Skip to main content

Home/ Future of the Web/ Group items tagged NSA

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

What the Hack! 56 Suspected Hackers arrested in the UK | nsnbc international - 0 views

nsnbc.me/...ted-hackers-arrested-in-the-uk

UK hackers arrests

shared by Paul Merrell on 11 Mar 15 - No Cached
  • The UK National Crime Agency arrested 56 suspected hackers, including one 23-year-old male who allegedly attempted to hack his way into the U.S.’ Department of Defense in 2014. Not attempting to minimize the potential risks of hacking but how much does cyber-crime actually cost, what are the risks and what about those who hack the data of billions of internet users per day to, allegedly, “keep all of us safe?”
  • Besides the 23-year-old who allegedly attempted to hack his way into the a U.S. Department of Defense site, the other detainees allegedly were members of the hacking collectives Lizard Squad and D33DS which are being accused of fraud, money laundering and Denial of Service and Distributed Denial of Service (DOS & DDOS) attacks.  D33DS stands accused of having stolen data of some 450,000 Yahoo users. The arrests followed the recent announcement about the so-called FREAK security vulnerability that was leaving thousands of SSL sites unprotected. The arrest of the 56 hackers in the UK was reported as the National Crime Agency’s way of “sending a clear message” to the hacker community.
  • The U.S. DoD’s cyber-security functioned, obviously. A recent article by Benjamin Dean entitled “Hard Evidence: How much is cybercrime really costing us” suggests that the money spent on cyber-security per year is disproportional to the harm that is being caused by cyber-crime. Dean, who is a Fellow for Internet Governance and Cyber-security at the School of International and Public Affairs at Columbia University would conclude that: There are numerous competing budgetary priorities at any one time and limited funds to spend on meeting all these needs. How much money does it make sense to invest in bolstering cybersecurity, relative to the losses? …In the hysteria created in the wake of the hacks of 2014, we risk making the wrong choice simply because we don’t know what the current sums of money are being spent on.
  • ...1 more annotation...
  • Meanwhile, NSA whitleblower Edward Snowden (think about him what you want), would reveal that the NSA and the GCHQ hacked themselves into the possession of the encryption codes of the world’s largest SIM card manufacturer Gemalto. Snowden’s revelations about the NSA’s PRISM surveillance program wouldn’t come as a surprise to those who have known about the United States’ and allies mutual spying network Echelon for decades.
Gonzalo San Gil, PhD.

TOR IS THE NSA [LWN.net, 2008] - 0 views

lwn.net/289335

Tor NSA security communications Internet democracy Human Rights spying 2008

shared by Gonzalo San Gil, PhD. on 09 Jul 14 - No Cached
  • Gonzalo San Gil, PhD. on 09 Jul 14
     
    "Posted Jul 9, 2008 21:13 UTC (Wed) by dulles (guest, #45450) Parent article: GNU/Linux free software tools to preserve your online privacy, anonymity and security (FSM)"
Paul Merrell

Chinese State Media Declares iPhone a Threat To National Security - Slashdot - 0 views

apple.slashdot.org/...-a-threat-to-national-security

surveillance state NSA-blowback China Apple iPhone Russia Intel AMD processors

shared by Paul Merrell on 13 Jul 14 - No Cached
  • "When NSA whistleblower Edward Snowden came forth last year with U.S. government spying secrets, it didn't take long to realize that some of the information revealed could bring on serious repercussions — not just for the U.S. government, but also for U.S.-based companies. The latest to feel the hit? None other than Apple, and in a region the company has been working hard to increase market share: China. China, via state media, has today declared that Apple's iPhone is a threat to national security — all because of its thorough tracking capabilities. It has the ability to keep track of user locations, and to the country, this could potentially reveal "state secrets" somehow. It's being noted that the iPhone will continue to track the user to some extent even if the overall feature is disabled. China's iPhone ousting comes hot on the heels of Russia's industry and trade deeming AMD and Intel processors to be untrustworthy. The nation will instead be building its own ARM-based "Baikal" processor.
Paul Merrell

Snowden leaks spur new crop of secure phones, communications | Reuters - 0 views

www.reuters.com/...s-phones-idUSKBN0G527220140805

surveillance state NSA-blowback NSA-reform privacy-products

shared by Paul Merrell on 06 Aug 14 - No Cached
  • (Reuters) - Public concerns about the U.S. government's secretive surveillance programs exposed by Edward Snowden have spawned a slew of encryption products and privacy services that aim to make electronic spying more difficult.
Gonzalo San Gil, PhD.

