FedScoop » News http://fedscoop.com Federal technology news and events Wed, 22 Oct 2014 22:11:46 +0000 en-US hourly 1 USDA announces more funding for rural broadband in states, territories http://fedscoop.com/usda-announces-funding-rural-broadband-states-territories/ http://fedscoop.com/usda-announces-funding-rural-broadband-states-territories/#comments Wed, 22 Oct 2014 22:11:46 +0000 http://fedscoop.com/?p=64600 More than $190 million in advanced communication infrastructure, including broadband, is headed to several states and territories, the Agriculture Department announced Wednesday.

The post USDA announces more funding for rural broadband in states, territories appeared first on FedScoop.

]]>
More than $190 million for advanced communication infrastructure, including broadband, is headed to several states and territories, the Agriculture Department announced Wednesday.

The funding comes through the USDA’s Community Connect Grant program, the Public Television Digital Transition Grant program and the Telecommunications Infrastructure Loan program.

In all, the latest round of funding includes provisions for 25 projects and 19 states, plus Puerto Rico and the U.S. Virgin Islands. However, according to the release, the funding to different projects is “contingent upon the recipients meeting the terms of their grant or loan agreements.”

USDA document with the funding information says the most funding to a single state went to establish a fiber-to-the-premises network in Tennessee for more than $29 million. Washington state also received more than $24 million to establish a similar network, as did South Carolina, which received more than $23 million.

In Arkansas, 4,000 customers are slated to receive access to voice, broadband and Internet television through a more than $24 million Telecommunications Infrastructure Loan that will establish a fiber-to-the-home-network.

In the Virgin Islands, a $750,000 grant will work to replace analog facilities with high-definition digital equipment through a public television grant. Puerto Rico will also received more than $450,000 to replace analog microwave radio transmitters with a digital alternative.

“Modern telecommunications and broadband access is now as essential to the businesses and residents of rural America as electricity was in the 1930s,” Secretary of Agriculture Tom Vilsack said in the release.

Agriculture Secretary Tom Vilsack (Credit: Wikimedia)

Agriculture Secretary Tom Vilsack (Credit: Wikimedia)

The latest round of grants come almost two months after the department awarded a round of loans to rural Midwest areas to increase broadband service in three states on the heels of President Barack Obama’s 2012 executive order establishing the White House Rural Council, which allowed a venue for a multibillion-dollar funding program for rural development.

In addition to the Telecommunications Infrastructure Loan program, the Community Connect Grant version focuses on boosting economic growth through establishing broadband service. The public television grants are designed to help refresh rural public television stations with digital broadcasting technology and were congressionally authorized under the 2014 Farm Bill.

“USDA is committed to ensuring that rural Americans have robust broadband and telecommunications systems,” Vilsack said in the release. “The investments we are announcing today will provide broadband in areas that lack it, help rural-serving public television stations begin using digital broadcasts and support other telecommunications infrastructure improvements.”

The post USDA announces more funding for rural broadband in states, territories appeared first on FedScoop.

]]>
http://fedscoop.com/usda-announces-funding-rural-broadband-states-territories/feed/ 0
OIG report highlights concerns with FDA’s computer network http://fedscoop.com/oig-report-highlights-concerts-fdas-computer-network/ http://fedscoop.com/oig-report-highlights-concerts-fdas-computer-network/#comments Wed, 22 Oct 2014 21:36:59 +0000 http://fedscoop.com/?p=64592 An audit of the FDA’s computer network immediately after a cybersecurity breach last year detected vulnerabilities in the agency’s system.

The post OIG report highlights concerns with FDA’s computer network appeared first on FedScoop.

]]>
An OIG reprt highlights issues with FDA's computer network. (iStockphoto.com)

An OIG report pinpoints issues with FDA’s computer network. (iStockphoto.com)

An audit of the FDA’s computer network immediately after a cybersecurity breach last year detected vulnerabilities in the agency’s system.

The report, released Tuesday by the Department of Health and Human Services’ Office of Inspector General, said investigators weren’t able to gain unauthorized access to the FDA network. However, they found problems that could allow unauthorized users to view or change FDA data and cause key FDA systems to go unavailable.

“In general, we recommended that FDA fix the Web vulnerabilities identified, implement more effective procedures to protect its computer systems from cyber attacks, and periodically assess the security of all of its Internet-facing systems,” the report said.

The report comes after a major cybersecurity breach last October in the Center for Biologics Evaluation and Research’s system that exposed sensitive information from 14,000 user accounts.

For the review, investigators conducted a penetration test of the agency’s network and information systems from Oct. 21 to Nov. 10, 2013. Investigators received permission from FDA officials to conduct the test, however, they requested that staff not be notified.

Investigators uncovered external FDA systems that did not enforce an automatic lockout after a certain number of consecutive invalid login attempts, as required by the National Institute of Standards and Technology. They also identified FDA Web pages that did not execute adequate input validation on data entered by the user. OIG officials told FedScoop, “An example could be the submission of malicious code as input to the vulnerable website, which then gets executed on the server or within a user’s browser.”

At the same time, they said they could not conduct tests on seven external systems because officials said they were mission critical and couldn’t risk going offline. Only one of those systems had previously undergone a security assessment – and only within a preproduction environment, the report said.

The OIG report said it made seven recommendations to FDA, but it did not list them “because of the sensitive nature of the information.”

