Skip to main content

Home/ Future of the Web/ Group items matching "sign" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

» Obama Signs Global Internet Treaty Worse Than SOPA Alex Jones' Infowars: There's a war on for your mind! - 2 views

  • Months before the debate about Internet censorship raged as SOPA and PIPA dominated the concerns of web users, President Obama signed an international treaty that would allow companies in China or any other country in the world to demand ISPs remove web content in the US with no legal oversight whatsoever.
  • The White House has circumvented the necessity to have the treaty confirmed by lawmakers by presenting it an as “executive agreement,” although legal scholars have highlighted the dubious nature of this characterization.
  • In presenting ACTA as an “international agreement” rather than a treaty, the Obama administration managed to circumvent the legislative process and avoid having to get Senate approval, a method questioned by Senator Wyden. “That said, even if Obama has declared ACTA an executive agreement (while those in Europe insist that it’s a binding treaty), there is a very real Constitutional question here: can it actually be an executive agreement?” asks TechDirt. “The law is clear that the only things that can be covered by executive agreements are things that involve items that are solely under the President’s mandate. That is, you can’t sign an executive agreement that impacts the things Congress has control over. But here’s the thing: intellectual property, in Article 1, Section 8 of the Constitution, is an issue given to Congress, not the President. Thus, there’s a pretty strong argument that the president legally cannot sign any intellectual property agreements as an executive agreement and, instead, must submit them to the Senate.”
Paul Merrell

FCC's Wheeler Promises Net Neutrality Action 'Shortly' | Adweek - 0 views

  • he pressure is mounting on the Federal Communications Commission to revisit how it will regulate net neutrality in the wake of the DC Circuit Court of Appeals decision that tossed the rules back in the regulator's lap.
  • More than 1 million people signed the petition urging the FCC to "reassert its clear authority over our nation's communications infrastructure" and classify the transmission component of broadband Internet as a telecommunications service. While the court struck down the non-discrimination and no-blocking rules, it also ruled the FCC had the authority to regulate the Internet. That decision leaves the FCC with a thorny legal choice about whether it regulates by classifying the Internet as a telecommunications service or as an information service. In seeking to reassure the petitioners, Wheeler affirmed the commission's commitment to preserve and protect the open Internet. "We interpret the court decision as an invitation and we will accept that invitation," Wheeler said in a press conference following Thursday's meeting. "One of the great things about what the Internet does and why it needs to stay open, it enables people to organize and express themselves. A million people? That's boffo."
  •  
    Over a million signed the petition. Wow! But note that the battle is not over. The FCC could reimplement net neutrality now if it reclassified broadband internet as a telecommunications service. That the FCC has not already set this in motion raises danger flags. All it takes is for a few contracts to be signed to give the ISPs 5th Amendment taking clause claims for damages against the government for reimplementing net neutrality the right way, A "reasonable investment-backed expectation" is the relevant 5th Amendment trigger. 
Gonzalo San Gil, PhD.

AT&T Is Happy To Remove Wireless Broadband Caps, But Only If You Sign Up For Its TV Services | Techdirt - 1 views

  •  
    " According to a new company announcement, customers who sign up for both AT&T wireless service and AT&T U-Verse TV or DirecTV service can nab unlimited data for $100 per month, plus $40 per month for each additional device:"
Gonzalo San Gil, PhD.

5 signs your Web application has been hacked | ITworld - 0 views

  •  
    "hacked FREE Become An Insider Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CSO, Computerworld, InfoWorld, IT World and Network World Learn more. Other Insider Recommendations Java 101 primer: Composition and inheritance 6 simple tricks for protecting your passwords Free course: "JavaScript: The Good Parts" Free Course: The Dark Side of Technology Careers Website defacements? Database dumps? Mysterious files? Here's how to tell if your Web application has been hacked -- and how to secure it once and for all"
Gonzalo San Gil, PhD.

