From rforno at infowarrior.org Mon Jun 1 08:45:57 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Jun 2015 09:45:57 -0400 Subject: [Infowarrior] - Surreal NYT lede.... Message-ID: <4EC9DBAB-05E5-4699-8220-344EE9F99824@infowarrior.org> A Gap in Surveillance, but Ways Around It By CHARLIE SAVAGE MAY 31, 2015 WASHINGTON ? For the first time since the aftermath of the terrorist attacks of Sept. 11, 2001, Americans are again free to place phone calls ? to friends, lovers, business associates, political groups, doctors and pizza restaurants ? without having logs of those contacts vacuumed up in bulk by the National Security Agency. And for the first time in nearly 14 years, if government agents identify new phone numbers that they suspect are linked to terrorism, they will have to subpoena phone companies for associated calling records and wait for the response to see if anyone in the United States has been in contact with that number. The N.S.A. can no longer simply query its database for the information. < - > http://www.nytimes.com/2015/06/01/us/a-gap-in-surveillance-but-ways-around-it.html -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 1 16:25:35 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Jun 2015 17:25:35 -0400 Subject: [Infowarrior] - McConnell's attempt to water-down USA FREEDOM, explained Message-ID: Senators Should Oppose Senator McConnell?s Amendments and Pass a Clean Version of the USA FREEDOM Act http://www.newamerica.org/oti/senators-should-oppose-senator-mcconnells-amendments-and-pass-a-clean-version-of-the-usa-freedom-act/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jun 1 17:17:07 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Jun 2015 18:17:07 -0400 Subject: [Infowarrior] - CRS: Constitutional Challenges to NSA Collection Activities Message-ID: Overview of Constitutional Challenges to NSA Collection Activities, May 21, 2015, presents an updated survey of recent litigation on the constitutionality of U.S. intelligence surveillance programs. http://fas.org/sgp/crs/intel/R43459.pdf --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jun 2 07:45:29 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 08:45:29 -0400 Subject: [Infowarrior] - Coincidence? Lone-wolf bomb threats on planes reported Message-ID: <4687D095-406C-4272-8798-C1B6A1D017AC@infowarrior.org> Wondering if McConnell, Burr, and others are already using this to support their efforts to water down the USAF Act to turn "the system" back on? I mean, NBC even mentions "lone wolf"! --rick Multiple bomb threats about US aircraft in the air: NBC News CNBC.com staff | @CNBC 24 Mins Ago http://www.cnbc.com/id/102695104 Multiple bomb threats against U.S. aircraft in the air and one on the ground in Philadelphia have been made, according to NBC News. The threats were similar to multiple reports of chemical weapon threats against aircraft that were made last week. It was determined that the claims were fake, and there was speculation that the threats could have been made by an ISIS "lone wolf," NBC News reported. The most recent threats come after Homeland Security Secretary Jeh Johnson said he reassigned the acting administrator for the Transportation Security Administration after earlier ordering improved security at U.S. airports. It followed media reports that checkpoint screeners failed to detect mock explosives and weapons in 95 percent of tests carried out by undercover agents. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 07:47:20 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 08:47:20 -0400 Subject: [Infowarrior] - FBI behind mysterious surveillance aircraft over US cities Message-ID: FBI behind mysterious surveillance aircraft over US cities Jun 2, 3:27 AM (ET) By JACK GILLUM, EILEEN SULLIVAN and ERIC TUCKER http://apnews.myway.com/article/20150602/us--fbi_surveillance_flights-e2320f0d2a.html WASHINGTON (AP) ? The FBI is operating a small air force with scores of low-flying planes across the country carrying video and, at times, cellphone surveillance technology ? all hidden behind fictitious companies that are fronts for the government, The Associated Press has learned. The planes' surveillance equipment is generally used without a judge's approval, and the FBI said the flights are used for specific, ongoing investigations. In a recent 30-day period, the agency flew above more than 30 cities in 11 states across the country, an AP review found. Aerial surveillance represents a changing frontier for law enforcement, providing what the government maintains is an important tool in criminal, terrorism or intelligence probes. But the program raises questions about whether there should be updated policies protecting civil liberties as new technologies pose intrusive opportunities for government spying. U.S. law enforcement officials confirmed for the first time the wide-scale use of the aircraft, which the AP traced to at least 13 fake companies, such as FVX Research, KQM Aviation, NBR Aviation and PXW Services. Even basic aspects of the program are withheld from the public in censored versions of official reports from the Justice Department's inspector general. "The FBI's aviation program is not secret," spokesman Christopher Allen said in a statement. "Specific aircraft and their capabilities are protected for operational security purposes." Allen added that the FBI's planes "are not equipped, designed or used for bulk collection activities or mass surveillance." But the planes can capture video of unrelated criminal activity on the ground that could be handed over for prosecutions. Some of the aircraft can also be equipped with technology that can identify thousands of people below through the cellphones they carry, even if they're not making a call or in public. Officials said that practice, which mimics cell towers and gets phones to reveal basic subscriber information, is rare. Details confirmed by the FBI track closely with published reports since at least 2003 that a government surveillance program might be behind suspicious-looking planes slowly circling neighborhoods. The AP traced at least 50 aircraft back to the FBI, and identified more than 100 flights since late April orbiting both major cities and rural areas. One of the planes, photographed in flight last week by the AP in northern Virginia, bristled with unusual antennas under its fuselage and a camera on its left side. A federal budget document from 2010 mentioned at least 115 planes, including 90 Cessna aircraft, in the FBI's surveillance fleet. The FBI also occasionally helps local police with aerial support, such as during the recent disturbance in Baltimore that followed the death of 25-year-old Freddie Gray, who sustained grievous injuries while in police custody. Those types of requests are reviewed by senior FBI officials. The surveillance flights comply with agency rules, an FBI spokesman said. Those rules, which are heavily redacted in publicly available documents, limit the types of equipment the agency can use, as well as the justifications and duration of the surveillance. Details about the flights come as the Justice Department seeks to navigate privacy concerns arising from aerial surveillance by unmanned aircrafts, or drones. President Barack Obama has said he welcomes a debate on government surveillance, and has called for more transparency about spying in the wake of disclosures about classified programs. "These are not your grandparents' surveillance aircraft," said Jay Stanley, a senior policy analyst with the American Civil Liberties Union, calling the flights significant "if the federal government is maintaining a fleet of aircraft whose purpose is to circle over American cities, especially with the technology we know can be attached to those aircraft." During the past few weeks, the AP tracked planes from the FBI's fleet on more than 100 flights over at least 11 states plus the District of Columbia, most with Cessna 182T Skylane aircraft. These included parts of Houston, Phoenix, Seattle, Chicago, Boston, Minneapolis and Southern California. Evolving technology can record higher-quality video from long distances, even at night, and can capture certain identifying information from cellphones using a device known as a "cell-site simulator" ? or Stingray, to use one of the product's brand names. These can trick pinpointed cellphones into revealing identification numbers of subscribers, including those not suspected of a crime. Officials say cellphone surveillance is rare, although the AP found in recent weeks FBI flights orbiting large, enclosed buildings for extended periods where aerial photography would be less effective than electronic signals collection. Those included above Ronald Reagan Washington National Airport and the Mall of America in Bloomington, Minnesota. After The Washington Post revealed flights by two planes circling over Baltimore in early May, the AP began analyzing detailed flight data and aircraft-ownership registrations that shared similar addresses and flight patterns. That review found some FBI missions circled above at least 40,000 residents during a single flight over Anaheim, California, in late May, according to Census data and records provided by the website FlightRadar24.com. Most flight patterns occurred in counter-clockwise orbits up to several miles wide and roughly one mile above the ground at slow speeds. A 2003 newsletter from the company FLIR Systems Inc., which makes camera technology such as seen on the planes, described flying slowly in left-handed patterns. "Aircraft surveillance has become an indispensable intelligence collection and investigative technique which serves as a force multiplier to the ground teams," the FBI said in 2009 when it asked Congress for $5.1 million for the program. Recently, independent journalists and websites have cited companies traced to post office boxes in Virginia, including one shared with the Justice Department. The AP analyzed similar data since early May, while also drawing upon aircraft registration documents, business records and interviews with U.S. officials to understand the scope of the operations. The FBI asked the AP not to disclose the names of the fake companies it uncovered, saying that would saddle taxpayers with the expense of creating new cover companies to shield the government's involvement, and could endanger the planes and integrity of the surveillance missions. The AP declined the FBI's request because the companies' names ? as well as common addresses linked to the Justice Department ? are listed on public documents and in government databases. At least 13 front companies that AP identified being actively used by the FBI are registered to post office boxes in Bristow, Virginia, which is near a regional airport used for private and charter flights. Only one of them appears in state business records. Included on most aircraft registrations is a mysterious name, Robert Lindley. He is listed as chief executive and has at least three distinct signatures among the companies. Two documents include a signature for Robert Taylor, which is strikingly similar to one of Lindley's three handwriting patterns. The FBI would not say whether Lindley is a U.S. government employee. The AP unsuccessfully tried to reach Lindley at phone numbers registered to people of the same name in the Washington area since Monday. Law enforcement officials said Justice Department lawyers approved the decision to create fictitious companies to protect the flights' operational security and that the Federal Aviation Administration was aware of the practice. One of the Lindley-headed companies shares a post office box openly used by the Justice Department. Such elusive practices have endured for decades. A 1990 report by the then-General Accounting Office noted that, in July 1988, the FBI had moved its "headquarters-operated" aircraft into a company that wasn't publicly linked to the bureau. The FBI does not generally obtain warrants to record video from its planes of people moving outside in the open, but it also said that under a new policy it has recently begun obtaining court orders to use cell-site simulators. The Obama administration had until recently been directing local authorities through secret agreements not to reveal their own use of the devices, even encouraging prosecutors to drop cases rather than disclose the technology's use in open court. A Justice Department memo last month also expressly barred its component law enforcement agencies from using unmanned drones "solely for the purpose of monitoring activities protected by the First Amendment" and said they are to be used only in connection with authorized investigations and activities. A department spokeswoman said the policy applied only to unmanned aircraft systems rather than piloted airplanes. --- Associated Press writers Sean Murphy in Oklahoma City; Joan Lowy and Ted Bridis in Washington; Randall Chase in Wilmington, Delaware; and news researchers Monika Mathur in Washington and Rhonda Shafner in New York contributed to this report. --- View documents: http://apne.ws/1HEyP0t --- Follow on Twitter: Jack Gillum at https://twitter.com/jackgillum, Eileen Sullivan at https://twitter.com/esullivanap and Eric Tucker at https://twitter.com/etuckerap -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 09:17:03 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 10:17:03 -0400 Subject: [Infowarrior] - Government secrecy put on trial Message-ID: <03CFF32E-9BDE-4997-95E6-5F73813495FA@infowarrior.org> Government secrecy put on trial By Megan R. Wilson and Dustin Weaver - 06/02/15 06:00 AM EDT http://thehill.com/homenews/administration/243706-government-secrecy-put-on-trial Endless delays. Inflated costs. Stonewalling officials. And in at least one case, redactions made in duct tape. Welcome to the Freedom of Information Act (FOIA) ? bureaucracy?s house of horrors and the subject of a two-day hearing in the House this week aimed at spotlighting what lawmakers say is a broken system. While FOIA was passed to bring the government?s work into the light, it has resulted in the creation of a maddening system that thwarts reporters, advocacy groups and lawyers at every turn. Members of both parties have expressed increasing frustration over the backlog in obtaining open records and the slow-walking of requests, with the scrutiny amplified by the battle over access to Hillary Clinton?s emails at the State Department. ?What?s frustrating for reporters, open government organizations and members of the public is that the Obama administration made a really strong commitment to transparency at the beginning of their tenure,? said Adam Marshall, a legal fellow at the Reporters Committee for Freedom of the Press. ?Unfortunately,? Marshall said, ?that has not translated into real significant differences in the day-to-day experiences of the public.? Legislation has been introduced in the House and the Senate that would crack down on FOIA obstruction while making reforms to streamline the process. Seeking to drum up support for legislative action, the House Oversight Committee has invited multiple panels of witnesses, including members of the press, to tell their tales of woe. The witness list includes Jason Leopold, a reporter at Vice News who had been dubbed a ?FOIA terrorist? by a federal agency and has led the push to release Clinton?s emails; David McCraw, the vice president assistant general counsel for The New York Times; Tom Fitton, the president of Judicial Watch; and Sharyl Attkisson, a former CBS reporter who says she was rebuffed when investigating the terrorist attacks in Benghazi, Libya. Lawmakers will come to the hearing armed with ammunition of their own, thanks to Chairman Jason Chaffetz?s (R-Utah) open call for FOIA complaints that was circulated around Washington. The committee?s request unearthed several eye-popping cases that lawmakers could bring up when five FOIA officers testify on Wednesday. Among them was the case of ThinkGlobal, an online print and publishing company that sought documents from the Commerce Department?s International Trade Administration. The company was told the documents could be provided ? but at a cost of $2.3 million. After a year of appeals and follow-ups, the documents were handed over at a final cost of $190. The conservative Competitive Enterprise Institute says it ran into difficulty when seeking the emails that Lisa Jackson, the former head of the Environmental Protection Agency (EPA), sent under an alias. The EPA told the group it had identified 120,000 records that could be covered under the group?s request ? but suggested releasing them all could take 100 years. ?As a reminder, to fairly manage our limited resources so as to equitably respond to other Americans who have submitted FOIA requests, 100 documents per month is the production schedule? for this request, the EPA?s FOIA office wrote in its response. At that rate, 1,200 documents would be released each year, meaning the request would take a century to complete. ?This is a very well-thought-out defiance,? said Chris Horner, a senior fellow at the Competitive Enterprise Institute. ?This is a very well-thought-out bird they?ve flipped.? While some FOIA responses aren?t illegal, they occasionally take a turn toward the absurd. One set of documents provided to The Hill had duct tape obscuring redacted text, rather than the usual black marks. The complaints about records requests aren?t limited to the Obama administration. The Oversight panel has been flooded with examples of denials, delays and excessive secrecy stretching back almost 20 years. The National Security Archive, an independent research organization, waited 17 years for the National Archives and Records Administration to provide four 50-year-old documents concerning U.S.