At a glance.
- Flaw discovered in crypto wallet seed phrase security.
- Child welfare screening algorithm raises questions about discrimination.
- Connecticut privacy law passed by the General Assembly.
Flaw discovered in crypto wallet seed phrase security.
A German cryptocurrency investor and IT professional named Andre has discovered a possible weakness in one of the primary layers of security protecting users’ cryptocurrency holdings. Andre found that his mobile phone was able to correctly predict his entire recovery seed phrase – a random combination of words from the Bitcoin Improvement Protocol (BIP) 39 list of 2,048 words – as soon as he entered the first word. Posting his discovery on a crypto subreddit, Andre explained that this could make any cryptocurrency enthusiast’s holdings easy access for hackers. Deciding to test his theory on various devices, Andre found that Microsoft’s Swiftkey keyboard was able to predict the seed phrase very easily, and Samsung’s keyboard correctly guessed the phrase if the “auto-replace” and “suggest text corrections” functions were turned on. Google’s GBoard, however, was not always able to predict every word in the seed phrase in the correct order. Andre told Cointelegraph, “I thought I should tell people about it. I’m sure there are others who also have typed seeds into their phone.” His advice to other crypto investors: “Do yourself a solid and prevent that from happening by clearing your predictive type cache.”
Child welfare screening algorithm raises questions about discrimination.
AP News reports that a predictive algorithm currently being used by child welfare agencies in the US state of Pennsylvania could be targeting minorities. Independent researchers at Carnegie Mellon University found that the algorithm displayed a pattern of flagging a disproportionate number of Black children for neglect investigations compared with white children, and that one-third of the time social workers disagreed with the risk scores the algorithm produced. The algorithm, which is being used or considered in other states including California, Colorado, and Oregon, was designed to help social work professionals in making difficult decisions regarding children’s welfare. Director of the Allegheny County Department of Human Services Erin Dalton, a proponent of the algorithm, explained, “Workers, whoever they are, shouldn’t be asked to make, in a given year, 14, 15, 16,000 of these kinds of decisions with incredibly imperfect information.” It’s worth nothing that workers do have the power to override the algorithm’s findings. But critics say an imperfect algorithm shouldn’t be given so much power in determining a child’s welfare, and in turn, their future.
Connecticut privacy law passed by the General Assembly.
Connecticut is poised to become the fifth US state to pass its own privacy law, following in the footsteps of California, Virginia, Colorado, and Utah. The Record by Recorded Future explains that SB 6, or “Act Concerning Personal Data Privacy and Online Monitoring,” was advanced by the Connecticut General Assembly on Thursday and will now go to the desk of Governor Ned Lamont to be signed into law. A spokesperson for Lamont stated, “We are not immediately aware of any concerns, but as always the governor and his staff will need to carefully review the bill once it is transmitted to our office.” SB6 would allow residents to opt out of targeted online advertising, sales, and profiling, and organizations would have no more than fifteen days to stop processing user data as soon as consent is revoked. The bill would also require companies to honor browser privacy settings, like the Global Privacy Control, which allows users to opt out of data sales at all organizations in one click. Connecticut would also join California and Colorado in adding sunset clauses to the hotly debated “right to cure” provisions, which give companies a set amount of time to remedy violations before enforcement action is taken. Some proponents of “right to cure” have called it a “get out of jail free card” for violators, and Connecticut’s provisions would sunset at the end of 2024.