Stop the TPP: Extreme Internet Censorship - 1 views

  •  
    "URGENT: documents reveal that Trans-Pacific Partnership contains extreme SOPA-like Internet Censorship Plan Say NO to Internet Censorship before it's too late. Sign the petition to world leaders: "Don't Sign the TPP""
Paul Merrell

After Two Years, White House Finally Responds to Snowden Pardon Petition - With a "No" - 1 views

  • The White House on Tuesday ended two years of ignoring a hugely popular whitehouse.gov petition calling for NSA whistleblower Edward Snowden to be “immediately issued a full, free, and absolute pardon,” saying thanks for signing, but no. “We live in a dangerous world,” Lisa Monaco, President Obama’s adviser on homeland security and terrorism, said in a statement. More than 167,000 people signed the petition, which surpassed the 100,000 signatures that the White House’s “We the People” website said would garner a guaranteed response on June 24, 2013. In Tuesday’s response, the White House acknowledged that “This is an issue that many Americans feel strongly about.”
  • Monaco then explained her position: “Instead of constructively addressing these issues, Mr. Snowden’s dangerous decision to steal and disclose classified information had severe consequences for the security of our country and the people who work day in and day out to protect it.” Snowden didn’t actually disclose any classified information — news organizations including the Guardian, Washington Post, New York Times and The Intercept did the disclosing. And the Obama administration has yet to specify any “severe consequences” that can be independently confirmed.
  • The White House on Tuesday ended two years of ignoring a hugely popular whitehouse.gov petition calling for NSA whistleblower Edward Snowden to be “immediately issued a full, free, and absolute pardon,” saying thanks for signing, but no. “We live in a dangerous world,” Lisa Monaco, President Obama’s adviser on homeland security and terrorism, said in a statement. More than 167,000 people signed the petition, which surpassed the 100,000 signatures that the White House’s “We the People” website said would garner a guaranteed response on June 24, 2013. In Tuesday’s response, the White House acknowledged that “This is an issue that many Americans feel strongly about.”
  • ...1 more annotation...
  • The Snowden response was one of 20 responses to what the White House called “our We the People backlog.” The White House had been criticized for avoiding uncomfortable topics despite their popular support. On Twitter, the responses to the Snowden response, some from signers of the petition, were highly critica
Paul Merrell

Protect your synced data - Chrome Help - 0 views

  • When you sign in to Chrome and enable sync, Chrome keeps your information secure by using your Google Account credentials to encrypt your synced passwords. Alternatively, you can choose to encrypt all of your synced data with a sync passphrase. This sync passphrase is stored on your computer and isn't sent to Google.
  • Click the Chrome menu on the browser toolbar. Select Signed in as <your email address> (you must be Signed in to Chrome already). In the "Sign in" section, click Advanced sync settings. Choose an encryption option: Encrypt synced passwords with your Google credentials: This is the default option. Your saved passwords are encrypted on Google's servers and protected with your Google Account credentials. Encrypt all synced data with your own sync passphrase: Select this if you'd like to encrypt all the data you've chosen to sync. You can provide your own passphrase that will only be stored on your computer. Click OK.
  •  
    Just installed Google Chrome on a new system. When I went into settings to set my syncronization preferences, I discovered a new setting I never noticed before for synchronization. I suspect it's new and one Google reaction to the NSA scandal. End to end encryption with a local password that isn't sent to Google. If you're using Chrome, here's an easy way to help the Web fight back to NSA voyeurs.  
Paul Merrell

Study: Surveillance will cost US tech sector more than $35B by 2016 | TheHill - 0 views

  • A new study says that the U.S. tech industry is likely to lose more than $35 billion from foreign customers by 2016 because of concerns over government surveillance.“In short, foreign customers are shunning U.S. companies,” the authors of a new study from the Information Technology and Innovation Foundation write.ADVERTISEMENT“The U.S. government’s failure to reform many of the NSA’s surveillance programs has damaged the competitiveness of the U.S. tech sector and cost it a portion of the global market share,” they said.The think tank’s report found that the cost to the tech sector associated with ongoing concerns over surveillance programs run out of the U.S. was likely to “far exceed” $35 billion by 2016, an earlier estimate set by the group.
  • The group said that lawmakers must enact additional reforms to surveillance policy if they wish to help the tech sector regain the trust of foreign customers. That includes opposing “backdoors,” which allow law enforcement to access otherwise encrypted data, and signing off on trade agreements, including the controversial Trans-Pacific Partnership, that “ban digital protectionism.”The study’s authors found that the revelations about broad U.S. surveillance programs acted as a justification for foreign policymakers to enact protectionist policies aimed at aiding their own domestic technology sectors.Foreign companies have also used the information about U.S. surveillance programs to their advantage.“Some European companies have begun to highlight where their digital services are hosted as an alternative to U.S. companies,” the authors write.
  • American companies, they found, have lost contracts to foreign competitors over fears about mass surveillance.Earlier this month, President Obama signed the USA Freedom Act, a bill that reformed the three Patriot Act provisions that authorized the bulk, warrantless collection of Americans’ phone records. The bill was widely supported by technology companies, including giants like Apple and Google.
Gonzalo San Gil, PhD.