La Fiscalía de Ciberdelincuencia archiva las Diligencias incoadas por escucha... - 0 views

www.internautas.org/...8402.html

Fiscalía Ciberdelincuencia archiva Diligencias escuchas espionaje masivo NSA SITEL seguridad magen marginal fines comerciales

shared by Gonzalo San Gil, PhD. on 19 Jul 14 - No Cached
  • Gonzalo San Gil, PhD. on 19 Jul 14
     
    "Entendíamos que "dada la relevancia de los riesgos que conlleva para la sociedad este tipo de actuaciones y la posible existencia de espionajes masivos de las comunicaciones sin control, incluso para fines que nada tienen que ver con la Seguridad del Estado", y al amparo del art. 5 del Estatuto Orgánico del Ministerio Fiscal ("para el esclarecimiento de los hechos que aparezcan en los atestados de los que conozca, puede llevar a cabo u ordenar aquellas diligencias para las que esté legitimado..."), era precisa esa investigación y que los ciudadanos pudieran saber qué había ocurrido."
Paul Merrell

Facebook and Corporate "Friends" Threat Exchange? | nsnbc international - 0 views

nsnbc.me/...porate-friends-threat-exchange

cybersecurity alternative-media

shared by Paul Merrell on 12 Feb 15 - No Cached
  • Facebook teamed up with several corporate “friends” to adapt Facebook’s in-house software to identify cyber threats and their source with other corporations. Countering cyber threats sounds positive while there are serious questions about transparency when smaller, independent media fall victim to major corporation’s unwillingness to reveal the source of attacks resulted in websites being closed for hours or days. Transparency, yes, but for whom? Among the companies Facebook is teaming up with are Printerest, Tumblr, Twitter, Yahoo, Drpbox and Bit.ly, reports Susanne Posel at Occupy Corporatism. The stated goal of “Threat Exchange” is to locate malware, the source domains, the IP addresses which are involved as well as the nature of the malware itself.
  • While the platform may be useful for major corporations, who can afford buying the privilege to join the club, the initiative does little to nothing to protect smaller, independent media from being targeted with impunity. The development prompts the question “Cyber security for whom?” The question is especially pertinent because identifying a site as containing malware, whether it is correct or not, will result in the site being added to Google’s so-called “Safe Browsing List”.
  • An article written by nsnbc editor-in-chief Christof Lehmann entitled “Censorship Alert: The Alternative Media are getting harassed by the NSA” provides several examples which raise serious questions about the lack of transparency when independent media demand information about either real or alleged malware content on their media’s websites. An alleged malware content in a java script that had been inserted via the third-party advertising company MadAdsMedia resulted in the nsnbc website being closed down and added to Google’s Safe Browsing list. The response to nsnbc’s request to send detailed information about the alleged malware and most importantly, about the source, was rejected. MadAdsMedia’s response to a renewed request was to stop serving advertisements to nsnbc from one day to the other, stating that nsnbc could contact another company, YieldSelect, which is run by the same company. Shell Games? SiteLock, who partners with most western-based web hosting providers, including BlueHost, Hostgator and many others contacted nsnbc warning about an alleged malware threat. SiteLock refused to provide detailed information.
  • ...1 more annotation...
  • BlueHost refused to help the International Middle East Media Center (IMEMC)  during a Denial of Service DoS attack. Asked for help, BlueHost reportedly said that they should deal with the issue themselves, which was impossible without BlueHost’s cooperation. The news agency’s website was down for days because BlueHost reportedly just shut down IMEMC’s server and told the editor-in-chief, Saed Bannoura to “go somewhere else”. The question is whether “transparency” can be the privilege of major corporations or whether there is need for legislation that forces all corporations to provide detailed information that enables media and other internet users to pursue real or alleged malware threats, cyber attacks and so forth, criminally and legally. That is, also when the alleged or real threat involves major corporations.
Paul Merrell

Microsoft Demos Real-Time Translation Over Skype - Slashdot - 1 views

tech.slashdot.org/...al-time-translation-over-skype

audio-translations Microsoft Skype Kurzweil

shared by Paul Merrell on 29 May 14 - No Cached
  • "Today at the first annual Code Conference, Microsoft demonstrated its new real-time translation in Skype publicly for the first time. Gurdeep Pall, Microsoft's VP of Skype and Lync, compares the technology to Star Trek's Universal Translator. During the demonstration, Pall converses in English with a coworker in Germany who is speaking German. 'Skype Translator results from decades of work by the industry, years of work by our researchers, and now is being developed jointly by the Skype and Microsoft Translator teams. The demo showed near real-time audio translation from English to German and vice versa, combining Skype voice and IM technologies with Microsoft Translator, and neural network-based speech recognition.'"
  • Paul Merrell on 29 May 14
     
