TweakTown NewsRefine News by Category:
It looks like the NSA wants to do some spring cleaning, where it wants to combine its intelligence gathering and cyberdefense groups. But, this creates its own issues, as the intelligence group might be using security flaws to spy on people, and governments, that its cyberdefense team don't even know about - leaving critical systems open to various attacks.
The US spy agency is now reportedly preparing a reorganization that would combine its offensive and defensive capabilities, a move that would help them better coordinate its fight online. The NSA isn't talking specifics just yet, but we should hear more about it this week. The Washington Post reports that it could be more of a cultural shift, versus a technical one. The two divisions already share similar processes, but this move would create a better line of communication between the divisions.
In a freshly unsealed court case from October 2015, a judge asked Apple why it ignored requests to unlock the iPhone of a methamphetamine dealer. Turns out it didn't, the device (an iPhone 5s with iOS 7), was simply set to erase all data if someone attempted to unlock it 10 times in a row unsuccessfully (an unlocking device will try every possible code in quick succession). Presumably, this was by Apple design.
"In most cases now and in the future, the government's requested order would be substantially burdensome, as it would be impossible to perform," Apple stated, going on to say iOS 8 and above are designed to be unhackable by even Apple itself.
One week after the news about New York's encryption bill comes the same word from California: The Golden State has proposed a bill that would ban the sale of encrypted smartphones manufactured on or after January 1, 2016. Likewise, the fine for violating this new law -- should the bill come to pass -- is $2,500.
The motivation for bills like AB 1681 is access to information by authorities in matters of crime, terrorism, and so on. As it often goes, much of the public is concerned it requires the surrender of privacy rights.
Unlike with the New York bill, citizens can't vote for or against it online.
Following Apple's beseeching of the Obama administration to support the public's right to smartphone encryption this week, the New York Senate is now allowing citizens to vote on the matter on its new website.
Assembly Bill A8093, as it's known, requires all phones manufactured January 1, 2016 or later are capable of being unlocked and decrypted. The bill says should a smartphone owner be caught with a new phone that doesn't meet this requirement, they'll be fined $2,500.
The bill is currently in the committee stage; it must pass the New York state senate and assembly before it becomes law. In the meantime, citizens can weigh in here.
Apple CEO Tim Cook has criticized the Obama administration during a meeting it called to discuss counterterrorism issues with tech giants, saying the White House needs to publicly support the right to keep one's digital life private with unbreakable encryption.
To date, FBI and other high-ranking law enforcement have named such measures even in their lesser forms as "tools of terrorists". These same organizations have also requested backdoor access for otherwise unbreakable encryption.
Attorney General Loretta Lynch responded to Cook by expressing an interest in the balance between privacy and national security, which continues to be debated internally.
The UK government's Home Secretary Theresa May has proposed an Investigatory Powers Bill with the aim of bolstering intelligence agencies and law enforcement in surveillance. But, like the Patriot Act in America and Bill C-51 in Canada, it's being criticized for going too far.
Apple has joined the opposition in an effort to see the bill rewritten, saying in a rare public statement that it makes the "personal data of millions of law abiding citizens [...] less secure". Part of its issue is how vague the bill can be, thereby opening it up to abuse of current privacy rights, not just in the UK, but elsewhere, too.
Researchers have discovered there are 256 apps on the App Store that have found their way around Apple's vetting process and violated privacy rights. All of them use the Chinese-developed Youmi SDK. In total, approximately one million people use the apps in question.
To be clear, the developer of any of these apps is not necessarily to blame at all. It appears Youmi is the one interested in acquiring your data, and has insidiously worked gathering tools into its development kit, thereby attempting to cover its tracks and pass the blame onto developers, should the scheme be uncovered.
Nate Lawson, founder of security analytics startup SourceDNA (which uncovered the violations), says this is "definitely the kind of stuff that Apple should have caught."
We already know that most Americans are spied on in every facet of their lives, but it's now come out that AT&T has been working very, very closely with the NSA, sharing Americans' data with them on a scale that should scare most people.
The New York Times is behind the report, where the documents they've seen have said that the NSA has praised AT&T's "extreme willingness to help". The NSA has official instructions to its officials, where when they visit AT&T facilities, they're said to be very polite, with the US spy agency reminding agents that "This is a partnership, not a contractual relationship".
In 2010 alone, AT&T provided the NSA with 1.1 billion domestic cell phone records per day in a bid to stimulate its relationship with the US spy agency before the 10th anniversary of 9/11. In one document from 2013, it has been said that AT&T's "...corporate relationships provide unique accesses to other telecoms and I.S.P.s". This means that other companies that have been using AT&T's networks for transfers, are not safe from the eyes of the NSA, because AT&T has been handing over the information in bulk.
Kim Dotcom has come out swinging, with the Megaupload founder announcing that the 2016 US presidential elections will see some heat coming up with WikiLeaks' founder Julian Assange having some "potential roadblocks" for Hillary Clinton.
Dotcom recently spoke with Bloomberg, where he said that Julian Assange will be Hillary Clinton's "worst nightmare" next year, and that he was "aware of some of the things" that would stop Clinton's rise to the Presidency. We could see a future where Dotcom and Assange work together, with Dotcom saying: "If I can can provide some transparency with these people and make them part of what the Internet Party stands for, then I will be happy to do that".
Later on in the interview, Dotcom added that "Hillary hates Julian, she's just an adversary of, I think, Internet freedom". Bloomberg's Emily Chang added "and she signed your extradition request", to which Dotcom replied with "Yeah, you know the crazy thing is I actually like Hillary, I like Obama... it's just so crazy that all of this happened".
The House of Representatives has just passed the USA Freedom Act on Wednesday, something that passed through with votes of 338-88, something that will see the NSA's all-seeing eye of bulk data collection clamped down.
The bill now moves over to the Senate, where it must be approved or a compromise found, by June 1. This is when the provision of the Patriot Act that allows for the NSA to collect Americans' metadata expires. The Senate is expected to vote by May 22, while The White House supports USA Freedom Act, while Senate Majority Leader Mitch McConnell (R-Ky.) is against it, and wants to expand Section 215 of the Patriot Act.
This move would allow the NSA to continue collecting bulk data, while companies like Google, Apple, Facebook, Microsoft and Twitter along with other big tech companies campaigning in support of the USA Freedom Act as part of the Reform Government Surveillance coalition since late last year.