11 sure signs you've been hacked | ITworld - 1 views

  •  
    ["By Roger A. Grimes, InfoWorld | Security Add a comment November 07, 2013, 2:19 PM - In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable." ...]
Gonzalo San Gil, PhD.

USA Freedom Act Passes: What We Celebrate, What We Mourn, and Where We Go From Here | Electronic Frontier Foundation [# ! Nota: Sólo para enlazar...] - 0 views

  • The Senate passed the USA Freedom Act today by 67-32, marking the first time in over thirty years that both houses of Congress have approved a bill placing real restrictions and oversight on the National Security Agency’s surveillance powers. The weakening amendments to the legislation proposed by NSA defender Senate Majority Mitch McConnell were defeated, and we have every reason to believe that President Obama will sign USA Freedom into law. Technology users everywhere should celebrate, knowing that the NSA will be a little more hampered in its surveillance overreach, and both the NSA and the FISA court will be more transparent and accountable than it was before the USA Freedom Act. It’s no secret that we wanted more. In the wake of the damning evidence of surveillance abuses disclosed by Edward Snowden, Congress had an opportunity to champion comprehensive surveillance reform and undertake a thorough investigation, like it did with the Church Committee. Congress could have tried to completely end mass surveillance and taken numerous other steps to rein in the NSA and FBI. This bill was the result of compromise and strong leadership by Sens. Patrick Leahy and Mike Lee and Reps. Robert Goodlatte, Jim Sensenbrenner, and John Conyers. It’s not the bill EFF would have written, and in light of the Second Circuit's thoughtful opinion, we withdrew our support from the bill in an effort to spur Congress to strengthen some of its privacy protections and out of concern about language added to the bill at the behest of the intelligence community. Even so, we’re celebrating. We’re celebrating because, however small, this bill marks a day that some said could never happen—a day when the NSA saw its surveillance power reduced by Congress. And we’re hoping that this could be a turning point in the fight to rein in the NSA.
  •  
    [The Senate passed the USA Freedom Act today by 67-32, marking the first time in over thirty years that both houses of Congress have approved a bill placing real restrictions and oversight on the National Security Agency's surveillance powers. The weakening amendments to the legislation proposed by NSA defender Senate Majority Mitch McConnell were defeated, and we have every reason to believe that President Obama will sign USA Freedom into law. Technology users everywhere should celebrate, knowing that the NSA will be a little more hampered in its surveillance overreach, and both the NSA and the FISA court will be more transparent and accountable than it was before the USA Freedom Act. ...]
Paul Merrell