-Guatemala relations. The documents ultimately arrived with heavy redactions, the group said in a letter to the Oversight Committee. Advocates say agencies also misuse exemptions in FOIA law to redact information that should be public knowledge, often to avoid embarrassment. In 2012, the American Immigration Lawyers Association (AILA) asked for records on complaints against immigration judges, according to a letter filed to the Oversight Committee by Public Citizen. Only after AILA sued in 2013 did the government begin releasing the documents. Extensive portions were blacked out, with the documents labeled ?non-responsive? to the request, which is not a valid reason to exempt information under FOIA law. ?The district court judge ultimately ordered the agency to release such [?non-responsive?] information, and the subsequent releases reveal that many of the redactions were made to shield information that was plainly responsive to the plaintiff?s request but embarrassing to the agency,? Public Citizen said. The House hearings, occurring both Tuesday and Wednesday, are aimed at drawing attention to legislation moving through Congress intended to reform the open records process. A previous version, which was opposed by some federal agencies, failed to move forward last year. The new bills would require agencies to post more documents online, codify the presumption of openness ushered in by the Obama administration, strengthen the FOIA ombudsman?s office, and sunset the use of exemptions for sensitive government deliberations after 25 years. Officially called the (b)(5) exemption, the latter provision is often derided as the ?withhold because you can? clause, and is widely abused in FOIA responses, according to experts. In one example, the CIA declined to release records to the National Security Archive about the Bay of Pigs operation in 1961, citing the (b)(5) exemption because draft reports about the invasion could ?confuse the public.? While advocates support the proposed FOIA reforms, they fear little will change until government officials can be punished for non-compliance. ?Abuse of (b)(5) is a problem, but the problem is they can get away with it because FOIA is on an honor system that has no accountability for being dishonorable or breaking the law,? Horner said. ?If you want to solve all of these other problems, then make it matter.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 13:02:55 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 14:02:55 -0400 Subject: [Infowarrior] - MPAA: Piracy Poses A Great Cybersecurity Threat Message-ID: <08E1577A-5143-4023-A8C4-7B673CBDF972@infowarrior.org> Of course, Hollywood is conflating piracy w/cybersecurity, because it makes their issue a national security one. I called it earlier this year. --rick Hollywood: Piracy Poses A Great Cybersecurity Threat ? By Ernesto ? on June 2, 2015 http://torrentfreak.com/hollywood-piracy-poses-a-great-cybersecurity-threat-150602/ The MPAA is advising the U.S. Government's Internet Policy Task Force to help combat piracy, which they say poses a great cybersecurity threat. According to Hollywood, cyber criminals use pirated content as bait, to exploit citizens through malware and other scams. The major movie studios have been fighting piracy for decades, claiming that billions of dollars in losses are at stake. Increasingly, however, Hollywood has started to bring piracy onto the political agenda by describing it as a broader cybersecurity threat. Late last week the MPAA submitted its latest call to action, responding to a Department of Commerce Internet Policy Task Force (IPTF) request to identify cybersecurity threats. In their comments the MPAA stresses that the Internet has proven to be a tremendous tool for creativity and commerce, but that there?s also a downside. ?Unfortunately, criminal enterprises are also using the Internet to hack into networks and computers for the purpose of stealing valuable data-whether personally identifiable information, trade secrets, or content,? the MPAA writes. Citing an entertainment industry backed report, the Hollywood studios note that pirate sites are using infringing content as bait for various sorts of scams. ?They are also using Internet ads, as well as pirated content and software or other ?bait,? to fund their efforts and lure Internet users into revealing sensitive information, inadvertently download malware, or unknowingly becoming a node in a botnet,? MPAA adds. To help tackle the issue, the movie studios are hoping for ?voluntary? cooperation from various stakeholders including Internet providers, search engines, payment processors, advertising networks and the domain name industry. As an example, the MPAA notes that search engines should promote legitimate sites in their search results, while removing or pushing down pirated content. The Government can also help these efforts by encouraging cooperation between the various stakeholders, as it did with the Copyright Alert System. The music industry agrees with Hollywood on most of these issues. In a separate set of comments the RIAA also stresses the importance of tackling the piracy problem in order to keep the public safe. ??rogue operators use the offer of infringing versions of our members? sound recordings and music videos as the ?candy? to attract users that are necessary for them to create and exploit cyber vulnerabilities,? RIAA writes. ?In light of this, any discussion addressing malvertising or trusted downloads should also address some of the roots of these problems.? In other words, both the RIAA and MPAA suggest that if the Government wants to increase cybersecurity, it has to help fight piracy. The question is, however, whether the movie studios and music labels are honestly concerned about people being infected by malware, or if they are simply using the angle to get piracy on the political agenda through the backdoor. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 13:09:40 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 14:09:40 -0400 Subject: [Infowarrior] - White House Refuses To Say If We're 'Less Safe' After PATRIOT Act Provisions Expired Message-ID: White House Refuses To Say If We're 'Less Safe' After PATRIOT Act Provisions Expired https://www.techdirt.com/articles/20150602/08154231184/white-house-refuses-to-say-if-were-less-safe-after-patriot-act-provisions-expired.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 13:52:00 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 14:52:00 -0400 Subject: [Infowarrior] - =?utf-8?q?For_Terrorist_Fear-Mongers=2C_It?= =?utf-8?q?=E2=80=99s_Always_the_Scariest_Time_Ever?= Message-ID: <25D4771A-2260-4AD8-B904-C8500F961E4F@infowarrior.org> For Terrorist Fear-Mongers, It?s Always the Scariest Time Ever By Glenn Greenwald @ggreenwald https://firstlook.org/theintercept/2015/06/02/fear-mongers-always-scariest-time-ever/ < - > Here we are 14 years after 9/11, and it?s still always the worst threat ever in all of history, never been greater. If we always face the greatest threat ever, then one of two things is true: 1) fear-mongers serially exaggerate the threat for self-interested reasons, or 2) they?re telling the truth ? the threat is always getting more severe, year after year ? which might mean we should evaluate the wisdom of ?terrorism? policies that constantly make the problem worse. Whatever else is true, the people who should have the least credibility on the planet are the Lindsey Grahams and Dianne Feinsteins who have spent the last 15 years exploiting the terror threat in order to terrorize the American population into doing what they want. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 14:25:33 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 15:25:33 -0400 Subject: [Infowarrior] - Sony hack documentary in the works Message-ID: <4B034B25-C7B6-498E-AA0B-23D5CB830E54@infowarrior.org> Sony hack documentary in the works By HADAS GOLD | 6/2/15 2:54 PM EDT http://www.politico.com/blogs/media/2015/06/sony-hack-documentary-in-the-works-208109.html?hp=l4_4 A documentary about last year's Sony hack is in the works, according to The Hollywood Reporter. Award-winning filmmakers Jehane Noujaim and Karim Amer are working on the documentary, which will reportedly "put forth alternative theories about the hack?s culprit." Not long after the initial hack in November, the FBI and President Barack Obama said North Korea, which wasn't happy with Sony movie "The Interview," was behind the hack. Sony chairwoman Amy Pascal stepped down from her role in February. The film will use the Sony hack as the entry story into a broader look on international cybersecurity, a theme the filmmakers were working on before the hack occurred. ?The Sony story is an important chapter in this larger issue,? Amer told THR. ?The analysts and experts we speak to see it as the 9/11 of cyberattacks, and the implications will be felt for years to come.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 15:17:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 16:17:01 -0400 Subject: [Infowarrior] - USA FREEDOM act passes the Senate /eom Message-ID: <27A64ED6-BFD2-4A1B-8253-6EE433201B74@infowarrior.org> Current vote 62-28 with a few stragglers still coming in. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 15:20:41 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 16:20:41 -0400 Subject: [Infowarrior] - USA FREEDOM act goes to Obama Message-ID: <240B6C4F-0D0C-45DB-B05A-82FF0EBBFEE7@infowarrior.org> Senate Approves Bill to Rein In N.S.A. Surveillance By JENNIFER STEINHAUER and JONATHAN WEISMAN JUNE 2, 2015 http://www.nytimes.com/2015/06/03/us/politics/senate-surveillance-bill-passes-hurdle-but-showdown-looms.html WASHINGTON ? In a remarkable reversal of national security policy formed after the Sept. 11, 2001, terrorist attacks, the Senate voted on Tuesday to curtail the federal government?s sweeping surveillance of American phone records, sending the legislation to President Obama?s desk for his signature. The passage of the measure, achieved after a vigorous debate on the Senate floor, will lead to the reinstatement of government surveillance efforts that were blacked out on Monday after Senator Rand Paul, Republican of Kentucky, blocked their extension. The vote was a rebuke to Senator Mitch McConnell, Republican of Kentucky and the majority leader, as lawmakers beat back a series of amendments that he sought that would have rolled back proposed controls on government spying. Mr. McConnell took the Senate floor to give a speech unusual in its timing and tenacity before the final vote on the bill, which he cast with derision. The new law, he said, would ?take one more tool away from those who defend our country every day.? The vote was held after members of the House starkly warned that they would not accept any changes to the law, setting off an unusual stalemate between House Speaker John A. Boehner and Mr. McConnell. The White House strongly supported the bill and the president is expected to sign it. Especially contentious was a push to strike a provision in the House-passed U.S.A. Freedom Act that would declassify some significant opinions by the secret national security surveillance court. Mr. McConnell has played down the significance of that provision, calling the changes ?discreet and sensible.? Amendment by amendment, his colleagues disagreed, and senators moved to pass the bill. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 19:19:34 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 20:19:34 -0400 Subject: [Infowarrior] - =?utf-8?q?USA_Freedom_Act=3A_What=E2=80=99s_in=2C?= =?utf-8?q?_what=E2=80=99s_out?= Message-ID: USA Freedom Act: What?s in, what?s out By The Washington Post June 2, 2015 http://www.washingtonpost.com/graphics/politics/usa-freedom-act/ What?s out The bill bans the bulk collection of data of Americans? telephone records and Internet metadata. It limits the government?s data collection to the ?greatest extent reasonably practical??which means the government can?t collect all data pertaining to a particular service provider or broad geographic region, such as a city or area code. What?s in Instead of bulk data collection, the bill authorizes the government to collect from phone companies up to ?two hops? of call records related to a suspect, if the government can prove it has ?reasonable? suspicion that the suspect is linked to a terrorist organization. It provides the government with new reporting requirements to FISA authorities. It gives private companies more opportunities to publicly report information about the number of FISA orders they receive. It declassifies FISA Court opinions that contain significant legal interpretations, or, if declassification is not possible, requires that a summary is provided. It requires the FISA Court to designate a panel of ?amicus curiae,? or advocates, to represent the public?s interest in cases that involve novel or significant legal issues. It increases the maximum penalty for material support to terrorism from 15 years to 20 years. It extends the expiration of three Patriot Act provisions?Section 215, roving wiretaps and the lone wolf surveillance authority?to December 2019. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 2 19:23:33 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Jun 2015 20:23:33 -0400 Subject: [Infowarrior] - DEA eavesdropping tripled, bypassed federal courts Message-ID: <554F7E51-6789-4DA7-8D98-115AFB7B6BE8@infowarrior.org> DEA eavesdropping tripled, bypassed federal courts Brad Heath, USA TODAY 5:48 p.m. EDT June 2, 2015 WASHINGTON ? The U.S. Drug Enforcement Administration more than tripled its use of wiretaps and other types of electronic eavesdropping over the past decade, largely bypassing federal courts and Justice Department lawyers in the process, newly obtained records show. The DEA conducted 11,681 electronic intercepts in the fiscal year that ended in September. Ten years earlier, the drug agency conducted 3,394. Most of that ramped-up surveillance was never reviewed by federal judges or Justice Department lawyers, who typically are responsible for examining federal agents' eavesdropping requests. Instead, DEA agents now take 60% of those requests directly to local prosecutors and judges from New York to California, who current and former officials say often approve them more quickly and easily. Drug investigations account for the vast majority of U.S. wiretaps, and much of that surveillance is carried out by the DEA. Privacy advocates expressed concern that the drug agency had expanded its surveillance without going through internal Justice Department reviews, which often are more demanding than federal law requires. < - > http://www.usatoday.com/story/news/2015/06/02/dea-wiretap-surveillance-tripled-in-state-courts/28330503/ -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 3 12:27:28 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Jun 2015 13:27:28 -0400 Subject: [Infowarrior] - Sourceforge Hijacks the Nmap Sourceforge Account Message-ID: <8131EEF4-7095-4B57-B737-EE4BBB2903F4@infowarrior.org> http://seclists.org/nmap-dev/2015/q2/194 Sourceforge Hijacks the Nmap Sourceforge Account From: Fyodor Date: Wed, 3 Jun 2015 00:56:23 -0700 Hi Folks! You may have already read the recent news about Sourceforge.net hijacking the GIMP project account to distribute adware/malware. Previously GIMP used this Sourceforge account to distribute their Windows installer, but they quit after Sourceforge started tricking users with fake download buttons which lead to malware rather than GIMP. Then Sourceforge took over GIMP's account and began distributing a trojan installer which tries to trick users into installing various malware and adware before actually installing GIMP. Of course this goes directly against Sourceforge CEO Michael Schumacher's promise less than two years ago: "we want to reassure you that we will NEVER bundle offers with any project without the developers consent" -- http://sourceforge.net/blog/advertising-bundling-community-and-criticism/ So much for that promise! Anyway, the bad news is that Sourceforge has also hijacked the Nmap account from me. The old Nmap project page is now blank: http://sourceforge.net/projects/nmap/ Meanwhile they have moved all the Nmap content to their new page which only they control: http://sourceforge.net/projects/nmap.mirror/ You can see at the top that the owners of the Nmap page are now 'sf-editor1', and 'sf-editor3'. You can click on those to see other projects they have hijacked. So far they seem to be providing just the official Nmap files (as long as you don't click on the fake download buttons) and we haven't caught them trojaning Nmap the way they did with GIMP. But we certainly don't trust them one bit! Sourceforge is pulling the same scheme that CNet Download.com tried back when they started circling the drain: http://insecure.org/news/download-com-fiasco.html We will ask Sourceforge to remove the hijacked Nmap page, but more importantly we want to reiterate that you should only download Nmap from our official SSL Nmap site: https://nmap.org/download.html If you don't trust SSL by itself (and we don't blame you), you can also check the GPG signatures: https://nmap.org/book/install.html#inst-integrity Cheers, Fyodor PS: Ars Technica has a good article about the Sourceforge/GIMP fiasco: http://arstechnica.com/?p=673477 PPS: Sourceforge now claims they will stop trojaning software without the developer's permission, but they've broken that exact promise before. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 3 15:22:42 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Jun 2015 16:22:42 -0400 Subject: [Infowarrior] - DOD's insane barter on reporter's FOIA request Message-ID: Reporter says Pentagon agreed to give up docs if he never submits another FOIA request By Erik Wemple June 2 at 4:59 PM http://www.washingtonpost.com/blogs/erik-wemple/wp/2015/06/02/reporter-says-pentagon-agreed-to-give-up-docs-if-he-never-submits-another-foia-request/ Everyone has a FOIA horror story, though the one told by Vice News investigative reporter Jason Leopold in today?s FOIA hearing before the House Oversight and Government Reform Committee deserves its very own headline. When asked about why some agencies just refuse to cough up material, Leopold offered this example: Leopold: The Office of Net Assessment (ONA) is the Pentagon?s in-house think tank. They spend millions and millions of dollars putting together reports ? reports that they contract out about perhaps some futuristic warfare, or what the situation in the Middle East is going to look like with regards to oil. I asked for those reports. I filed a FOIA request; they refused to comply with my FOIA request. They said it was too broad. I narrowed it, they still said it was too broad. I sued them. Recently they said that ?We?ll give you some documents as long as you promise to never file a FOIA request again and don?t have anyone else file a FOIA request on your behalf.? Rep. Mark DeSaulnier (D-Calif.): How is that legal? Leopold: I don?t know but they put this in writing and I?m really looking forward to the day when I write this story up. The reports, says Leopold, aren?t classified. As reported by USA Today, one ONA study appraised the body language patterns of Russian President Vladimir Putin and other world leaders. More from Leopold: ?Not only will they not give up the reports, they can?t find the reports,? he said, alleging government waste. ?As a matter of policy, we don?t comment on legal matters,? says Defense Department spokeswoman Lt. Col. Valerie Henderson. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 06:31:31 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 07:31:31 -0400 Subject: [Infowarrior] - =?utf-8?q?Congressman_Warns_of_Encrypted_?= =?utf-8?b?4oCcRGFyayBTcGFjZXPigJ07IEFub3RoZXIgU2F5czog4oCcT29vb2ggSXQg?= =?utf-8?q?Sounds_Really_Scary=E2=80=9D?= Message-ID: <159876BA-3006-46F2-9A9B-F082EAC3D6AA@infowarrior.org> Congressman Warns of Encrypted ?Dark Spaces?; Another Says: ?Ooooh It Sounds Really Scary? By Sam Sacks Yesterday at 7:23 PM https://firstlook.org/theintercept/2015/06/03/one-congressman-warns-encrypted-dark-spaces-another-says-ooooh-sounds-really-scary/ House Homeland Security Committee Chairman Michael McCaul called the use of encrypted communication a ?tremendous threat to the homeland? on Wednesday. At a hearing called ?Terrorism Gone Viral,? about possible lone-wolf terrorists, the Texas Republican warned: ?They have the ability to go on to what?s called ?dark space? ? to go on to another platform that is ?secure-com? that we don?t have the ability to monitor these communications.? But in an interview with The Intercept, Rep. Ted Lieu, D-Calif, made light of McCaul?s fears. ?When they talk about dark places, ooooh it sounds really scary,? Lieu said. ?But you have a dark place in your home you can talk, you can meet in a park ?- there are a zillion dark places the FBI will never get to and they shouldn?t because we don?t want to be monitored in our home.? Encryption scrambles electronic communications so that they are unintelligible to anyone but the intended recipient. It has long been a key element of the Internet ? critical, for instance, to enabling commerce. Obama administration law enforcement officials have been engaging in a fearmongering campaign to demonize its use, but a recent United Nations report called it an essential tool needed to protect the right of freedom of opinion and expression in the digital age ?The notion that encryption is somehow different than other forms of destroying and hiding things is simply not true,? Lieu told The Intercept. ?Forty years ago, you could make the statement that paper shredders are one of the most damaging things to national security because they destroy documents that law enforcement might want to see.? McCaul and Lieu also differ on what they want to hear from the FBI on the topic. McCaul encouraged Michael Steinbach, the assistant director of the FBI?s counterterrorism division, to help Congress figure out how to fight encryption. Steinbach, for his part, announced: ?We are past going dark. We are dark.? Lieu said the FBI ?will fail partly because what they are asking for is technologically not possible.?You cannot put in a back door only for the good guys. The computer is ones and zeros ? it can?t tell who is putting in that encryption key, whether it?s the FBI director, the leader of Hamas or a criminal actor.? Lieu, joined by Rep. Will Hurd, R-Texas, the Chairman of the Government Oversight Committee?s Information and Technology Subcommittee, penned a letter last week to FBI Director James Comey, saying that they ?strongly, but respectfully, disagree? with the bureau?s legislative outreach on encryption. Meanwhile, during Wednesday?s debate on the Justice Department spending bill, Rep. Thomas Massie, R-Ky., succeeded in affixing an amendment to the must-pass legislation that forbids the National Institute of Standards and Technology from eroding cryptographic standards at the behest of the NSA. Rep. Massie claimed his amendment would ?prevent the government from putting backdoors in your software that allows them to spy on you with out a warrant.? (This post is from our blog: Unofficial Sources.) Photo of Michael McCaul by Chip Somodevilla/Getty Images -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 06:31:43 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 07:31:43 -0400 Subject: [Infowarrior] - House challenges Obama on 'backdoor' surveillance Message-ID: House challenges Obama on 'backdoor' surveillance By Cory Bennett - 06/03/15 06:11 PM EDT http://thehill.com/policy/cybersecurity/243958-house-oks-amendments-to-counter-obama-encryption-stance House lawmakers this week tacked on two amendments to a key funding bill in an effort to stymie what they see as attempts by the Obama administration to weaken encryption. One amendment, from Reps. Zoe Lofgren (D-Calif.) and Ted Poe (R-Texas) would bar the government from forcing a company to alter its security measures in order to surveil users. Critics have termed those practices "backdoor" surveillance. The other, from Lofgren and Rep. Thomas Massie (R-Ky.), would withhold funds related to setting cryptographic guidelines unless those suggestions would improve information security. Both were approved by voice vote as the bill was debated Tuesday and Wednesday, although it's unlikely the Senate will take them up as well. Congress this week has been considering the Commerce, Justice and Science Appropriations Act. The bill funds a number of agencies critical to encryption quality in the U.S., such as the Justice and Commerce Departments. The DOJ houses the FBI, while Commerce includes a standards-setting agency, the National Institute of Standards and Technology (NIST). As they have on previous budget bills, the liberal and libertarian wings of Congress came together this week to try and push through amendments they think are necessary to stopping the government from degrading encryption. ?That?s all we can do at this point,? Lofgren told the Hill. It?s a battle that has been playing out since government leaker Edward Snowden in 2013 disclosed government spying efforts. Several documents from Snowden?s file indicated the National Security Agency (NSA) had worked with NIST to deliberately introduce flaws into cryptographic standards that NIST publishes. Those guidelines had been considered the gold standard for locking down data from prying eyes. More recently, the Obama administration, and the FBI in particular, has been publicly lobbying for some form of guaranteed entry into encrypted data. FBI officials argue they need a method of legitimately accessing information on devices and social media platforms. They say we can?t allow a ?zone of privacy,? in which criminals can operate without fear of discovery. Technologists have countered that allowing any means of guaranteed access renders encryption inherently flawed. If the government has a way in, hackers have a way in, they maintain. In the past, the Senate has declined to adopt the encryption amendments when considering House-passed budget bills with similar add-ons. ?I think that the White House ought to heed this congressional action,? said Gregory Nojeim, senior counsel for the Center for Democracy & Technology, a digital rights advocate. ?It?s movement against the FBI position that our technologies ought to be made more vulnerable.? -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 10:13:19 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 11:13:19 -0400 Subject: [Infowarrior] - N.S.A. Secretly Expands Internet Spying at U.S. Border Message-ID: <93303058-37E8-447A-AA17-0206F315CC06@infowarrior.org> Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border By CHARLIE SAVAGE, JULIA ANGWIN, JEFF LARSON and HENRIK MOLTKEJUNE 4, 2015 http://www.nytimes.com/2015/06/05/us/hunting-for-hackers-nsa-secretly-expands-internet-spying-at-us-border.html WASHINGTON ? Without public notice or debate, the Obama administration has expanded the National Security Agency?s warrantless surveillance of Americans? international Internet traffic to search for evidence of malicious computer hacking, according to classified N.S.A. documents. In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad ? including traffic that flows to suspicious Internet addresses or contains malware, the documents show. The Justice Department allowed the agency to monitor only addresses and ?cybersignatures? ? patterns associated with computer intrusions ? that it could tie to foreign governments. But the documents also note that the N.S.A. sought to target hackers even when it could not establish any links to foreign powers. The disclosures, based on documents provided by Edward J. Snowden, the former N.S.A. contractor, and shared with The New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance. While the Senate passed legislation this week limiting some of the N.S.A.?s authority, it involved provisions in the U.S.A. Patriot Act and did not apply to the warrantless wiretapping program. Government officials defended the N.S.A.?s monitoring of suspected hackers as necessary to shield Americans from the increasingly aggressive activities of foreign governments. But critics say it raises difficult trade-offs that should be subject to public debate. The N.S.A.?s activities run ?smack into law enforcement land,? said Jonathan Mayer, a cybersecurity scholar at Stanford Law School who has researched privacy issues and who reviewed several of the documents. ?That?s a major policy decision about how to structure cybersecurity in the U.S. and not a conversation that has been had in public.? It is not clear what standards the agency is using to select targets. It can be hard to know for sure who is behind a particular intrusion ? a foreign government or a criminal gang ? and the N.S.A. is supposed to focus on foreign intelligence, not law enforcement. The government can also gather significant volumes of Americans? information ? anything from private emails to trade secrets and business dealings ? through Internet surveillance because monitoring the data flowing to a hacker involves copying that information as the hacker steals it. One internal N.S.A. document notes that agency surveillance activities through ?hacker signatures pull in a lot.? Brian Hale, the spokesman for the Office of the Director of National Intelligence, said, ?It should come as no surprise that the U.S. government gathers intelligence on foreign powers that attempt to penetrate U.S. networks and steal the private information of U.S. citizens and companies.? He added that ?targeting overseas individuals engaging in hostile cyberactivities on behalf of a foreign power is a lawful foreign intelligence purpose.? The effort is the latest known expansion of the N.S.A.?s warrantless surveillance program, which allows the government to intercept Americans? cross-border communications if the target is a foreigner abroad. While the N.S.A. has long searched for specific email addresses and phone numbers of foreign intelligence targets, the Obama administration three years ago started allowing the agency to search its communications streams for less-identifying Internet protocol addresses or strings of harmful computer code. The surveillance activity traces to changes that began after the Sept. 11 terrorist attacks. The government tore down a so-called wall that prevented intelligence and criminal investigators from sharing information about suspected spies and terrorists. The barrier had been erected to protect Americans? rights because intelligence investigations use lower legal standards than criminal inquiries, but policy makers decided it was too much of an obstacle to terrorism investigations. The N.S.A. also started the warrantless wiretapping program, which caused an outcry when it was disclosed in 2005. In 2008, under the FISA Amendments Act, Congress legalized the surveillance program so long as the agency targeted only noncitizens abroad. A year later, the new Obama administration began crafting a new cybersecurity policy ? including weighing whether the Internet had made the distinction between a spy and a criminal obsolete. ?Reliance on legal authorities that make theoretical distinctions between armed attacks, terrorism and criminal activity may prove impractical,? the White House National Security Council wrote in a classified annex to a policy report in May 2009, which was included in the N.S.A.?s internal files. About that time, the documents show, the N.S.A. ? whose mission includes protecting military and intelligence networks against intruders ? proposed using the warrantless surveillance program for cybersecurity purposes. The agency received ?guidance on targeting using the signatures? from the Foreign Intelligence Surveillance Court, according to an internal newsletter. In May and July 2012, according to an internal timeline, the Justice Department granted its secret approval for the searches of cybersignatures and Internet addresses. The Justice Department tied that authority to a pre-existing approval by the secret surveillance court permitting the government to use the program to monitor foreign governments. That limit meant the N.S.A. had to have some evidence for believing that the hackers were working for a specific foreign power. That rule, the N.S.A. soon complained, left a ?huge collection gap against cyberthreats to the nation? because it is often hard to know exactly who is behind an intrusion, according to an agency newsletter. Different computer intruders can use the same piece of malware, take steps to hide their location or pretend to be someone else. So the N.S.A., in 2012, began pressing to go back to the surveillance court and seek permission to use the program explicitly for cybersecurity purposes. That way, it could monitor international communications for any ?malicious cyberactivity,? even if it did not yet know who was behind the attack. The newsletter described the further expansion as one of ?highest priorities? of the N.S.A. director, Gen. Keith B. Alexander. However, a former senior intelligence official said that the government never asked the court to grant that authority. Meanwhile, the F.B.I. in 2011 had obtained a new kind of wiretap order from the secret surveillance court for cybersecurity investigations, permitting it to target Internet data flowing to or from specific Internet addresses linked to certain governments. To carry out the orders, the F.B.I. negotiated in 2012 to use the N.S.A.?s system for monitoring Internet traffic crossing ?chokepoints operated by U.S. providers through which international communications enter and leave the United States,? according to a 2012 N.S.A. document. The N.S.A. would send the intercepted traffic to the bureau?s ?cyberdata repository? in Quantico, Virginia. The disclosure that the N.S.A. and the F.B.I. have expanded their cybersurveillance adds a dimension to a recurring debate over the post-Sept. 11 expansion of government spying powers: Information about Americans sometimes gets swept up incidentally when foreigners are targeted, and prosecutors can use that information in criminal cases. Citing the potential for a copy of data ?exfiltrated? by a hacker to contain ?so much? information about Americans, one N.S.A. lawyer suggested keeping the stolen data out of the agency?s regular repository for information collected by surveillance so that analysts working on unrelated issues could not query it, a 2010 training document showed. But it is not clear whether the agency or the F.B.I. has imposed any additional limits on the data of hacking victims. In a response to questions for this article, the F.B.I. pointed to its existing procedures for protecting victims? data acquired during investigations, but also said it continually reviewed its policies ?to adapt to these changing