    Haven't yet explored to see what's beneath the marketing hype. And I'm less than excited about the Skype with its NSA tendrils being the vehicle of audio translations of human languages. But given the progress in: [i] automated translations of human texts; [ii] audio screenreaders; and [iii] voice-to-text transcription, this is one we saw coming. Slap the three technologies together and wait until processing power catches up to what's needed to produce a marketable experience. After all, the StarTrek scriptwriters saw this coming too.   Ray Kurzweil, now at Google, should get a lot of the pioneer credit here. His revolutionary optical character recognition algorithms soon found themselves redeployed in text-to-speech synthesis and speech recognition technology. From Wikipedia: "Kurzweil was the principal inventor of the first CCD flatbed scanner, the first omni-font optical character recognition, the first print-to-speech reading machine for the blind, the first commercial text-to-speech synthesizer, the first music synthesizer Kurzweil K250 capable of recreating the grand piano and other orchestral instruments, and the first commercially marketed large-vocabulary speech recognition." Not bad for a guy the same age as my younger brother. But Microsoft's announcement here may be more vaporware than hardware in production and lines of executable code. Microsoft has a long history of vaporware announcements to persuade potential customers to hold off on riding with the competition.  And the Softies undoubtedly know that Google's human language text translation capabilities are way out in front and that the voice to text and text to speech API methods have already found a comfortable home in Android and Chromebook. What does Microsoft have that's ready to ship if anything? I'll check it out tomorrow. 
Paul Merrell

U.S. Embedded Spyware Overseas, Report Claims - NYTimes.com - 0 views

www.nytimes.com/...tworks-security-firm-says.html

surveillance state NSA NSA-methods embedded-spyware

shared by Paul Merrell on 18 Feb 15 - No Cached
  • The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm.In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the “Equation Group,” which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command.
  • It linked the techniques to those used in Stuxnet, the computer worm that disabled about 1,000 centrifuges in Iran’s nuclear enrichment program. It was later revealed that Stuxnet was part of a program code-named Olympic Games and run jointly by Israel and the United States.Kaspersky’s report said that Olympic Games had similarities to a much broader effort to infect computers well beyond those in Iran. It detected particularly high infection rates in computers in Iran, Pakistan and Russia, three countries whose nuclear programs the United States routinely monitors.
  • Some of the implants burrow so deep into the computer systems, Kaspersky said, that they infect the “firmware,” the embedded software that preps the computer’s hardware before the operating system starts. It is beyond the reach of existing antivirus products and most security controls, Kaspersky reported, making it virtually impossible to wipe out.
  • ...1 more annotation...
  • In many cases, it also allows the American intelligence agencies to grab the encryption keys off a machine, unnoticed, and unlock scrambled contents. Moreover, many of the tools are designed to run on computers that are disconnected from the Internet, which was the case in the computers controlling Iran’s nuclear enrichment plants.
Paul Merrell

The NSA's SKYNET program may be killing thousands of innocent people | Ars Technica UK - 0 views

arstechnica.co.uk/...g-thousands-of-innocent-people

war & peace surveillance state NSA drones big-data targeted-killings

shared by Paul Merrell on 17 Feb 16 - No Cached
johnmartin124 liked it
  • The NSA’s SKYNET program may be killing thousands of innocent people "Ridiculously optimistic" machine learning algorithm is "completely bullshit," says expert.
  • Paul Merrell on 17 Feb 16
     
