Security: Avast, EARN IT Act, Tech Lobbies, Dark Web

Google spent ~$150 million on US lobbying over last decade, followed by Facebook at ~$81M, Amazon almost $80M
https://boingboing.net/2020/01/22/google-spent-150-million-on.html

Lindsey Graham Is Quietly Preparing a Mess of a Bill Trying to Destroy End-to-End Encryption. Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2019 (or EARN IT Act).
https://gizmodo.com/lindsey-graham-is-quietly-preparing-a-mess-of-a-bill-tr-1841394208
Threatening Section 230, a core building block of the modern internet that shields tech platforms from liability for user-generated content (for example, it’s why Gizmodo is insulated from libel lawsuits stemming from what happens in the comments section). The EARN IT Act would threaten tech companies like Facebook, Google, and WhatApp’s Section 230 immunity regarding CSAM unless they comply with a set of so-called “best practices” determined by a 15-member commission. The DOJ, have wanted tech companies to build surveillance backdoors into their end-to-end encrypted messaging services for years.

Antivirus maker Avast shuts down data collection firm after controversy
Subsidiary Jumpshot is being closed after allegations that it sold people’s web browsing data. ~ Sean KeaneJanuary 30, 2020 5:12 AM PST
https://www.cnet.com/news/antivirus-company-avast-closes-analytics-company-over-data-privacy-scandal/
Avast is shutting down subsidiary Jumpshot over allegations that it sold user data. Free antivirus software-maker Avast is shutting down subsidiary company Jumpshot following reports that it sold “highly sensitive” web browsing data, its CEO said Wednesday.  Avast’s software, installed on millions of computers worldwide, allegedly gathered data on people’s online activities and sent it to Jumpshot, which in turn tried to sell it to clients. Avast denied the allegations, but reviewed the matter on Wednesday, Reuters noted.
Later that day, Avast CEO Ondrej Vlcek said in a blog post that he and the board of directors decided to “terminate the Jumpshot data collection and wind down Jumpshot’s operations” immediately. Jumpshot’s clients included Google, Unilever, Revlon and McKinsey. Vlcek noted that both Avast and Jumpshot “acted fully within legal bounds” and complied with Europe’s General Data Protection Regulation, or GDPR.

Four Massive Datasets Charting The Global Climate Change News Narrative 2009-2020.
https://blog.gdeltproject.org/four-massive-datasets-charting-the-global-climate-change-news-narrative-2009-2020/
Four massive new datasets designed to fundamentally advance the study of the global climate change news narrative. The first catalogs the 95,000 television news mentions of climate change on CNN, MSNBC and Fox News 2009-2020 and BBC News London 2017-2020.

How Weight Affects Your Sex Drive—and What You Can Do About It
Shape Magazine
… Susan Kellogg Spadt, Ph.D., director of female sexual medicine at the
Center for Pelvic Medicine, Academic Urology in Bryn Mawr, Pennsylvania.
https://www.shape.com/lifestyle/sex-and-love/weight-and-libido-sex-drive

Critical vulnerabilities found in GE medical gear
The DHS Cybersecurity and Infrastructure Security Agency has issued a warning of six critical-rated vulnerabilities in several GE medical monitoring devices.
Advisory ICSMA-20-023-01 covers the GE CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 monitors. The vulnerabilities include unprotected storage of credentials, improper input validation, use of hard-coded credentials, missing authentication for critical function, unrestricted upload of file with dangerous type and inadequate encryption strength.
As of now GE said it was not aware of any reported incidences of a cyberattack in a clinical use or any reported injuries associated with any of these vulnerabilities.
The flaws are: https://www.scmagazine.com/home/health-care/critical-vulnerabilities-found-in-ge-medical-gear/