threats while protecting civil liberties and the interests of victims of cybercrimes.? None of these actions or proposals had been disclosed to the public. As recently as February, when President Obama spoke about cybersecurity at an event at Stanford University, he lauded the importance of transparency but did not mention this change. ?The technology so often outstrips whatever rules and structures and standards have been put in place, which means that government has to be constantly self-critical and we have to be able to have an open debate about it,? Mr. Obama said. Julia Angwin and Jeff Larson report for ProPublica. Laura Poitras contributed reporting -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 12:08:57 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 13:08:57 -0400 Subject: [Infowarrior] - The NSA Revelations All in One Chart Message-ID: <9D2FD7AA-28E7-45B6-B341-205B01A89EE8@infowarrior.org> The NSA Revelations All in One Chart This is a plot of the NSA programs revealed in the past year according to whether they are bulk or targeted, and whether the targets of surveillance are foreign or domestic. Most of the programs fall squarely into the agency?s stated mission of foreign surveillance, but some ? particularly those that are both domestic and broad-sweeping ? are more controversial. Just as with the New York Magazine approval matrix that served as our inspiration, the placement of each program is based on judgments and is approximate. http://projects.propublica.org/nsa-grid/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 15:25:35 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 16:25:35 -0400 Subject: [Infowarrior] - You Can Be Prosecuted for Clearing Your Browser History Message-ID: <821ACC0E-8EEB-427F-9BEA-3D6073D11B76@infowarrior.org> You Can Be Prosecuted for Clearing Your Browser History Juliana DeVries on June 2, 2015 - 0:11PM ET Khairullozhon Matanov is a 24-year-old former cab driver from Quincy, Massachusetts. The night of the Boston Marathon bombings, he ate dinner with Tamerlan and Dhzokhar Tsarnaev at a kebob restaurant in Somerville. Four days later Matanov saw photographs of his friends listed as suspects in the bombings on the CNN and FBI websites. Later that day he went to the local police. He told them that he knew the Tsarnaev brothers and that they'd had dinner together that week, but he lied about whose idea it was to have dinner, lied about when exactly he had looked at the Tsarnaevs' photos on the Internet, lied about whether Tamerlan lived with his wife and daughter, and lied about when he and Tamerlan had last prayed together. Matanov likely lied to distance himself from the brothers or to cover up his own jihadist sympathies?or maybe he was just confused. Then Matanov went home and cleared his Internet browser history. Matanov continued to live in Quincy for over a year after the bombings. During this time the FBI tracked him with a drone-like surveillance plane that made loops around Quincy, disturbing residents. The feds finally arrested and indicted him in May 2014. They never alleged that Matanov was involved in the bombings or that he knew about them beforehand, but they charged him with four counts of obstruction of justice. There were three counts for making false statements based on the aforementioned lies and?remarkably?one count for destroying "any record, document or tangible object" with intent to obstruct a federal investigation. This last charge was for deleting videos on his computer that may have demonstrated his own terrorist sympathies and for clearing his browser history. Matanov faced the possibility of decades in prison?twenty years for the records-destruction charge alone. Federal prosecutors charged Matanov for destroying records under the Sarbanes-Oxley Act, a law enacted by Congress in the wake of the Enron scandal. The law was, in part, intended to prohibit corporations under federal investigation from shredding incriminating documents. But since Sarbanes-Oxley was passed in 2002 federal prosecutors have applied the law to a wider range of activities. A police officer in Colorado who falsified a report to cover up a brutality case was convicted under the act, as was a woman in Illinois who destroyed her boyfriend's child pornography. Prosecutors are able to apply the law broadly because they do not have to show that the person deleting evidence knew there was an investigation underway. In other words, a person could theoretically be charged under Sarbanes-Oxley for deleting her dealer's number from her phone even if she were unaware that the feds were getting a search warrant to find her marijuana. The application of the law to digital data has been particularly far-reaching because this type of information is so easy to delete. Deleting digital data can inadvertently occur in normal computer use, and often does. < - > http://m.thenation.com/article/208593-you-can-be-prosecuted-clearing-your-browser-history -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 17:09:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 18:09:56 -0400 Subject: [Infowarrior] - OPM records breached, allegedly by China Message-ID: <5B35FCA0-E127-420F-9340-4EC111CB6D1F@infowarrior.org> Chinese hackers breach federal government?s personnel office By Ellen Nakashima June 4 at 5:07 PM http://www.washingtonpost.com/world/national-security/chinese-hackers-breach-federal-governments-personnel-office/2015/06/04/889c0e52-0af7-11e5-95fd-d580f1c5d44e_story.html Chinese hackers breached the computer system of the Office of Personnel Management in December, officials said Thursday, and the agency will notify some 4 million current and former federal employees that their personal data may have been compromised. The hack was the second major intrusion of the agency by China in less than a year. OPM, using new tools, discovered the breach in April, said officials at the agency who declined to comment on who was behind the hack. Other U.S. officials, who spoke on conditions of anonymity because it is an ongoing investigation, identified the hackers as being from China. The data potentially exposed included employees? job assignments, performance ratings and training, the officials said. The breach did not involve background or clearance investigations, they said. ?Certainly, OPM is a high value target,? said OPM Chief Information Officer Donna Seymour, in an interview. ?We have a lot of information about people, and that is something that our adversaries want.? With that understanding, she said, within the last year ?OPM has undertaken an aggressive effort to update our cybersecurity posture, adding numerous tools and capabilities to our networks. As a result of adding these tools, we were able to detect this intrusion into our networks.? ?Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,? said the agency?s director, Katherine Archuleta, in a statement. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 19:29:09 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 20:29:09 -0400 Subject: [Infowarrior] - Inside Washington's Quest to Bring Down Edward Snowden Message-ID: <113BF8AF-8EF7-4606-9F8E-419CBA38755B@infowarrior.org> Inside Washington's Quest to Bring Down Edward Snowden By Jason Leopold June 4, 2015 | 1:30 pm https://news.vice.com/article/exclusive-inside-washingtons-quest-to-bring-down-edward-snowden -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 20:10:05 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 21:10:05 -0400 Subject: [Infowarrior] - Cyber irony Message-ID: <644993A2-2140-45CC-86C5-56BD3C99CE02@infowarrior.org> Some days you just can't make this stuff up if you tried.....someone cue up 'Yakety Sax' before reading further. --rick Current NYT Lede #1: Data Breach Linked to China Affects Millions of U.S. Workers By DAVID E. SANGER and JULIE HIRSCHFELD DAVIS 33 minutes ago The intrusion, which appears to have involved information on about four million current and former government workers, was the third such breach in the last year. ... and right below it, NYT Lede #2: N.S.A. Widens Internet Spying to Find Hackers By CHARLIE SAVAGE, JULIA ANGWIN, JEFF LARSON and HENRIK MOLTKE The Obama administration has expanded the warrantless surveillance of Americans? international Internet traffic to search for evidence of cyberattacks, classified documents show. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 4 21:06:59 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Jun 2015 22:06:59 -0400 Subject: [Infowarrior] - Snowden's NYT Op-Ed Message-ID: <3BFFAE40-CC42-4BA4-AB56-A416651303D0@infowarrior.org> Edward Snowden: The World Says No to Surveillance By EDWARD J. SNOWDENJUNE 4, 2015 http://www.nytimes.com/2015/06/05/opinion/edward-snowden-the-world-says-no-to-surveillance.html MOSCOW ? TWO years ago today, three journalists and I worked nervously in a Hong Kong hotel room, waiting to see how the world would react to the revelation that the National Security Agency had been making records of nearly every phone call in the United States. In the days that followed, those journalists and others published documents revealing that democratic governments had been monitoring the private activities of ordinary citizens who had done nothing wrong. Within days, the United States government responded by bringing charges against me under World War I-era espionage laws. The journalists were advised by lawyers that they risked arrest or subpoena if they returned to the United States. Politicians raced to condemn our efforts as un-American, even treasonous. Privately, there were moments when I worried that we might have put our privileged lives at risk for nothing ? that the public would react with indifference, or practiced cynicism, to the revelations. Never have I been so grateful to have been so wrong. Two years on, the difference is profound. In a single month, the N.S.A.?s invasive call-tracking program was declared unlawful by the courts and disowned by Congress. After a White House-appointed oversight board investigation found that this program had not stopped a single terrorist attack, even the president who once defended its propriety and criticized its disclosure has now ordered it terminated. This is the power of an informed public. Ending the mass surveillance of private phone calls under the Patriot Act is a historic victory for the rights of every citizen, but it is only the latest product of a change in global awareness. Since 2013, institutions across Europe have ruled similar laws and operations illegal and imposed new restrictions on future activities. The United Nations declared mass surveillance an unambiguous violation of human rights. In Latin America, the efforts of citizens in Brazil led to the Marco Civil, an Internet Bill of Rights. Recognizing the critical role of informed citizens in correcting the excesses of government, the Council of Europe called for new laws to protect whistle-blowers. Beyond the frontiers of law, progress has come even more quickly. Technologists have worked tirelessly to re-engineer the security of the devices that surround us, along with the language of the Internet itself. Secret flaws in critical infrastructure that had been exploited by governments to facilitate mass surveillance have been detected and corrected. Basic technical safeguards such as encryption ? once considered esoteric and unnecessary ? are now enabled by default in the products of pioneering companies like Apple, ensuring that even if your phone is stolen, your private life remains private. Such structural technological changes can ensure access to basic privacies beyond borders, insulating ordinary citizens from the arbitrary passage of anti-privacy laws, such as those now descending upon Russia. Though we have come a long way, the right to privacy ? the foundation of the freedoms enshrined in the United States Bill of Rights ? remains under threat. Some of the world?s most popular online services have been enlisted as partners in the N.S.A.?s mass surveillance programs, and technology companies are being pressured by governments around the world to work against their customers rather than for them. Billions of cellphone location records are still being intercepted without regard for the guilt or innocence of those affected. We have learned that our government intentionally weakens the fundamental security of the Internet with ?back doors? that transform private lives into open books. Metadata revealing the personal associations and interests of ordinary Internet users is still being intercepted and monitored on a scale unprecedented in history: As you read this online, the United States government makes a note. Spymasters in Australia, Canada and France have exploited recent tragedies to seek intrusive new powers despite evidence such programs would not have prevented attacks. Prime Minister David Cameron of Britain recently mused, ?Do we want to allow a means of communication between people which we cannot read?? He soon found his answer, proclaiming that ?for too long, we have been a passively tolerant society, saying to our citizens: As long as you obey the law, we will leave you alone.? At the turning of the millennium, few imagined that citizens of developed democracies would soon be required to defend the concept of an open society against their own leaders. Yet the balance of power is beginning to shift. We are witnessing the emergence of a post-terror generation, one that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason. With each court victory, with every change in the law, we demonstrate facts are more convincing than fear. As a society, we rediscover that the value of a right is not in what it hides, but in what it protects. ? Edward J. Snowden, a former Central Intelligence Agency officer and National Security Agency contractor, is a director of the Freedom of the Press Foundation. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 5 06:56:42 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Jun 2015 07:56:42 -0400 Subject: [Infowarrior] - Windows 10: no secure boot unless Microsoft tax is paid Message-ID: <88FB28C6-1193-4580-B143-BA2BD0F1E3EF@infowarrior.org> (Another reason to avoid Windows -- again -- I think. --rick) Windows 10: no secure boot unless Microsoft tax is paid ? 04 June 2015 ? By Sam Varghese Windows 10 will turn off secure boot when one upgrades from Windows 8/8.1 unless a graphics card that has the Windows 8 ready logo is present in the system. This means that even though one can do the update free of cost, one will need to buy a new graphics card if one wants to continue running the system with secure boot turned on. The requirement for such a graphics card was not present in Windows 8, the first version of Windows in which Microsoft implemented secure boot, one of the features of the Unified Extensible Firmware Interface (UEFI), the replacement for the old BIOS. The certification of hardware for Windows means that manufacturers have to pay Microsoft a fee and this is often referred to as the Microsoft tax. < - > http://www.itwire.com/opinion-and-analysis/open-sauce/68262-windows-10-no-secure-boot-unless-microsoft-tax-is-paid -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 5 13:27:50 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Jun 2015 14:27:50 -0400 Subject: [Infowarrior] - What Did the USA Freedom Act Actually Amend? Message-ID: <67DE236A-B1E4-4A0F-BF61-412AA9CA819F@infowarrior.org> What Did the USA Freedom Act Actually Amend? There has been a lot of ink spilled here and elsewhere about the USA Freedom Act over the last several weeks. Its privacy protections. Its alterations to the government?s surveillance authority. Its increase in material support for terrorism sentences. But I have two much more basic (and very nerdy) questions to ask: What did the USA Freedom Act actually amend and how will the US Code read once all the dust settles? As I explain below, although the USA Freedom Act was written to modify the existing business records provision, the fact that Congress let that provision expire means the USA Freedom Act is now modifying language that no longer exists. Simply put, by waiting until several days after midnight on June 1 to pass the USA Freedom Act, Congress may have ended up creating a series of utterly unnecessary headaches for itself (and everyone else), and potentially opened the door to challenges to business records court orders served on, for example, libraries and schools. < - > http://justsecurity.org/23458/usa-freedom-act-amend/ -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 5 13:30:48 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Jun 2015 14:30:48 -0400 Subject: [Infowarrior] - OPM hack leads to USG wanting more powers Message-ID: <99D19567-2649-4000-BCBA-BC12E36F6A39@infowarrior.org> US government responds to latest hack: give us more power over data collection ?Zero day? attack on high-level security clearance agency reignites push by Congressional leaders to hand federal government greater cybersecurity powers Spencer Ackerman @attackerman Friday 5 June 2015 14.01 EDT Last modified on Friday 5 June 2015 14.03 EDT http://www.theguardian.com/technology/2015/jun/05/us-government-opm-hack-data-collection-powers -- It's better to burn out than fade away. From rforno at infowarrior.org Sat Jun 6 18:16:48 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 6 Jun 2015 19:16:48 -0400 Subject: [Infowarrior] - Apple Music and the terrible return of DRM Message-ID: <12C38538-E223-4333-92C0-49ED46581106@infowarrior.org> Apple Music and the terrible