Welcome to Codebook, the cybersecurity newsletter that turns down bribes but is offended you didn't even offer one.
Today's newsletter is 1,430 words, a 5-minute read.
Illustration: Aïda Amer/Axios
The cybersecurity community is reckoning with influencer culture for the first time after several popular figures ran paid advertisements on their social media accounts.
The big picture: For years, the world of cybersecurity experts has operated more like a scientific community than a commercial one — and, until very recently, more like a counterculture than a service. The paid posts provided a glimpse of a corporate sponsor-driven future for security specialists surprised to find out that corporations knew who they were.
Driving the news: Several follower-rich cybersecurity Twitter accounts ran individualized promotions for Lenovo's secure line of products and security services, ThinkShield (all tagged "#ad #thinkshield"), sparking immediate pushback from the wider community.
The campaign prompted immediate criticism online, with several security luminaries seeking out and posting screenshots of paid posts.
Between the lines: On Instagram, YouTube and other platforms, influencers with large followers routinely take cash to promote products, often in the fashion industry or entertainment. But this appears to be the first time personality-driven advertisements have been used in cybersecurity.
Several of the influencers who turned down the ads told Codebook that companies could use established, less-controversial methods if they wanted researchers to help increase awareness of security products and initiatives.
Zack Whittaker, the security editor for TechCrunch, told Codebook that VizSense approached him over LinkedIn — implying they were at least somewhat aware of his role as a journalist.
The irony, said Wysopal, is that the backlash might obscure real progress Lenovo has made since the Superfish incident.
The United Nations adopted an anti-cybercrime pact backed by China, North Korea and Russia Monday, against the wishes of U.S. and pro-civil liberty groups.
The big picture: For years, the United States has squared off with more repressive nations over global internet norms. The U.S. wants countries to offer citizens maximal access to the global internet, while Russia and others argue that countries should have "internet sovereignty" to block websites critical of governments and to punish online dissidents.
Why it matters: The UN resolution could give more legitimacy to the "internet sovereignty" crowd.
Driving the news: The resolution, which passed 88-58 with 34 abstentions, sets up a working group to examine global cybercrime prevention.
All this comes as Russia prepares to test whether domestic networks could survive detaching the nation from the global internet in an apparent attempt to set up a China-style internet filtering system.
Losing U.S. leadership on internet could be a symptom of the United States' greater abdication of global leadership to countries like China and Russia, who are expanding their spheres of influence in Africa and the Middle East just as the U.S. is abandoning those regions.
As protests over gas prices erupted this weekend, Iranian officials cut the nation's access to the internet. On Wednesday, according to state media, the government declared victory over the protests. Yet the internet has only begun to trickle back online.
Homeland Security's main cyber division Thursday announced a new tool to help election officials audit voting machines — the first version of which is already deployed in six states.
Why it matters: While a lot of attention gets paid to voting machine security, auditing machines during an election is equally as important: It's the only way to tell whether machines were hacked or malfunctioned.
Details: The tool, which DHS' Cybersecurity and Infrastructure Security Agency calls Arlo, simplifies performing the audits' math.
IRS-scamming season comes earlier every year (Akamai): Akamai detailed a new phishing campaign designed to swindle victims out of their tax refunds.
Senators worry about state information sharing: Sens. Maggie Hassan (D-N.H.), Gary Peters (D-Mich.) and Chuck Schumer (D-N.Y.) expressed concern that the Department of Homeland Security's proposed 2020 budget underfunded information sharing among states and elections.
Insecure communication everywhere (The Daily Beast): Back when she was UN Ambassador, Nikki Haley sent "confidential" material using an unsecured email system after forgetting her password for her classified email account.
Aug. 17, 1938: A Mickey Mouse race during the Mickey Mouse Club Sports Day in Guildford, England. Photo: Fred Morley/Fox Photos/Getty Images