SecureMac, Inc.

Checklist 362: Voices, Lords, and Passkeys

February 2, 2024

This week we discuss how ElevenLabs, a voice cloning startup, sparks election manipulation fears, Apple opposing UK security changes, and more companies boost security with passkeys.

Checklist 362: Voices, Lords, and Passkeys

Voice Cloning Startup Faces Backlash Amid Election Manipulation Concerns

In a recent podcast episode, Checklist No. 361 – OS Updates and A.I. Presidents, concerns were raised about the potential societal impact of advanced audio deepfake technology, specifically highlighting synthesized clips imitating former U.S. President Donald Trump and current President Joe Biden. The faux-Trump clip aimed to sell survivalist rations, while the Biden fake allegedly attempted to discourage participation in the New Hampshire Presidential primary.

Notably, the deepfake issue raised alarms among experts, such as Carnegie Mellon University professor Kathleen Carley, who expressed worries about the technology’s potential for voter suppression and attacks on election workers.

The company behind the controversial technology, ElevenLabs, is identified as an AI startup offering voice cloning services. The deepfake incident involving President Biden led to the banning of the user responsible by ElevenLabs. Despite this, the company recently secured $80 million in funding, raising questions about the ethical use of its technology.

ElevenLabs, founded by individuals inspired by poorly dubbed American films, is investing in various applications of its speech-generating technology, including audiobooks, film dubbing, character voices for games, and marketing activations. However, the company’s open-use policy has come under scrutiny, as users can access its browser-based speech generation app for free, and paying customers can upload voice samples to create new styles using ElevenLabs’ voice cloning.

The company claims dedication to preventing the misuse of audio AI tools and emphasizes its commitment to addressing incidents of misuse. Despite its efforts to root out violators and implement tools to detect inappropriate speech, critics argue that more safeguards are needed to prevent bad actors from manipulating elections.

In response to the situation, the CEO of ElevenLabs stated that the new funding would be allocated toward product development, infrastructure expansion, team growth, AI research, and enhancing safety measures for responsible and ethical AI technology development. The juxtaposition of the funding and the controversy has raised concerns about the industry’s responsibility in developing and deploying potentially influential technologies.

As discussions on AI ethics continue, the case of ElevenLabs highlights the challenges of balancing technological advancements with safeguards against misuse, prompting calls for more stringent regulations and responsible development practices within the AI industry.

Apple Opposes UK Security Amendments, Warns of Global Impact

Apple has strongly criticized proposed amendments to the UK’s Investigatory Powers Act (IPA) 2016, cautioning against potential threats to global user security. The Cupertino-based tech giant expressed concern over the suggested changes that could allow the UK government to block the release of updates addressing vulnerabilities, even if they are discovered and deemed critical for global user protection.

Under the proposed amendments, if the UK Home Office rejected an update, it would not be permitted for release elsewhere, and the public would remain uninformed. Apple argued that such measures would grant the UK government unprecedented power to veto user protections globally, hindering the company from offering necessary updates to its customers.

A government spokesperson emphasized the importance of balancing technological innovation and secure communications with public safety, especially in matters related to lawful access and national security. Apple labeled the proposal as an “unprecedented overreach” and warned that it could lead to the UK secretly blocking new user protections on a global scale.

The amendments were set for discussion in the House of Lords, with speculation that the unelected body might provide a more thoughtful response, free from populist influences. While the House of Lords historically holds the power to delay and encourage compromise on contentious legislation, it cannot outright block it.

Two crucial questions arise from this development: Firstly, will the proposed amendments be enacted into law? Secondly, if they do, how will Apple respond? The company had previously indicated the possibility of pulling services like FaceTime and iMessage from the UK rather than compromising on security. While this may not severely impact Apple’s business, as these services come free with Apple devices, the proposed law extends its reach to encompass “all Apple products.”

As debates unfold at the intersection of technology and liberal arts, the outcome remains uncertain, raising concerns about the potential impact on user privacy and security globally.

WhatsApp and “X” Introduce Passkey Safety Tools for iOS Users

Users of WhatsApp and the social media platform “X” (formerly Twitter) can now enhance their security with the introduction of passkey support, according to reports from 9to5Mac and TechCrunch.

Passkeys, defined by TechTarget as an alternative authentication method that eliminates the need for usernames and passwords, provide a more secure way to verify user login credentials. Unlike traditional login methods susceptible to various security flaws, passkeys are stored solely on the user’s device, reducing the risk of interception by potential scammers.

While WhatsApp users on Android have had passkeys as an option for some time, the feature is now making its way to the iPhone. The latest version of WhatsApp beta for iPhone, as reported by WABetaInfo, includes a new menu for setting up passkeys, soon to be available to beta users.

Surprisingly, “X,” which had removed SMS 2FA support for non-paying accounts just over a year ago, is now adding support for passkeys on iOS. While SMS 2FA is considered less secure than passkeys, the latest move reflects a shift towards more robust security measures.

However, there are a couple of limitations to note. Passkeys are currently only available on iOS and exclusively in the United States. Despite this, users in the U.S. can already utilize passkeys on iOS. Instructions on how to implement passkeys can be found on the official support page of “X,” accessible through a URL starting with “help dot twitter dot com.”

The introduction of passkeys reflects a broader trend in the tech industry towards enhancing user security and mitigating vulnerabilities in authentication processes.

Get the latest security news and deals