TweakTown NewsRefine News by Category:
It was only last week that it was revealed that the National Security Agency hacked into Gemalto, the largest SIM card maker in the world, which broke just after we wrote about the NSA reportedly having access to backdoors in Western Digital and Seagate firmware.
The NSA is back in the news once again, with its director, Mike Rogers, wanting to see calmer action in regards to the government's plans to keep its backdoors operating smoothly. Rogers said that maintaining these "backdoors" would not be harmful to citizens' privacy, would not "fatally compromise encryption and would not ruin international markets for US technology products", reports The Guardian. Rogers said: "If you look at the topology of that attack from North Korea against Sony Pictures Entertainment, it literally bounced all over the world before it got to California. Infrastructure located on multiple continents, in multiple different geographic regions".
Rogers wasn't too clear on how legal or technological protections could be installed so that the various government agencies wouldn't take advantage of having all of this data. The White House is working directly with tech giants like Apple, Yahoo and Google on their encryption for the government to access their mobile data, cloud computing and more.
Well, this is something that is kind of cool and utterly scary at the same time. Mattel has announced Hello Barbie, a next-gen version of its infamous fashion doll that will feature Wi-Fi connectivity and an always-listening feature.
Hello Barbie will record your kids' conversations where it sends it to researchers, securing it in their 'secure' database, where researchers will analyze the conversations with your child. Mattel says that this will enable the new Hello Barbie to become more complex over time, where it offers two-way dialogue, speech recognition, and more.
The dollmaker says that this will allow Hello Barbie to form a "unique relationship" with children, as Hello Barbie will be able to tell jokes, listen, learn and adapt to situations. Because of its Wi-Fi Internet capabilities, it will also be capable of being updated with new software constantly, too. But as for an always-listening Barbie doll in kids bedrooms? I don't know if I like the idea of that.
Troubling news is coming to light. Under a cloak of secrecy over 50 U.S. law enforcement have deployed radars that allow them to see through walls. These agencies include the FBI and the U.S. Marshals Service, and the project began over two years ago. These radars run afoul of a Supreme Court ruling that bans the use of high-tech sensors probing the inside of someone's home without a warrant, which helps to explain the total silence on the new radars.
The sensors are effective out to 50 feet and can detect human movement via radio waves. They are so sensitive they can even pick up human breathing. The new technology came to light during a December federal appeals trial of a parole absconder in Denver. During the trial officials revealed they used the device to locate the man, and the presiding judges sounded off that "the government's warrantless use of such a powerful tool to search inside homes poses grave Fourth Amendment questions."
The devices are manufactured by L-3 Communications under the Range-R product family. Each device costs $6,000 and over 200 devices have been sold to US law enforcement agencies. The radar displays if there is movement on the other side of the wall, and displays how far away the movement is. The Range-R doesn't actually show the inside of the building, but there are other models that do. There are similar radar devices that feature 3-D displays of the location of people in a building, and the Justice Department is already funding development systems that can map entire buildings and locate people, so they surely have no qualms with deploying these devices.
The NSA responded to an ACLU FOIA request by releasing a bunch of documents to the public, but waited until the cover of Christmas Eve when everyone was busy with their families, admitting it had spied on normal, ordinary American citizens.
Considering the NSA has stood before Congress, claiming more than once that it was not abusing its very broad intelligence gathering operations and technologies, but now we know, for a fact, they did, and probably still are. The reports state "The heavily-redacted reports include examples of data on Americans being e-mailed to unauthorized recipients, stored in unsecured computers and retained after it was supposed to be destroyed, according to the documents. They were posted on the NSA's website at around 1:30 p.m. on Christmas Eve."
In a case back in 2012, an NSA analyst "searched her spouse's personal telephone directory without his knowledge to obtain names and telephone numbers for targeting," but don't worry, the NSA analyst in question "has been advised to cease her activities." Then there's this: "In 2012, an analyst conducted surveillance "on a U.S. organization in a raw traffic database without formal authorization because the analyst incorrectly believed that he was authorized to query due to a potential threat," according to the fourth-quarter report from 2012. The surveillance yielded nothing."
Signal System 7 (SS7) powers multiple phone carriers across the world including big names such as AT&T and Verizon - its global telecom network is used to route calls and text and in recent news, this technology has been reported to have some huge security issues associated inside. These issues come in the form of security holes that let hackers listen in to your calls and texts.
ACLU's Cheif Technologist has informed Gizmodo that this flaw is so serious that people should consider no longer using their mobile phone for calls until the problems are fixed.
SS7's outdated infrastructure is said to be the cause of this issue, with German research discovering this invasion of privacy, said to be publishing their full findings later this month at a conference in Hamburg (as according to the Washington Post).
