Privacy

Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed 170

Posted by samzenpus
from the don't-make-it-hard-for-us dept.
Press2ToContinue writes In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Now, a former head of GCHQ, Sir David Omand has said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end. Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work." According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. "You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before." That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes.
Google

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data 144

Posted by timothy
from the why-there-oughtta-be-a-constitution dept.
Ariastis writes Google took almost three years to disclose to the open information group WikiLeaks that it had handed over emails and other digital data belonging to three of its staffers to the FBI under a secret search warrant issued by a federal judge. WikiLeaks were told last month of warrants which were served in March 2012. The subjects of the warrants were the investigations editor of WikiLeaks, the British citizen Sarah Harrison; the spokesperson for the organisation, Kristinn Hrafnsson; and Joseph Farrell, one of its senior editors. When it notified the WikiLeaks employees last month, Google said it had been unable to say anything about the warrants earlier as a gag order had been imposed.
Security

Ed Felten: California Must Lead On Cybersecurity 63

Posted by timothy
from the so-goes-the-nation dept.
An anonymous reader writes In a Sacramento Bee op-ed, (in)famous computer security researcher Ed Felten responds to the State of the Union cybersecurity proposal. He doesn't mince words: "The odds of clearing Congress: low. The odds of materially improving security: even lower. "What he suggests as an alternative, though, is a surprise. "California," he writes, "could blaze a trail for effective cybersecurity policy." He calls for the state government to protect critical infrastructure and sensitive data, relying on outside auditors and experts. It's an interesting idea. Even if it doesn't go anywhere, at least it's some fresh thinking in this area of backward policy. From Felten's essay: Critical infrastructure increasingly relies on industrial automation systems. And those systems are often vulnerable – they keep a default password, for instance, or are accessible from the public Internet. These are not subtle or sophisticated errors. Fixing them requires basic due diligence, not rocket science. Requiring the state’s critical infrastructure providers to undergo regular security audits would be straightforward and inexpensive – especially relative to the enormous risks. Areas of sensitive data are also low-hanging cyber fruit. In health care, education and finance, California already imposes security and privacy requirements that go beyond federal law. Those legal mandates, though, are mostly enforced through after-the-fact penalties. Much like critical infrastructure, sectors that rely upon sensitive data would benefit from periodic outside auditing. Of any state government's, California's policies also have the chance to help (or harm) the most people: nearly 39 million people, according to a 2014 U.S. Census estimate.
Government

SpaceX, US Air Force Settle Spy Sat Dispute 62

Posted by timothy
from the show-elon-what-you're-wearing dept.
hypnosec writes The US Air Force and private space flight company SpaceX have settled their dispute involving the military's expendable rocket program, thereby paving the way for SpaceX to join the spy satellite launch program known as Evolved Expendable Launch Vehicle (EELV). The settlement opens doors for SpaceX to compete with United Launch Alliance (ULA) for launch of spy satellites. ULA is a joint Boeing-Lockheed venture – the only private player to have received clearance for launching black ops satellites.
Government

Fark's Drew Curtis Running For Governor of Kentucky 108

Posted by timothy
from the dark-horse dept.
New submitter AlCapwn writes [Fark founder] Drew Curtis announced on Friday that he will be running for governor of Kentucky. "We have a theory that we're about to see a huge change in how elections and politics work. Across the country, we have seen regular citizens stepping up and challenging the status quo built by political parties and career politicians. They have been getting closer and closer to victory and, here in Kentucky, we believe we have a chance to win and break the political party stronghold for good."
Transportation

Government Recommends Cars With Smarter Brakes 291

Posted by timothy
from the here's-your-spec-sheet dept.
mrspoonsi writes The National Highway Traffic Safety Administration is adding crash imminent braking and dynamic braking support to its list of recommended advanced safety features for new cars. The former uses sensors to activate the brakes if a crash is imminent and the driver already hasn't. Dynamic braking support, on the other hand, increases stopping power if you haven't put enough pressure on the brake pedal. Like lane-departure and front collision warning systems, these features are available on some models already — this move gives them high-profile attention, though. And for good reason: As the NHSTA tells it, a third of 2013's police-reported car accidents were the rear-end crashes and a "large number" of the drivers either didn't apply the brakes at all (what?!) or fully before impact.
Privacy