When asked whether FDA had taken steps to put the OIG’s recommendations into place, Jeff Ventura, a spokesman for the FDA, said via email: “We worked with the IG back in 2013 to perform this assessment. As we informed the IG, we resolved the issues identified in this report expeditiously.”

Two months after the FDA breach incident, Republican leaders of the House Energy & Commerce Committee sent a letter to FDA Commissioner Dr. Margaret Hamburg requesting a third-party audit “to assess and ensure the adequacy of FDA’s corrective actions taken in response to this incident.” They also called on the Government Accountability Office to launch a review of cybersecurity protections in place at critical HHS agencies.

“To restore public confidence in the FDA’s information security, we request that you immediately obtain a third-party audit from a qualified expert to assess and ensure the adequacy of FDA’s corrective actions taken in response to this incident,” lawmakers wrote to Hamburg at the time.

The post OIG report highlights concerns with FDA’s computer network appeared first on FedScoop.

]]>
http://fedscoop.com/oig-report-highlights-concerts-fdas-computer-network/feed/ 0
FTC hires new CTO with deep links to Snowden documents http://fedscoop.com/ftc-hires-new-cto-deep-links-snowden-documents/ http://fedscoop.com/ftc-hires-new-cto-deep-links-snowden-documents/#comments Wed, 22 Oct 2014 20:11:23 +0000 http://fedscoop.com/?p=64497 The Federal Trade Commission has hired privacy and technology expert Ashkan Soltani to serve as the commission's chief technology officer.

The post FTC hires new CTO with deep links to Snowden documents appeared first on FedScoop.

]]>
Ashkan Soltani (Credit: www.ashkansoltani.org)

Ashkan Soltani (Credit: www.ashkansoltani.org)

The Federal Trade Commission has hired privacy and technology expert Ashkan Soltani to serve as the commission’s chief technology officer. But security experts and former senior U.S. intelligence officials are questioning the FTC’s decision, given Soltani’s very public role as a consultant for The Washington Post, where he co-authored multiple articles based on classified documents stolen from the National Security Agency by former contractor Edward Snowden.

The FTC said in a press release that Soltani will join FTC in November and will replace Latanya Sweeney, who is returning to Harvard University, where she founded and directs the school’s Data Privacy Lab. His job will be to advise the commission on evolving technology and policy issues, a role similar to one he held previously at the FTC before leaving government to become an independent consultant.

But some experts are raising serious questions about the FTC’s hiring process and how somebody with such high-profile involvement in media stories that deliberately exposed classified government information could be appointed to a senior federal technology position. Soltani served as an in-house technology consultant to The Washington Post since 2013, working on the series of Pulitzer Prize-winning stories on the leaked NSA documents. He’s also been an outspoken proponent of privacy who, at times, has taken an adversarial approach to the government’s role in cyberspace.

“I’m not trying to demonize this fella, but he’s been working through criminally exposed documents and making decisions about making those documents public,” said Michael Hayden, a former NSA director who also served as CIA director from 2006 to 2009. In a telephone interview with FedScoop, Hayden said he wasn’t surprised by the lack of concern about Soltani’s participation in the Post’s Snowden stories. “I have no good answer for that.”

The FTC declined to comment, as did the NSA. The White House Office of Personnel Management, which has come under increased scrutiny since it was forced to cut ties with its main security clearance contractor after the company suffered a major cyberattack that exposed information on more than 25,000 federal employees, did not respond to FedScoop’s repeated requests for information on the FTC’s ability to hire Soltani given his role in consulting with the Post as it disclosed the Snowden documents.

Stewart Baker, a former NSA general counsel, said, while he’s not familiar with the role Soltani would play at the FTC, there are still problems with his appointment. “I don’t think anyone who justified or exploited Snowden’s breach of confidentiality obligations should be trusted to serve in government,” Baker said.

Bruce Rosen, a lawyer with the New Jersey-based law firm McCusker, Anselmi, Rosen & Carvelli P.C. who specializes in media law and First Amendment issues, said Soltani’s work with the Post is considered protected speech under the Constitution. “Although I understand why people may look askance at the arrangement with the Post vis-a-vis his return to government, his activities with the media were always constitutionally protected,” Rosen said. “He is not accused of stealing anything or aiding and abetting Snowden. He assisted a media entity in its analysis of the Snowden documents; there [is] case after case from the U.S. Supreme Court that puts that into an entirely different category.”

Soltani describes his research into the NSA’s surveillance programs on his website. “The documents leaked by Edward Snowden had a profound impact on how we understand the capacity of the government’s surveillance capabilities,” Soltani wrote. “My work focuses on understanding and describing the technical nature and details of these programs. I have released several comments arguing that it is necessary to have a technical expert advising those tasked with keeping this system in check.”

Soltani is scheduled to give a presentation Nov. 19 at the Strata+Hadoop World conference in Barcelona, Spain, on “how commercial tracking enables government surveillance.” According to the conference website, Soltani’s presentation will explore how “the dropping costs of bulk surveillance is aiding government eavesdropping, with a primary driver being how the NSA leverages data collected by commercial providers to collect information about innocent users worldwide.”

FedScoop reached out to Soltani for comment without success.

Soltani would not be the first prominent technologist whose efforts to assist the media with the stolen NSA documents have raised questions about conflict of interest. Last October, FedScoop profiled the work of noted cryptographer Bruce Schneier, who consulted for The Guardian newspaper in the U.K. on its trove of Snowden documents. Schneier, who at the time was employed as a senior executive with a global IT and telecommunications company that held U.S. government contracts, took his advocacy a step further by calling publicly for other government employees to leak classified information. Schneier announced his departure from his former employer six weeks after the apparent conflict of interest came to light.

