FBI to Expand Facial Recognition Photo Database

From the EFF:

New documents released by the FBI show that the Bureau is well on its way toward its goal of a fully operational face recognition database by this summer.
EFF received these records in response to our Freedom of Information Act lawsuit for information on Next Generation Identification (NGI)—the FBI’s massive biometric database that may hold records on as much as one third of the U.S. population. The facial recognition component of this database poses real threats to privacy for all Americans.

NGI builds on the FBI’s legacy fingerprint database—which already contains well over 100 million individual records—and has been designed to include multiple forms of biometric data, including palm prints and iris scans in addition to fingerprints and face recognition data. NGI combines all these forms of data in each individual’s file, linking them to personal and biographic data like name, home address, ID number, immigration status, age, race, etc. This immense database is shared with other federal agencies and with the approximately 18,000 tribal, state and local law enforcement agencies across the United States.

The records we received show that the face recognition component of NGI may include as many as 52 million face images by 2015. By 2012, NGI already contained 13.6 million images representing between 7 and 8 million individuals, and by the middle of 2013, the size of the database increased to 16 million images. The new records reveal that the database will be capable of processing 55,000 direct photo enrollments daily and of conducting tens of thousands of searches every day . . .

In order to avoid the prying eyes of government pervs, you might want to consider a new look, such as those being developed by Adam Harvey, who is seeking to "create a growing catalog of designs and techniques that can be employed as camouflage against face detection."

Quantum Leap in Quantum Computing?

From Popular Mechanics:

It's a machine that could calculate solutions to problems so impossibly time-consuming that even the most powerful supercomputers could never handle them. And it would do so in an instant. This is the quantum computer, made possible by the bizarre nature of quantum mechanics. And though the idea is still in its infancy, it's no fantasy.

Two research teams, at Harvard University and the Max Planck Institute of Quantum Optics in Germany, have just announced that they have independently forged the building blocks for tomorrow's quantum computers. As they published today in the journal Nature (1, 2), the scientists discovered a way to hook up atoms and particles of light to create a new type of switch and logic-gate‚ quantum versions of the connecting structures that link bits of data in modern computers. 

Amusingly, the author of the article has apparently fielded some questions in the reddit post on the story and provided a rather tight summary:

New computing equipment allows info to be put into a fucking weird quantum state, which can do crazy shit. Like super fast computing. We've made similar things before, but can't build big computers with them. With this we think we can.

See also, this handy infographic:

 

Anti-Surveillance: Police Dismantle Monitoring Gear on their Own Vehicles

It is difficult to find government officials who are against mass surveillance of the American people and the public worldwide. However, these professional hypocrites are much more sensitive when they themselves are on the other side of the camera.  Police are all for mass surveillance, until you turn it on them. From Ars Technica:

The Los Angeles Police Commission is investigating how half of the recording antennas in the Southeast Division went missing, seemingly as a way to evade new self-monitoring procedures that the Los Angeles Police Department imposed last year.

Anon officer: “No one likes it. Who wants to be followed all over the place?” The antennas, which are mounted onto individual patrol cars, receive recorded audio captured from an officer’s belt-worn transmitter. The transmitter is designed to capture an officer’s voice and transmit the recording to the car itself for storage. The voice recorders are part of a video camera system that is mounted in a front-facing camera on the patrol car. Both elements are activated any time the car’s emergency lights and sirens are turned on, but they can also be activated manually. 

According to the Los Angeles Times, an LAPD investigation determined that around half of the 80 patrol cars in one South LA division were missing antennas as of last summer, and an additional 10 antennas were unaccounted for. Citing a police source, the newspaper said that removing the antennas can reduce the range of the voice transmitters by as much as a third of the normal operating distance.

The Police Commission, an independent body that oversees LAPD policy, was only notified of the situation two months ago.