return of DRM ? By Nilay Patel ? on June 5, 2015 03:47 pm http://www.theverge.com/2015/6/5/8737537/apple-music-and-the-terrible-return-of-drm -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 9 13:39:44 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Jun 2015 14:39:44 -0400 Subject: [Infowarrior] - Mozilla Responds To Firefox User Backlash Over Pocket Integration Message-ID: <76355DAA-2BD0-4C54-ADA1-259DFCEC8E2E@infowarrior.org> Mozilla Responds To Firefox User Backlash Over Pocket Integration http://news.slashdot.org/story/15/06/09/1722236/mozilla-responds-to-firefox-user-backlash-over-pocket-integration -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 9 17:25:53 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Jun 2015 18:25:53 -0400 Subject: [Infowarrior] - Fyodor responds to Sourceforge analysis Message-ID: http://seclists.org/nmap-dev/2015/q2/248 From: Fyodor Date: Tue, 9 Jun 2015 15:02:16 -0700 On Fri, Jun 5, 2015 at 2:53 AM, Fabio Pietrosanti (naif) - lists < lists () infosecurity ch> wrote: Hello, i'm sharing the SourceForge's nmap project analysis regarding the recently discussed issues: http://sourceforge.net/blog/analysis-of-nmap-project-and-data/ Even by Sourceforge standards, this is a load of BS! Problems: 1) Despite all this attention on the Sourceforge's fake Nmap page in particular, the largest green download button STILL gives users a spyware program called "FileOpenerPro" rather than Nmap. A quick Google search shows that this spyware collects your "browsing habits" among other information and may "sometimes redirect you to third-party sponsored webpages without your permission" and "may alter your browsing settings and default home page." I've attached a screenshot of the current fake SF Nmap page. Note that the big green button just says "START DOWNLOAD" while the fact that this is spyware rather than Nmap is hidden in the text well below the button. This is not an accident and goes against Sourceforge's 2013 promise to stop using fake download buttons: https://sourceforge.net/blog/?s=blockthis 2) SF makes a big deal about how they weren't actually inserting malware into the Nmap project installer, but that's only because they were caught in the early stages of their "trial" where they did this to other projects such as GIMP. We just got lucky that they hadn't added the malware to Nmap installer yet. Adding the malware to projects like GIMP broke Sourceforge's 2013 promise to never bundle malware/adware into project installers without consent: http://sourceforge.net/blog/advertising-bundling-community-and-criticism/ 3) The SF fake Nmap page has a big "Keep Me Updated" box for people to insert their email address, hoping to get real Nmap project updates. But Sourceforge never even gives us the email addresses collected. Instead the users are added to a spam list of "sponsored content from our selected partners, and more". 4) Their fake Nmap page (which I have no control over) currently uses the Nmap logo and trademark and copyrighted description text and such without authorization. See the screenshot attached. This gives users the wrong impression that this fake site is somehow authorized or controlled by the Nmap project. So they might not be as careful about checking for spyware, etc. We have asked Sourceforge to remove our copyrighted/trademarked content and also to remove the whole fake page, but they have not done either. 5) Sourceforge's response makes a big deal about how we didn't use their "File Release System", but that's because the system sucks and is just a pretext to add interstitial ads and try to redirect potential users to more of their malware/spyware/adware offerings. We used their web service instead and had 584 megabytes of files there according to the disk quota messages they sent us in 2006. 6) Their Internet Archive screenshots showing "Project was empty" are because they are showing an SF interface for the project that we didn't use much if at all. Again, we used the Sourceforge web service interface to serve the content from our account there. We had millions of Nmap downloads through Sourceforge during the (long ago) period where we used them. It's true that a careful and sophisticated user could avoid the malware and spam minefield of Sourceforge's fake Nmap page, but they shouldn't have to. And the fact that Sourceforge makes money doing this shows that many users do fall for it and have their systems infected. And when the user has their system infected after installing what they thought was an Nmap installer, who do you think they blame? Us! I've spent 18 years trying to build Nmap as a useful and trusted free software program, so of course I get mad when companies try to abuse that trust and tarnish our name with these sleazy and greedy tactics! Cheers, Fyodor -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 11 06:02:59 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Jun 2015 07:02:59 -0400 Subject: [Infowarrior] - Dems declare cybersecurity war Message-ID: <2C4F82E2-2D5E-4104-B1C6-4304ADEC5149@infowarrior.org> Dems declare cybersecurity war GOP move to attach a cyber bill to defense legislation stokes Democratic anger. By Seung Min Kim and Tal Kopan 6/10/15 6:27 PM EDT Updated 6/10/15 8:04 PM EDT http://www.politico.com/story/2015/06/dems-declare-cybersecurity-war-118848.html#ixzz3ci2zKmnR -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 11 06:02:54 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Jun 2015 07:02:54 -0400 Subject: [Infowarrior] - DOJ-v-Reason.Com and free speech Message-ID: (Making 'direct' threats, I can see. But ranting and making moronic statements in said rants isn't necessarily the same thing. So while I think this is a bit of an overreach, I can understand the DOJ's desire to look into things. But still offers chilling perspective, anyway. --rick) Department Of Justice Uses Grand Jury Subpoena To Identify Anonymous Commenters on a Silk Road Post at Reason.com http://popehat.com/2015/06/08/department-of-justice-uses-grand-jury-subpoena-to-identify-anonymous-commenters-on-a-silk-road-post-at-reason-com/#wsa-inline-3 -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 12 06:33:54 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Jun 2015 07:33:54 -0400 Subject: [Infowarrior] - Why The OPM Breach Is Such a Security and Privacy Debacle Message-ID: <3B99A915-CF57-4F71-8F4C-8A7A592E9677@infowarrior.org> Why The OPM Breach Is Such a Security and Privacy Debacle | WIRED Author: Kim Zetter and Andy Greenberg. Kim Zetter and Andy Greenberg http://www.wired.com/2015/06/opm-breach-security-privacy-debacle/ If it?s not already a maxim, it should be: Every big hack discovered will eventually prove to be more serious than first believed. That?s holding to be especially true with the recently disclosed hack of the federal Office of Personnel Management, the government?s human resources division. At first, the government said the breach exposed the personal information of approximately four million people?information such as Social Security numbers, birthdates and addresses of current and former federal workers. Wrong. It turns out the hackers, who are believed to be from China, also accessed so-called SF-86 forms, documents used for conducting background checks for worker security clearances. The forms can contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They can also include potentially sensitive information about the applicant?s interactions with foreign nationals?information that could be used against those nationals in their own country. What?s more, in initial media stories about the breach, the Department of Homeland Security had touted the government?s EINSTEIN detection program, suggesting it was responsible for uncovering the hack. Nope, also wrong. The repercussions could be much graver than anyone thought. Although reports are conflicting about how the OPM discovered the breach, it took investigators four months to uncover it, which means the EINSTEIN system failed. According to a statement from the OPM, the breach was found after administrators made upgrades to unspecified systems. But the Wall Street Journal reported today that the breach was actually discovered during a sales demonstration by a security company named CyTech Services (paywall), showing the OPM its forensic product. As more information comes out about the kinds of information the hackers accessed, the repercussions could be much graver than anyone thought. The Potential for Blackmail In its statements about the breach, including a phone recording played for any federal worker who calls seeking more information, the OPM has emphasized that it?s offering victims of the breach credit monitoring, a protection usually offered for financial breaches. It?s only confirmed that basic personal was stolen, such as names, social security numbers, date and place of birth, and current and former addresses. But in fact, the data accessed by the intruders may be far broader. The 127-page SF-86 forms believed to have been accessed by the hackers also includes financial information, detailed employment histories?with reasons for past terminations included?as well as criminal history, psychological records and information about past drug use. Federal background checks, after all, are meant to suss out information that might be used by foreign enemies to blackmail a government staffer into turning over classified information. And that stolen information could be used for exactly that extortion purpose, says Chris Eng, a former NSA staffer and now VP of research at the security firm Veracode. If the breached background check information goes beyond the SF-86 form, it could even include detailed personal profiles obtained through polygraph tests, in which employees are asked to confess law breaking and sexual history. ?They write it all down and it goes into your file. If OPM had any of that stuff, it could be super damaging. You?d know exactly who to go after, who to blackmail,? Eng says. ?It could be very damaging from a counterintelligence and national security standpoint.? The OPM had no IT security staff until 2013, and it showed. There?s another concern even beyond that blackmail risk. SF-86 forms can include a list of foreign contacts with whom a worker has come in contact. Diplomats and other workers with access to classified information are required?depending on their job?to provide a list of these contacts. There is concern that if the Chinese government got hold of lists containing the names of Chinese nationals who had been in touch with US government workers, this could be used to blackmail or punish them if they had been secretive about the contact. Security Failures and Angry Victims The OPM had no IT security staff until 2013, and it showed. The agency was harshly criticized for its lax security in an inspector general?s report released last November that cited its lack of encryption and the agency?s failure to track its equipment. Investigators found that the OPM failed to maintain an inventory list of all of its servers and databases and didn?t even know all the systems that were connected to its networks. The agency also failed to use multi-factor authentication for workers accessing the systems remotely from home or on the road. The millions of victims of the OPM breach are already expressing their anger over the massive data spill. J. David Cox, the president of the union of federal government employees, has written a strongly worded letter to OPM director Katherine Archuleta lambasting the security mismanagement that led to the breach and the agency?s response to it. ?I understand that OPM is embarrassed by this breach,? Cox writes. ?It represents an abysmal failure on the part of the agency to guard data that has been entrusted to it by the federal workforce.? Cox?s letter points to what appears to be a lack of encryption protecting the breached personal data, ?a cybersecurity failure that is absolutely indefensible and outrageous.? And he also criticizes OPM?s offer of credit monitoring as a response to the breach as ?entirely inadequate, either as compensation or protection from harm.? An OPM spokesperson declined to comment on the record, and instead pointed to an FAQ on the agency?s website. That page says the agency?s ?continuously working to identify and mitigate threats when they occur. OPM evaluates its IT security protocols on a continuous basis to make sure that sensitive data is protected to the greatest extent possible.? It declines to offer details of which systems were breached, citing the ongoing investigation of the hack by law enforcement. The FAQ does admit, however, that the OPM still isn?t certain it?s even discovered the full extent of the intrusion. ?It is important to note that this is an ongoing investigation that could reveal additional exposure,? the statement reads. ?If that occurs, OPM will conduct additional notifications as necessary.? For millions of federal workers already reeling from the growing breach in their personal privacy, those words are hardly comforting. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 12 06:34:02 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Jun 2015 07:34:02 -0400 Subject: [Infowarrior] - McConnell & Burr 0-2 on privacy invading legislation Message-ID: Hot off his humiliation over the 'Patriot' Act renewal, he had this bright idea ..... Patriot Act Reform Curbed NSA; Cybersecurity Bill Would Empower It https://firstlook.org/theintercept/2015/06/11/one-week-patriot-act-reform-mitch-mcconnell-moves-sneak-nsa-expansion/ ... which led to this thankful outcome yesterday... Senate Rejects Measure to Strengthen Cybersecurity http://www.nytimes.com/2015/06/12/us/politics/senate-rejects-measure-to-strengthen-cybersecurity.html The legislative circus continues. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 12 16:37:04 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Jun 2015 17:37:04 -0400 Subject: [Infowarrior] - OPM hack includes clearance info Message-ID: Chinese hack of U.S. network compromised security files By Ellen Nakashima http://www.washingtonpost.com/world/national-security/chinese-hack-of-government-network-compromises-security-clearance-files/2015/06/12/9f91f146-1135-11e5-9726-49d6fa26a8c6_story.html The Chinese breach of the Office of Personnel Management network was wider than first acknowledged and officials said Friday that a database holding sensitive security clearance information on millions of federal employees and contractors also was compromised. An official announcement about the breach is expected soon. ?This is potentially devastating from a counterintelligence point of view,? said Joel Brenner, a former top counterintelligence official for the U.S. government. ?These forums contain decades of personal information about people with clearances. ..which makes them easier to recruit for foreign espionage on behalf of a foreign country.? Last week, the Office of Personnel Management announced that a massive database containing personal information of roughly 4 million current and former federal employees was hacked. Privately, U.S. officials said that the Chinese government was behind the breach. The breach of the data system announced by OPM last week affected 4.1 million individuals--all 2.1 million current federal civilian employees and 2 million retired or former employees. Information of officials as senior as cabinet secretaries may have been breached. The president?s and vice-president?s data were not, officials said. The second OPM database that was breached contains sensitive background check information --called SF-86 data --that includes applicants? financial histories and investment records, children?s and relatives? names, foreign trips taken and contacts with foreign nationals, past residences and names of neighbors and close friends. That database was also breached last year by the Chinese in a separate incident and the new intrusion underscores how persistent and determined the adversary is in going after data valuable to counterespionage. ?That database is very huge and very old and it has lots of interfaces to it,? said a U.S. official, who spoke on condition of anonymity because of the ongoing investigation. So figuring out exactly what part of it was breached has taken some time, the official said. Employees of intelligence agencies such as the CIA generally do not have their clearance checks records held by the OPM, though some do, officials said. ?That?s the open question--whether it?s going to hit CIA folks,? said a second U.S. official. ?It would be a huge deal. They could start unmasking identities.? The administration timed its announcement last week to comply with its own policy, as reflected in proposed legislation, to notify individuals of a breach within 30 days of determining that there is a ?reasonable basis to believe? that people?s personal information has been compromised, the U.S. official said. Though the breach was discovered in April, it was not until early May that the FBI, OPM and Department of Homeland Security determined that employees? personal likely were taken. That led to the announcement last week even though, the official said, the investigation was not complete. ?In an ideal world, people doing the investigation would say ?We need to wait until we?re completely done,? ? the official said. A senior DHS official briefed Congressional staff last week and tried to explain why it took four weeks to alert employees to the breach. ?It takes time to do the forensics and to understand what?s happened, and even to