SoylentNews is people
SoylentNews
Submitted via IRC for soylent_fuschia
Vendor wants Congress to mandate something that only they can provide. Interesting business model.
Brave Urges Congress to Require Ad Blocking Browsers for Govt Employees
In a letter to the U.S. Congress, Brave urged Homeland Security Committee members to make it mandatory for all federal employees to use a browser that blocks advertising by default.
Brave states that without a browser that blocks ads by default, federal employees would be vulnerable to malvertising, which could allow foreign and domestic threat actors to gain access to government devices or a foothold in sensitive networks.
"I represent Brave, a rapidly growing Internet browser based in San Francisco. Brave’s CEO, Brendan Eich, is the inventor of JavaScript, and co-founded Mozilla/Firefox. Brave is headquartered in San Francisco. I write to urge action to protect federal agency and employee computers and devices from cyberattacks by foreign state actors and criminals through “malvertising”."
Brave's letter also includes letters from U.S. Senator Ron Wyden, who since 2017 has been urging the federal government to take a stronger stance regarding the blocking of malicious advertisements.
One year ago, on November 16, 2017, I wrote to then-White House Cybersecurity Coordinator, Rob Joyce, regarding the threat posed by foreign government hackers using online advertisements to deliver malware to the computers of federal workers. In that letter, I urged the administration to direct DHS to require federal agencies to block delivery of all internet ads containing executable computer code to employees computers. In its response on April 20, 2018, DHS stated that it was continuing to investigate these risks and working with representatives from the online advertising industry to address this threat.
In June 2018, the National Security Agency (NSA) issued public guidance related to the threat posed by malicious advertisements. In the attached document, which NSA published on its website, the agency observed that advertising has been a known malware distribution vector for over a decade and as such, the agency recommends that organizations address this risk by blocking potentially malicious, internet-based advertisements.
As Brave sent this letter on the same day they officially released Brave Browser 1.0, this can be seen as a clever marketing ploy by the browser developers.
(Score: 2) by VLM on Saturday November 16 2019, @02:08PM (1 child)
Yes, although there's space to fine tune.
We're just on the cusp of it being feasible to "spear fish" social engineer via targeted advertising. So rather than some moron picking up a flash drive with a "special" payload in the parking lot, I could pay to advertise to FBI or Democratic Party employees (as if there's any difference) that I have cheap flash drives for sale. Cheap because I want FBI/D-party people to buy them and their "special" payload that I loaded on just for them.
Note that being on the cusp of it being feasible PROBABLY means its happening today just not being reported. It would be SO easy to do targeted advertising hits like that.
The real way to work it is economic warfare; Not done for front page news individual break in incidents, but if I wanted to F with the local FBI office, I could extreme target advertise to sell them backup hard drives that were dropped down the stairs a couple times yet still kinda just barely temporarily worked. This is a "funny" economic hit for something harmless like hard drives but a serious security concern for online ammunition buyers or online gas mask filter buyers...
If your life might depend on a gas mask filter or night vision goggle battery, for gods sake don't buy it from a (targeted) banner ad....
(Score: 0) by Anonymous Coward on Saturday November 16 2019, @07:31PM
We're not on the cusp, we're past it and deep in the valley.
Advertising meets brainwashing [thetyee.ca].