China Cuts Off Some VPNs 199

Posted by timothy
from the we-see-what-you-did-there dept.
jaa101 writes The Register (UK) and the Global Times (China) report that foreign VPN services are unavailable in China. A quote sourced to "one of the founders of an overseas website which monitors the Internet in China" claimed 'The Great Firewall is blocking the VPN on the protocol level. It means that the firewall does not need to identify each VPN provider and block its IP addresses. Rather, it can spot VPN traffic during transit and block it.' An upgrade of the Great Firewall of China is blamed and China appears to be backing the need for the move to maintain cyberspace sovereignty.
Earth

Science By Democracy Doesn't Work 438

Posted by timothy
from the just-ask-ex-planet-pluto dept.
StartsWithABang writes The US Senate just voted on whether climate change is a hoax, knowing full well that debates or votes don't change what is or isn't scientifically true or valid. Nevertheless, debates have always been a thing in science, and they do have their place: in raising what points would be needed to validate, robustly confirm or refute competing explanations, theories or ideas. The greatest scientific debate in all of history — along with its conclusions — illustrates exactly this.
Earth

US Senate Set To Vote On Whether Climate Change Is a Hoax 661

Posted by samzenpus
from the who's-to-blame dept.
sciencehabit writes The U.S. Senate's simmering debate over climate science has come to a full boil today, as lawmakers prepare to vote on measures offered by Democrats that affirm that climate change is real—with one also noting that global warming is not "a hoax." In an effort to highlight their differences with some Republicans on climate policy, several Democrats have filed largely symbolic amendments to a bill that would approve the Keystone XL pipeline. They are designed to put senators on the record on whether climate change is real and human-caused.
Japan

Japanese Nobel Laureate Blasts His Country's Treatment of Inventors 190

Posted by Soulskill
from the let-the-makers-make dept.
schwit1 writes: Shuji Nakamura won the 2014 Nobel Prize in Physics (along with two other scientists) for his work inventing blue LEDs. But long ago he abandoned Japan for the U.S. because his country's culture and patent law did not favor him as an inventor. Nakamura has now blasted Japan for considering further legislation that would do more harm to inventors.

"In the early 2000s, Nakamura had a falling out with his employer and, it seemed, all of Japan. Relying on a clause in Japan's patent law, article 35, that assigns patents to individual inventors, he took the unprecedented step of suing his former employer for a share of the profits his invention was generating. He eventually agreed to a court-mediated $8 million settlement, moved to the University of California, Santa Barbara (UCSB) and became an American citizen. During this period he bitterly complained about Japan's treatment of inventors, the country's educational system and its legal procedures. 'The problem is now the Japanese government wants to eliminate patent law article 35 and give all patent rights to the company. If the Japanese government changes the patent law it means basically there would no compensation [for inventors].'"

There is a similar problem with copyright law in the U.S., where changes to the law in the 1970s and 1990s have made it almost impossible for copyrights to ever expire. The changes favor the corporations rather than the individuals who might actually create the work.
The Internet

A State-By-State Guide To Restrictive Community Broadband Laws 158

Posted by samzenpus
from the have-and-have-nots dept.
blottsie writes On Tuesday, President Obama will unveil a dramatic push to improve broadband Internet service for people around the country through community-built municipal broadband networks. Problem is, state legislatures around the country have passed laws making it considerably more difficult for these public Internet projects to get off the ground. In some states, building municipal broadband is prohibited altogether. This piece dives into the state laws standing between us and more competitive Internet service markets.
Censorship

Microsoft Outlook Users In China Hit With MITM Attack 35

Posted by samzenpus
from the right-back-at-you dept.
DavidGilbert99 writes A month after it blocked Google's Gmail, the Chinese government now stands accused of hacking Microsoft's Outlook email service, carrying out man-in-the-middle attack to snoop on private conversations. From ZDNet: " On Monday, online censorship watchdog Greatfire.org said the organization received reports that Outlook was subject to a man-in-the-middle (MITM) attack in China....After testing, Greatfire says that IMAP and SMTP for Outlook were under a MITM attack, while the email service's web interfaces were not affected.
Government

