Archive for the ‘surveillance’ tag
The No. 2 official at the Justice Department delivered a blunt message last month to Apple Inc. executives: New encryption technology that renders locked iPhones impervious to law enforcement would lead to tragedy. A child would die, he said, because police wouldn’t be able to scour a suspect’s phone, according to people who attended the meeting.
Apple executives thought the dead-child scenario was inflammatory. They told the government officials law enforcement could obtain the same kind of information elsewhere, including from operators of telecommunications networks and from backup computers and other phones, according to the people who attended.
Technology companies are pushing back more against government requests for cooperation and beefing up their use of encryption. On Tuesday, WhatsApp, the popular messaging service owned by Facebook Inc., said it is now encrypting texts sent from one Android phone to another, and it won’t be able to decrypt the contents for law enforcement.
AT&T Inc. on Monday challenged the legal framework investigators have long used to collect call logs and location information about suspects.
In a filing to a federal appeals court in Atlanta, AT&T said it receives an “enormous volume” of government requests for information about customers, and argued Supreme Court decisions from the 1970s “apply poorly” to modern communications. The company urged the courts to provide new, clear rules on what data the government can take without a probable cause warrant.
(click here to continue reading Apple and Others Encrypt Phones, Fueling Government Standoff – WSJ.)
Law enforcement officials are clever, they can find ways to get data in other ways, like this, for instance…
And good for Tim Cook – he suggests that Apple Inc. should not be in the business of enabling the police in their quest to snoop on our phones without first getting warrants. You know, like if we were living in a constitutional Democracy with a Bill of Rights again?
In June 2013, Mr. Snowden provided reporters with documents describing a government program called Prism, which gathered huge amounts of data from tech companies. At first, tech-company executives said they hadn’t previously heard of Prism and denied participating. In fact, Prism was an NSA code word for data collection authorized by the Foreign Intelligence Surveillance Court. Tech companies routinely complied with such requests.
More than a year later, tech executives say consumers still mistrust them, and they need to take steps to demonstrate their independence from the government.
Customer trust is a big issue at Apple. The company generates 62% of its revenue outside the U.S., where it says encryption is even more important to customers concerned about snooping by their governments.
These days, Apple Chief Executive Tim Cook stresses the company’s distance from the government.
“Look, if law enforcement wants something, they should go to the user and get it,” he said at The Wall Street Journal’s global technology conference in October. “It’s not for me to do that.”
In early September, Apple said the encryption on its latest iPhone software would prevent anyone other than the user from accessing user data stored on the phone when it is locked. Until then, Apple had helped police agencies—with a warrant—pull data off a phone. The process wasn’t quick. Investigators had to send the device to Apple’s Cupertino, Calif., headquarters, and backlogs occurred.
So the Senate Republicans blocked legislation ((S.2685: Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2014)) that could theoretically protect us from government overreach. What a surprise!
Senate Republicans on Tuesday blocked a sweeping overhaul of the once-secret National Security Agency program that collects records of Americans’ phone calls in bulk.
But Tuesday’s vote only put off a debate over security and personal liberties until next year. While a Republican-controlled Senate is less likely to go along with the kinds of reforms that were in the bill, which sponsors had named the U.S.A. Freedom Act, the debate could further expose rifts between the party’s interventionist and more libertarian-leaning wings.
Under the bill, which grew out of the disclosures in June 2013 by Edward J. Snowden, the former intelligence contractor, the N.S.A. would have gotten out of the business of collecting Americans’ phone records. Instead, most of the records would have stayed in the hands of the phone companies, which would not have been required to hold them any longer than they already do for normal business purposes, which in some cases is 18 months.
The N.S.A., Mr. Snowden revealed, was systematically collecting such telephone metadata …from major American phone companies. The program began after the Sept. 11, 2001, terrorist attacks, based on an assertion of unilateral executive power by President George W. Bush. In 2006, the Foreign Intelligence Surveillance Court had secretly brought the program under its authority and started issuing orders under the Patriot Act to the companies for their records.
The proposed legislation would still have allowed analysts to perform so-called contact chaining in which they trace a suspect’s network of acquaintances, but they would been required to use a new kind of court order to swiftly obtain only those records that were linked, up to two layers away, to a suspect — even when held by different phone companies.
(click here to continue reading Bill to Restrict N.S.A. Data Collection Blocked in Vote by Senate Republicans – NYTimes.com.)