    Gack! We have lunatics running our government. 
Paul Merrell

U.S. military closer to making cyborgs a reality - CNNPolitics.com - 0 views

edition.cnn.com/...index.html

surveillance state cyborgs

shared by Paul Merrell on 10 Mar 16 - No Cached
  • The U.S. military is spending millions on an advanced implant that would allow a human brain to communicate directly with computers.If it succeeds, cyborgs will be a reality.The Pentagon's research arm, the Defense Advanced Research Projects Agency (DARPA), hopes the implant will allow humans to directly interface with computers, which could benefit people with aural and visual disabilities, such as veterans injured in combat.The goal of the proposed implant is to "open the channel between the human brain and modern electronics" according to DARPA's program manager, Phillip Alvelda.
  • DARPA sees the implant as providing a foundation for new therapies that could help people with deficits in sight or hearing by "feeding digital auditory or visual information into the brain."A spokesman for DARPA told CNN that the program is not intended for military applications.
  • But some experts see such an implant as having the potential for numerous applications, including military ones, in the field of wearable robotics -- which aims to augment and restore human performance.Conor Walsh, a professor of mechanical and biomedical engineering at Harvard University, told CNN that the implant would "change the game," adding that "in the future, wearable robotic devices will be controlled by implants."Walsh sees the potential for wearable robotic devices or exoskeletons in everything from helping a medical patient recover from a stroke to enhancing soldiers' capabilities in combat.The U.S. military is currently developing a battery-powered exoskeleton, the Tactical Assault Light Operator Suit, to provide superior protection from enemy fire and in-helmet technologies that boost the user's communications ability and vision.The suits' development is being overseen by U.S. Special Operations Command.In theory, the proposed neural implant would allow the military member operating the suit to more effectively control the armored exoskeleton while deployed in combat.
  • ...1 more annotation...
  • In its announcement, DARPA acknowledged that an implant is still a long ways away, with breakthroughs in neuroscience, synthetic biology, low-power electronics, photonics and medical-device manufacturing needed before the device could be used.DARPA plans to recruit a diverse set of experts in an attempt to accelerate the project's development, according to its statement announcing the project.
  • Paul Merrell on 10 Mar 16
     
    Let's assume for the moment that DARPA's goal is realizable and brain implants for commuication with computers become common. How long will it take for FBI, NSA, et ilk to get legislation or a court order allowing them to conduct mass surveillance of people's brains? Not long, I suspect. 
Paul Merrell

European Parliament Urges Protection for Edward Snowden - The New York Times - 0 views

www.nytimes.com/...snowden-nsa-whistleblower.html

surveillance state Snowden EU-Parliament resolution charges extradition

shared by Paul Merrell on 30 Oct 15 - No Cached
  • The European Parliament narrowly adopted a nonbinding but nonetheless forceful resolution on Thursday urging the 28 nations of the European Union to recognize Edward J. Snowden as a “whistle-blower and international human rights defender” and shield him from prosecution.On Twitter, Mr. Snowden, the former National Security Agency contractor who leaked millions of documents about electronic surveillance by the United States government, called the vote a “game-changer.” But the resolution has no legal force and limited practical effect for Mr. Snowden, who is living in Russia on a three-year residency permit.Whether to grant Mr. Snowden asylum remains a decision for the individual European governments, and none have done so thus far. Continue reading the main story Related Coverage Open Source: Now Following the N.S.A. on Twitter, @SnowdenSEPT. 29, 2015 Snowden Sees Some Victories, From a DistanceMAY 19, 2015 Still, the resolution was the strongest statement of support seen for Mr. Snowden from the European Parliament. At the same time, the close vote — 285 to 281 — suggested the extent to which some European lawmakers are wary of alienating the United States.
  • The resolution calls on European Union members to “drop any criminal charges against Edward Snowden, grant him protection and consequently prevent extradition or rendition by third parties.”In June 2013, shortly after Mr. Snowden’s leaks became public, the United States charged him with theft of government property and violations of the Espionage Act of 1917. By then, he had flown to Moscow, where he spent weeks in legal limbo before he was granted temporary asylum and, later, a residency permit.Four Latin American nations have offered him permanent asylum, but he does not believe he could travel from Russia to those countries without running the risk of arrest and extradition to the United States along the way.
  • The White House, which has used diplomatic efforts to discourage even symbolic resolutions of support for Mr. Snowden, immediately criticized the resolution.“Our position has not changed,” said Ned Price, a spokesman for the National Security Council in Washington.“Mr. Snowden is accused of leaking classified information and faces felony charges here in the United States. As such, he should be returned to the U.S. as soon as possible, where he will be accorded full due process.”Jan Philipp Albrecht, one of the lawmakers who sponsored the resolution in Europe, said it should increase pressure on national governments.
  • ...1 more annotation...
  • “It’s the first time a Parliament votes to ask for this to be done — and it’s the European Parliament,” Mr. Albrecht, a German lawmaker with the Greens political bloc, said in a phone interview shortly after the vote, which was held in Strasbourg, France. “So this has an impact surely on the debate in the member states.”The resolution “is asking or demanding the member states’ governments to end all the charges and to prevent any extradition to a third party,” Mr. Albrecht said. “That’s a very clear call, and that can’t be just ignored by the governments,” he said.
Paul Merrell