Reset The Net - Privacy Pack - 1 views

  • This June 5th, I pledge to take strong steps to protect my freedom from government mass surveillance. I expect the services I use to do the same.
  • Fight for the Future and Center for Rights will contact you about future campaigns. Privacy Policy
  •  
    I wound up joining this campaign at the urging of the ACLU after checking the Privacy Policy. The Reset the Net campaign seems to be endorsed by a lot of change-oriented groups, from the ACLU to Greenpeac to the Pirate Party. A fair number of groups with a Progressive agenda, but certainly not limited to them. The right answer to that situation is to urge other groups to endorse, not to avoid the campaign. Single-issue coalition-building is all about focusing on an area of agreement rather than worrying about who you are rubbing elbows with.  I have been looking for a a bipartisan group that's tackling government surveillance issues via mass actions but has no corporate sponsors. This might be the one. The reason: Corporate types like Google have no incentive to really butt heads with the government voyeurs. They are themselves engaged in massive surveillance of their users and certainly will not carry the battle for digital privacy over to the private sector. But this *is* a battle over digital privacy and legally defining user privacy rights in the private sector is just as important as cutting back on government surveillance. As we have learned through the Snowden disclosures, what the private internet companies have, the NSA can and does get.  The big internet services successfully pushed in the U.S. for authorization to publish more numbers about how many times they pass private data to the government, but went no farther. They wanted to be able to say they did something, but there's a revolving door of staffers between NSA and the big internet companies and the internet service companies' data is an open book to the NSA.   The big internet services are not champions of their users' privacy. If they were, they would be featuring end-to-end encryption with encryption keys unique to each user and unknown to the companies.  Like some startups in Europe are doing. E.g., the Wuala.com filesync service in Switzerland (first 5 GB of storage free). Compare tha
  •  
    "This June 5th, I pledge to take strong steps to protect my freedom from government mass surveillance. I expect the services I use to do the same."
  •  
    I wound up joining this campaign at the urging of the ACLU after checking the Privacy Policy. The Reset the Net campaign seems to be endorsed by a lot of change-oriented groups, from the ACLU to Greenpeac to the Pirate Party. A fair number of groups with a Progressive agenda, but certainly not limited to them. The right answer to that situation is to urge other groups to endorse, not to avoid the campaign. Single-issue coalition-building is all about focusing on an area of agreement rather than worrying about who you are rubbing elbows with.  I have been looking for a a bipartisan group that's tackling government surveillance issues via mass actions but has no corporate sponsors. This might be the one. The reason: Corporate types like Google have no incentive to really butt heads with the government voyeurs. They are themselves engaged in massive surveillance of their users and certainly will not carry the battle for digital privacy over to the private sector. But this *is* a battle over digital privacy and legally defining user privacy rights in the private sector is just as important as cutting back on government surveillance. As we have learned through the Snowden disclosures, what the private internet companies have, the NSA can and does get.  The big internet services successfully pushed in the U.S. for authorization to publish more numbers about how many times they pass private data to the government, but went no farther. They wanted to be able to say they did something, but there's a revolving door of staffers between NSA and the big internet companies and the internet service companies' data is an open book to the NSA.   The big internet services are not champions of their users' privacy. If they were, they would be featuring end-to-end encryption with encryption keys unique to each user and unknown to the companies.  Like some startups in Europe are doing. E.g., the Wuala.com filesync service in Switzerland (first 5 GB of storage free). Com
Paul Merrell

Bankrolled by broadband donors, lawmakers lobby FCC on net neutrality | Ars Technica - 1 views