A look at Ashkan Soltani’s Tweets on NSA and surveillance.

The post FTC hires new CTO with deep links to Snowden documents appeared first on FedScoop.

]]>
http://fedscoop.com/ftc-hires-new-cto-deep-links-snowden-documents/feed/ 0
Point-of-sale crisis: Anatomy of a cyberattack http://fedscoop.com/point-sale-crisis-anatomy-hack/ http://fedscoop.com/point-sale-crisis-anatomy-hack/#comments Tue, 21 Oct 2014 23:00:48 +0000 http://fedscoop.com/?p=64513 What's behind the alarming increase in cyberattacks on point-of-sale systems? The Secret Service and the FBI say it's pretty simple: POS systems are easy to hack and they hold all the money.

The post Point-of-sale crisis: Anatomy of a cyberattack appeared first on FedScoop.

]]>
point-of-sale

Federal law enforcement agencies are stepping up their outreach efforts to educate businesses about how to detect cyberattacks targeting point-of-sale systems, as office supply giant Staples Inc. confirmed Monday it is investigating an incident that may add the company to a growing list of retail chains that have suffered massive data breaches.

A group of special agents from the Secret Service and the FBI briefed industry representatives Monday during a special awareness event hosted by the Financial Services Roundtable in Washington, D.C. Agents presented a detailed explanation of the steps cybercriminals go through when they target a POS system and try to make off with thousands or even millions of credit card numbers.

The briefing came only hours before Staples confirmed for the first time publicly that it was investigating a potential data breach and had contacted law enforcement for help. If confirmed, the breach would add to an alarming escalation in the number of credit and debit cards that have been stolen from U.S.-based retailers during the past year.

But officials are emphasizing that the high-profile incidents involving some of the nation’s largest retail chains are not the only such crimes taking place. In fact, Ari Baranoff, the assistant special agent-in-charge of the Secret Service’s Criminal Investigative Division, said the Secret Service has responded to 350 network intrusions so far this year, and the majority of the incidents involved small and medium-sized businesses.

“We view those small and medium-size businesses as ground zero for a lot of the malware that is introduced into the wild,” Baranoff said. “Many of the actors that we look at on a daily and weekly basis have capabilities that far exceed the capabilities of most nation-states.”

The Syracuse connection

In July, several banking institutions notified the Secret Service that they had detected credit and debit card fraud trends that pointed to a small store in Syracuse, New York, as a so-called “common point of purchase” for stolen credit card data.

Two agents were dispatched to analyze the server that managed the store’s point-of-sale terminal, and they soon discovered malware on the system. The agents removed the malware from the store’s network and brought a sample back to Secret Service headquarters, where forensics experts were able to reverse engineer the code.

Analysis of the malware revealed the code was what is known as an “initial finding, that this malware had not been seen yet by traditional anti-virus companies,” Baranoff said. The Secret Service then issued an advisory to industry, leading network security specialists at United Parcel Service Inc. to discover the malware on UPS’ network. It had gone undetected for six months.

“They were able to contain the issue to just 1 percent of their stores, just under 50 stores out of 5,000 in 25 states,” Baranoff said.

Anatomy of a hack

The most sophisticated cybercriminals are difficult to detect, Secret Service Special Agent Katherine Pierce said. “They do their homework. Their goal is financial gain. This is their job, this is their livelihood,” she said.

But there is a process that most attackers generally follow and understanding that process can help businesses know what to look for on their networks. According to Pierce, the six steps in the attack process are reconnaissance, initial compromise, establishing a foothold, escalating privileges, exfiltrating data and maintaining presence.

Once an attacker has conducted a thorough reconnaissance and gained initial entry into your network, one of the first things a cybercriminal will attempt to do is escalate their privileges on the network, according to FBI Supervisory Special Agent Jason Truppi.

“This is where the rubber meets the road. Any hacker can get in your front door … but to really escalate privileges and start moving laterally takes a different level of skill,” Truppi said. And this is also an opportunity for the defender to catch the attacker in the act. Not only can this process take a long time, but “depending on the skill set, it may be very loud, it may be very noisy,” he said.

“You’re going to see internal scanning, internal access to authentication servers, password dumping utilities are going to be sitting on internally compromised hosts [and] brute force attacks on servers,” he said. Victims may also see typical recon tools, such as nmap and ping requests, as well as Mimikatz — a tool that dumps plain text passwords out of memory.

To help defend against attacks at this stage, Truppi suggests companies deploy host-based intrusion detection systems, use strong domain passwords and limit the use of service accounts that have administrative privileges.

“Limit local admin access,” he said. “It’s the basic hygiene of any network. This is the No. 1 killer.”

The heist

There are generally two phases to the actual exfiltration of credit card data from a victim’s network and both are more or less impossible to defend against, according to Truppi. This is the stage of the attack you don’t want to find yourself defending against, he said.

The first phase involves staging the data for removal. Since cybercriminals are there to steal as many card numbers as possible in as few steps as possible, they will need to compress the data to get it off the network.

The second stage involves placing the compressed data file on a server where it can be masked. “They need to move it to a higher volume server to mask the data so you don’t see it,” he said, referring to the process of hiding the compressed file in a data stream where it won’t look out of place.

“Look for things like FTP, believe it or not,” Truppi said. Other tools used include Secure FTP, SSH, P-LINK command-line utility for Windows and Web Dropboxes since most companies aren’t defending against the use of drop boxes.