Challenge to data transfer tool used by Facebook will go to Europe's top court | TechCr... - 1 views

techcrunch.com/...k-will-go-to-europes-top-court

surveillance state NSA Irish_High_Court EU data-privacy litigation ECJ

shared by Paul Merrell on 06 Oct 17 - No Cached
  • The five-week court hearing in what is a complex case delving into detail on US surveillance operations took place in February. The court issued its ruling today. The 153-page ruling starts by noting “this is an unusual case”, before going into a detailed discussion of the arguments and concluding that the DPC’s concerns about the validity of SCCs should be referred to the European Court of Justice for a preliminary ruling. Schrems is also the man responsible for bringing, in 2013, a legal challenge that ultimately struck down Safe Harbor — the legal mechanism that had oiled the pipe for EU-US personal data flows for fifteen years before the ECJ ruled it to be invalid in October 2015. Schrems’ argument had centered on U.S. government mass surveillance programs, as disclosed via the Snowden leaks, being incompatible with fundamental European privacy rights. After the ECJ struck down Safe Harbor he then sought to apply the same arguments against Facebook’s use of SCCs — returning to Ireland to make the complaint as that’s where the company has its European HQ. It’s worth noting that the European Commission has since replaced Safe Harbor with a new (and it claims more robust) data transfer mechanism, called the EU-US Privacy Shield — which is now, as Safe Harbor was, used by thousands of businesses. Although that too is facing legal challenges as critics continue to argue there is a core problem of incompatibility between two distinct legal regimes where EU privacy rights collide with US mass surveillance.
  • In a written statement on the ruling Schrems added: “I welcome the judgement by the Irish High Court. It is important that a neutral Court outside of the US has summarized the facts on US surveillance in a judgement, after diving through more than 45,000 pages of documents in a five week hearing.
  • Making a video statement outside court in Dublin today, Schrems said the Irish court had dismissed Facebook’s argument that the US government does not undertake any surveillance.
  • ...3 more annotations...
  • Schrems’ Safe Harbor challenge also started in the Irish Court before being ultimately referred to the ECJ. So there’s more than a little legal deja vu here, especially given the latest development in the case. In its ruling on the SCC issue, the Irish Court noted that a US ombudsperson position created under Privacy Shield to handle EU citizens complaints about companies’ handling of their data is not enough to overcome what it described as “well founded concerns” raised by the DPC regarding the adequacy of the protections for EU citizens data.
  • On Facebook, he also said: “In simple terms, US law requires Facebook to help the NSA with mass surveillance and EU law prohibits just that. As Facebook is subject to both jurisdictions, they got themselves in a legal dilemma that they cannot possibly solve in the long run.”
  • While Schrems’ original complaint pertained to Facebook, the Irish DPC’s position means many more companies that use the mechanism could face disruption if SCCs are ultimately invalidated as a result of the legal challenge to their validity.
Paul Merrell

ACLU Demands Secret Court Hand Over Crucial Rulings On Surveillance Law - 0 views

www.mintpressnews.com/...221667

surveillance state FISA-Court opinions disclosure litigation ACLU

shared by Paul Merrell on 24 Oct 16 - No Cached
  • The American Civil Liberties Union (ACLU) has filed a motion to reveal the secret court opinions with “novel or significant interpretations” of surveillance law, in a renewed push for government transparency. The motion, filed Wednesday by the ACLU and Yale Law School’s Media Freedom and Information Access Clinic, asks the Foreign Intelligence Surveillance Act (FISA) Court, which rules on intelligence gathering activities in secret, to release 23 classified decisions it made between 9/11 and the passage of the USA Freedom Act in June 2015. As ACLU National Security Project staff attorney Patrick Toomey explains, the opinions are part of a “much larger collection of hidden rulings on all sorts of government surveillance activities that affect the privacy rights of Americans.” Among them is the court order that the government used to direct Yahoo to secretly scanits users’ emails for “a specific set of characters.” Toomey writes: These court rulings are essential for the public to understand how federal laws are being construed and implemented. They also show how constitutional protections for personal privacy and expressive activities are being enforced by the courts. In other words, access to these opinions is necessary for the public to properly oversee their government.
  • Although the USA Freedom Act requires the release of novel FISA court opinions on surveillance law, the government maintains that the rule does not apply retroactively—thereby protecting the panel from publishing many of its post-9/11 opinions, which helped create an “unprecedented buildup” of secret surveillance laws. Even after National Security Agency (NSA) whistleblower Edward Snowden revealed the scope of mass surveillance in 2013, sparking widespread outcry, dozens of rulings on spying operations remain hidden from the public eye, which stymies efforts to keep the government accountable, civil liberties advocates say. “These rulings are necessary to inform the public about the scope of the government’s surveillance powers today,” the ACLU’s motion states.
  • Toomey writes that the rulings helped influence a number of novel spying activities, including: The government’s use of malware, which it calls “Network Investigative Techniques” The government’s efforts to compel technology companies to weaken or circumvent their own encryption protocols The government’s efforts to compel technology companies to disclose their source code so that it can identify vulnerabilities The government’s use of “cybersignatures” to search through internet communications for evidence of computer intrusions The government’s use of stingray cell-phone tracking devices under the Foreign Intelligence Surveillance Act (FISA) The government’s warrantless surveillance of Americans under FISA Section 702—a controversial authority scheduled to expire in December 2017 The bulk collection of financial records by the CIA and FBI under Section 215 of the Patriot Act Without these rulings being made public, “it simply isn’t possible to understand the government’s claimed authority to conduct surveillance,” Toomey writes. As he told The Intercept on Wednesday, “The people of this country can’t hold the government accountable for its surveillance activities unless they know what our laws allow. These secret court opinions define the limits of the government’s spying powers. Their disclosure is essential for meaningful public oversight in our democracy.”
Paul Merrell

