Hillicon Valley: Cyber, tech takeaways from Mueller report | Millions of Instagram passwords exposed internally by Facebook | DHS unrolling facial recognition tech in airports | Uber unveils new safety measures after student's killing

Hillicon Valley: Cyber, tech takeaways from Mueller report | Millions of Instagram passwords exposed internally by Facebook | DHS unrolling facial recognition tech in airports | Uber unveils new safety measures after student's killing
© Getty

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).


DOJ RELEASES REDACTED MUELLER REPORT: Attorney General William BarrWilliam Pelham BarrBrennan's CIA a subject of Barr's review of Russia investigation: report Pelosi releases 'fact sheet' saying Trump has 'betrayed his oath of office' Federal prosecutors interviewed multiple FBI officials for Russia probe review: report MORE on Thursday released a redacted version of special counsel Robert MuellerRobert (Bob) Swan MuellerFox News legal analyst says Trump call with Ukraine leader could be 'more serious' than what Mueller 'dragged up' Lewandowski says Mueller report was 'very clear' in proving 'there was no obstruction,' despite having 'never' read it Fox's Cavuto roasts Trump over criticism of network MORE's report on his sprawling investigation into Russian interference in the 2016 presidential election.

The release of the report comes just over three weeks after Barr laid out what he described as Mueller's core findings in a four-page letter that effectively cleared President TrumpDonald John TrumpGraham to introduce resolution condemning House impeachment inquiry Support for impeachment inches up in poll Fox News's Bret Baier calls Trump's attacks on media 'a problem' MORE of allegations of criminal coordination between his campaign and Moscow, and just over an hour after Barr held a press conference reiterating there was no "collusion."


The report is redacted to conceal grand jury material, classified information, details about ongoing investigations and information that could implicate the privacy of "peripheral" third parties.


THE HIGHLIGHTS: The Hill dug into the cyber and tech highlights of the Mueller report so you don't have to. (If you do want to read the 448 page document, click here.)

Russia interfered, but the Trump campaign did not directly assist their efforts, Mueller says. Russia sought to help President Trump win the 2016 presidential election, but the Trump campaign did not directly assist in that process, according to Mueller's report.

Mueller said that while his investigation "identified numerous links between individuals with ties to the Russian government and individuals associated with the Trump campaign," there was not enough evidence to bring forward any criminal charges on that front.

"Among other things, the evidence was not sufficient to charge any Campaign official as an unregistered agent of the Russian government or other Russian principal. And our evidence about the June 9, 2016 meeting and WikiLeaks's releases of hacked materials was not sufficient to charge a criminal campaign-finance violation," he wrote.

While investigators have previously stated that Russia interfered in the presidential election, Mueller's report offers a new look at the breadth and depth of those efforts.

The special counsel outlined the steps taken by the Internet Research Agency (IRA), a Russian troll farm linked to the Kremlin, to sow discord on social media, as well as Russian military officers' hacks on the Clinton campaign and the Democratic National Committee (DNC).

Read more here.


Russia tried to hack Clinton accounts hours after Trump said they should. Russian military officers targeted former Secretary of State Hillary ClintonHillary Diane Rodham ClintonThe Memo: Trump 'lynching' firestorm is sign of things to come Hillary Clinton has said she'd consider 2020 race if she thought she could win: report Nielsen on leaving Trump administration: 'Saying no and refusing to do it myself was not going to be enough' MORE with hacking attempts within hours of then-candidate Trump suggesting Moscow should find Clinton's emails, according to the report.

"Within approximately five hours of Trump's statement, GRU officers targeted for the first time Clinton's personal office," the report reads, referring to Russia's military intelligence agency.

The Russian officers sent malicious links to 15 email accounts linked to the domain of Clinton's personal office, and the "investigation did not find evidence of earlier GRU attempts to compromise accounts hosted on this domain," according to the report.

Trump faced backlash for his comments in the 2016 campaign when he called on Russia to track down Clinton's emails.

"Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press," Trump said at the time.

He later said the comment was sarcastic.

Read more here.


Mueller identified 'dozens' of US rallies organized by Russian troll farm. Muller said his team identified "dozens" of U.S. political rallies organized on social media by the Internet Research Agency (IRA), a Russian troll farm that was later indicted for attempting to interfere with the 2016 presidential election.