The POS connection

Almost every POS system compromise comes to the attention of the Secret Service because one or more banks notice an uptick in fraudulent activity on cards that were all used at the same retail location. That’s exactly how Secret Service Special Agent Matt O’Neill busted a Romanian cybercrime ring that compromised the POS systems used by 150 Subway restaurants and 50 other retailers around the country between 2008 and 2011.

“The bad actors were simply port scanning for folks who had remote desktop applications on their point-of-sale terminals,” O’Neill said. Then they would use known generic passwords or passwords that they knew POS manufacturers used as default passwords. From there, they would crack the administrator password and install a keystroke logger on the merchant POS system.

O’Neill managed to find where the hackers stored all of their cracking tools, and, for five months, he was able to identify new breaches as they occurred and notified the victims in near real-time to allow them to remove the malware.

The two main suspects were logging into a compromised system owned by a trucking company in Pennsylvania, where they would engage in chat sessions and email malware.

“One of the suspects liked gambling and the ladies,” O’Neill said. So the Secret Service created an online persona of a young woman working at a hotel casino and worked with the hotel chain to actually list the undercover agent on the hotel employee directory.

“Over the period of about six months, I developed what I’ll call a quasi-romantic relationship with him,” O’Neill said. The operation succeeded in luring the suspect to Boston, where he made a full confession upon arrest. The ringleader of the group was also identified and was extradited to the U.S., where he was sentenced to 15 years in prison.

“These guys were gaining access into approximately 100 to 200 victim locations every single day,” O’Neill said. “The bad guys that I’ve spoken to have all said ‘we could have tried to obtain the payment card data from a variety of locations, but quite frankly the easiest is through the merchant.’”

The post Point-of-sale crisis: Anatomy of a cyberattack appeared first on FedScoop.

]]>
http://fedscoop.com/point-sale-crisis-anatomy-hack/feed/ 0
DHS sees wearables as the future for first responders http://fedscoop.com/dhs-wearables-first-responders/ http://fedscoop.com/dhs-wearables-first-responders/#comments Tue, 21 Oct 2014 22:13:14 +0000 http://fedscoop.com/?p=64516 The Department of Homeland Security outlined a new vision Tuesday that focuses on how to leverage emerging technology for the nation's first responders.

The post DHS sees wearables as the future for first responders appeared first on FedScoop.

]]>
 

DHS

The Science & Technology Directorate at the Department of Homeland Security wants wearables that can operate in these conditions. (Credit: iStockphoto.com)

Robert Griffin, the new deputy undersecretary for the Department of Homeland Security’s Science and Technology Directorate, knows data is the last thing people are thinking about in a life-threatening situation. He also knows that first responders aren’t like most people.

“Sane people don’t run into burning buildings,” Griffin said Tuesday. “But I need data to let me run into those buildings.”

Griffin’s remarks came during a presentation at a wearable technology conference in Arlington, Virginia, outlining a new research and development vision for the S&T office that will focus on how DHS can leverage emerging technology for the nation’s first responders.

After spending a portion of this year reaching out to state and local governments as well as private industry, S&T has established a soon-to-be-released five-point vision that will make first responders and their technology more intuitive, instinctive and interoperable.

“Because we saw there was such an interest in having a participatory conversation, we’re looking to expand that on a series of specific dialogues about different areas, and the first one is going to be about wearables,” Griffin told FedScoop.

The part about wearables Griffin is referring to is a multimillion-dollar project that will help create public-safety-grade wearables from existing technology over the next three to five years.

“What we’re looking for is not government-off-the-shelf products, but commercial-off-the-shelf products,” Griffin said. “What wearable technology can we adapt that already exists to realize the dream we laid out.”

DHS

A picture that shows the various technological advances the Department of Homeland Security wants to for first responders. (Courtesy of DHS)

This project coincides with the relaunch of S&T’s website on Nov. 17, which DHS expects to help further a national conversation about the next generation of first responders. The new website will feature meetups, hackathons, webinars and challenges all geared toward new S&T directives. The site will also have a big crowdsource component run on the Ideascale platform.

“We’re going to try and take multiple approaches because one size doesn’t fit all,” Griffin said. “[Ideascale] is a better way to crowdsource some of these ideas, particularly where some of these areas can get pretty down into the weeds. This is part of what we are trying to do to be more transparent but also to begin a process of engaging industry and users and begin to think about the operators.”

The wearables project is one part of what DHS sees as a larger vision that could span decades into the future.

“The long-term vision is that fully aware, fully connected, fully integrated responder,” Griffin says. “We recognize that it could take us 20 to 30 years, maybe longer to get there. It’s not just a technology issue, it’s usage, it’s operating procedures, it’s governance, training. It’s part of the whole continuum we need to think about.”

Part of that continuum includes FirstNet, the nationwide public safety broadband network for first responders that will be built in the coming years. Griffin said, while DHS fully supports the network, he wants to take the technology discussion beyond FirstNet.

“It’s no good to come to depend on a technology that you can only use during pristine, perfect conditions,” Griffin said. “We need to think about how first responders are able to use this technology in situations when there is even degraded or no communications.”

As for the wearables project, Griffin drove home what he saw as “huge market potential” when he painted a scene for the crowd on how a first responder differs from how the rest of the public uses wearables.