Shaking My Head - Medium - 0 views

medium.com/...shaking-my-head-5c1b60db9086

surveillance state NSA 702 FISA legislation backdoor-serches stats

shared by Paul Merrell on 29 May 16 - No Cached
  • Last month, at the request of the Department of Justice, the Courts approved changes to the obscure Rule 41 of the Federal Rules of Criminal Procedure, which governs search and seizure. By the nature of this obscure bureaucratic process, these rules become law unless Congress rejects the changes before December 1, 2016.Today I, along with my colleagues Senators Paul from Kentucky, Baldwin from Wisconsin, and Daines and Tester from Montana, am introducing the Stopping Mass Hacking (SMH) Act (bill, summary), a bill to protect millions of law-abiding Americans from a massive expansion of government hacking and surveillance. Join the conversation with #SMHact.
  • For law enforcement to conduct a remote electronic search, they generally need to plant malware in — i.e. hack — a device. These rule changes will allow the government to search millions of computers with the warrant of a single judge. To me, that’s clearly a policy change that’s outside the scope of an “administrative change,” and it is something that Congress should consider. An agency with the record of the Justice Department shouldn’t be able to wave its arms and grant itself entirely new powers.
  • These changes say that if law enforcement doesn’t know where an electronic device is located, a magistrate judge will now have the the authority to issue a warrant to remotely search the device, anywhere in the world. While it may be appropriate to address the issue of allowing a remote electronic search for a device at an unknown location, Congress needs to consider what protections must be in place to protect Americans’ digital security and privacy. This is a new and uncertain area of law, so there needs to be full and careful debate. The ACLU has a thorough discussion of the Fourth Amendment ramifications and the technological questions at issue with these kinds of searches.The second part of the change to Rule 41 would give a magistrate judge the authority to issue a single warrant that would authorize the search of an unlimited number — potentially thousands or millions — of devices, located anywhere in the world. These changes would dramatically expand the government’s hacking and surveillance authority. The American public should understand that these changes won’t just affect criminals: computer security experts and civil liberties advocates say the amendments would also dramatically expand the government’s ability to hack the electronic devices of law-abiding Americans if their devices were affected by a computer attack. Devices will be subject to search if their owners were victims of a botnet attack — so the government will be treating victims of hacking the same way they treat the perpetrators.
  • ...1 more annotation...
  • As the Center on Democracy and Technology has noted, there are approximately 500 million computers that fall under this rule. The public doesn’t know nearly enough about how law enforcement executes these hacks, and what risks these types of searches will pose. By compromising the computer’s system, the search might leave it open to other attackers or damage the computer they are searching.Don’t take it from me that this will impact your security, read more from security researchers Steven Bellovin, Matt Blaze and Susan Landau.Finally, these changes to Rule 41 would also give some types of electronic searches different, weaker notification requirements than physical searches. Under this new Rule, they are only required to make “reasonable efforts” to notify people that their computers were searched. This raises the possibility of the FBI hacking into a cyber attack victim’s computer and not telling them about it until afterward, if at all.
Paul Merrell

