TweakTown NewsRefine News by Category:
Signal System 7 (SS7) powers multiple phone carriers across the world including big names such as AT&T and Verizon - its global telecom network is used to route calls and text and in recent news, this technology has been reported to have some huge security issues associated inside. These issues come in the form of security holes that let hackers listen in to your calls and texts.
ACLU's Cheif Technologist has informed Gizmodo that this flaw is so serious that people should consider no longer using their mobile phone for calls until the problems are fixed.
SS7's outdated infrastructure is said to be the cause of this issue, with German research discovering this invasion of privacy, said to be publishing their full findings later this month at a conference in Hamburg (as according to the Washington Post).
The FBI stepped over its boundaries with this particular case, where the US agency wanted to gain entry into a particular hotel guest's room, all without a warrant. When they couldn't secure one, they did the next best thing: posed as Internet technicians, gaining access to the hotel room, all without a warrant.
From the motion to suppress, we find out: "The next time you call for assistance because the internet service in your home is not working, the "technician" who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and -- when he shows up at your door, impersonating a technician -- let him in. He will walk through each room of your house, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have "consented" to an intrusive search of your home".
The FBI agents secured evidence from the hotel room, and submitted it to a magistrate to get a warrant. Kind of the reverse of what should happen, but they obviously wouldn't have told the judge that they posed as the Internet technicians in order to get into the room to secure the evidence they required to obtain the warrant in the first place.
Just days ago, August Germar showed off his Anonabox privacy router on Kickstarter, quickly flying past his pledge goal of $7500. Germar was promising a router that would give users near ultimate privacy, routing your Internet access through the Tor network. Germar raised $585,549 before Kickstarter suspended his Kickstarter, citing Germar "broke Kickstarter rules".
The Anonabox ball of thread began to unravel when some of its backers began to ask questions about Anonabox's custom hardware, as well as the promised security of its software. It snowballed to the point of many asking for the project to be cancelled, and asked others to report the misleading information to Kickstarter staff. Kickstarter emailed the project investors, telling backers that "a review of the project uncovered evidence that it broke Kickstarter's rules". These rules include the company to prohibit "offering purchased items and claiming to have made them yourself, presenting someone else's work as your own" and "misrepresenting or failing to disclose relevant facts about the project or its creator".
It all started on Tuesday night, with users seeing issues with the router's hardware, with its designer claiming was custom-designed. The backers found that all of the parts could be acquired from Chinese suppliers on sites such as Alibaba. Germar even confirmed with WIRED that the Anonabox prototype he had was built from "off-the-shelf case and a nearly stock board tweaked to add more flash memory storage, both sourced from the Chinese manufacturer Gainstrong", according to Wired.
In this government-spies-on-everyone age, anonymity is hard to come by. But, a group of privacy-focused developers have taken to Kickstarter, asking for funding from the world for something they call, Anonabox. With a goal of $7500, they've blown past that with a huge $146,755 (at the time of writing), with another 28 days still to go.
Anonabox is an open-source router that automatically directs all of your data, with it connecting to your router through Wi-Fi or ethernet, through the Tor network. This hides users' IP addresses, and skips over censorship. Better yet, Anonabox is tiny - small enough that it could easily fit inside of your pocket, or be easily placed anywhere near your router.
Thanks to its tiny size, users can take it with them, plugging it into any router, making their work and Internet use completely anonymous. For people who travel, they could use it in their hotel rooms, or for people in China at an Internet cafe, they can skip over the Great Firewall of China. August Germar, who has spent four years working on Anonabox, explains: "Now all your programs, no matter what you do on your computer, are routed over the Tor network". Germar says that the idea behind Anonabox making the use of Tor easier, but for those who reside in Internet-repressive regimes. He added: "It was important to us that it be portable and small-something you can easily conceal or even throw away if you have to get rid of it".
As part of his remote interview for the New Yorker Festival, Edward Snowden was asked various questions about what people can do about their privacy. His first reply was to cover the reform of government policies.
Snowden said that some people are fine with thinking along the lines of they "don't have anything to hide" but it's not about that according to the ex NSA contractor, who said "you're inverting the model of responsibility for how rights work". The full reply: "When you say, 'I have nothing to hide,' you're saying, 'I don't care about this right.' You're saying, 'I don't have this right, because I've got to the point where I have to justify it.' The way rights work is, the government has to justify its intrusion into your rights".