“When I’m in a 1700-degree fire, I can’t roll up my sleeve to look at a wearable,” Griffin told the crowd. “We need to start to think about how to integrate and connect, because you can help me do my job in ways I can’t imagine.”

While Griffin may not be able to currently imagine the products future first responders will use, he does know that DHS’s new vision will ultimately lead to lives being saved.

“The beauty of wearables is that we haven’t even begun to scratch the surface of what it could potentially mean to a safer community,” Griffin told FedScoop. “Once we can get this into the hands of first responders and into the hands of the community, it’s going to do amazing things.”

The post DHS sees wearables as the future for first responders appeared first on FedScoop.

]]>
http://fedscoop.com/dhs-wearables-first-responders/feed/ 0
House science committee to examine NSF grant to study Twitter activity http://fedscoop.com/house-science-committee-examine-nsf-grant-study-twitter-activity/ http://fedscoop.com/house-science-committee-examine-nsf-grant-study-twitter-activity/#comments Tue, 21 Oct 2014 22:07:08 +0000 http://fedscoop.com/?p=64524 The House Science, Space and Technology Committee will investigate a nearly $1 million grant the National Science Foundation awarded to a project that looks to decipher how online interactions affect popular sentiment, specifically on Twitter.

The post House science committee to examine NSF grant to study Twitter activity appeared first on FedScoop.

]]>
Rep. Lamar Smith, the chairman of the House Science, Space and Technology Committee.  Source: House Science, Space and Technology Committee.

Rep. Lamar Smith, the chairman of the House Science, Space and Technology Committee. (Credit: House Science, Space and Technology Committee.)

Editor’s Note: This story was updated Oct. 22, at 10:00 a.m. to reflect comments from the National Science Foundation and the Truthy project.

The House Science, Space and Technology Committee plans to investigate a nearly $1 million grant the National Science Foundation awarded to a project that looks to decipher how online interactions affect popular sentiment, specifically on Twitter.

In a release from the majority side of the committee, Chairman Rep. Lamar Smith, R-Texas, said by funding the project, the government was funding the limitation of free speech.

“While the Science Committee has recently looked into a number of other questionable NSF grants, this one appears to be worse than a simple misuse of public funds,” Smith said in the release. “The NSF is out of touch and out of control. The Science Committee is investigating how this grant came to be awarded taxpayer dollars.”

The Truthy project, based out of Indiana University’s Center for Complex Networks and Systems Research and its School of Informatics and Computing, first received funding in 2011. Since then, NSF has funneled a total of $919,917 into the project.

Not much has changed since the original award in 2011. In fact, according to the NSF information for the grant, the last amendment to the contract came in 2012.

The Truthy Project's depiction of online engagement for the hashtag #gop from 2010-2011.  Source: The Truthy Project

The Truthy project’s depiction of online engagement for the hashtag #gop from 2010-2011. (Credit: The Truthy project)

Smith’s statement comes two years later, “after media reports highlighted a one million dollar research project funded by the National Science Foundation in 2011 to analyze political messages and discussion on Twitter,” according to a release from the committee.

The media reports referenced in the release came from a story first reported by the Washington Free Beacon, the online publication for the conservative advocacy group the Center for American Freedom on Aug. 25. Three days later, Fox News Insider ran a story about the project comparing it to George Orwell’s “1984.”

Last week, nearly two months after the Washington Free Beacon and Fox News stories, Federal Communications Commission Commissioner Ajit Pai authored an op-ed to the Washington Post criticizing the funding decision.

“If you take to Twitter to express your views on a hot-button issue, does the government have an interest in deciding whether you are spreading ‘misinformation?’” Pai wrote. “My guess is that most Americans would answer those questions with a resounding no. But the federal government seems to disagree.”

Pai went on to suggest the Truthy project’s mission of preserving open debate and mitigating the diffusion of false and misleading ideas was a government overreach and a violation of free speech.

FCC Commissioner Ajit Pai Source: FCC

FCC Commissioner Ajit Pai (Credit: FCC)

“Truthy’s entire premise is false,” Pai wrote. “In the United States, the government has no business entering the marketplace of ideas to establish an arbiter of what is false, misleading or a political smear.”

President Barack Obama appointed Pai to the FCC in 2012. Pai was confirmed unanimously by the Senate. His term ends in 2016.

The release from the committee also said the goal of the project “is to analyze and detect ‘subversive propaganda’ in order to mitigate ‘misleading ideas’ on social media.”

The filing at the NSF for the grant said the project “is aimed at modeling the diffusion of information online and empirically discriminating among models of mechanisms driving the spread of memes.”

Dana Topousis, a spokesperson for NSF, said agency receives about 50,000 proposals for grants each year. The agency then funds about 11,000 of them through a “rigorous merit review process.”

“NSF ensures that each proposal submitted is reviewed in a fair, competitive and in-depth manner,” Topousis told FedScoop in a Tuesday evening email. “Nearly every proposal is evaluated by a minimum of three independent reviewers consisting of scientists, engineers and educators who do not work at NSF or for the institution that employs the proposing researchers.”

The “about” page of the Truthy project’s website said the team behind the project intends to use it “to detect political smears, astroturfing, misinformation and other social pollution.” In addition to the “about” page on the website, Indiana University’s Center for Complex Networks and Systems Research blog post released “The Truth about Truthy,” which addressed the media criticism of the project.

“Truthy is not intended and is not capable to determine wither a statement constitutes ‘misinformation,’” the post said. “The Truthy platform is not informed by political partisanship. While it provides support to study the evolution of communication in all portions of the political spectrum, the machine learning algorithms used to identify suspicious patterns of information diffusion are entirely oblivious to the possibly political partisanship of the messages.”