According to Mueller's report, the IRA organized political rallies in the U.S. using social media starting in 2015 and continued to coordinate rallies after the 2016 election.

Mueller wrote that some of the rallies attracted "few (if any) participants," while others drew "hundreds."

The IRA, a Russian troll farm with close ties to Russian President Vladimir PutinVladimir Vladimirovich PutinOvernight Defense: Trump's Syria envoy wasn't consulted on withdrawal | McConnell offers resolution urging Trump to rethink Syria | Diplomat says Ukraine aid was tied to political investigations Trump's Syria envoy says he wasn't consulted on troop withdrawal Former Russian Olympic Games official arrested by ICE in Florida MORE and Russian intelligence agencies, organized pro-Trump rallies, as well as gatherings opposed to Democratic presidential nominee Hillary Clinton, on U.S. soil for years, including events in New York, Florida and Pennsylvania.  

The Trump campaign put a post on Facebook about one of the rallies the Russian group organized in Miami, Fla., in 2016, Mueller noted.

The troll farm used its Facebook and Twitter accounts to organize and promote U.S. political rallies, often sending direct messages to its followers on social media asking them to participate in the events, Mueller wrote.

"IRA employees frequently used ... Twitter, Facebook and Instagram to contact and recruit U.S. persons who followed the group," Mueller wrote.


Trump campaign officials amplified the IRA's messages. The Mueller report also lays out the ways that Trump campaign officials and surrogates amplified the IRA's messages on Twitter and Facebook as they sought to interfere in public discourse and amplify divisive political rhetoric.

Trump campaign officials, including senior adviser Kellyanne ConwayKellyanne Elizabeth ConwayTrump has floated Mnuchin, Conway for White House chief of staff: report Trump embarks on Twitter spree amid impeachment inquiry, Syria outrage The Hill's Campaign Report: Biden camp faces new challenges MORE and Donald Trump Jr.Donald (Don) John TrumpTransgender cyclist responds to Trump Jr. criticizing her women's world championship win Trump says he doesn't want NYT in the White House Romney earns rants and raves for secret Twitter name MORE, cited and retweeted content from the troll farm about topics including voter fraud and Clinton's handling of classified information, according to Mueller.   

Mueller's team found that Trump campaign affiliates promoted "dozens" of tweets, posts and other political content created by the IRA.

"IRA employees monitored the reaction of the Trump campaign and, later, Trump administration officials to their tweets," Mueller's report reads.

Mueller's investigation concluded that Russia interfered in the 2016 presidential election to boost Trump through a social media campaign coordinated by the IRA.

Read more here.



Mueller considered charging campaign aides in Trump Tower meeting but lacked evidence.

Mueller on obstruction: Evidence prevents 'conclusively determining no criminal conduct occurred.'

Schiff calls on Mueller to testify before Congress in May.

Five takeaways from the Mueller report.

Mueller report shows how Trump aides sought to protect him and themselves.

Mueller report winners and losers.

The 10 'episodes' Mueller probed for potential obstruction by Trump.

The 7 most interesting nuggets from the Mueller report


FACEBOOK'S MUELLER DAY NEWS DUMP:  Facebook revealed Thursday that millions of Instagram user passwords had been stored in unprotected text accessible by the company's employees.

The company disclosed the information as an update to a March blog post in which it admitted that hundreds of millions of users' Facebook passwords had been left unprotected within the company's servers.

While the original post said tens of thousands of Instagram user passwords had been exposed, Facebook said it has since discovered many more Instagram passwords exposed in the same way.

"Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format," Facebook wrote in the update. "We now estimate that this issue impacted millions of Instagram users."

"We will be notifying these users as we did the others," the company added.

Facebook said a statement to The Hill that the issue has been "widely reported" and stressed that it has not uncovered any misuse of the passwords.

"We want to be clear that we simply learned there were more passwords stored in this way," the Facebook spokesperson said, adding they have not found any "evidence of abuse or misuse of these passwords."

Cybersecurity reporter Brian Krebs in March in reported that up to 600 million Facebook passwords had been exposed in an internal database that was searchable by employees.