understand what data, if any, has been exposed,? said Ann Barron-Dicamillo, director of the U.S. Computer Emergency Readiness Team, according to notes taken by a Congressional aide. ?It?s a lot of data. It takes time for DHS and all the partners to analyze that data and come to a conclusion.? The breach, she said, took place in December. ?It took awhile to pinpoint what actually went out the door because it happened six months ago,? she said. Adam Goldman and Lisa Rein contributed to this report. -- It's better to burn out than fade away. From rforno at infowarrior.org Sat Jun 13 22:18:26 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Jun 2015 23:18:26 -0400 Subject: [Infowarrior] - CIA releases secret report identifying errors before 9/11 Message-ID: <0137F1B2-E063-41DB-B23C-CFD69686E4FF@infowarrior.org> CIA releases secret report identifying errors before 9/11 By Julian Hattem - 06/12/15 05:26 PM EDT http://thehill.com/policy/national-security/244886-cia-releases-secret-doc-identifying-systemic-problems-pre-9-11 After a decade of secrecy, the CIA on Friday released a nearly 500-page inspector general report outlining multiple ?systemic problems? in the nation's spy agencies ahead of the terror attacks on Sept. 11, 2001. Those failures helped contribute to the country?s blindness about the terror attacks, analysts claimed in the 2005 report, and impeded the government?s work to track down Osama bin Laden and other top al Qaeda leaders in the years before 9/11. Senior officers told the CIA?s Officer of Inspector General that ?no comprehensive strategic plan? was ever developed to thwart bin Laden ?at any time? before 9/11, despite years of warning and commitments to respond to the threat of al Qaeda. The CIA?s release of the report late on Friday afternoon comes years after the agency initially declassified part of the document, and was prompted by Freedom of Information Act requests for the full critique. The spy agency watchdog specifically criticized George Tenet, the former head of the CIA who oversaw the agency for years before and after the 2001 attacks. While Tenet ?recognized the need for an integrated, interagency plan? to combat al Qaeda, he ?bears ultimate responsibility for the fact that no such strategic plan was ever created, despite his specific direction that this should be done,? the report claimed. The CIA said that it was releasing the document ? along with two responses from Tenet and two additional views on the subject ? ?to further contribute to the public record on these events.? ?The events of 9/11 will be forever seared into the memories of all Americans who bore witness to the single greatest tragedy to befall our homeland in recent history,? the CIA said. ?The documents released today reflect differing views formed roughly a decade ago within CIA about the Agency?s performance prior to 9/11.? The CIA inspector general report was prompted by a joint report from the House and Senate Intelligence Committees more than a decade ago. When it was released in 2005, then-CIA Director Porter Goss said that he would decline to follow its recommendation to create an accountability board to review individual CIA officers. The new documents show that Tenet vociferously denounced the inspector general?s report at the time. In a June, 2005 letter, Tenet called the analysis ?nonsense,? ?simply in error,? ?devoid of any information? from senior policy makers and said that it ?ignores? key facts. ?Your report does not fairly or accurately portray my actions, or the heroic work of the men and women of the Intelligence Community,? he claimed. ?It is simply not fair to make judgments about my performance without having a complete understanding of the facts.? -- It's better to burn out than fade away. From rforno at infowarrior.org Sun Jun 14 12:33:32 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Jun 2015 13:33:32 -0400 Subject: [Infowarrior] - Snowden files 'read by Russia and China': 5 questions for UK government Message-ID: <988EBFD7-00A7-47EA-8DA6-CAE63256939A@infowarrior.org> Snowden files 'read by Russia and China': 5 questions for UK government The government has an obligation to respond to the Sunday Times report that MI6 has been forced to pull agents out of live operations in hostile countries Ewen MacAskill Sunday 14 June 2015 11.37 EDT Last modified on Sunday 14 June 2015 13.30 EDT http://www.theguardian.com/us-news/2015/jun/14/snowden-files-read-by-russia-and-china-five-questions-for-uk-government The Sunday Times produced what at first sight looked like a startling news story: Russia and China had gained access to the cache of top-secret documents leaked by former NSA contractor turned whistleblower Edward Snowden. Not only that, but as a result, Britain?s overseas intelligence agency, the Secret Intelligence Service, better known as MI6, had been forced ?to pull agents out of live operations in hostile countries?. These are serious allegations and, as such, the government has an obligation to respond openly. The story is based on sources including ?senior officials in Downing Street, the Home Office and the security services?. The BBC said it had also also been briefed anonymously by a senior government official. Anonymous sources are an unavoidable part of reporting, but neither Downing Street nor the Home Office should be allowed to hide behind anonymity in this case. 1. Is it true that Russia and China have gained access to Snowden?s top-secret documents? If so, where is the evidence? Which cache of documents is the UK government talking about? Snowden has said he handed tens of thousands of leaked documents over to journalists he met in Hong Kong, and that he has not had them in his possession since. Have Russia and China managed to access documents held by one of the journalists or their companies? In addition, if agents had to be moved, why? Which Snowden documents allegedly compromised them to the extent they had to be forcibly removed from post? 2. Why have the White House and the US intelligence agencies not raised this? Snowden is wanted by the US on charges under the Espionage Act. The White House, the US intelligence agencies and especially some members of Congress have been desperate to blacken Snowden?s reputation. They have gone through his personal life and failed to come up with a single damaging detail. If the UK were to have evidence that Russia and China had managed to penetrate his document cache or that agents had been forced to move, London would have shared this with Washington. The White House would have happily briefed this openly, as would any number of Republican ? and even Democratic ? members of Congress close to the security services. They would not have stinted. It would have been a full-blown press conference. The debate in the US has become more grownup in recent months, with fewer scare stories and more interest in introducing reforms that will redress the balance between security and privacy, but there are still many in Congress and the intelligence agencies seeking vengeance. 3. Why have these claims emerged now? Most the allegations have been made before in some form, only to fall apart when scrutinised. These include that Snowden was a Chinese spy and, when he ended up in Moscow, that he was a Russian spy or was at least cooperating with them. The US claimed 56 plots had been disrupted as a result of surveillance, but under pressure acknowledged this was untrue. The claim about agents being moved was first made in the UK 18 months ago, along with allegations that Snowden had helped terrorists evade surveillance and, as a result, had blood on his hands. Both the US and UK have since acknowledged no one has been harmed. So why now? One explanation is that it is partly in response to Thursday?s publication of David Anderson?s 373-page report on surveillance. David Cameron asked the QC to conduct an independent review and there is much in it for the government and intelligence services to like, primarily about retaining bulk data. Anderson is scathing, however, about the existing legal framework for surveillance, describing it as intolerable and undemocratic, and he has proposed that the authority to approve surveillance warrants be transferred from the foreign and home secretaries to the judiciary. His proposal, along with another surveillance report out next month from the Royal United Services Institute, mean that there will be continued debate in the UK. There are also European court rulings pending. Web users? increasing use of encryption is another live issue. Above all else though, there is the backlash by internet giants such as Google, which appear to be less prepared to cooperate with the intelligence agencies, at least not those in the UK. The issue is not going away and the Sunday Times story may reflect a cack-handed attempt by some within the British security apparatus to try to take control of the narrative. 4. Why is the Foreign Office not mentioned as a source? It seems like a pedantic point, but one that could offer an insight into the manoeuvring inside the higher reaches of government. The Foreign Office is repsonsible for MI6, but the Home Office is quoted in the story. Is it that the Home Office and individuals within the department rather than the Foreign Office are most exercised about the potential transfer of surveillance warrant approval from the home secretary, the proposed scrapping of existing legislation covering surveillance and other potential reforms? 5. What about the debatable assertions and at least one totally inaccurate point in the Sunday Times piece? The Sunday Times says Snowden ?fled to seek protection from Vladimir Putin, the Russian president, after mounting one of the largest leaks in US history?. In fact he fled Hong Kong bound for Latin America, via Moscow and Cuba. The US revoked his passport, providing Russia with an excuse to hold him in transit. The Sunday Times says it is not clear whether Russia and China stole Snowden?s data or ?whether he voluntarily handed over his secret documents in order to remain at liberty in Hong Kong and Moscow?. The latter is not possible if, as Snowden says, he gave all the documents to journalists in Hong Kong in June 2013. The Sunday Times also reports that ?David Miranda, the boyfriend of Guardian journalist Glenn Greenwald, was seized at Heathrow in 2013 in possession of 58,000 ?highly-classified? intelligence documents after visiting Snowden in Moscow?. This is inaccurate. Miranda had in fact been in Berlin seeing the film-maker Laura Poitras, not in Moscow visiting Snowden. It is not a small point. The claim about Miranda having been in Moscow first appeared in the Daily Mail in September under the headline ?An intelligence expert?s devastating verdict: Leaks by Edward Snowden and the Guardian have put British hostages in even greater peril?. It was written by Professor Anthony Glees, the director of the centre for security and intelligence studies at the University of Buckingham, and has never been corrected. Maybe the Sunday Times can do better. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun Jun 14 12:40:11 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Jun 2015 13:40:11 -0400 Subject: [Infowarrior] - Sunday Times Snowden Story is Journalism at its Worst Message-ID: Sunday Times Snowden Story is Journalism at its Worst By Glenn Greenwald @ggreenwald Today at 8:48 AM https://firstlook.org/theintercept/2015/06/14/sunday-times-report-snowden-files-journalism-worst-also-filled-falsehoods/ -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 06:26:53 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 07:26:53 -0400 Subject: [Infowarrior] - Mega Publishes First Transparency Report Message-ID: <6E9180C0-C951-4D4F-9B48-CFE504DEF2AD@infowarrior.org> Mega Publishes First Transparency Report ? By Andy ? on June 15, 2015 After 2.5 years of operations the Mega cloud storage service has published its first transparency report. Aimed at inspiring confidence in how the company deals with complaints and protects privacy, the document reveals that Mega takes content down faster than Google and a maximum of 0.165% of users have been suspended. For the past several years the publication of a so-called ?Transparency Report? has become common on large technology focused sites. Reddit, Twitter and even Amazon produce such documents. Perhaps the best known report is produced by Google. This giant database is updated on a daily basis and includes details of hundreds of millions of requests by third parties to have content removed from the search giant?s databases. Today, cloud-storage site Mega gets in on the act with the publication of its first transparency report since the company launched in 2012. The report, which details activities up until March 2015, focuses on content removal requests and third-party requests for information related to Mega?s users. Noting that the company is New Zealand-based and is governed by the laws of that country, Mega notes that it also aims to comply with regulatory requirements in other key areas in which it does business, notably the United States < - > http://torrentfreak.com/mega-publishes-first-transparency-report-150615 -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 06:29:34 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 07:29:34 -0400 Subject: [Infowarrior] - Security clearance companies still sacrifice thoroughness, workers say Message-ID: <17C17103-C0F6-4D73-9F89-AE124CB54CF4@infowarrior.org> Security clearance companies still sacrifice thoroughness, workers say By Christian Davenport June 14 at 9:00 PM http://www.washingtonpost.com/business/economy/security-clearance-contractors-still-stress-speed-over-thoroughness-workers-say/2015/06/14/00d1bd80-09fa-11e5-95fd-d580f1c5d44e_story.html For years, investigators charged with vetting the backgrounds of those who handle the nation?s secrets have said they were pressured to churn through cases as quickly as possible. The faster they turned them in, the faster their company got paid ? even if the investigations were rushed and incomplete. The company, USIS, lost the contract to conduct background checks used in granting security clearances after an employee blew the whistle in a lawsuit, eventually joined by the Justice Department. In the wake of a scandal so fierce that members of Congress accused USIS of defrauding the government and prioritizing profit over the nation?s security, federal officials vowed to prevent such abuses from ever happening again. But a similar quota system used by USIS to drive its investigators continues at the companies that now perform the bulk of the investigations ? and in some cases is even more demanding, according to internal company documents and interviews with current and former investigators. The field workers at KeyPoint Government Solutions and CACI are required to meet pre-determined numbers that dictate how many people they have to interview per day. With their compensation tied to quotas ? failure to meet them could lead to a cut in pay ? field investigators say the focus on quantity over quality that was so pervasive at USIS persists. And the pressure to meet the goals often doesn?t allow them the freedom to follow important leads to determine who should be granted access to classified material, they say. Despite the congressional outcry, the contracts? payment system is still structured so that the faster the contractors turn over the cases to the federal government, the quicker they get paid. And the federal government imposes a financial penalty if the companies miss their deadline. The constant pressure to move through cases quickly may be coming at a dangerous price, said Carolyn Martin, president of the American Federal Contract Investigators Association, a professional group. The system is ?just producing shoddy investigations,? she said. ?They are out there getting the points. Checking the blocks. They are not conducting investigations.? One investigator, who worked at both USIS and KeyPoint, said he left both companies because of the emphasis on speed over thoroughness. ?It was just too rushed,? the former investigator said, speaking on the condition of anonymity for fear of reprisal. ?I couldn?t in good conscience continue. I refused to cut corners, and it made me look like I couldn?t perform to their unreasonable expectations.? In a brief statement, KeyPoint said: ?All security clearance investigations are subject to strict internal and external thresholds measuring quality, thoroughness and accuracy. Falsifying any element of a federal security clearance investigation is a felony.? On its Web site, KeyPoint says that its ?commitment to timeliness and quality is unwavering.? And that ?because we know the work we do directly contributes to national security, we will never sacrifice quality for speed.? CACI?s site says that it ?fosters a culture based on integrity, strong ethics, quality, and professionalism.? And that its investigators ?contribute to the safety and security of our nation in the company of colleagues who value trust and integrity above all else.? The companies also evaluate their investigators based on the quality of their reports, they say, often sending files back for additional work so that they meet thoroughness standards. Both KeyPoint and CACI said they were prohibited from responding to multiple requests for comment by the terms of their agreements with the Office of Personnel Management, the agency that oversees background investigations for most of the federal government. In an interview, Merton Miller, the