More than half of all US states have partially or fully banned TikTok from government devices, according to a CNN analysis, reflecting a wave of recent clampdowns by governors and state agencies targeting the short-form video app. ...The accelerating backlash by states against TikTok, which has at least 100 million users in the United States, extends to states governed by Republicans and Democrats, and spans all regions of the country. The beef that pols of all stripes have with TikTok is based on a June 17, 2020, report by Buzzfeed News. Buzzfeed reported that: According to leaked audio from more than 80 internal TikTok meetings, China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users — exactly the type of behavior that inspired former president Donald Trump to threaten to ban the app in the United States. Public schools and universities have followed suit with bans of TikTok on their campuses and in their classrooms. January 2023, Seattle public schools filed a lawsuit against not only TikTok, but a sweeping gamut of social media websites — maybe all of Big Tech. "The district is claiming that YouTube, Facebook, TikTok, Instagram, and Snapchat have caused financial and operational harm because of their addictive nature." Following Seattle schools, Kent, WA school district joined the suit. The Complaint (a pdf of the filed Complaint will open) itself makes the case that the whole effort is just plain silly when you consider the all proposed bans from within the paradigm of Zero Trust. Youths are central to Defendants’ business models. Youths are more likely to have a phone, to use social media, and to have downtime to spend on Defendants’ social media platforms. Plus, youth influence the behavior of their parents and younger siblings.
And there you have it. The culprit is really the ubiquitous
SmartPhone. The same type of device that "South
Korea's Ministry of National Defense [that had banned] its employees from
using the smart phones inside of the ministry's building in a bid to
prevent military data leaks." South Korea's cellphone ban came
in the wake of the "Dark
Seoul”
attack of 2013 (an indepth report in pdf by McAfee
will open.) For a brief summary of the attack,
see Wikipedia article. The ban prohibits the use of TikTok by the federal government’s nearly 4 million employees on devices owned by its agencies, with limited exceptions for law enforcement, national security and security research purposes.
I find this incredibly ironic, since it is the Federal Government in
concert with a handful of tech giants to
enact Zero Trust across the entirety of Uncle Sam's networks.
One of the main tenants of
Zero Trust is that the "network has no boundary."
Or, as I like to say, there is only one network and we all connect to
that one network. One basis for this lack of trust in the security
of all networks is the notion of
Lateral Movement. Lateral
movement refers to a type of movement through a network. In the way that
crawling, running or dance are movement forms that we might engage in,
lateral movement is a type of movement that hackers engage in. Lateral
movement refers to a means of moving through a system...
Our smartphones possess greater computing power and better connectivity than the systems that landed on the moon in the 1970s. A recent Adobe article in a series called The Future of Work stated the fact well. Ever faster, technology advances at warp speed and computing power grows exponentially. Especially in our hyper-connected digital world, we are continuously reminded by the annual release of increasingly impressive smartphones one-upping previous models with new features, more speed, and greater capabilities.
In this scenario, there is a high likelihood of the compromise of DRD
servers when Senior returns to his comfy office and his cushy government
job. Federal agencies are no more likely to patch than any other
type of entity.
Orders can come down from on high.
The muckety-mucks can offer their guidance to the agencies.
These agencies are not, however, made up of super heroes with red capes
and magic powers.
The admins at these agencies face all the same problems with
patch management as do their counterparts in the private sector, and
also for as long a time.
Network segmentation not withstanding, federal
agencies still suffer cyberattacks. Plus,
stealth malware does exist. Zero Trust is not
fully implemented anywhere. Thus, Junior's use of TicTok in the home can
put at risk Junior's parents security and that of the parents'
employers. And that would include the Federal Department of
Redundancy Department.
A woman walks with her son many miles to see Gandhi. She is
worried her son is eating too much sugar
(chocolate) sugar. She asks Gandhi: “Please, sir,
can you tell my son to stop eating sugar (chocolate).” Now, I don't tik. And I don't tok. And I don't date girls that tik or tok. I live my life to the strict code of Homer and Jethro. And I am pretty sure that that strict moral code does not allow for any tikkin' or a tockkin'. Probably chocolate is OK, though. But that's just me.
A-rootie-toot-toot a-rootie-toot-toot
¯\_(ツ)_/¯ |
Gerald Reiff |
Back to Top | ← previous post | next post TBA → |