For all their chants about eliminating Big Gov’ment, Senator Mitch McConnell and his team secretly love expansion of federal reach. For the GOP: expanding government surveillance is good, controlling women’s uteruses is better, expanding defense contractors weaponry program is best. The only kind of government programs the GOP doesn’t like are things like SNAP, EPA, and so on. You know, the stuff that might actually help someone.
Also of note: Senator Rand Paul, Mr. Libertarian himself, voted no on this bill. Wonder how his acolytes will spin it? Especially since Senators Ted “Calgary” Cruz, Dean Heller, Mike Lee and Lisa Murkowski all voted yes…
From Bloomberg Businessweek, the tech industry was pushing for this bill:
The bill was an attempt to force spy agencies to collect only information sought through a court order and exclude the use of broad searches like by ZIP codes. A coalition of Internet and technology companies, which include Google Inc. and Twitter Inc., supported the Senate bill while saying the Republican-backed House version passed in May would still allow bulk collection of Internet user data.
U.S. Internet and technology companies say they’ve already lost contracts with foreign governments over the issue. Forrester Research Inc. estimates the backlash against NSA spying could cost as much as $180 billion in lost business. Facebook Inc., Microsoft Corp. and Apple Inc. are among the companies pushing for limits.
Americans learned of the spying in June 2013 when Snowden, a former NSA contractor revealed a program under which the U.S. uses court orders to compel companies to turn over data about their users. Documents divulged by Snowden also uncovered NSA hacking of fiber-optic cables abroad and installation of surveillance tools into routers, servers and other network equipment.
(click here to continue reading Senate Blocks Vote on Curbing NSA’s Bulk Data Collection Program – Businessweek.)
Devlin Barrett of the WSJ reports that the U.S. Justice Department is collecting data on phones through a novel approach: fake cellphone towers on airplanes that fly around the country. Warrants not necessary, of course, because when you clicked through the EULA terms on your new smartphone, you agreed that you gave up all rights to privacy. Well, probably, because who actually reads those things?
The Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans, according to people familiar with the operations.
The U.S. Marshals Service program, which became fully functional around 2007, operates Cessna aircraft from at least five metropolitan-area airports, with a flying range covering most of the U.S. population, according to people familiar with the program.
Planes are equipped with devices—some known as “dirt boxes” to law-enforcement officials because of the initials of the Boeing Co. unit that produces them1—which mimic cell towers of large telecommunications firms and trick cellphones into reporting their unique registration information.
The technology in the two-foot-square device enables investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location, these people said.
(click here to continue reading Americans’ Cellphones Targeted in Secret U.S. Spy Program – WSJ – WSJ.)
Sounds great. Warrants are so old fashioned, so 20th Century.
Or as Digby adds:
But never fear, they’ve assured us that they are only using it to catch bad guys.They have no interest in anything you might be doing. Well, unless you’re doing something wrong. If you are an upstanding citizen there’s little reason to worry that the police might be re-routing your phone calls without your knowledge right? Why should you care?
In fact, we really need to re-think that whole 4th Amendment thing altogether. When you think about it, you shouldn’t object to the police ransacking your house and your car without any probable cause either. They could be looking for someone they know is in your neighborhood. If you have nothing to hide in your home why would you object? Sure, they might find something they think is suspicious in your house when they go on their fishing expedition but maybe you shouldn’t have suspicious things in your house if you don’t want the cops finding it, eh?
This is what we call liberty.
(click here to continue reading Hullabaloo- Secrets and more secrets .)
Mariella Moon of Engadget writes
These dirtboxes are also sophisticated enough to mimic a particular provider. If a drug dealer under surveillance uses Verizon, for instance, then the machine pretends to be a Verizon cell tower and connects only to all the carrier’s subscribers in the area. Once a target’s phone is identified (at which point, connections to other people’s phones are dropped), the box can pinpoint his location within 3 meters and down to a specific room. The WSJ’s sources wouldn’t reveal how often planes loaded with these boxes are deployed (they have a flying range that covers the whole country’s population, by the way), but they said the Cessnas fly out regularly to target a handful of criminals per flight.
Obviously, the more densely populated the target area is, the more data the boxes collect, but it’s unclear what steps are in place to safeguard innocent people’s information. It’s also unclear at this point if they’ve ever used the newer dirtboxes’ capabilities, which include jamming phones and extracting messages, photos and other data remotely. If you’re thinking, “Hmmm fake cell towers? Those sound ominously familiar,” it’s because this isn’t the first time authorities used them. In fact, this dirtbox project sounds like a larger, airborne version of a previous one, wherein feds placed fake towers called “stingrays” in moving cars.