EU-US Personal Data Privacy Deal 'Cracked Beyond Repair' - 0 views

www.mintpressnews.com/...218358

surveillance state EU safe-harbor privacy-shield litigation

shared by Paul Merrell on 12 Jul 16 - No Cached
  • Privacy Shield is the proposed new deal between the EU and the US that is supposed to safeguard all personal data on EU citizens held on computer systems in the US from being subject to mass surveillance by the US National Security Agency. The data can refer to any transaction — web purchases, cars or clothing — involving an EU citizen whose data is held on US servers. Privacy groups say Privacy Shield — which replaces the Safe Harbor agreement ruled unlawful in October 2015 — does not meet strict EU standard on the use of personal data. Monique Goyens, Director General of the European Consumer Organization (BEUC) told Sputnik: “We consider that the shield is cracked beyond repair and is unlikely to stand scrutiny by the European Court of Justice. A fundamental problem remains that the US side of the shield is made of clay, not iron.”
  • The agreement has been under negotiation for months ever since the because the European Court of Justice ruled in October 2015 that the previous EU-US data agreement — Safe Harbor — was invalid. The issue arises from the strict EU laws — enshrined in the Charter of Fundamental Rights of the European Union — to the privacy of their personal data.
  • The Safe Harbor agreement was a quasi-judicial understanding that the US undertook to agree that it would ensure that EU citizens’ data on US servers would be held and protected under the same restrictions as it would be under EU law and directives. The data covers a huge array of information — from Internet and communications usage, to sales transactions, import and exports.
  • ...1 more annotation...
  • The case arose when Maximillian Schrems, a Facebook user, lodged a complaint with the Irish Data Protection Commissioner, arguing that — in the light of the revelations by ex-CIA contractor Edward Snowden of mass surveillance by the US National Security Agency (NSA) — the transfer of data from Facebook’s Irish subsidiary onto the company’s servers in the US does not provide sufficient protection of his personal data. The court ruled that: “the Safe Harbor Decision denies the national supervisory authorities their powers where a person calls into question whether the decision is compatible with the protection of the privacy and of the fundamental rights and freedoms of individuals.”
  • Paul Merrell on 12 Jul 16
     
    Off we go for another trip to the European Court of Justice.
Paul Merrell

EU okays 'renewed' data transfer deal, lets US firms move Europeans' private info overs... - 0 views

www.rt.com/...350289-eu-data-transfer-us

surveillance state EU safe-harbor privacy-shield NSA State-Dept.

shared by Paul Merrell on 12 Jul 16 - No Cached
  • The EU has accepted a new version of the so-called Private Shield law that would allow US companies to transfer Europeans’ private data to servers across the ocean. The EU struck down the previously-reached agreement over US surveillance concerns.
  • The majority of EU members voted in support of the Privacy Shield pact with the US that had been designed to replace its predecessor, the Safe Harbor system, which the highest EU court ruled “invalid” in October 2015 following Edward Snowden’s revelations about mass US surveillance.
  • The newly-adopted agreement will come into force starting Tuesday.The deal, which is said to be aimed at protecting European citizens’ private data, defines the rules of how the sharing of information should be handled. It gives legal ground for tech companies such as Google, Facebook and MasterCard to move Europeans’ personal data to US servers bypassing an EU ban on moving personal information out from the 28-nation bloc. The agreement covers everything from private data about employees to detailed records of what people do online.“For the first time, the US has given the EU written assurance that the access of public authorities for law enforcement and national security will be subject to clear limitations, safeguards and oversight mechanisms and has ruled out indiscriminate mass surveillance of European citizens' data,” the statement said.
  • ...2 more annotations...
  • The new deal now grants greater guarantees to European customers and provides “accessible and affordable redress mechanisms” in case any disputes concerning US spying arise. An ombudsman will also be created within the US State Department to review complaints filed by EU citizens.
  • Privacy Shield, however, has also faced sharp criticism. Concerns about extensive US spying activity were raised in Europe after whistleblower Edward Snowden released a trove of controversial material on Washington’s surveillance practices.Digital rights group Privacy International (PI) said the newly-adopted pact had been drawn up on a "flawed premise" and “remains full of holes and hence offers limited protection to personal data”. 
Paul Merrell

FBI's secret method of unlocking iPhone may never reach Apple | Reuters - 0 views