In a Wednesday morning email, Alessandro Flammini, a principal investigator for the Truthy project, told FedScoop the committee was welcome to look “carefully” into the work Truthy does.

If they looked into the project, “a lot of gross misconceptions that are circulating about our work would dissipate,” Flammini said.

Among the projects featured on Truthy’s site is a tool to determine whether a Twitter account is a bot as well as an examination of several hashtags and accounts to examine the “memes” surrounding the accounts from 2010 to 2011.

In a comment to FedScoop, a Democratic House Science, Space and Technology Committee spokesperson called Smith’s attempts to investigate the funding of the project “the latest in the Chairman’s Congress-long questioning of NSF grants.”

In a letter to the chairman dated Sept. 30, the committee’s ranking member, Rep. Eddie Bernice Johnson, D-Texas, expressed “deep concern over the direction” Smith has taken the committee in terms of how it dealt with NSF.

“You have been engaged in a puzzling – and troubling – investigation of the merit-review process with respect to 20 NSF grants and have sought all of the confidential, pre-decisional peer-review materials associated with those grants,” Johnson wrote.

Johnson also wrote that there were no credible allegations of waste, fraud or abuse from the 20 awards under investigation.

“The only issue with them appears to be that you, personally, think that the grants sound wasteful based on your understanding of their titles and purpose,” Johnson wrote. “The path you are going down risks becoming a textbook example of political judgment trumping expert judgment.”

FedScoop’s Keely Quinlan contributed to this story.

The post House science committee to examine NSF grant to study Twitter activity appeared first on FedScoop.

]]>
http://fedscoop.com/house-science-committee-examine-nsf-grant-study-twitter-activity/feed/ 0
Ga. technical college receives USDA grant for IT program http://fedscoop.com/technical-college-receives-usda-grant-program/ http://fedscoop.com/technical-college-receives-usda-grant-program/#comments Tue, 21 Oct 2014 21:34:06 +0000 http://fedscoop.com/?p=64515 A public technical college in Georgia will receive a nearly $100,000 Agriculture Department grant to upgrade the wireless network equipment for its information technology training program, according to an agency release.

The post Ga. technical college receives USDA grant for IT program appeared first on FedScoop.

]]>
upgrade the wireless network equipment for its information technology training program,

Coastal Pines Technical College student Deidre Durance works on wireless network equipment in 2012. A USDA grant will help the school upgrade its technology. (Credit: Coastal Pines Technical College)

The IT training program at a Georgia technical college will receive a nearly $94,000 infusion from the Agriculture Department to upgrade its wireless network equipment, according to an agency release Tuesday.

Eddie Murray, a computer information systems instructor for Coastal Pines Technical College who helped prepare the grant proposal, said there’s a particular demand for workers with IT skills in southeast Georgia, the region the public school serves.

“We’re slowly getting to the technology level that our larger cities in our state – Atlanta, Macon – are starting to go towards,” he said. “And so, there’s a giant need now for people who are technically savvy.”

Sponsored by Cisco Systems Inc., the program is offered as a specialization track for an associate’s degree, a diploma or a technical certificate. It prepares students to work as network technicians, network troubleshooters and systems administrators — though, most of the students who enroll in the program have no IT experience coming in.

“They expect the students to come in green as a gourd,” said Murray, who also graduated from the program.

According to the state’s Department of Labor, the southern Georgia regional unemployment rate stood at just over 9 percent in August.

The grant comes through the Agriculture Department’s Rural Business Enterprise Grant program, which aims to cultivate opportunities for small and emerging businesses and support adult education in rural areas.

Other grantees include an eastern Missouri group trying to buy a greenhouse, an Iowa program providing mentoring and training to farm businesses, and an organization in Montana that offers technical assistance to small businesses in rural Native American communities.

The post Ga. technical college receives USDA grant for IT program appeared first on FedScoop.

]]>
http://fedscoop.com/technical-college-receives-usda-grant-program/feed/ 0
GSA: Information secure despite physical HQ security vulnerabilities http://fedscoop.com/gsa-information-secure-despite-physical-hq-security-vulnerabilities/ http://fedscoop.com/gsa-information-secure-despite-physical-hq-security-vulnerabilities/#comments Tue, 21 Oct 2014 20:05:22 +0000 http://fedscoop.com/?p=64501 A report from GSA's Office of Inspector General released last week revealed several physical security concerns related to the agency's open office space and management of devices and documents, which included stolen items. GSA, however, said the vulnerabilities aren't putting critical data and other sensitive information at risk as the report might suggest.

The post GSA: Information secure despite physical HQ security vulnerabilities appeared first on FedScoop.

]]>
GSA-office

GSA employees working at hotel desks at the agency’s headquarters. (Credit: GSA via YouTube)

A report from the General Services Administration’s Office of Inspector General released last week revealed several physical information security concerns related to the agency’s open office space and management of devices and documents. GSA, however, said the vulnerabilities aren’t putting critical data and other sensitive information at as high a risk as the report might suggest.

One night in late July, GSA’s OIG Office of Forensic Auditing, Evaluation and Analysis performed a random inspection of the agency’s open-office headquarters in Washington, D.C. During the inspection, essentially playing the role of an intruder, the officers found physical weaknesses in GSA’s securing of sensitive information controlled under the Privacy and Trade Secret acts. Additionally, the inspectors easily accessed what the report called “highly pilferable government-furnished personal property.”