(click here to continue reading Flying fake cell towers target fugitives, but can ID your phone too.)
- Boeing subsidiary Digital Recovery Technology Inc. or DRT [↩]
FBI Director James Comey continues his public obfuscation tour, blaming the upcoming Joker and Riddler crime spree in Gotham on the fairly new ability of consumers to encrypt data on their own phones against unwilling intrusions by governments and other entities.
The director of the F.B.I., James B. Comey, said on Thursday that the “post-Snowden pendulum” that has driven Apple and Google to offer fully encrypted cellphones had “gone too far.” He hinted that as a result, the administration might seek regulations and laws forcing companies to create a way for the government to unlock the photos, emails and contacts stored on the phones.
But Mr. Comey appeared to have few answers for critics who have argued that any portal created for the F.B.I. and the police could be exploited by the National Security Agency, or even Russian and Chinese intelligence agencies or criminals. And his position seemed to put him at odds with a White House advisory committee that recommended against any effort to weaken commercial encryption.
Apple and Google have announced new software that would automatically encrypt the contents of cellphones, using codes that even the companies could not crack. Their announcement followed a year of disclosures from Edward J. Snowden, the former government contractor who revealed many government programs that collect electronic data, including information on Americans.
The new encryption would hinder investigations involving phones taken from suspects, recovered at crime scenes or discovered on battlefields. But it would not affect information obtained by real-time wiretaps, such as phone conversations, emails or text messages. And the government could still get information that is stored elsewhere, including emails, call logs and, in some cases, old text messages.
(click here to continue reading James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – NYTimes.com.)
You know what isn’t mentioned in this long article? Warrants. I wonder why that is? Could it be that most criminal masterminds do not store their plans to rob Gotham National Bank solely upon their encrypted cellphones, leaving law enforcement completely in the dark? Possibly The Joker leaves other traces of his plan elsewhere? Or discusses his machinations with co-conspirators? According to Mr. Comey, without the government retaining the ability to tap into each and every one of our cellphones at any time, The Joker will win. He’ll win! He’ll win, Batman!
or as Marcy Wheeler rightfully notes, this seems to really be about warrantless searching, especially at the US border:
Encrypting iPhones might have the biggest impact on law enforcement searches that don’t involve warrants, contrary to law enforcement claims this is about warranted searches. As early as 2010, Customs and Border Patrol was searching around 4,600 devices a year and seizing up to 300 using what is called a “border exception.” That is when CBP takes and searches devices from people it is questioning at the border. Just searching such devices does not even require probable cause (though seizing them requires some rationale). These searches increasingly involve smart phones like the iPhone.
These numbers suggest border searches of iPhones may be as common as warranted searches of the devices. Apple provided account content to U.S. law enforcement 155 times last year. It responded to 3,431 device requests, but the “vast majority” of those device requests involved customers seeking help with a lost or stolen phone, not law enforcement trying to get contents off a cell phone (Consumer Reports estimates that 3.1 million Americans will have their smart phones stolen this year). Given that Apple has by far the largest share of the smart phone market in the U.S., a significant number of border device searches involving a smart phone will be an iPhone. Apple’s default encryption will make it far harder for the government to do such searches without obtaining a warrant, which they often don’t have evidence to get.
If law enforcement wants to retain this access, they should be honest about what they might lose and why every iPhone user should be asked to carry a phone that is susceptible to criminal targeting as a result. Trading default encryption for a limited law enforcement purpose is just that — a trade-off — and officials should be prepared to discuss it as such. And, as forensics expert Jonathan Zdziarski explains, there’s a mountain of other data still available to help law enforcement solve crimes. “There is such a mount of peripheral evidence out there that only a small handful of cases are even likely to have the iPhone be the sole smoking gun to begin with,” he explained. “Cops have iCloud data, iCloud backups, call records, voicemail records, text messages from the carrier (if obtained within a certain retention period), gmail, email, web logs, trap and trace, proxy logs, not to mention copies of data from other people involved or from the victims themselves, desktop backups (if available), sometimes even a desktop (as many criminals don’t use encryption at all). Add to that they’re eavesdropping on the whole damn Internet.”
(click here to continue reading America’s huge iPhone lie: Why Apple is being accused of coddling child molesters – Salon.com.)
