CNET has learned that U.S. District Judge Susan Illston in San Francisco rejected Google's request to modify or throw out 19 so-called National Security Letters, a warrantless electronic data-gathering technique used by the FBI that does not need a judge's approval. Her ruling came after a pair of top FBI officials, including an assistant director, submitted classified affidavits.
The litigation taking place behind closed doors in Illston's courtroom -- a closed-to-the-public hearing was held on May 10 -- could set new ground rules curbing the FBI's warrantless access to information that Internet and other companies hold on behalf of their users. The FBI issued 192,499 of the demands from 2003 to 2006, and 97 percent of NSLs include a mandatory gag order.
Federal Government Continues Push to Disembowel the Fourth Amendment
The Department of Justice, the FBI and federal judges are continuing their push to disembowel the Fourth Amendment, submitting the United States Constitution to death by a thousand cuts. In secret hearings, federal officials are arguing to federal judges that the Constitution simply does not apply to them, and these judges agree. Of course, the legislature does not object, since the Democratic and Republican parties are strong proponents of the national security police state and surveillance society, and the bulk of the public simply don't care. From CNET:
FBI Internet Surveillance Plan Will Aid Totalitarian Governments and Criminal Networks Wordwide
From Foreign Policy:
The FBI wants a new law that will make it easier to wiretap the Internet. Although its claim is that the new law will only maintain the status quo, it's really much worse than that. This law will result in less-secure Internet products and create a foreign industry in more-secure alternatives. It will impose costly burdens on affected companies. It will assist totalitarian governments in spying on their own citizens. And it won't do much to hinder actual criminals and terrorists.Read the whole article for an interesting history of this issue over the last 30 years.
Texas Set to Enact New Bill Protecting Email from Government Snooping
From Ars Technica:
Assuming that Texas Governor Rick Perry does not veto it, the Lone Star State appears set to enact the nation’s strongest e-mail privacy bill. The proposed legislation requires state law enforcement agencies to get a warrant for all e-mails regardless of the age of the e-mail.On Tuesday, the Texas bill (HB 2268) was sent to Gov. Perry’s desk, and he has until June 16, 2013 to sign it or veto it. If he does neither, it will pass automatically and take effect on September 1, 2013. The bill would give Texans more privacy over their inbox to shield against state-level snooping, but the bill would not protect against federal investigations. The bill passed both houses of the state legislature earlier this year without a single "nay" vote.
Despite the Texas law, all Americans remain vulnerable to email snooping attacks from the federal government.
Australian Govt Drops Microsoft Office Standard, Opts for ODF
The Delimiter reports:
In a move which appears to reverse its previous approach based on Microsoft’s file formats, the Australian Government’s central IT decision-making agency appears to have decided that it will standardise its office documents on the Open Document Format going forward. . . .ODF is an Open Document Format, originally developed by Sun Microsystems for the Open Office suite of programs.
Sheridan added: “Support for ODF is available from a wide range of office productivity suites across a variety of operating system platforms, in both open-source and proprietary implementations, allowing agencies a great deal of flexibility in selecting a product which conforms to the COE Policy standard. Standardising on a format supported by a wide range of office suites provides for the greatest possible degree of interoperability without mandating the use of a specific product, as well as providing the best basis for reliable interchange of information between agencies deploying differing office productivity suites.”
How Does a Password Hack Work?
A fairly well-detailed article at Ars Technica on the "Anatomy of a Hack" shows how hackers go about the process of cracking supposedly secure passwords.
In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.The strength and speed of this attack is not surprising however, since the passwords were encrypted with the MD5 algorithm, which is widely considered to be cryptographically broken. The first flaws were found in the algorithm in the 1990's, and many more followed over the course of the last ten years. So the question is: are a lot of websites still using broken encryption schemes? And if so, how many? And which ones?
Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results . . . Even the least successful cracker of our trio—who used the least amount of hardware, devoted only one hour, used a tiny word list, and conducted an interview throughout the process—was able to decipher 62 percent of the passwords. Our top cracker snagged 90 percent of them.
US Entertainment Industry Continues Its Descent into Global Criminal Mafia
Security hysterics are among the greatest threats to our collective and individual security. These are the types who say we have to sacrifice liberty for freedom, or safety for security. Of course, they don't always put it quite so succinctly, but this, in effect, is what their position boils down to, whether it is the FBI, a corporate lobby or a group of "concerned citizens." From Boing Boing:
The hilariously named "Commission on the Theft of American Intellectual Property" has finally released its report, an 84-page tome that's pretty bonkers. . . . The report proposes that software would be loaded on computers that would somehow figure out if you were a pirate, and if you were, it would lock your computer up and take all your files hostage until you call the police and confess your crime. This is the mechanism that crooks use when they deploy ransomware.
All of the Above: the FBI Continues Its Push for Insecure Network Communications
Tech Cruch asks: "Is the FBI Dumb, Evil, or Just Incompetent?" Do we really have to choose here? These attributes are not mutually exclusive. The only correct answer to this question is: ALL OF THE ABOVE. Excerpt:
A government task force is preparing legislation that would pressure companies such as Facebook and Google to enable law enforcement officials to intercept online communications as they occur,” according to the Washington Post, by fining them increasing sums until they build government-accessible back doors into their systems. . . .The federal government wants us to give up security in the name of security.
the FBI would only be able to wiretap suspects who are either too dumb to use encryption — in which case they ought to be easy enough to catch without wiretaps — or who think they have nothing to hide. Meanwhile, they’d be setting a terrible precedent for other, more draconian governments. Critics say “We’ll look a lot more like China than America after this” … but the Obama administration, which not coincidentally appears to hate whistleblowers above all else, still seems poised to support this initiative. But wait, it gets worse. In order to claim this empty chalice, the powers that be will require a surveillance system that could be abused by the very kind of people it’s supposed to be used against. Could, and almost certainly would . . .
Subscribe to:
Posts (Atom)