An active HSPD-12 PIV card was found in an unsecured drawer during the inspection. (Credit: GSA OIG)

An active HSPD-12 PIV card was found in an unsecured drawer during the inspection. (Credit: GSA OIG)

“The inspection found an unsecured HSPD-12 PIV card, sensitive contract files, architectural drawings marked ‘SENSITIVE BUT UNCLASSIFIED,’ unlocked file cabinets containing sensitive information, a combination code for a bay of personal lockers that was left directly on top of those lockers, and a door cipher lock combination taped to the back of the door,” the report states. “The inspection also found valuable property that was unsecured, including laptops and other electronics.”

GSA recently renovated its central offices and changed to an open office design with hoteled workspace, leaving many workers sharing desks rather than using a permanent space. Because of this, the agency instituted a locker system for employees to secure valuable items and documents when they leave the office to prevent thefts. According to the report, GSA has also held several workshops on crime prevention and security in the new environment.

Despite the prevention methods put in place, when the auditors entered the office, they easily found several items of interest. In cases where the items were not securable, they took them, leaving a note that said, “We identified unsecured sensitive information. Due to the sensitive nature of this information, we have taken possession of it to secure its privacy,” with contact information to retrieve them.

Items like an active HSPD-12 PIV card or a laptop could act as gateways to further information theft. The active PIV card “permits unrestricted physical access to the GSA Central Office building, and potentially any federal building,” the report says. And for the laptops, if the security is breached, the user could possibly access the computer’s direct contents or GSA networks.

GSA spokeswoman Jackeline Stewart said while there have been actual issues of possible theft within the agency — five laptops have gone missing so far in 2014 — the agency is confident in its efforts to digitally secure the devices.

This folder, labeled “CONFIDENTIAL – OPEN BY ADDRESSEE ONLY,” was found in plain sight and contained sensitive employee performance reviews and assessments. (Credit: GSA OIG)

This folder, labeled “CONFIDENTIAL – OPEN BY ADDRESSEE ONLY,” was found in plain sight and contained sensitive employee performance reviews and assessments. (Credit: GSA OIG)

“While any loss or theft is unacceptable, this suggests that the problem is a manageable one,” Stewart said in a statement, referring to the five computers. “Additionally, the agency’s tech is equipped with security measures that minimize data security risk associated with leaving laptops unsecured. Laptops require two-layer authentication and hard-drives have 128-bit encryption. If lost or stolen, the network and hard-drive cannot be accessed. Mobile devices are loaded with software that enables GSA IT to wipe the devices within seconds of being reported lost or stolen. In essence, any information on stolen or lost laptops is virtually inaccessible.”

Stewart also said the likelihood of any non-GSA person accessing the open office space is highly unlikely, because “[c]redentialed employees are the only individuals authorized to enter the building independently. All visitors will be required to be escorted by a GSA employee and will be given a temporary ID that will expire within one day of issuance.”

Nevertheless, GSA said it isn’t taking the inspection lightly. The agency will work with the IG to address the issues in the report, Stewart said, and has already began developing a personal property course to reinforce the security protocol.

The post GSA: Information secure despite physical HQ security vulnerabilities appeared first on FedScoop.

]]>
http://fedscoop.com/gsa-information-secure-despite-physical-hq-security-vulnerabilities/feed/ 0
A federal robotics agency? Law professor makes the case http://fedscoop.com/law-professor-calls-new-federal-robotics-agency/ http://fedscoop.com/law-professor-calls-new-federal-robotics-agency/#comments Tue, 21 Oct 2014 19:33:45 +0000 http://fedscoop.com/?p=64476 Law professor Ryan Calo calls for the formation of a federal robotics agency. We interview him about the unique nature of robots and the need for oversight.

The post A federal robotics agency? Law professor makes the case appeared first on FedScoop.

]]>
Very few things capture the imagination like robots. The ability to create a being with lifelike properties and some degree of autonomy is probably about as close as humans will get to being a god.

In The Case For A Federal Robotics Commission, Ryan Calo argues for federal oversight of robotics technology.

In The Case For A Federal Robotics Commission, Ryan Calo argues for federal oversight of robotics technology. (Credit: Brookings Institution)

Robots certainly have the power to be transformative. Just look at the space program, which has more or less been taken over by robots, at least for deep space and planetary exploration. No human has ever been to Mars, yet our robots are making tire tracks all over the red planet. And we are getting closer to more terrestrial uses of robotics, from self-driving cars to military drones with increasing intelligence to cutting-edge technology like cognitive radios that can choose the frequency and power of signal to use.

Robots are also unique in that, unlike most other forms of technology, they can actually affect the physical world. That makes them much more useful — but also potentially more dangerous than something like an application or notebook.

Those two factors — their ability to be transformative and their ability to affect the world — contribute to the need for federal oversight of robotics programs. That is the argument made by Ryan Calo, an assistant professor at the University of Washington School of Law in a recent paper published by the Brookings Institution. Calo goes a step beyond regulation, calling for a new, independent federal agency centered on robots and robotics technology.

I tracked down Calo and asked him to explain his views on the subject and how he envisions the “Federal Robotics Commission” would operate within the federal government.

John Breeden II: How did you get into the study of robotics, and how long have you been doing that?

Ryan Calo and his first robotic friend.