Remind me again why warrantless searching of personal information is a good thing again? Oh, right, TERROR, and that old shibboleth, kidnapping. Yeah, count me in the “Why not just get a warrant” camp…
The National Security Agency and the nation’s law enforcement agencies have a different concern: that the smartphone is the first of a post-Snowden generation of equipment that will disrupt their investigative abilities.
The phone encrypts emails, photos and contacts based on a complex mathematical algorithm that uses a code created by, and unique to, the phone’s user — and that Apple says it will not possess.
The result, the company is essentially saying, is that if Apple is sent a court order demanding that the contents of an iPhone 6 be provided to intelligence agencies or law enforcement, it will turn over gibberish, along with a note saying that to decode the phone’s emails, contacts and photos, investigators will have to break the code or get the code from the phone’s owner.
Breaking the code, according to an Apple technical guide, could take “more than 5 1/2 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers.” (Computer security experts question that figure, because Apple does not fully realize how quickly the N.S.A. supercomputers can crack codes.)
Already the new phone has led to an eruption from the director of the F.B.I., James B. Comey.
(click here to continue reading Signaling Post-Snowden Era, New iPhone Locks Out N.S.A. – NYTimes.com.)
If the NSA and related agencies hadn’t been so damn aggressive circumventing American law, perhaps Apple wouldn’t have had to taken this additional step.
Or as Vikas Bajaj writes:
But that’s not good enough for Mr. Comey and others. They want Apple (and Google, which makes the Android mobile phone software) to do the hacking for them.
Furthermore, investigators can often get information stored on phones and tablets through other means. For example, they could get the calling history from wireless phone companies like AT&T; same with text messages. And companies like Google and Yahoo would have to turnover messages on their servers if presented with a search warrant. Lastly, law enforcement agencies could also access any photos and videos stored on the phone have been backed up to Apple’s iCloud servers from the company.
(click here to continue reading Using Scare Tactics to Fight Apple – NYTimes.com.)
Plus there is the issue of a dysfunctional Congress, too mired in partisan bickering to actually update the laws for a modern age. Mostly on the Republican side, but not exclusively.
The move raises a critical issue, the intelligence officials say: Who decides what kind of data the government can access? Until now, those decisions have largely been a matter for Congress, which passed the Communications Assistance for Law Enforcement Act in 1994, requiring telecommunications companies to build into their systems an ability to carry out a wiretap order if presented with one. But despite intense debate about whether the law should be expanded to cover email and other content, it has not been updated, and it does not cover content contained in a smartphone.
At Apple and Google, company executives say the United States government brought these changes on itself. The revelations by the former N.S.A. contractor Edward J. Snowden not only killed recent efforts to expand the law, but also made nations around the world suspicious that every piece of American hardware and software — from phones to servers made by Cisco Systems — have “back doors” for American intelligence and law enforcement.
Surviving in the global marketplace — especially in places like China, Brazil and Germany — depends on convincing consumers that their data is secure.
Timothy D. Cook, Apple’s chief executive, has emphasized that Apple’s core business is to sell devices to people. That distinguishes Apple from companies that make a profit from collecting and selling users’ personal data to advertisers, he has said.
and a bit of rationality:
Mr. Zdziarski (Jonathan Zdziarski, a security researcher who has taught forensics courses to law enforcement agencies on collecting data from iPhones) said that concerns about Apple’s new encryption to hinder law enforcement seemed overblown. He said there were still plenty of ways for the police to get customer data for investigations. In the example of a kidnapping victim, the police can still request information on call records and geolocation information from phone carriers like AT&T and Verizon Wireless.
“Eliminating the iPhone as one source I don’t think is going to wreck a lot of cases,” he said. “There is such a mountain of other evidence from call logs, email logs, iCloud, Gmail logs. They’re tapping the whole Internet.”
(click here to continue reading Signaling Post-Snowden Era, New iPhone Locks Out N.S.A. – NYTimes.com.)
Jeff Bezos introduced the latest Amazon hardware device yesterday, the Fire, an entry into the smartphone category. I’m only half finished reading Brad Stone’s biography of Bezos, The Everything Store, but one thing has been made clear: Jeff Bezos is a long-term thinker who makes no small plans.
And so what seems to be Amazon’s long term goal here? Basically, to sell more items at Amazon.com. The Fire is a hand-held cash register customized to selling you more things. Uhh, yay? Are there people out there who are irritated that it takes 10 seconds to order replacement razor blades at Amazon.com? Not to mention there already is an iOS Amazon app that scans either a bar code or the text on a package. I’ve found it occasionally useful, but frequently the scan yields zero results.