  • The 28 House members who lobbied the Federal Communications Commission to drop net neutrality this week have received more than twice the amount in campaign contributions from the broadband sector than the average for all House members. These lawmakers, including the top House leadership, warned the FCC that regulating broadband like a public utility "harms" providers, would be "fatal to the Internet," and could "limit economic freedom."​ According to research provided Friday by Maplight, the 28 House members received, on average, $26,832 from the "cable & satellite TV production & distribution" sector over a two-year period ending in December. According to the data, that's 2.3 times more than the House average of $11,651. What's more, one of the lawmakers who told the FCC that he had "grave concern" (PDF) about the proposed regulation took more money from that sector than any other member of the House. Rep. Greg Walden (R-OR) was the top sector recipient, netting more than $109,000 over the two-year period, the Maplight data shows.
  • Dan Newman, cofounder and president of Maplight, the California research group that reveals money in politics, said the figures show that "it's hard to take seriously politicians' claims that they are acting in the public interest when their campaigns are funded by companies seeking huge financial benefits for themselves." Signing a letter to the FCC along with Walden, who chairs the House Committee on Energy and Commerce, were three other key members of the same committee: Reps. Fred Upton (R-MI), Robert Latta (R-OH), and Marsha Blackburn (R-TN). Over the two-year period, Upton took in $65,000, Latta took $51,000, and Blackburn took $32,500. In a letter (PDF) those representatives sent to the FCC two days before Thursday's raucous FCC net neutrality hearing, the four wrote that they had "grave concern" over the FCC's consideration of "reclassifying Internet broadband service as an old-fashioned 'Title II common carrier service.'" The letter added that a switchover "harms broadband providers, the American economy, and ultimately broadband consumers, actually doing so would be fatal to the Internet as we know it."
  • Not every one of the 28 members who publicly lobbied the FCC against net neutrality in advance of Thursday's FCC public hearing received campaign financing from the industry. One representative took no money: Rep. Nick Rahall (D-WV). In all, the FCC received at least three letters from House lawmakers with 28 signatures urging caution on classifying broadband as a telecommunications service, which would open up the sector to stricter "common carrier" rules, according to letters the members made publicly available. The US has long applied common carrier status to the telephone network, providing justification for universal service obligations that guarantee affordable phone service to all Americans and other rules that promote competition and consumer choice. Some consumer advocates say that common carrier status is needed for the FCC to impose strong network neutrality rules that would force ISPs to treat all traffic equally, not degrading competing services or speeding up Web services in exchange for payment. ISPs have argued that common carrier rules would saddle them with too much regulation and would force them to spend less on network upgrades and be less innovative.
  • ...2 more annotations...
  • Of the 28 House members signing on to the three letters, Republicans received, on average, $59,812 from the industry over the two-year period compared to $13,640 for Democrats, according to the Maplight data. Another letter (PDF) sent to the FCC this week from four top members of the House, including Speaker John Boehner (R-OH), Majority Leader Eric Cantor (R-VA), Majority Whip Kevin McCarthy (R-CA), and Republican Conference Chair Cathy McMorris Rodgers (R-WA), argued in favor of cable companies: "We are writing to respectfully urge you to halt your consideration of any plan to impose antiquated regulation on the Internet, and to warn that implementation of such a plan will needlessly inhibit the creation of American private sector jobs, limit economic freedom and innovation, and threaten to derail one of our economy's most vibrant sectors," they wrote. Over the two-year period, Boehner received $75,450; Cantor got $80,800; McCarthy got $33,000; and McMorris Rodgers got $31,500.
  • The third letter (PDF) forwarded to the FCC this week was signed by 20 House members. "We respectfully urge you to consider the effect that regressing to a Title II approach might have on private companies' ability to attract capital and their continued incentives to invest and innovate, as well as the potentially negative impact on job creation that might result from any reduction in funding or investment," the letter said. Here are the 28 lawmakers who lobbied the FCC this week and their reported campaign contributions:
Gonzalo San Gil, PhD.

The incoming European Commissioner Andrus Ansip declares his support for free software | April - 0 views

  •  
    "Paris, October 8th, 2014, press release. During the course of his European Parliament hearing, Andrus Ansip, the designated EU Commissioner for the Digital Single Market, expressed his support for free software several times. April hopes that this is a sign towards the implementation of proactive policies in favour of free software."
  •  
    "Paris, October 8th, 2014, press release. During the course of his European Parliament hearing, Andrus Ansip, the designated EU Commissioner for the Digital Single Market, expressed his support for free software several times. April hopes that this is a sign towards the implementation of proactive policies in favour of free software."
Gonzalo San Gil, PhD.

Hundreds of Pirate Bay Copies Emerge, Is The Hydra Alive? | TorrentFreak - 0 views

  •  
    " Ernesto on December 27, 2014 C: 0 News While the Pirate Bay's domain continues to wave a pirate flag, there's no sign of a pending return yet. However, many supporters of the notorious torrent site are keeping its torrents widely available. I"
  •  
    " Ernesto on December 27, 2014 C: 0 News While the Pirate Bay's domain continues to wave a pirate flag, there's no sign of a pending return yet. However, many supporters of the notorious torrent site are keeping its torrents widely available. I"
Gonzalo San Gil, PhD.