NSA Hack of N. Korea Convinced Obama NK Was Behind Sony Hack 181

Posted by timothy
from the that's-how-clever-it-was dept.
Mike Lape links to a NYTimes piece which says "The evidence gathered by the 'early warning radar' of software painstakingly hidden to monitor North Korea's activities proved critical in persuading President Obama to accuse the government of Kim Jong-un of ordering the Sony attack, according to the officials and experts, who spoke on the condition of anonymity about the classified N.S.A. operation." From the linked article: For about a decade, the United States has implanted “beacons,” which can map a computer network, along with surveillance software and occasionally even destructive malware in the computer systems of foreign adversaries. The government spends billions of dollars on the technology, which was crucial to the American and Israeli attacks on Iran’s nuclear program, and documents previously disclosed by Edward J. Snowden, the former security agency contractor, demonstrated how widely they have been deployed against China. ... The extensive American penetration of the North Korean system also raises questions about why the United States was not able to alert Sony as the attacks took shape last fall, even though the North had warned, as early as June, that the release of the movie “The Interview,” a crude comedy about a C.I.A. plot to assassinate the North’s leader, would be “an act of war.”
Government

NSA Prepares For Future Techno-Battles By Plotting Network Takedowns 81

Posted by timothy
from the your-friends-and-mine dept.
Advocatus Diaboli (1627651) writes According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money. Also check out — New Snowden documents show that the NSA and its allies are laughing at the rest of the world.
Censorship

Cuba's Pending Tech Revolution 121

Posted by timothy
from the are-we-supposed-to-be-grateful? dept.
dcblogs writes The White House order last week lifting economic sanctions against Cuba specifically singles out technology, from telecommunication networks to consumer tech. There's much potential and many obstacles. Cuba has an educated population craving technology, but it has little income for new tech. The Cuban government wants to trade with the U.S., but is paranoid about the outside world and has limited Internet access to 5% to 10% of the population, at best. "The government has been very reluctant to have open Internet access," said Harley Shaiken, chairman of the Center for Latin American Studies at the University of California, Berkeley. But "there is real hunger for technology," and with the easing of the embargo, the government "will be facing new pressures," he said. The country needs a complete technology upgrade, including to its electric grid, and the money to finance these improvements. "Markets like Cuba, which will require a wholesale construction of new infrastructure, don't come along often, if ever," said Todd Thibodeaux, president and CEO of CompTIA, a tech industry trade group. "The flood of companies lining up to get in should be quite substantial," he said. Cuba has a population of about 11 million, about the same size as the Dominican Republic, which spends about $1 billion annually on technology and related services, according to IDC. But capital spending today on IT in Cuba may be no more than $200 million annually.
Communications

Feds Operated Yet Another Secret Metadata Database Until 2013 102

Posted by timothy
from the problem-with-authority dept.
A story at Ars Technica describes yet another Federal database of logged call details maintained by the Federal government which has now come to light, this one maintained by the Department of Justice rather than the NSA, and explains how it came to be discovered: [A] three-page partially-redacted affidavit from a top Drug Enforcement Agency (DEA) official, which was filed Thursday, explained that the database was authorized under a particular federal drug trafficking statute. The law allows the government to use "administrative subpoenas" to obtain business records and other "tangible things." The affidavit does not specify which countries records were included, but specifically does mention Iran. ... This database program appears to be wholly separate from the National Security Agency’s metadata program revealed by Edward Snowden, but it targets similar materials and is collected by a different agency. The Wall Street Journal, citing anonymous sources, reported Friday that this newly-revealed program began in the 1990s and was shut down in August 2013. From elsewhere in the article: "It’s now clear that multiple government agencies have tracked the calls that Americans make to their parents and relatives, friends, and business associates overseas, all without any suspicion of wrongdoing," [said ACLU lawyer Patrick Toomey]. "The DEA program shows yet again how strained and untenable legal theories have been used to secretly justify the surveillance of millions of innocent Americans using laws that were never written for that purpose."
Communications