associate director for OPM?s Federal Investigative Services, defended the investigative system, saying that he ?absolutely? had full confidence in it. There are ?very strict quality standards for our field work contractors as well as our feds, so that when they do the work, they do it right,? he said. Miller said he was aware that the companies use productivity metrics but did not know that they have a tiered system that ties investigators? compensation to their productivity. ?Candidly, that has not been brought to my attention,? he said. OPM has recently developed, for the first time, quality-review standards used to judge whether the investigations are complete. That, Miller said, is a marked improvement from the previous system, which left determinations of quality to ?the eye of beholder.? The agency, which said last week that it was the victim of a major cyberattack that included its security clearance database, has also created government-wide standards for training investigators. And last year, the agency, which oversees the investigative process for the Pentagon and the majority of the federal government, stopped awarding separate contracts for quality reviews of its cases, saying it was a conflict of interest. Still, the companies are facing a daunting challenge. They had to pick up USIS?s massive workload ? which averaged 21,000 cases per month ? when OPM suddenly did not renew USIS?s contract last fall. With millions of dollars at stake, CACI and KeyPoint leapt at the chance and went on hiring sprees to show they could handle the additional work. Yet they still had to meet strict congressionally mandated timelines that dictate how quickly clearances have to be granted. OPM has touted the drastic reductions in the time it takes to process initial clearances, from 145 days in 2005 to fewer than 40 last year. It has been a lucrative business. KeyPoint?s revenue under the contract jumped from $117 million in 2013 to $214 million last year. And it is on pace to receive nearly $240 million this year, according to a Washington Post analysis of federal contracting data. CACI?s revenue also spiked, growing from $47.5 million in 2013 to more than $93 million last year. This year it is on pace to hit more than $175 million. U.S. Sen. Rob Portman (R-Ohio), who has been critical of the pressure placed on investigators, said the government ?has long struggled to balance workload and quality.? ?The issue has not gone away,? he said in a statement to The Post, ?and is just as apparent as OPM tries to make do after removing their largest contractor from the investigation process last year.?.?.?. We have too many examples of background investigators and their supervisors taking shortcuts to meet deadlines.? ?I have to pay my bills? The pressure to move through cases quickly can lead to shortcuts, investigators said. Another former KeyPoint investigator, who now works at CACI, said that while he tried not to cut corners, the pressure from his bosses sometimes forced him into uncomfortable territory. In one instance while he was at KeyPoint, he was investigating a foreign national who had marked on his paperwork that he had not maintained contact with anyone from his home country. The investigator was skeptical of this: ?You?re telling me that a kid who?s been in a foreign country for five months and he doesn?t talk to anyone in [his home] country? I find that hard to believe. He didn?t have any friends there or anything?? And so the investigator asked about it in the interview. ?I said, ?Are you sure?? ? The interviewee said he was. ?I just moved on to the next question because I was in a hurry,? said the investigator, who spoke on the condition of anonymity for fear of reprisal. ?I have to pay my bills, and clearly my company doesn?t care. They want me to do it faster.? It?s not just the numbers system but also the demands to meet deadlines, investigators said. As a contract investigator for KeyPoint, Mary Cullings is paid by the leads she tracks down. Interviewing a reference listed by a security clearance applicant could yield $50, she said, as long as she makes her deadline. If she misses it, her pay is docked by as much as $15, she said. There have been many times when she?s been unable to track down the reference, only to have the person call right before her deadline. When that happens, Cullings blows her deadline, accepts the financial penalty and meets with the reference because ?in all good conscience, I can?t write that off.? But others could say they made the required efforts to interview the source but were unable to, and then they would still get paid the full amount. ?That happens all the time,? said Cullings, a former special agent with the federal Defense Security Service who now contracts with several companies as an investigator. ?What they are interested in is the bottom line.? An anonymous message board on ClearanceJobs.com, a placement firm for cleared workers, is full of posts by investigators complaining about the demands of their work. ?I worked for USIS for over 10 years and switched over to KGS and it?s the same crap different day! KGS is so number driven it?s sick!? read one post from last year. ?Who cares about how complicated and long the case is it?s all about your numbers.? Investigators say they should be granted the freedom to follow leads without worrying about meeting a quota. ?Each investigation is different. Each subject is different,? one investigator said. ?Then you go to your manager and say you need more time, and there?s no flexibility.?.?.?. There?s too much of a conflict between the integrity of the process and the bottom line of these companies.? The consequences of this kind of system could be dire, said Greg Rinckey, the founding partner at Tully Rinckey, a Washington law firm that represents people with security clearances. ?We?re not processing widgets here; we?re talking about the people who are going to have access to our nation?s secrets,? he said. ?This isn?t a numbers game. We?re dealing with national security.? Clear financial incentives USIS, which performed the background checks on Edward Snowden, who leaked some of the NSA?s secrets, and Aaron Alexis, the Navy Yard shooter, lost the contract after Blake Percival, a former field work services director, filed a whistleblower lawsuit. In it, he alleged that the company had submitted 665,000 cases that were incomplete, saying it was interested in clearing ?out the shelves in order to hit revenue.? While it had the OPM contract, USIS used a mathematical formula used to rate the productivity of its investigators. An interview with the subject of a clearance was worth four points; a neighbor or co-worker was worth one; and a document, such as a police report, was worth half a point. The company?s quota system ranged from 17.5 points a week to 25 a week, depending on the pay grade; the higher investigators scored, the more they got paid, according to investigators and internal documents obtained by The Washington Post. KeyPoint uses a six-level program for its investigators that can be even more demanding, according to company documents. CACI uses a three-level system that also ties productivity to compensation, according to three investigators. At KeyPoint, company officials make it clear that the faster workers process cases, the more they are rewarded. Those who perform at a higher level for six months ?are eligible to be promoted to that level,? the company says on its Web site, which also says: ?High performers can earn generous bonuses.? OPM?s investigators, by contrast, are measured in ?man hours,? not by the number of people they interview per day, said Miller, the OPM associate director. The agency has studied how long each kind of case should take on average and measures workers? performance accordingly. The agency has been pushing its contractors to adopt the man-hour approach over their current point system, he said, so that it can directly compare the federal investigators? output to the contractors?. OPM is also aware ?that some cases take much longer,? he said, and investigators are ?required? to exhaust all leads. Hitting tight deadlines and the high-level quotas set by the companies can be difficult, if not impossible, industry officials say. The overwhelming majority of the interviews have to be done in person. Neighbors and co-workers can be difficult to locate, reluctant to talk and sometimes don?t show for an appointment, costing investigators crucial time in a race to meet their targets in a 40-hour workweek. To meet their quota, investigators say they often have to work overtime, sometimes off the clock, working for free rather than face getting demoted to a lower level and a pay cut. But working off the books is prohibited under federal contracts. And KeyPoint executives recently sent an e-mail that was obtained by The Post to its employees, saying that ?failing to record all time worked is timecard fraud.? Employees who worked overtime without previously recording it should come forward and they will be paid, the e-mail said. But it also warned that any employees putting in for the extra pay would also face consequences: ?Their employment will be terminated immediately.? Alice Crites, Jennifer Jenkins and Steven Rich contributed to this report. -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 15:00:46 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 16:00:46 -0400 Subject: [Infowarrior] - News Corp DMCAs Greenwald's article trashing them Message-ID: <5B124A78-D23C-49C5-96C4-47E9E7D5C517@infowarrior.org> News Corp. Sends DMCA Notice Over Glenn Greenwald Trashing The Sunday Times' Ridiculous Snowden Story We already wrote this morning about the ridiculous claims by The Sunday Times that Snowden's documents had been either given to the Russians and Chinese or that they had cracked the encryption to get them -- and that, because of this, the UK had to move intelligence "agents" out of Moscow for their safety. We pointed to numerous problems with the article, including many direct factual mistakes. One of the links we pointed to was Glenn Greenwald himself challenging many of the claims in the Sunday Times. This included highlighting the flat out lie that David Miranda was detained in Heathrow after visiting Snowden in Moscow (a claim the Sunday Times later simply deleted, with no correction or retraction). Many people have been asking if the Sunday Times will say anything about the myriad problems with the article, and we now finally have a response. And it's... to send a DMCA takedown notice to Greenwald's publisher, First Look Media, claiming that, because he posted an image of the Sunday Times' front page layout, he is violating their copyright. Here's the section of Greenwald's article the Times (really, Times Newspapers Limited, a subsidiary of News UK, which is a subsidiary of News Corp) is complaining about: ... < - > https://www.techdirt.com/articles/20150615/09463331342/news-corp-sends-dmca-notice-over-glenn-greenwald-trashing-sunday-times-ridiculous-snowden-story.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 15:05:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 16:05:24 -0400 Subject: [Infowarrior] - Sunday Times reporter admits writing what UK gov told him Message-ID: <7E05F787-6533-4087-9868-4DD9CDD43EA6@infowarrior.org> Reporter Who Wrote Sunday Times 'Snowden' Propaganda Admits That He's Just Writing What UK Gov't Told Him from the journalism! dept So we've already written about the massive problems with the Sunday Times' big report claiming that the Russians and Chinese had "cracked" the encryption on the Snowden files (or possibly just been handed those files by Snowden) and that he had "blood on his hands" even though no one has come to any harm. It also argued that David Miranda was detained after he got documents from Snowden in Moscow, despite the fact that he was neither in Moscow, nor had met Snowden (a claim the article quietly deleted). That same report also claimed that UK intelligence agency MI6 had to remove "agents" from Moscow because of this leak, despite the fact that they're not called "agents" and there's no evidence of any actual risk. So far, the only official response from News Corp. the publisher of The Sunday Times (through a variety of subsidiaries) was to try to censor the criticism of the story with a DMCA takedown request. Either way, one of the journalists who wrote the story, Tom Harper, gave an interview to CNN which is quite incredible to watch. Harper just keeps repeating that he doesn't know what's actually true, and that he was just saying what the government told him -- more or less admitting that his role here was not as a reporter, but as a propagandist or a stenographer..... < - > https://www.techdirt.com/articles/20150615/11565531344/reporter-who-wrote-sunday-times-snowden-propaganda-admits-that-hes-just-writing-what-uk-govt-told-him.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 15:06:28 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 16:06:28 -0400 Subject: [Infowarrior] - LastPass security breach Message-ID: <3E761F0F-B794-4CCC-BFA9-8E1A3815626E@infowarrior.org> LastPass Security Notice By Joe Siegrist June 15, 2015 Security News https://blog.lastpass.com/2015/06/lastpass-security-notice.html/ We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised. We are confident that our encryption measures are sufficient to protect the vast majority of users. LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed. Nonetheless, we are taking additional measures to ensure that your data remains secure. We are requiring that all users who are logging in from a new device or IP address first verify their account by email, unless you have multifactor authentication enabled. As an added precaution, we will also be prompting users to update their master password. An email is also being sent to all users regarding this security incident. If you have a weak master password or if you have reused your master password on any other website, please update it immediately. Then replace the passwords on those other websites. Because encrypted user data was not taken, you do not need to change your passwords on sites stored in your LastPass vault. As always, we also recommend enabling multifactor authentication for added protection for your LastPass account. Security and privacy are our top concerns here at LastPass. Over the years, we have been and continue to be dedicated to transparency and proactive measures to protect our users. In addition to the above steps, we?re working with the authorities and security forensic experts. We apologize for the extra steps of verifying your account and updating your master password, but ultimately believe this will provide you better protection. Thank you for your understanding and support. Joe Siegrist & the LastPass Team -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 15 18:14:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Jun 2015 19:14:01 -0400 Subject: [Infowarrior] - Attackers Stole Certificate From Foxconn to Hack Kaspersky With Duqu 2.0 Message-ID: <7E7B3C77-3575-41CA-98D7-1C468CCF3CD6@infowarrior.org> Attackers Stole Certificate From Foxconn to Hack Kaspersky With Duqu 2.0 ? Kim Zetter ? Date of Publication: 06.15.15. 