The Fire is not really a phone, per say:
Although he did not show the feature onstage, Mr. Bezos confirmed that his expensive new phone does makes calls. “I haven’t made a phone call on my phone in a long time,” he said. “But I know people still make phone calls.”
(click here to continue reading Amazon Fire Phone’s Missed Opportunities – NYTimes.com.)
and skeptics abound:
At the outset, Fire looks to be an attempt to rope Amazon shoppers deeper into its world — the phone is, above all, an enhanced shopping tool. It’s not a realistic shot at the smartphone market.
(click here to continue reading Amazon Phone Is An Enhanced Shopping Tool | Digital – Advertising Age.)
and my second, nearly immediate thought about the Amazon Fire – it seems like an NSA dream! So while the Fire encourages you to purchase more consumer goods, it will allow Amazon.com to collect more meta data about your house, your office, your car, your friends, your neighbors, and so on.
The WSJ notes:
Amazon squeezed a number of new technologies into the Fire, but it seems its biggest innovation may be new uses it found for an old technology: cameras. The Fire doesn’t just take nice photos–it watches you, and what’s around you, to customize what you see and how you interact with the world.
(click here to continue reading First Look: Amazon’s Fire Phone Is Watching You – Personal Tech News – WSJ.)
John Koetsier agrees with me that this sounds a bit creepy, and writes:
How do you think it recognizes those things, including text on images, which Amazon says it will offer language translation features for later this year?
Well, the Firefly button and the camera button are one and the same. Meaning that whenever you use the camera, you’re using Firefly. And whenever you’re using Firefly, you’re using the camera. Plus, of course, you’re turning on audio sensors that capture ambient sound.
And then you’re transmitting all those pictures and sound files to the grandaddy and still global leader in connected cloud technology, the company that pretty much invented what we now call big data analytics for customer insights, and the largest online retailer in the wild wild west.
Amazon.com, of course.
All of those pictures require processing, analysis, and matching, presumably at a level — if they can identify 100 million objects — that can only be done in the cloud, and not on a small handheld device with 2 GB of RAM and 32 GB of on-board storage.
Fortunately for you, dear consumer, Amazon has kindly consented to storing all your photos, forever, in its vast cloudy server farms. How gracious Amazon is, providing that massive service for free! How lucky are you, getting all that for free!
Probably not as lucky as Amazon.
(click here to continue reading Amazon’s Fire Phone might be the biggest privacy invasion ever (and no-one’s noticed) | VentureBeat | Marketing | by John Koetsier.)
I think I’ll pass…
At the May Day rally at the Haymarket Riot Memorial Statue…
More on that surveillance tool: "’Stingray': Increased and Secretive Cell Phone Surveillance by Local Police Raises Alarms
ACLU calls technology the "electronic equivalent of dragnet searches" prohibited by the Fourth Amendment"
embiggen by clicking
I took City of Chicago Emergency Management Surveillance Vehicle on May 01, 2014 at 02:54PM
and processed it in my digital darkroom on May 02, 2014 at 03:37PM
Ahh, our National Security State keeps chugging along, snatching us up in its tentacles…
Police across the country may be intercepting phone calls or text messages to find suspects using a technology tool known as Stingray. But they’re refusing to turn over details about its use or heavily censoring files when they do.
Police say Stingray, a suitcase-size device that pretends it’s a cell tower, is useful for catching criminals, but that’s about all they’ll say.
For example, they won’t disclose details about contracts with the device’s manufacturer, Harris Corp., insisting they are protecting both police tactics and commercial secrets. The secrecy – at times imposed by nondisclosure agreements signed by police – is pitting obligations under private contracts against government transparency laws.
Even in states with strong open records laws, including Florida and Arizona, little is known about police use of Stingray and any rules governing it.
A Stingray device tricks all cellphones in an area into electronically identifying themselves and transmitting data to police rather than the nearest phone company’s tower. Because documents about Stingrays are regularly censored, it’s not immediately clear what information the devices could capture, such as the contents of phone conversations and text messages, what they routinely do capture based on how they’re configured or how often they might be used.
(click here to continue reading POLICE KEEP QUIET ABOUT CELL-TRACKING TECHNOLOGY, BY JACK GILLUM, News from The Associated Press.)
Note that this works on everyone’s cellphones, regardless if you are a criminal suspect, or just a teenage girl texting your friends. Who needs warrants, right? The old United States that celebrated civil liberties as a constitution right has been superseded by 9-11 and the War on Terra.