The FBI stepped over its boundaries with this particular case, where the US agency wanted to gain entry into a particular hotel guest's room, all without a warrant. When they couldn't secure one, they did the next best thing: posed as Internet technicians, gaining access to the hotel room, all without a warrant.
From the motion to suppress, we find out: "The next time you call for assistance because the internet service in your home is not working, the "technician" who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and -- when he shows up at your door, impersonating a technician -- let him in. He will walk through each room of your house, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have "consented" to an intrusive search of your home".
The FBI agents secured evidence from the hotel room, and submitted it to a magistrate to get a warrant. Kind of the reverse of what should happen, but they obviously wouldn't have told the judge that they posed as the Internet technicians in order to get into the room to secure the evidence they required to obtain the warrant in the first place.
Just days ago, August Germar showed off his Anonabox privacy router on Kickstarter, quickly flying past his pledge goal of $7500. Germar was promising a router that would give users near ultimate privacy, routing your Internet access through the Tor network. Germar raised $585,549 before Kickstarter suspended his Kickstarter, citing Germar "broke Kickstarter rules".
The Anonabox ball of thread began to unravel when some of its backers began to ask questions about Anonabox's custom hardware, as well as the promised security of its software. It snowballed to the point of many asking for the project to be cancelled, and asked others to report the misleading information to Kickstarter staff. Kickstarter emailed the project investors, telling backers that "a review of the project uncovered evidence that it broke Kickstarter's rules". These rules include the company to prohibit "offering purchased items and claiming to have made them yourself, presenting someone else's work as your own" and "misrepresenting or failing to disclose relevant facts about the project or its creator".
It all started on Tuesday night, with users seeing issues with the router's hardware, with its designer claiming was custom-designed. The backers found that all of the parts could be acquired from Chinese suppliers on sites such as Alibaba. Germar even confirmed with WIRED that the Anonabox prototype he had was built from "off-the-shelf case and a nearly stock board tweaked to add more flash memory storage, both sourced from the Chinese manufacturer Gainstrong", according to Wired.
In this government-spies-on-everyone age, anonymity is hard to come by. But, a group of privacy-focused developers have taken to Kickstarter, asking for funding from the world for something they call, Anonabox. With a goal of $7500, they've blown past that with a huge $146,755 (at the time of writing), with another 28 days still to go.
Anonabox is an open-source router that automatically directs all of your data, with it connecting to your router through Wi-Fi or ethernet, through the Tor network. This hides users' IP addresses, and skips over censorship. Better yet, Anonabox is tiny - small enough that it could easily fit inside of your pocket, or be easily placed anywhere near your router.
Thanks to its tiny size, users can take it with them, plugging it into any router, making their work and Internet use completely anonymous. For people who travel, they could use it in their hotel rooms, or for people in China at an Internet cafe, they can skip over the Great Firewall of China. August Germar, who has spent four years working on Anonabox, explains: "Now all your programs, no matter what you do on your computer, are routed over the Tor network". Germar says that the idea behind Anonabox making the use of Tor easier, but for those who reside in Internet-repressive regimes. He added: "It was important to us that it be portable and small-something you can easily conceal or even throw away if you have to get rid of it".
As part of his remote interview for the New Yorker Festival, Edward Snowden was asked various questions about what people can do about their privacy. His first reply was to cover the reform of government policies.
Snowden said that some people are fine with thinking along the lines of they "don't have anything to hide" but it's not about that according to the ex NSA contractor, who said "you're inverting the model of responsibility for how rights work". The full reply: "When you say, 'I have nothing to hide,' you're saying, 'I don't care about this right.' You're saying, 'I don't have this right, because I've got to the point where I have to justify it.' The way rights work is, the government has to justify its intrusion into your rights".
On an individual level, Snowden warns us all to find encrypted tools, and to stop using services that are "hostile to privacy". One of those services is Dropbox, where Snowden said "get rid of Dropbox", something that he said doesn't support encryption. Snowden did bring up Facebook and Google, both of which he said are "dangerous services". He also added to not send unencrypted text messages, but to instead of services like RedPhone and Silent Circle.
A hacker is claiming to have completed a massive hack, where he has said that he has leaked out photos of some of the biggest female celebrities in the world, including Jennifer Lawrence, Kim Kardashian, and many more. Lawrence's reps have confirmed that the nude photos of her are indeed real, allegedly stolen from her Apple iCloud account.
A spokesperson told HuffPost: "This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence." The hacker claims to have videos of celebrities too, and not just nude photos, as he is offering to release more of his treasure trove in exchange for money.
Representatives for many of the celebrities are coming out claiming that the photos are "completely fake," but there are some that are real, and in this instance, Jennifer Lawrence's reps coming out and confirming the images, proves that this hack has happened and at least some of the pictures are real.