Obama: Gov't Shouldn't Be Hampered By Encrypted Communications 556

Posted by timothy
from the some-animals-more-equal-than-others-by-jingo dept.
According to an article at The Wall Street Journal, President Obama has sided with British Prime Minister David Cameron in saying that police and government agencies should not be blocked by encryption from viewing the content of cellphone or online communications, making the pro-spying arguments everyone has come to expect: “If we find evidence of a terrorist plot and despite having a phone number, despite having a social media address or email address, we can’t penetrate that, that’s a problem,” Obama said. He said he believes Silicon Valley companies also want to solve the problem. “They’re patriots.” ... The president on Friday argued there must be a technical way to keep information private, but ensure that police and spies can listen in when a court approves. The Clinton administration fought and lost a similar battle during the 1990s when it pushed for a “clipper chip” that would allow only the government to decrypt scrambled messages.
Communications

FCC May Permit Robocalls To Cell Phones -- If They Are Calling a Wrong Number 217

Posted by timothy
from the all-numbers-will-be-wrong-numbers dept.
An anonymous reader writes There have been plenty of false rumors about cell phones being opened up to telemarketers, but now the FCC is actually considering it. From the article: "Consumers have long had the support of government to try to control these calls, chiefly through the Telephone Consumer Protection Act, which actually allows consumers to file lawsuits and collect penalties from companies that pepper them with robocalls or text messages they didn't agree to receive. But now the Federal Communications Commission is considering relaxing a key rule and allowing businesses to call or text your cellphones without authorization if they say they called a wrong number. The banking industry and collections industry are pushing for the change." In one case recently, AT&T called one person 53 times after he told them they had a wrong number...and ended up paying $45 million to settle the case. Around 40 million phone numbers are "recycled" each year in the U.S. Twice, I've had to dump a number and get a new one because I was getting so many debt collection calls looking for someone else. Apparently the FCC commissioners may not be aware of the magnitude of the "wrong number" debt collection calls and aren't aware that lots of people still have per-minute phone plans. Anyone can file comments on this proposal with the FCC.
Communications

European Countries Seek Sweeping New Powers To Curb Terrorism 219

Posted by timothy
from the pente-glissante dept.
New submitter cooler-than-ice (3981829) writes with this story from the Washington Post: Belgian leaders on Friday sought sweeping new powers to monitor and punish their citizens for involvement with terrorism, joining France in an effort to rewrite laws just hours after dozens of arrests across Europe offered dramatic evidence of the threats security officials say are facing the continent. From the article: Apart from expanding powers to strip citizenship for dual nationals, Belgian leaders on Friday proposed devoting an additional $348 million to counterterrorism efforts. They also said they wanted the ability to take away identity documents to make it more difficult for people to travel to Syria and elsewhere. ... “As a result of the events in Paris, combined with what happened yesterday in Belgium, the political unanimity is quite great,” said Rik Coolsaet, a terrorism expert at Ghent University. “It is a bit of 9/11 syndrome.” France is also charging forward with attempts to expand government powers to monitor threats — and to punish those who praise or do not readily condemn terrorism. Leaders this week called for new legislation to significantly bolster domestic intelligence agencies.
Security

19,000 French Websites Hit By DDoS, Defaced In Wake of Terror Attacks 206

Posted by timothy
from the just-don't-say-mon-dieu dept.
An anonymous reader writes Since the three day terror attack that started in France on January 7 with the attack on satirical newspaper Charlie Hebdo, 19,000 websites of French-based companies have been targeted by cyber attackers. This unprecedented avalanche of cyber attacks targeted both government sites and that of big and small businesses. Most were low-level DDoS attacks, and some were web defacements. Several websites in a number of towns in the outskirts of Paris have been hacked and covered with an image of an ISIS flag. The front pages of the official municipality websites have been covered with the Jihadist militant group's black flag. In a report, Radware researchers noted that Islamic hacker group AnonGhost has also launched a "digital jihad" against France.