An increasingly popular technology for extending cell-phone coverage ranges had a major security hole that went undetected for years, through which an attacker could eavesdrop on everything a target did on their phone, according to new research released on Monday.
The research brings to light previously unknown vulnerabilities in some models of femtocells, devices that mobile network operators use to bring wireless service to low-coverage zones. The compact boxes, which are typically as small as a standard cable modem, can be deployed in hard-to-reach spots like the top of an apartment building or a home in the mountains. Femtocells are also referred to as "network extenders," and analysts project that as many as 50 million of them will be in use by 2014.
How Easy Is It to Hack a Cell Phone? Pretty Easy
From CNN:
Yahoo Wins Suit to Reveal Documents from Secret Court Proceedings
According to the Daily Dot, a court has ruled that documents relating to Yahoo's legal resistance to demands from the Federal government for access to its users' records will be declassified. Excerpt:
Yahoo, initially vilified for being part of the PRISM program, which allows the National Security Agency (NSA) to tap it and other companies for users' information, is about to be vindicated.A court ruled Monday that the Department of Justice must reveal classified documents from 2008 that Yahoo says will demonstrate that the company fought back against a secret court order to reveal their users' data."The Government shall conduct a declassification review of this Court's Memorandum Opinion of [Yahoo's case] and the legal briefs submitted by the parties to this Court," the ruling read. The Department of Justice has two weeks to estimate how long it'll take to declassify the documents and can still redact the parts it finds contains classified information.
Economic Fallout of the NSA Surveillance Scandal
From PC Mag:
Microsoft, despite denials, appears to be in bed with the NSA. Apparently all encryption and other methods to keep documents and discussions private are bypassed and accessible by the NSA and whomever it is working with. This means a third party, for whatever reason, can easily access confidential business deals, love letters, government classified memos, merger paperwork, financial transactions, intra-corporate schemes, and everything in between.
With that said, do you really want to buy a Microsoft product? Do you want to buy anything that gives easy access to snoops poking around at their leisure? If you'd think twice about this, then why would a foreign government rely on Microsoft Office with any confidence? Personally, if I were any foreign government or corporation, I'd stop using all Microsoft products immediately for fear of America spying on me. Nothing can be secret.
If I was a shareholder in any public company, I'd get up at the annual meeting and ask if the company was using Microsoft products and if so, I'd demand to know why it has not dumped them for something else . . .
You've Been Skyped: Microsoft Provides NSA with Backdoor Access
The paranoiacs are proven right, yet again. New documents reveal that Microsoft has provided the NSA with access to its users' audio and video chats on Skype, as well as email and message chat logs. If you want secure messaging, you may have to revert back to carrier pigeons. From Ars Technica:
Skype audio and video chats, widely regarded as resistant to interception thanks to encryption, can be wiretapped by American intelligence agencies, according to a new report in The Guardian. The report appears to contradict claims by Microsoft that it has not provided the contents of Skype communications to the government.
In a story published Thursday, based on documents leaked by former National Security Agency (NSA) contractor Edward Snowden, The Guardian offers some detail about extensive cooperation between the FBI, the National Security Agency, and Microsoft to enable government access to user communications via the intelligence tool known as PRISM. That cooperation included, according to the leaked NSA documents, enabling access to Outlook.com e-mails and chats, the SkyDrive cloud storage service, and Skype audio and video calls.
Anti-Tracking, Anonymous Search Engines Bloom in Aftermath of Mass Surveillance Leaks
If you're not using a search engine such as Duck Duck Go, then it is very likely that the search engine you are using is tracking your every move. Search engines that value privacy and anonymity online are entering a boom following revelations of mass dragnet internet surveillance by government and business. From The Guardian:
Gabriel Weinberg noticed web traffic building on the night of Thursday 6 June – immediately after the revelations about the "Prism" programme. Through the programme, the US's National Security Agency claimed to have "direct access" to the servers of companies including, crucially, the web's biggest search engines – Google, Microsoft and Yahoo.
Within days of the story, while the big companies were still spitting tacks and tight-lipped disclaimers, the search engine Weinberg founded – which pledges not to track or store data about its users – was getting 50% more traffic than ever before. That has gone up and up as more revelations about NSA and GCHQ internet tapping have come in.
"It happened with the release by the Guardian about Prism," says Weinberg, right, a 33-year-old living in Paoli, a suburb of Philadelphia on the US east coast. "We started seeing an increase right when the story broke, before we were covered in the press." From serving 1.7m searches a day at the start of June, it hit 3m within a fortnight.
Yet you've probably never heard of DuckDuckGo.
Florida Lawmakers May Have Made Internet Illegal
As if you needed any more evidence of the ineptitude of U.S. lawmakers, here's a story out of Florida on a lawsuit alleging that state lawmakers have inadvertently made computers and smart phones illegal in their zeal to crack down on gambling at internet cafes. From PC Mag:
A law passed earlier this year, which was intended to crack down on illegal gambling at Internet cafes, is worded in such a way that some are concerned that it might actually allow for a ban of all smartphones and computers in the state.
A lawsuit filed by cafĂ© owner Consuelo Zapata argues that, among other things, the bill "interfere[es] with the promotion of goods and services — computers with Internet access — that are used for the communication of information and ideas."
The bill in question - HB 155 - was signed in to law by Gov. Rick Scott on April 10 and bans "electronic gambling devices."
Lawsuit Against Mass Electronic Surveillance to Proceed
From the EFF:
A federal judge today rejected the U.S. government's latest attempt to dismiss the Electronic Frontier Foundation's (EFF's) long-running challenge to the government's illegal dragnet surveillance programs. Today's ruling means the allegations at the heart of the Jewel case move forward under the supervision of a public federal court.
"The court rightly found that the traditional legal system can determine the legality of the mass, dragnet surveillance of innocent Americans and rejected the government's invocation of the state secrets privilege to have the case dismissed," said Cindy Cohn, EFF's Legal Director. "Over the last month, we came face-to-face with new details of mass, untargeted collection of phone and Internet records, substantially confirmed by the Director of National Intelligence. Today's decision sets the stage for finally getting a ruling that can stop the dragnet surveillance and restore Americans' constitutional rights."
Subscribe to:
Posts (Atom)