Inflight Wifi Provider Goes Above and Beyond to Compromise Passenger Info Security

From Wired:

Gogo, the inflight Wi-Fi provider, is used by millions of airline passengers each year to stay connected while flying the friendly skies. But if you think the long arm of government surveillance doesn’t have a vertical reach, think again.

Gogo and others that provide Wi-Fi aboard aircraft must follow the same wiretap provisions that require telecoms and terrestrial ISPs to assist U.S. law enforcement and the NSA in tracking users when so ordered. But they may be doing more than the law requires.

According to a letter Gogo submitted to the Federal Communications Commission, the company voluntarily exceeded the requirements of the Communications Assistance for Law Enforcement Act, or CALEA, by adding capabilities to its service at the request of law enforcement.  The revelation alarms civil liberties groups, which say companies should not be cutting deals with the government that may enhance the ability to monitor or track users.

“CALEA itself is a massive infringement on user’s rights,” says Peter Eckersley of the Electronic Frontier Foundation. “Having ISP’s [now] that say that CALEA isn’t enough, we’re going to be even more intrusive in what we collect on people is, honestly, scandalous.”

Heartbleed: Critical OpenSSL Bug Exposes Secure Traffic

From Ars Technica:

Lest readers think "catastrophic" is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet's Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the contents of confidential e-mails, and other sensitive data belonging to Yahoo Mail and almost certainly countless other services.

The two-year-old bug is the result of a mundane coding error in OpenSSL, the world's most popular code library for implementing HTTPS encryption in websites, e-mail servers, and applications. The result of a missing bounds check in the source code, Heartbleed allows attackers to recover large chunks of private computer memory that handle OpenSSL processes. The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.

Government and Media Incompetence Puts Americans' Data at Risk

In a chilling, but not especially surprising, report at ZDNet, David Gerwitz reveals that incompetence in government has led to a doubling of the number of information security breaches over the last five years, and that incompetence in the media has led to reporting that understates the extent of these breaches by an order of magnitude.  Excerpt:

According to testimony given by Gregory C. Wilshusen, Director of Information Security Issues for the Government Accountability Office to United States Senate Committee on Homeland Security and Governmental Affairs that, and I quote, "most major federal agencies had weaknesses in major categories of information security controls."  In other words, some government agency data security functions more like a sieve than a lockbox. . . .

Some of the data the GAO presented was deeply disturbing. For example, the number of successful breaches doubled since 2009. Doubled. There's also a story inside this story, which I'll discuss later in the article. Almost all of the press reporting on this testimony got the magnitude of the breach wrong. Most reported that government security incidents numbered in the thousands, when, in fact, they numbered in the millions.

USAID Cuban Social Media Front Outed by AP

From The Associated Press:

The U.S. government masterminded the creation of a "Cuban Twitter" — a communications network designed to undermine the communist government in Cuba, built with secret shell companies and financed through foreign banks . . .

USAID and its contractors went to extensive lengths to conceal Washington's ties to the project, according to interviews and documents obtained by the AP. They set up front companies in Spain and the Cayman Islands to hide the money trail, and recruited CEOs without telling them they would be working on a U.S. taxpayer-funded project.

"There will be absolutely no mention of United States government involvement," according to a 2010 memo from Mobile Accord Inc., one of the project's creators. "This is absolutely crucial for the long-term success of the service and to ensure the success of the Mission." . . . 

USAID said in a statement that it is "proud of its work in Cuba to provide basic humanitarian assistance, promote human rights and fundamental freedoms, and to help information flow more freely to the Cuban people," whom it said "have lived under an authoritarian regime" for 50 years. The agency said its work was found to be "consistent with U.S. law."

Interestingly, the initial subscriber base appears to have been put together after the shell corporations illicitly obtained the contact information of thousands of Cubans targeted by the government.

The social media project began development in 2009 after Washington-based Creative Associates International obtained a half-million Cuban cellphone numbers. It was unclear to the AP how the numbers were obtained, although documents indicate they were done so illicitly from a key source inside the country's state-run provider. Project organizers used those numbers to start a subscriber base.