Licensing Boards Think Studying For A Test Is Copyright Infringement, Forbid Memorization Of Material | Techdirt - 0 views

  •  
    [... copyright-induced stupidity...] "from the 'all-applicants-must-have-brain-wiped-before-leaving-testing-area' dept Today's copyright-induced stupidity is brought to you by… a whole host of regulatory institutions. An anonymous Techdirt reader sent in a pointer to this ridiculous warning that greets those accessing the National Association of Legal Assistants practice tests. (Press "Sign In" to view the legal threats pop-up.) "
  •  
    [... copyright-induced stupidity...] "from the 'all-applicants-must-have-brain-wiped-before-leaving-testing-area' dept Today's copyright-induced stupidity is brought to you by… a whole host of regulatory institutions. An anonymous Techdirt reader sent in a pointer to this ridiculous warning that greets those accessing the National Association of Legal Assistants practice tests. (Press "Sign In" to view the legal threats pop-up.) "
Gonzalo San Gil, PhD.

MPAA Research: Blocking The Pirate Bay Works, So..... | TorrentFreak - 1 views

  •  
    " Ernesto on August 28, 2014 C: 61 News Hollywood has helped to get The Pirate Bay blocked in many countries, but not on its home turf. There are now various signs that this may change in the near future. Among other things, the MPAA has conducted internal research to show that site blocking is rather effective."
  •  
    " Ernesto on August 28, 2014 C: 61 News Hollywood has helped to get The Pirate Bay blocked in many countries, but not on its home turf. There are now various signs that this may change in the near future. Among other things, the MPAA has conducted internal research to show that site blocking is rather effective."
  •  
    Domain blocking in the U.S. is largely a non-starter in the U.S. because of the Constitution's First Amendment, although it has been allowed in some circumstances. Over-generalizing, but the more legal content a site has, the less susceptible it is to domain-blocking. It's even more difficult at the ISP level because of statutory protections that immunize ISPs from private content-related suit. Major U.S. ISPs zealously protect those protections in Congress. At the request of Hollywood, President Obama convened a meeting that persuaded major ISPs to voluntarily block download of particular movies, using DRM filters. But my understanding is that users can still download them if they are using the Tor browser. I haven't checked because there's nothing Hollywood releases that I can't wait until it's available on my cable television service. Even then, I mainly use the television to find something just interesting enough to persuade me to look up from my computer monitors for a moment, to reduce eye strain from monitor glare. I'm not a movie buff nor am I enamored of thinly veiled propaganda. So Hollywood does not figure largely in my life. As yet, there is no comparable blocking on music downloads.
Gonzalo San Gil, PhD.

The GNU Privacy Guard [#GPG] - 1 views

  •  
    "GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories."
  •  
    "GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories."
Paul Merrell

The Digital Hunt for Duqu, a Dangerous and Cunning U.S.-Israeli Spy Virus - The Intercept - 1 views

