Week in Review: May 11, 2016

by Muira McCammon

Canada: Popular Porn Company Partners with Hackerone to Pinpoint Security Vulnerabilities

Pornhub launched its own security bug bounty program. The company’s site attracts an average of 60 million visitors each day. In conjunction with Hackerone, Pornhub announced that its “bug bounty program is limited strictly to technical security vulnerabilities of Pornhub services listed in the scope. Any activity that would disrupt, damage or adversely affect any third-party data or account is not allowed.” As such, they forbid programmers from conducting Denial of Service attacks to reveal vulnerabilities in the site’s software. Many cybersecurity experts have pointed out that Pornhub did previously have a bounty program in place, but it was via invite only. This new bounty program promises to reward any individual, who pinpoints a vulnerability, even those who are not affiliated with the company. “Like other major tech players have been doing as of late, we’re tapping some of the most talented security researchers as a proactive and precautionary measure – in addition to our dedicated developer and security teams — to ensure not only the security of our site but that of our users, which is paramount to us,” said Corey Price, Vice President, Pornhub. Motherboard has published many articles on recent attempts to hack adult websites. It is unclear what exactly prompted Pornhub to launch its bug bounty program now, but in the past year, journalists found evidence to suggest that Hacking Team might have developed spyware that could affect Pornhub users.

India: Govt Opens Controversial Geospatial Information Regulation Bill to Public Comments

A new bill aims to “regulate the acquisition, dissemination, publication and distribution of geospatial information of India.” Netizens and cartographers alike have said that the bill would make it illegal to publish map-related information about India, without the permission of an Indian governmental agency. U.S. journalists have tried to decipher what repercussions the bill might have on Indian cartography if it is passed, but many questions remain. One expert speculated that the Geospatial Information Regulation Bill is an attempt to “rein in Google." One Indian official spoke to the Economic Times and stated, “We are not banning anyone from mapping India - only that the mapping has to be in line with Indian security considerations regarding sensitive installations and correct boundaries being depicted like not showing PoK [Pakistan Occupied Kashmir] and Arunachal Pradesh as out of India.” Another online newspaper added that the “Geospatial Bill is Bad News for Almost Every Startup in India." The draft bill is open for public comments until June 3, 2016.

Russia: Court Sentences Social Media User to Two Years, Three Months in Prison

A Russian court has sentenced Andrey Bubeyev to over two years in prison for allegedly promoting extremism online. He is said to have reposted two pieces on VKontakte (a Russian social media network similar to Facebook) that caught the attention of Russian authorities. One image was a picture of a toothpaste tube with the following tagline: “Squeeze Russia out of yourself." Andrey Bubeyev reposted a lot of content on his page, and a chunk of it argued that the Ukrainian Black Sea region of Crimea should be returned to the Ukraine. Prosecutors originally sought a three year sentence. This case has been covered primarily by Russian media outlets, but some additional perspectives are available here [EN] and here [EN]. 

United States: Ellen Pao and Other Women in the Tech Industry Launch Diversity-Oriented NGO, Project Include

Project Include is a nonprofit that aims to increase understanding and appreciation for diversity in Silicon Valley. In a post on Medium, Ellen Pao discussed the need for the initiative: “Change is hard, especially around a multidimensional issue like diversity. It is easy for all of us to become defensive and emotional, to shift the blame to others, and to feel fundamentally unheard or misunderstood. We have a hard-to-change diversity problem in tech in the United States." She added, “It is so uncomfortable for us to talk about the diversity problem that we have not been able to fix it.” Project Include hopes to work with around 18 startups at a time and plans to help them adopt a series of strategies aimed at creating more tolerant and diverse work atmospheres. The New York Times noted that many of the women joining Pao’s team have already been involved with other efforts to increase diversity in Silicon Valley. Some of the other members are senior Slack engineer Erica Joy Baker, engineer and startup advisor bethanye McKinney Blount, and venture capitalist Freada Kapor Klein. It is unclear if any men will be on the nonprofit’s board. Project Include’s website explains why the initiative is so important: “Research has quantified the financial benefits of racial, ethnic, and gender diversity. Despite this, we have yet to see significant improvement in diversity numbers.”