Shortly after, Facebook in the blog post said it had found user passwords were stored "in a readable format within our internal data storage systems."

According to Krebs, some of the passwords had been stored in plain text as early as 2012.

Read more on the exposed Instagram passwords here.


DHS LEANS INTO FACIAL RECOGNITION TECH: The Department of Homeland Security in a report released Wednesday said that it is aiming to use facial recognition technology on 97 percent of departing air passengers within the next four years.

Customs and Border Protection (CBP), which is a part of Homeland Security, said that it believes it can implement facial recognition technology in airports across the country by 2023 by partnering with airports and airlines, which help the agency deploy cameras to capture peoples' faces.

CBP has been implementing this program, which photographs passengers at their airport gates before they board their flights, in 2017. By 2018, the agency had unveiled the program at 15 U.S. airports.

The program, called "Biometric Exit," cross-references the images of departing passengers with a "gallery" of images photos from visa and passport applications. The matching service allows CBP to create a record of the passenger's departure, which they can then use to figure out if the individual has overstayed their visa or if they are in the country legally otherwise.

CBP in the documents on Wednesday said it has identified 7,000 travelers who had overstayed their visa.

The agency noted that it has also used a similar system to identify six travelers who were presenting travel documents that did not belong to them or that had been altered.

Privacy advocates have raised serious civil rights concerns around facial recognition technology, including the possibility that the information gathered by CBP could be used by other federal agencies to track and learn sensitive information about those traveling in the U.S.

Read more here.


#WHATSMYNAME: Uber introduced a new set of campus safety measures on Thursday, weeks after a University of South Carolina (USC) student was killed after getting into a car she thought was her Uber ride.

The Campus Safety Initiative, launched in collaboration with USC, will focus on helping students avoid fake rideshare drivers, the company said in a release.

The measures will create an alert system that will debut in South Carolina on Thursday and be rolled out across the rest of the app's user base in the next few days.

The steps will include a "Check Your Ride" reminder for riders, including verifying drivers' license plates and identities before getting into a rideshare.

Riders will also receive a push notification reminding them to follow the steps after calling a car.

Starting at the University of South Carolina, Uber will also be adding designated pickup zones that will be well-lit and have law enforcement present.

The initiative comes just weeks after a man was charged in the murder of USC student Samantha Josephson, 21. Josephson was last seen on March 29 outside of Five Points bar in Columbia, South Carolina, getting into a car she reportedly thought was her Uber ride.

Read more on Uber's u-turn here.


FACEBOOK BANS MORE FAR-RIGHT FIGURES: Facebook on Thursday banned several far-right British groups from its platform, saying in a statement that the high-profile organizations and individuals had been using Facebook's services to spread hate and attack others "on the basis of who they are."

The tech giant has been under intensifying scrutiny for allowing bigotry and white nationalism to proliferate on its platforms, including Instagram.  

The bans on Thursday included some of the United Kingdom's most prominent far-right groups and figures, including the British National Party and its former chairman Nick Griffin; Britain First and its leader Paul Golding; Knights Templar International, which supports an armed militia that allegedly hunts down refugees crossing into Europe, and its founder; far-right activist Jack Renshaw, who allegedly once plotted to murder a member of Parliament; and the English Defence League, among others.

Facebook in a statement said it is banning the groups and their leaders under its "dangerous individuals and organizations policy," which bans "those who proclaim a violent or hateful mission or are engaged in acts of hate or violence."

"The individuals and organizations we have banned today violate this policy, and they will no longer be allowed a presence on Facebook or Instagram," a Facebook spokesperson said. "Posts and other content which expresses praise or support for these figures and groups will also be banned."

Read more on the bans here.


AN OP-ED TO CHEW ON: Open data promotes citizen engagement at the local level.


A LIGHTER CLICK: A good approach to tweeting in general.



New details from the Mueller report about Don Jr.'s interactions with Wikileaks. (Slate)

What this week's Apple-Qualcomm-Intel dance means for the future of 5G. (The Washington Post)

Hoaxes and misinformation about the Mueller report are already spreading. (Buzzfeed News)

Twitter's "verified" users are spreading viral misinformation. (Mother Jones)