On an individual level, Snowden warns us all to find encrypted tools, and to stop using services that are "hostile to privacy". One of those services is Dropbox, where Snowden said "get rid of Dropbox", something that he said doesn't support encryption. Snowden did bring up Facebook and Google, both of which he said are "dangerous services". He also added to not send unencrypted text messages, but to instead of services like RedPhone and Silent Circle.
A hacker is claiming to have completed a massive hack, where he has said that he has leaked out photos of some of the biggest female celebrities in the world, including Jennifer Lawrence, Kim Kardashian, and many more. Lawrence's reps have confirmed that the nude photos of her are indeed real, allegedly stolen from her Apple iCloud account.
A spokesperson told HuffPost: "This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence." The hacker claims to have videos of celebrities too, and not just nude photos, as he is offering to release more of his treasure trove in exchange for money.
Representatives for many of the celebrities are coming out claiming that the photos are "completely fake," but there are some that are real, and in this instance, Jennifer Lawrence's reps coming out and confirming the images, proves that this hack has happened and at least some of the pictures are real.
For quite a while now, we've known that the NSA has been spying on millions of citizens within the United States. But with its ICREACH search engine, the US spy agency has a Google-like internal search engine that can quickly flick through some 850 billion files that it keeps on citizens, not just in the US, but across the world.
The Intercept, the new site from Glenn Greenwald, who broke the story on NSA whistleblower Edward Snowden, says that these records are available to 23 agencies. These 23 agencies include the likes of the FBI, the DEA and much more, who can easily access ICREACH. This means that the government can search for very specific bits of data of a target citizen, such as their phone number or email address, with it displaying a list of emails both two and from that person over a certain period of time, analysts can then work out a pattern of who that person is in contact with.
This is achieved thanks to metadata, but don't worry ICREACH doesn't include what was said within a phone call, but it does include who the person was talking to, who called them, and what time the call took place. This data can then be used to determine the target's pattern of behavior, so that if the target was calling a certain person at a particular time, they could plan for that time and listen in.
According to CNN reporter Evan Perez, authorities are now claiming there is a second leaker exposing classified secrets on the government surveillance programs. There has been speculation of a second leaker for a while now, especially from Glenn Greenwald's new outlet, The Intercept.
But, there have been two new stories posted recently that cited unnamed sources, meaning the information given and reported on wasn't coming from Snowden. One of which was from August 2013, months after Snowden had downloaded his documents when he was working with Booz Allen Hamilton in Hawaii, before giving them to Greenwald when he left the country for Hong Kong, before finding solace (in a way) in Russia.
Greenwald said back in July that it "seems clear at this point" that there was a second leaker. We don't know who this second leaker is, but I'm sure after everything Snowden has gone through, he or she won't be unveiling themselves to the world anytime soon.
It was only a year ago that the German government considered the Xbox One to be a monitoring device, and this was at the time of NSA whistleblower Edward Snowden coming out about the NSA spying on the entire world.
Well, the German government is now considering shifting back to the old-fashioned way of writing documents: using a typewriter. The use of a typewriter would be used to type up confidential documents, so that they don't get typed up on a PC, that has an operating system that can be hacked, which is connected to a network. A typewriter can have someone type up a confidential document, finish it, and file it away - without the prying eyes of the NSA getting to it.
Chair of the German Parliament, Patrick Sensburg, has an enquiry into the alleged spying by the NSA, saying that committee members are considering new security measures and are thinking about ditching e-mail in favor of a serious move back to using typewriters. He told the ARD Morning Show Monday: "As a matter of fact, we already have [a typewriter], and it's even a non-electronic typewriter".
It was only a couple of months ago that a New York judge ruled that US search warrants applied to digital information, even if this data was stored somewhere overseas. This happened because of an effort to find a Microsoft user's account information that was stored overseas, in Dublin, Ireland.
The Redmond-based software giant responded to the ruling, challenging it, stating that the US government's longstanding views of digital content on overseas servers was wrong, and that the protections applied to physical media should be extended to cover digital content, too. The US government has replied, saying that according to the Stored Communications Act (SCA), content that is stored online doesn't have the same Fourth Amendment protection as physical data.
The US government said in a statement: "Overseas records must be disclosed domestically when a valid subpoena, order, or warrant compels their production. The disclosure of records under such circumstances has never been considered tantamount to a physical search under Fourth Amendment principles, and Microsoft is mistaken to argue that the SCA provides for an overseas search here. As there is no overseas search or seizure, Microsoft's reliance on principles of extra-territoriality and comity falls wide of the mark".