Ryan Calo and his first robotic friend. (Courtesy of Calo)

Ryan Calo: I have been studying robotics law for about six years, since I was a fellow at Stanford Law School. I began to see that the technology has different essential qualities than the Internet and therefore raises distinct questions of law and policy. I have been interested in robotics since I was a kid, as this photo shows.

JB: Robots are often defined in different ways. For example, there used to be a TV show featuring fighting robots, but they were really just remote-controlled vehicles. I assume that you would not consider them a true robot? So how would you define a robot today, and can you give some examples?

RC: As I discuss in my article “Robotics and the Lessons of Cyberlaw,” which is forthcoming in 2015 from California Law Review, I think of robots as having three elements: They sense the world around them, they process what they sense and they act upon the world. This definition is mostly meant to distinguish robots from previous or constituent technologies, as your question suggests. Each of the elements also exists on a spectrum. Thus, a remote-control car, or drone, with a camera is not a robot because it does not process information. Whereas the Mars rover, though it mostly executes commands, is a robot because it has an autonomous mode and knows to disregard or alter commands in some instances as operational realities demand.

JB: One of the points you make in the Brookings paper is that robots are special in that they have the ability to transform our society. You make comparisons to things like how train travel transformed the U.S. Can you explain how you believe robots will have this type of transformative effect?

RC: I think that robotics, taken as a whole, will constitute a transformative technology on par with computers or trains, yes. They permit action at a distance, for instance, and can solve problems in ways no human would or would expect. The evidence has to do with the pattern of interest in robotics. First, the military, artists and hobbyists. Then, large-scale investment by private industry. The final step is the mainstream consumer adoption, which I believe to be around the corner.

JB: In term of this new federal robotics agency, do you envision that it should be its own entity, or would it fall under the banner of something else, such as Transportation or Homeland Security?

Ryan Calo is calling for a new federal agency to regulate robots.

Ryan Calo is calling for a new federal agency to regulate robots.

RC: I hope for a standalone agency, largely because I believe each branch of government —executive, legislative, and judicial — plus the states would benefit from greater expertise in robotics.

JB: What should the responsibilities of the robotic agency be, and what powers or authority would it possess?

RC: The agency, as I envision it, would not regulate or enforce the way, say, the Securities and Exchange Commission does. Indeed, it may have very little power or authority in the classic sense. Rather, its main charge would be to accrue and share expertise in much the same way as the Congressional Research Service or the Office of Science and Technology Policy.

JB: Can you give some examples where having a federal agency dedicated to robots would help improve a situation or provide a benefit that we wouldn’t experience without it?

RC: In the white paper, I give a few examples of what I think of as unwise or stalled policy that might have been avoided. Perhaps a Federal Robotics Commission could help the Federal Communications Commission or Federal Aviation Administration green light technologies like cognitive radio and drones about which they remain uncomfortable. Conversely, the commission could have sounded a cautionary note about robotic surgery before the Food and Drug Administration let it through.

JB: What can people do to learn more about robotics technology and the laws and oversight you feel is needed in order to properly govern them in the future?

RC: I would welcome readers who want to learn more to read my articles, and to register for the fourth annual robotics law and policy conference at werobot2015.org.

The post A federal robotics agency? Law professor makes the case appeared first on FedScoop.

]]>
http://fedscoop.com/law-professor-calls-new-federal-robotics-agency/feed/ 0
Recovery Board names Hemanth Setty next CIO http://fedscoop.com/recovery-board-names-hemanth-setty-next-cio/ http://fedscoop.com/recovery-board-names-hemanth-setty-next-cio/#comments Tue, 21 Oct 2014 02:50:41 +0000 http://fedscoop.com/?p=64464 The Recovery Accountability and Transparency Board took little time replacing Shawn Kingsberry, the board's former chief information officer who retired Screen Shot 2014-10-20 at 6.03.56 PMFriday from federal government.

The post Recovery Board names Hemanth Setty next CIO appeared first on FedScoop.

]]>
Screen Shot 2014-10-20 at 6.03.56 PM

Hemanth Setty (Credit: FedScoop)

The Recovery Accountability and Transparency Board took little time finding a replacement for Shawn Kingsberry, the board’s former chief information officer who retired Friday from federal government.

Hemanth Setty has been named the board’s next CIO, Kingsberry confirmed in a tweet Monday. Setty has been with the Recovery Board since 2010, when he started as a solutions architect before being promoted to chief technology officer in 2012.

Soon after taking over the board’s CTO reins, FedScoop spoke with Setty, recognizing him as a FedMentor. Setty described working with “cutting edge technologies” as RATB CTO and explained how he’s passionate about being a public servant. Prior to joining RATB, Setty worked in the private sector for 14 years.

Setty will have big shoes to fill in replacing Kingsberry, a noted cloud pioneer who led the board’s swift effort to host Recovery.gov on Amazon Web Services’ cloud in just 22 days. Kingsberry, who spent 22 years in government and the last five with RATB since it launched, confirmed in an email to FedScoop last week that he will join Arlington, Virginia-based TASC Inc. as the director of cloud services. He will officially begin Nov.3.

The Recovery Board, which began in 2009 to provide transparency on the spending of the $787 billion allotted to stimulus efforts in the American Recovery and Reinvestment Act of 2009, is scheduled to sunset Sept. 20, 2015. According to Recovery.gov, the board’s license will not be renewed.

The post Recovery Board names Hemanth Setty next CIO appeared first on FedScoop.

]]>
http://fedscoop.com/recovery-board-names-hemanth-setty-next-cio/feed/ 0