ACLU Staff Attorney Nathan Freed Wessler writes:
It appears that at least one police department in Florida has failed to tell judges about its use of a cell phone tracking device because the department got the device on loan and promised the manufacturer to keep it all under wraps. But when police use invasive surveillance equipment to surreptitiously sweep up information about the locations and communications of large numbers of people, court oversight and public debate are essential. The devices, likely made by the Florida-based Harris Corporation, are called “stingrays,” and unfortunately this is not the first time the government has tried to hide their use.
So the ACLU and ACLU of Florida have teamed up to break through the veil of secrecy surrounding stingray use by law enforcement in the Sunshine State, last week filing a motion for public access to sealed records in state court, and submitting public records requests to nearly 30 police and sheriffs’ departments across Florida seeking information about their acquisition and use of stingrays.
As two judges noted during the oral argument, as of 2010 the Tallahassee Police Department had used stingrays a staggering 200 times without ever disclosing their use to a judge to get a warrant.
Potentially unconstitutional government surveillance on this scale should not remain hidden from the public just because a private corporation desires secrecy. And it certainly should not be concealed from judges. That’s why we have asked the Florida court that originally sealed the transcript to now make it available to the public. And that’s also why we have asked police departments throughout Florida to tell us whether they use stingrays, what rules they have in place to protect innocent third parties from unjustified invasions of privacy, and whether they obtain warrants from judges before deploying the devices.
Although secret stingray use has increasingly been exposed by the press (and by the ACLU), public details are still scant. Our new work in Florida is part of national efforts to understand how law enforcement is using these devices, and whether reforms are needed to protect our privacy from law enforcement overreach.
(click here to continue reading Police Hide Use of Cell Phone Tracker From Courts Because Manufacturer Asked | American Civil Liberties Union.)
Photo Republished at Government Accuses Sprint Of Overcharging By $21M For Its Wiretapping Services – Consumerist
My photo was used to illustrate this post
What is a Sprint?!? Are they listening now?!? I’m a cat. (swanksalot) The White House has gotten its tab from Sprint for wiretapping expenses and is sending it back with a big old frowny face on it, saying the company is overcharging it by more than $21 million. And by “sending it back,” of course I mean it’s suing Sprint. Feds claim in the lawsuit (PDF) that Sprint inflated charges by about 58% between 2007 and 2010, reports Wired.com.
click here to keep reading :
Government Accuses Sprint Of Overcharging By $21M For Its Wiretapping Services – Consumerist
automatically created via Delicious and IFTTT
Photo Republished at When the FBI asks you to weaken your security so it can spy on your users – Boing Boing
Nico Sell is the CEO of Wickr, a privacy-oriented mobile messaging system that’s been deliberately designed so that the company can’t spy on its users, even if they’re ordered to do so. As we know from the Snowden leaks, spooks hate this kind of thing, and spend $250M/year sabotaging security so that they can spy on everyone, all the time. After a recent presentation, she was approached by an FBI agent who asked her if she’d put a back-door into Wickr.
click here to keep reading :
When the FBI asks you to weaken your security so it can spy on your users – Boing Boing
automatically created via Delicious and IFTTT
We’ve long been dismayed by how powerful and secretive the massive data broker corporations have become. Our data is collected, often surreptitiously, then repackaged and sold to other corporations, and we don’t get a percentage of the profits, nor any real notice that this is happening.
Good news, maybe, from Washington, as reported by Kate Kaye of AdAge:
Today the Senate Commerce Committee held a long-awaited hearing about the consumer-data-broker industry.
“We have a feeling people are getting scammed or screwed,” said Senator Jay Rockefeller, D-W.V., whose office sent inquiries to several data brokers in the past year. He called out data giants Acxiom, Epsilon and Experian, threatening to use more forceful ways of getting them to divulge information about how they do business and with whom.
One concern shared by Mr. Rockefeller and privacy advocates is predatory marketing activity conducted by financial firms or other companies targeting vulnerable groups such as the impoverished or immigrant populations. Another concern is the practice of scoring individuals determined by algorithmic data analysis and serving them with tailored offers. In some cases that could involve higher interest rates for loans or dynamic prices for products based on prior web behavior or demographic data.
“To date they have not given me complete answers,” said Mr. Rockefeller of Acxiom, Epsilon and Experian. “I’m putting these three companies on notice today…that I am considering further steps and I have steps I can use to get this information.”