  • “Is this related to what we talked about before?” Bencsáth said, referring to a previous discussion they’d had about testing new services the company planned to offer customers. “No, something else,” Bartos said. “Can you come now? It’s important. But don’t tell anyone where you’re going.” Bencsáth wolfed down the rest of his lunch and told his colleagues in the lab that he had a “red alert” and had to go. “Don’t ask,” he said as he ran out the door. A while later, he was at Bartos’ office, where a triage team had been assembled to address the problem they wanted to discuss. “We think we’ve been hacked,” Bartos said.
  • They found a suspicious file on a developer’s machine that had been created late at night when no one was working. The file was encrypted and compressed so they had no idea what was inside, but they suspected it was data the attackers had copied from the machine and planned to retrieve later. A search of the company’s network found a few more machines that had been infected as well. The triage team felt confident they had contained the attack but wanted Bencsáth’s help determining how the intruders had broken in and what they were after. The company had all the right protections in place—firewalls, antivirus, intrusion-detection and -prevention systems—and still the attackers got in.
  • Bencsáth was a teacher, not a malware hunter, and had never done such forensic work before. At the CrySyS Lab, where he was one of four advisers working with a handful of grad students, he did academic research for the European Union and occasional hands-on consulting work for other clients, but the latter was mostly run-of-the-mill cleanup work—mopping up and restoring systems after random virus infections. He’d never investigated a targeted hack before, let alone one that was still live, and was thrilled to have the chance. The only catch was, he couldn’t tell anyone what he was doing. Bartos’ company depended on the trust of customers, and if word got out that the company had been hacked, they could lose clients. The triage team had taken mirror images of the infected hard drives, so they and Bencsáth spent the rest of the afternoon poring over the copies in search of anything suspicious. By the end of the day, they’d found what they were looking for—an “infostealer” string of code that was designed to record passwords and other keystrokes on infected machines, as well as steal documents and take screenshots. It also catalogued any devices or systems that were connected to the machines so the attackers could build a blueprint of the company’s network architecture. The malware didn’t immediately siphon the stolen data from infected machines but instead stored it in a temporary file, like the one the triage team had found. The file grew fatter each time the infostealer sucked up data, until at some point the attackers would reach out to the machine to retrieve it from a server in India that served as a command-and-control node for the malware.
  • ...1 more annotation...
  • Bencsáth took the mirror images and the company’s system logs with him, after they had been scrubbed of any sensitive customer data, and over the next few days scoured them for more malicious files, all the while being coy to his colleagues back at the lab about what he was doing. The triage team worked in parallel, and after several more days they had uncovered three additional suspicious files. When Bencsáth examined one of them—a kernel-mode driver, a program that helps the computer communicate with devices such as printers—his heart quickened. It was signed with a valid digital certificate from a company in Taiwan (digital certificates are documents ensuring that a piece of software is legitimate). Wait a minute, he thought. Stuxnet—the cyberweapon that was unleashed on Iran’s uranium-enrichment program—also used a driver that was signed with a certificate from a company in Taiwan. That one came from RealTek Semiconductor, but this certificate belonged to a different company, C-Media Electronics. The driver had been signed with the certificate in August 2009, around the same time Stuxnet had been unleashed on machines in Iran.
Paul Merrell

Ecuador signs deal with Sweden for Assange questioning | Reuters - 0 views

  • Ecuador and Sweden have signed a pact that would allow WikiLeaks founder Julian Assange to be questioned by Swedish authorities at Ecuador's embassy in London where he has been holed up for more than three years since facing sexual assault charges, the Quito government said.The legal agreement was signed in the Ecuadorean capital after half a year of negotiations."It is, without doubt, an instrument that strengthens bilateral relations and will facilitate, for example, the fulfillment of judicial matters such as the questioning of Mr. Assange," the foreign ministry said in a weekend statement.Assange, 44, took refuge in the embassy building in June 2012 to avoid extradition to Sweden, where he is wanted for questioning over allegations of sexual assault and rape against two women in 2010. The Australian denies the accusations.
  • Assange says he fears Sweden will extradite him to the United States where he could be put on trial over WikiLeaks' publication of classified military and diplomatic documents five years ago, one of the largest information leaks in U.S. history. Britain, which has accused Ecuador of preventing the course of justice by allowing Assange to remain in its embassy in the upmarket central London area of Knightsbridge, welcomed the agreement."It is for the Swedish Prosecutor to decide how they now proceed with a legal case," a spokeswoman for the British Foreign Office said.
Paul Merrell

Gov. Mills signs nation's strictest internet privacy protection bill - Portland Press Herald - 0 views

  • Maine internet service providers will face the strictest consumer privacy protections in the nation under a bill signed Thursday by Gov. Janet Mills, but the new law will almost certainly be challenged in court. Several technology and communication trade groups warned in testimony before the Legislature that the measure may be in conflict with federal law and would likely be the subject of legal action.
  • The new law, which goes into effect on July 1, 2020, would require providers to ask for permission before they sell or share any of their customers’ data to a third party. The law would also apply to telecommunications companies that provide access to the internet via their cellular networks.
  • The law is modeled on a Federal Communications Commission rule, adopted under the administration of President Obama but overturned by the administration of President Trump in 2017. The rule blocked an ISP from selling a customer’s personal data, which is not prohibited under federal law.
  • ...1 more annotation...
  • The law is unlike any in the nation, as it requires an ISP to obtain consent from a consumer before sharing any data. Only California has a similar law on the books, but it requires consumers to “opt out”  by asking their ISP to protect their data. Maine’s new law does not allow an ISP to offer a discounted rate to customers who agree to share or sell their data.
1 - 20 of 111 Next › Last »
Showing 20 items per page