uk.reuters.com/...ncryption-review-idUKKCN0WW2OL

surveillance state Apple FBI iPhone encryption FOIA litigation

shared by Paul Merrell on 02 Apr 16 - No Cached
  • The FBI may be allowed to withhold information about how it broke into an iPhone belonging to a gunman in the December San Bernardino shootings, despite a U.S. government policy of disclosing technology security flaws discovered by federal agencies. Under the U.S. vulnerabilities equities process, the government is supposed to err in favor of disclosing security issues so companies can devise fixes to protect data. The policy has exceptions for law enforcement, and there are no hard rules about when and how it must be applied.Apple Inc has said it would like the government to share how it cracked the iPhone security protections. But the Federal Bureau of Investigation, which has been frustrated by its inability to access data on encrypted phones belonging to criminal suspects, might prefer to keep secret the technique it used to gain access to gunman Syed Farook's phone. The referee is likely to be a White House group formed during the Obama administration to review computer security flaws discovered by federal agencies and decide whether they should be disclosed.
  • Stewart Baker, former general counsel of the NSA and now a lawyer with Steptoe & Johnson, said the review process could be complicated if the cracking method is considered proprietary by the third party that assisted the FBI.Several security researchers have pointed to the Israel-based mobile forensics firm Cellebrite as the likely third party that helped the FBI. That company has repeatedly declined comment.
  • Paul Merrell on 02 Apr 16
     
    The article is wide of the mark, based on analysis of Executive Branch policy rather than the governing law such as the Freedom of Information Act. And I still find it somewhat ludicrous that a third party with knowledge of the defect could succeed in convincing a court that knowledge of a defect in a company's product is trade-secret proprietary information. "Your honor, my client has discovered a way to break into Mr. Tim Cook's house without a key to his house. That is a valuable trade secret that this Court must keep Mr. Cook from learning." Pow! The Computer Fraud and Abuse Act makes it a crime to access a computer that can connect to the Internet by exploiting a software bug. 
Paul Merrell

Kremlin Denies Claim It Considered Giving Snowden As 'Gift' To Trump - 0 views

www.mintpressnews.com/...224862

surveillance state Snowden extradition

shared by Paul Merrell on 13 Feb 17 - No Cached
  • Amid reports that Moscow is considering handing over NSA whistleblower Edward Snowden as a “gift” to U.S. President Donald Trump, a Russian government spokesperson said Monday that the Kremlin and the White House have not discussed the matter, Russia’s state TASS agency reported. “No, this issue (Snowden’s fate) was not raised,” presidential spokesperson Dmitry Peskov told reporters Monday, adding that Russian officials have not taken a position on whether Snowden should be extradited to the U.S. or granted Russian citizenship. “The issue was not raised (during the Russian-US contacts),” Peskov said. “At the moment it is not among bilateral issues.” The statement comes after Snowden — who has lived in Russia since 2013, first with one-year temporary asylum then a residence permit — revealed in recent days that he is “not afraid” of being handed over to the United States, where he faces espionage charges for his explosive 2013 leak of documents on secret U.S. mass surveillance programs.
  • However, Snowden also said in an interview with Yahoo News that talk of a possible trade between Moscow and Washington makes him feel “encouraged” because it vindicates him in the face of accusations that he has been a spy for Russia by laying bare the fact that he has always been independent and “worked on behalf of the United States.” “Finally: irrefutable evidence that I never cooperated with Russian intel,” he tweeted on Friday. “No country trades away spies, as the rest would fear they’re next.” In the U.S., Snowden faces charges of theft of government property and violation of the Espionage Act on two counts, which each carry a maximum sentence of 10 years.
  • “What I am proud of,” Snowden told Yahoo News, “is the fact that every decision that I have made I can defend.” Snowden is set to be eligible to apply for Russian citizenship next year, according to his lawyer. Last month, Moscow extended his residence permit, which is now valid until 2020.
  • Paul Merrell on 13 Feb 17
     
    One of the bravest patriots in U.S. history, forced to live abroad. Ain't that life?
Gonzalo San Gil, PhD.

How do we know that Linux doesn't have a government backdoor? : linux - 2 views

www.reddit.com/..._know_that_linux_doesnt_have_a

howto know linux have not government backdoor PRISM NSA spying reddit discussion

shared by Gonzalo San Gil, PhD. on 09 Sep 13 - No Cached
  • Gonzalo San Gil, PhD. on 09 Sep 13
     
    "I'm a big advocate of Linux and one of the reasons for that is because I believe it is more secure than other proprietary operating systems and hopefully less likely to include some sort of government backdoor. With the recent US government surveillance scandals going on it has me thinking, is Linux really more secure?"
Paul Merrell

Merkel, Hollande to discuss European communication network avoiding U.S. - Yahoo News - 0 views

news.yahoo.com/-avoids-135711921--sector.html

surveillance state NSA-blowback Germany France Internet-Balkanization

shared by Paul Merrell on 16 Feb 14 - No Cached
  • (Reuters) - German Chancellor Angela Merkel said on Saturday she would talk to French President Francois Hollande about building up a European communication network to avoid emails and other data passing through the United States.
« First ‹ Previous 181 - 200 of 238 Next › Last »
Showing 20 items per page