Mr. Rockefeller sent letters to data companies such as Acxiom, Datalogix, Epsilon, Experian and Transunion in June, then broadened the inquiry to include media firms — typically big collectors of behavioral web data — like About.com, Babycenter.com, Cafemom.com, Time’s Health.com and Conde Nast’s Self.com.
(click here to continue reading Rockefeller to Marketing Data Giants: You’re On Notice | Privacy and Regulation – Advertising Age.)
Bares paying attention to…
Photo Republished at AT&T offers gigabit Internet discount in exchange for your Web history | Ars Technica
My photo was used to illustrate this post
AT&T is watching you browse. AT&T’s “GigaPower” all-fiber network has launched in parts of Austin, Texas, with a price of $70 per month for download speeds of 300Mbps (which will be upgraded to a gigabit at no extra cost in 2014). The $70 price is only available if you agree to see targeted ads from AT&T and its partners, however. Interestingly, AT&T labels the Internet service with targeted ads as its “premier” service while calling the service without targeted ads “standard.”
click here to keep reading :
AT&T offers gigabit Internet discount in exchange for your Web history | Ars Technica
automatically created via Delicious and IFTTT
Harumph. I thought my AT&T bill was on the high side, but seems like my NSA bill trumps that, for usefulness…
Indeed, as the Washington Post revealed when it released portions of the so-called Black Budget, this year’s price tag on America’s spook infrastructure comes out to a whopping $52.6 billion.
This is, of course, a tremendous sum – more than double the size of the Department of Agriculture, more than triple the size of NASA; the list goes on… But, what really puts this number into perspective is its average cost to each American taxpayer, or what I would call the NSA and associated agencies’ “rent.”
Yes, the NSA’s rent, charged to every taxpayer living under its web of surveillance, comes out to an exorbitant $574 per year. If this is the price the federal government is charging American taxpayers to have their own privacy invaded, then I say the NSA’s rent is too damn high.
(click here to continue reading The NSA’s Rent Is Too Damn High | Cato @ Liberty.)
On the bright side, if you add in the 53,676,039 non-taxable returns (from 2011) – i.e., the Takers™ – that means we are only paying $361 a year for the privilege of having our personal information scooped up by the N.S.A. power-vacuum…
We Finally Came To Realize
A troubling tale via Krebs on Security
An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.
Contacted about the reader’s claim, U.S. Info Search CEO Marc Martin said the data sold by the ID theft service was not obtained directly through his company, but rather via Court Ventures, a third-party company with which US Info Search had previously struck an information sharing agreement. Martin said that several years ago US Info Search and CourtVentures each agreed to grant the other company complete access to its stores of information on US consumers.
Founded in 2001, Court Ventures described itself as a firm that “aggregates, repackages and distributes public record data, obtained from over 1,400 state and county sources.” Cached, historic copies of courtventures.com are available through archive.org.
THE ROLE OF EXPERIAN
In March 2012, Court Ventures was purchased by Costa Mesa, Calif.-based Experian, one of the three major consumer credit bureaus. According to Martin, the proprietors of Superget.info had gained access to Experian’s databases by posing as a U.S.-based private investigator. In reality, Martin said, the individuals apparently responsible for running Superget.info were based in Vietnam.
Martin said he first learned of the ID theft service after hearing from a U.S. Secret Service agent who called and said the law enforcement agency was investigating Experian and had obtained a grand jury subpoena against the company.
While the private investigator ruse may have gotten the fraudsters past Experian and/or CourtVentures’ screening process, according to Martin there were other signs that should have alerted Experian to potential fraud associated with the account. For example, Martin said the Secret Service told him that the alleged proprietor of Superget.info had paid Experian for his monthly data access charges using wire transfers sent from Singapore.
“The issue in my mind was the fact that this went on for almost a year after Experian did their due diligence and purchased” Court Ventures, Martin said. “Why didn’t they question cash wires coming in every month? Experian portrays themselves as the databreach experts, and they sell identity theft protection services. How this could go on without them detecting it I don’t know. Our agreement with them was that our information was to be used for fraud prevention and ID verification, and was only to be sold to licensed and credentialed U.S. businesses, not to someone overseas.”
Experian declined multiple requests for an interview.
(click here to continue reading Experian Sold Consumer Data to ID Theft Service — Krebs on Security.)
so if your account was one of the unlucky ones, what was stolen?
These services specialized in selling “fullz” or “fulls,” a slang term that cybercrooks use to describe a package of personally identifiable information that typically includes the following information: an individual’s name, address, Social Security number, date of birth, place of work, duration of work, state driver’s license number, mother’s maiden name, bank account number(s), bank routing number(s), email account(s) and other account passwords. Fulls are most commonly used to take over the identity of a person in order to engage in other fraud, such as taking out loans in the victim’s name or filing fraudulent tax refund requests with the IRS.
All told, findget.me and superget.info acquired or sold fullz information on more than a half million people, the government alleges.
Why exactly do we as a society allow Experian and similar organizations collect this data in the first place? They accumulate the data, and sell it to advertisers, or to scammers, and what benefit does it bestow on us? Other than headache and grief…
especially when Experian will skip away from this investigation with nothing more than a slap on the wrist with a wet noodle…
Meanwhile, it’s not clear what — if any — trouble Experian may face as a result of its involvement in the identity theft scheme. This incident bears some resemblance to a series of breaches at ChoicePoint, a data aggregator that acted as a private intelligence service to government and industry. Beginning in 2004, ChoicePoint suffered several breaches in which personal data on American citizens was accessed by crooks who’d used previously stolen identities to create apparently legitimate businesses seeking ChoicePoint accounts. ChoicePoint was later sued by the U.S. Federal Trade Commission, an action that produced a $10 million settlement — the largest in the agency’s history for a violation of federal privacy law.
Experian makes about $500,000,000 in profit a year, btw.
Oh, nothing to worry your pretty heads about
A series of agency PowerPoint presentations and memos describe how the N.S.A. has been able to develop software and other tools — one document cited a new generation of programs that “revolutionize” data collection and analysis — to unlock as many secrets about individuals as possible.
The spy agency, led by Gen. Keith B. Alexander, an unabashed advocate for more weapons in the hunt for information about the nation’s adversaries, clearly views its collections of metadata as one of its most powerful resources. N.S.A. analysts can exploit that information to develop a portrait of an individual, one that is perhaps more complete and predictive of behavior than could be obtained by listening to phone conversations or reading e-mails, experts say.
Phone and e-mail logs, for example, allow analysts to identify people’s friends and associates, detect where they were at a certain time, acquire clues to religious or political affiliations, and pick up sensitive information like regular calls to a psychiatrist’s office, late-night messages to an extramarital partner or exchanges with a fellow plotter.
(click here to continue reading N.S.A. Gathers Data on Social Connections of U.S. Citizens – NYTimes.com.)
except, as reported by Maureen Dowd of all people, the NSA has built a monster in Utah
The Bluffdale sinkhole, which has quietly started sucking in mountains of data in the shadow of mountains, is the lockbox. This squat, ugly complex of four buildings is the creepy symbol of the N.S.A.’s remorseless reach deep into our lives. I drove onto the Utah National Guard’s Camp Williams base to see the concrete data cloud up close.
Never mind puny terabytes. Or even exabytes, a handful of which can hold all knowledge from the dawn of man, according to estimates.
James Bamford, the chronicler of the untrammeled powers of the “Puzzle Palace,” as he calls the N.S.A., wrote in Wired that the Utah tower of Babel may be able to store a yottabyte. That is equal to a septillion bytes or about 500 quintillion (500,000,000,000,000,000,000) pages of text.
“It’s basically the N.S.A.’s external hard drive,” Bamford told me, noting that our phone call was no doubt being logged by the Bluffdale computers. “It holds more private information than anyplace else on earth.”
Bamford believes that the N.S.A. has transmogrified from an agency that “watched the Soviet Union to make sure it didn’t blow us up with nuclear weapons,” to one “that keeps collecting and collecting and collecting but doesn’t seem to do us any good.”
“They saw 9/11 and all these other terrorist attacks on CNN. They didn’t have a clue. The more electronic hay they stack on their haystack, the more difficult it is to find the needle.”
(click here to continue reading Creeping Cloud – NYTimes.com.)
because, in truth, the NSA doesn’t have to tell the truth about what it does, allegedly in our names:
Democratic Senator Ron Wyden of Oregon told me ruefully that on Thursday, “Alexander put in a lockbox information that he’s told the public he doesn’t have. This is what we’re dealing with.
“They think it’s O.K. to repeatedly say one thing to the public about domestic surveillance and do something completely different in private,” continued Wyden, who pressed Alexander about whether they’re collecting cellphone location information.
The senator is skeptical that the N.S.A. is open to reform, noting, “They’re just putting the same wine in a new bottle.”
We’ve always been at war with Eurasia, right?