06.15.15 ? Time of Publication: 4:21 pm. 4:21 pm http://www.wired.com/2015/06/foxconn-hack-kaspersky-duqu-2/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 16 06:25:17 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Jun 2015 07:25:17 -0400 Subject: [Infowarrior] - OPM cancels social media monitoring contract Message-ID: I guess they realised they should spend the money to better monitor their own internal networks first for some reason...... https://www.fbo.gov/index?s=opportunity&mode=form&id=169fdc47a68ec3e5ddfbd2ca5acb19a0&tab=core&_cview=1 -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 16 10:34:37 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Jun 2015 11:34:37 -0400 Subject: [Infowarrior] - Peter Swire on USA FREEDOM and PRG report Message-ID: The USA FREEDOM Act, the President?s Review Group and the Biggest Intelligence Reform in 40 Years Peter Swire, CIPP/US Privacy Perspectives | Jun 8, 2015 https://privacyassociation.org/news/a/the-usa-freedom-act-the-presidents-review-group-and-the-biggest-intelligence-reform-in-40-years/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 16 21:12:09 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Jun 2015 22:12:09 -0400 Subject: [Infowarrior] - Schneier: China and Russia Almost Definitely Have the Snowden Docs Message-ID: <53894736-0068-4D46-9096-B5D8C97D5CBC@infowarrior.org> China and Russia Almost Definitely Have the Snowden Docs | WIRED Author: Bruce Schneier http://www.wired.com/2015/06/course-china-russia-snowden-documents/ Last weekend, the Sunday Times published a front-page story (full text here), citing anonymous British sources claiming that both China and Russia have copies of the Snowden documents. It?s a terrible article, filled with factual inaccuracies and unsubstantiated claims about both Snowden?s actions and the damage caused by his disclosure, and others have thoroughly refuted the story. I want to focus on the actual question: Do countries like China and Russia have copies of the Snowden documents? I believe the answer is certainly yes, but that it?s almost certainly not Snowden?s fault. Snowden has claimed that he gave nothing to China while he was in Hong Kong, and brought nothing to Russia. He has said that he encrypted the documents in such a way that even he no longer has access to them, and that he did this before the US government stranded him in Russia. I have no doubt he did as he said, because A) it?s the smart thing to do, and B) it?s easy. All he would have had to do was encrypt the file with a long random key, break the encrypted text up into a few parts and mail them to trusted friends around the world, then forget the key. He probably added some security embellishments, but?regardless?the first sentence of the Times story simply makes no sense: ?Russia and China have cracked the top-secret cache of files?? But while cryptography is strong, computer security is weak. The vulnerability is not Snowden; it?s everyone who has access to the files. The vulnerability is not Snowden; it?s everyone who has access to the files. First, the journalists working with the documents. I?ve handled some of the Snowden documents myself, and even though I?m a paranoid cryptographer, I know how difficult it is to maintain perfect security. It?s been open season on the computers of the journalists Snowden shared documents with since this story broke in July 2013. And while they have been taking extraordinary pains to secure those computers, it?s almost certainly not enough to keep out the world?s intelligence services. There is a lot of evidence for this belief. We know from other top-secret NSA documents that as far back as 2008, the agency?s Tailored Access Operations group has extraordinary capabilities to hack into and ?exfiltrate? data from specific computers, even if those computers are highly secured and not connected to the Internet. These NSA capabilities are not unique, and it?s reasonable to assume both that other countries had similar capabilities in 2008 and that everyone has improved their attack techniques in the seven years since then. Last week, we learned that Israel had successfully hacked a wide variety of networks, including that of a major computer antivirus company. We also learned that China successfully hacked US government personnel databases. And earlier this year, Russia successfully hacked the White House?s network. These sorts of stories are now routine. I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they've penetrated the NSA networks where those files reside. Which brings me to the second potential source of these documents to foreign intelligence agencies: the US and UK governments themselves. I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they?ve penetrated the NSA networks where those files reside. After all, the NSA has been a prime target for decades. Those government hacking examples above were against unclassified networks, but the nation-state techniques we?re seeing work against classified and unconnected networks as well. In general, it?s far easier to attack a network than it is to defend the same network. This isn?t a statement about willpower or budget; it?s how computer and network security work today. A former NSA deputy director recently said that if we were to score cyber the way we score soccer, the tally would be 462?456 twenty minutes into the game. In other words, it?s all offense and no defense. In this kind of environment, we simply have to assume that even our classified networks have been penetrated. Remember that Snowden was able to wander through the NSA?s networks with impunity, and that the agency had so few controls in place that the only way they can guess what has been taken is to extrapolate based on what has been published. Does anyone believe that Snowden was the first to take advantage of that lax security? I don?t. We simply have to assume that even our classified networks have been penetrated. This is why I find allegations that Snowden was working for the Russians or the Chinese simply laughable. What makes you think those countries waited for Snowden? And why do you think someone working for the Russians or the Chinese would go public with their haul? I am reminded of a comment made to me in confidence by a US intelligence official. I asked him what he was most worried about, and he replied: ?I know how deep we are in our enemies? networks without them having any idea that we?re there. I?m worried that our networks are penetrated just as deeply.? Seems like a reasonable worry to me. The open question is which countries have sophisticated enough cyberespionage operations to mount a successful attack against one of the journalists or against the intelligence agencies themselves. And while I have my own mental list, the truth is that I don?t know. But certainly Russia and China are on the list, and it?s just as certain they didn?t have to wait for Snowden to get access to the files. While it might be politically convenient to blame Snowden because, as the Sunday Times reported an anonymous source saying, ?we have now seen our agents and assets being targeted,? the NSA and GCHQ should first take a look into their mirrors. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 17 12:37:51 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Jun 2015 13:37:51 -0400 Subject: [Infowarrior] - Stewart Baker Blames Journalists Message-ID: <24311D92-6750-4207-AD44-96679F3AB42D@infowarrior.org> Stewart Baker: Journalists Are To Blame For Making The NSA Look Like It's Doing All The Things It's Actually Doing https://www.techdirt.com/articles/20150616/15514631366/stewart-baker-journalists-are-to-blame-making-nsa-look-like-doing-all-things-actually-doing.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 17 12:37:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Jun 2015 13:37:56 -0400 Subject: [Infowarrior] - FCC to Fine AT&T $100 Million for Slowing Mobile Data Message-ID: FCC to Fine AT&T $100 Million for Slowing Mobile Data by Todd Shields http://www.bloomberg.com/news/articles/2015-06-17/at-t-to-be-fined-100-million-by-fcc-for-slowing-mobile-data AT&T Inc. will be fined a record $100 million for misleading customers about unlimited mobile data plans under a U.S. regulator?s proposal. The company slowed speeds for customers with unlimited data plans and failed to adequately notify them of the practice, the Federal Communications Commission said in a news release Wednesday. AT&T violated an FCC rule requiring transparency for broadband data practices, the agency said. ?Consumers deserve to get what they pay for,? said FCC Chairman Tom Wheeler. ?Broadband providers must be upfront and transparent about the services they provide. The FCC will not stand idly by while consumers are deceived by misleading marketing materials and insufficient disclosure.? The amount is the largest fine proposed by the FCC, said Neil Grace, a spokesman for the agency. In October, AT&T agreed to pay $105 million to settle claims it billed wireless customers for unauthorized charges for services including horoscopes, ring tones and love tips. In May, Sprint Corp. and Verizon Wireless agreed to pay a combined $158 million to settle similar claims. AT&T has said it slowed data of some heavy users to keep its service running well, and has adequately notified customers. ?We will vigorously dispute the FCC?s assertions,? said Michael Balmoris, an AT&T spokesman. ?The FCC has specifically identified this practice as a legitimate and reasonable way to manage network resources for the benefit of all customers.? ?We have been fully transparent with our customers? and exceeded FCC disclosure requirements, Balmoris said. Since 2011, the FCC has received ?thousands? of complaints from AT&T?s unlimited data plan customers saying that they were surprised and misled by the company?s policy of intentionally reducing their speeds, the agency said Wednesday. Consumers also complained about being locked into a long-term AT&T contract, with early-termination fees, for an unlimited data plan that wasn?t actually unlimited. The Federal Trade Commission in October accused the company of deceiving at least 3.5 million smartphone customers who paid for unlimited data plans and had their transmission speeds drastically reduced. AT&T has asked a U.S. court in San Francisco to dismiss the FTC?s case. The company?s ?maximum bit rate? program temporarily reduces mobile data speeds for some users to avoid service degradation for all ?by preventing heavy users of data from overwhelming the mobile network,? AT&T said in court filings. The program complies with FCC rules, AT&T said. AT&T in 2011 began throttling speeds for customers who went over their data limits and failed to adequately notify them, the FTC said in its complaint. The agency is seeking an order halting the practice and millions of dollars in damages for customers. Most of those affected were Apple iPhone users. The case is Federal Trade Commission v. AT&T Inc., 14-cv-04785, U.S. District Court, Northern District of California (San Francisco). -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 18 11:21:23 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Jun 2015 12:21:23 -0400 Subject: [Infowarrior] - OPM's botched notification Message-ID: <0178C32E-A206-4DE2-9A3A-EF3839F6A209@infowarrior.org> Reacting to Chinese hack, the government may not have followed its own cybersecurity rules By Lisa Rein June 18 at 6:00 AM In responding to China?s massive hack of federal personnel data, the government may have run afoul of computer security again. Over the last nine days, the the Office of Personnel Management has sent e-mail notices to hundreds of thousands of federal employees to notify them of the breach and recommend that they click on a link to a private contractor?s Web site to sign up for credit monitoring and other protections. But those e-mails have been met with increasing alarm by employees ? along with retirees and former employees with personal data at risk ? who worry that the communications may be a form of ?spear phishing? used by adversaries to penetrate sensitive government computer systems. After the Defense Department raised a red flag about the e-mails its 750,000 civilian employees were starting to receive, OPM officials said late Wednesday that the government had suspended its electronic notifications this week. < - > The contractor, CSID, resumed the e-mail notifications late Wednesday with a change designed to give employees more confidence that the communications are legitimate and the company?s Web site secure, Schumach said. They still have the option to click directly on a link to enroll in credit protection services, but now they can copy and paste the Web site address, https://www.csid.com/opm/ themselves, a more secure strategy. < - > http://www.washingtonpost.com/blogs/federal-eye/wp/2015/06/18/reacting-to-chinese-hack-the-government-may-not-have-followed-its-own-cybersecurity-rules/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 18 14:21:02 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Jun 2015 15:21:02 -0400 Subject: [Infowarrior] - Mike Hayden's sudden change of heart Message-ID: After Claiming USA Freedom Would Be A Boon To ISIS, Ex-NSA Director Now Mocks How Weak USA Freedom Is https://www.techdirt.com/articles/20150618/06521231384/after-claiming-usa-freedom-would-be-boon-to-isis-ex-nsa-director-now-mocks-how-weak-usa-freedom-is.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 18 18:55:36 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Jun 2015 19:55:36 -0400 Subject: [Infowarrior] - "Doomed to Repeat History? Lessons From the Crypto Wars of the 1990s." Message-ID: <23A0FFD8-F563-484F-9069-D69FF6EF0295@infowarrior.org> (x-posted) DOOMED TO REPEAT HISTORY? LESSONS FROM THE CRYPTO WARS OF THE 1990s Danielle Kehl, Andi Wilson, and Kevin Bankston http://www.newamerica.org/new-america/doomed-to-repeat-history-lessons-from-the-crypto-wars-of-the-1990s/ -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 19 07:48:25 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Jun 2015 08:48:25 -0400 Subject: [Infowarrior] - =?utf-8?q?IMAX=E2=80=99s_absurd_attempt_to_censor?= =?utf-8?q?_Ars?= Message-ID: IMAX?s absurd attempt to censor Ars http://arstechnica.com/tech-policy/2015/06/from-quote-to-retraction-request-imaxs-absurd-attempt-to-censor-ars/ -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 19 13:52:47 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Jun 2015 14:52:47 -0400 Subject: [Infowarrior] - Popular Torrents Being Sabotaged by IPv6 Peer Flood Message-ID: <04518DEE-6CC4-4CBC-B3EE-46A3F406B88C@infowarrior.org> Popular Torrents Being Sabotaged by IPv6 Peer Flood ? By Ernesto ? on June 19, 2015 http://torrentfreak.com/popular-torrents-being-sabotaged-by-ipv6-peer-flood-150619/ Unknown attackers are sabotaging popular TV and movie torrents by flooding swarms with IPv6 peers. The vulnerability, which affects the popular uTorrent client, makes it nearly impossible for torrent users to download files. It's unclear who's orchestrating the attacks but it could be a guerrilla anti-piracy move. Generally speaking, BitTorrent is a highly robust file-sharing protocol that?s not easily disrupted. However, in recent weeks there have been systematic efforts to prevent large groups of people from sharing popular pirated TV-shows and movies. The sabotaging technique tries to make it impossible for downloaders to connect to other people by overwhelming BitTorrent swarms with IPv6 peers. Because of its focus on IPv6, not all users are affected, but those who are sometimes see their download speeds grind to a halt. As a result it can take days to download a file, if at all. In short the process works as follows. The attacker joins a popular torrent swarm with hundreds, if not thousands of IPv6 addresses. These fake peers request data from real downloaders, quickly filling up their request queues. The fake peers never exchange any data but keep the client busy until they are banned, as is shown in the screenshot below. The attack has been confirmed to affect the popular client uTorrent. After a few minutes uTorrent does ban the malicious peers, but this makes little difference as the attackers use so many different IP-addresses. Because all the fake peers have filled up the connection slots, real peers can no longer connect. This means that hardly any real data is transferred. ?Got unchoke from ?Torrent 3.4.3 (12.345.678.9:9999), can?t request immediately because request queue is full? TF was tipped off by the operator of one of the largest torrent trackers, who informed us that this type of attack is rampant. Many people are complaining about slow download speeds or torrents that are stuck. ?This new method of peer flooding makes a lot of people think there are issues with torrents. From an anti-piracy point of view it is achieving the purposed effect,? the tracker operator, who prefers to remain anonymous, said. We were able to replicate the effect, which indeed makes downloading nearly impossible. After testing all of the larger BitTorrent clients it appears that only uTorrent and BitTorrent Mainline are vulnerable to the attack. However, together these two clients are used by the majority of all BitTorrent users. We informed BitTorrent Inc, who develop the two clients, about the vulnerability. The company informed us that they are currently looking into the issue and may comment later. Without an immediate fix, the tracker operator is advising affected users to switch to a different client for the time being, or disable IPv6 in Windows, if that?s an option. ?People experiencing download slowness ? torrents stuck at 0% for more than 10 minutes, in a case where there are seeds available, should immediately switch to a different client or disable IPv6 in Windows,? the tracker operator says. It is unclear who is behind the attacks, but considering the fact that it targets nearly all new TV and movie torrents, it could very well be a novel anti-piracy strategy. In any case, it?s definitely one of the most effective attempts to disrupt BitTorrent downloads in recent years. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun Jun 21 16:54:36 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Jun 2015 17:54:36 -0400 Subject: [Infowarrior] - OPM idiocy, con't. Message-ID: Attack Gave Chinese Hackers Privileged Access to U.S. Systems By DAVID E. SANGER, NICOLE PERLROTH and MICHAEL D. SHEAR JUNE 20, 2015 < - > Undetected for nearly a year, the Chinese intruders executed a sophisticated attack that gave them ?administrator privileges? into the computer networks at the Office of Personnel Management, mimicking the credentials of people who run the agency?s systems, two senior administration officials said. The hackers began siphoning out a rush of data after constructing what amounted to an electronic pipeline that led back to China, investigators told Congress last week in classified briefings. Much of the personnel data had been stored in the lightly protected systems of the Department of the Interior, because it had cheap, available space for digital data storage. The hackers? ultimate target: the one million or so federal employees and contractors who have filled out a form known as SF-86, which is stored in a different computer bank and details personal, financial and medical histories for anyone seeking a security clearance. < - > http://www.nytimes.com/2015/06/21/us/attack-gave-chinese-hackers-privileged-access-to-us-systems.html -- It's better to burn out than fade away. From rforno at infowarrior.org Sun Jun 21 16:54:48 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Jun 2015 17:54:48 -0400 Subject: [Infowarrior] - How DOJ Gagged Google over Surveillance of WikiLeaks Volunteer Message-ID: <4A43575A-2F9A-4486-B16C-002B267A3283@infowarrior.org> Revealed: How DOJ Gagged Google over Surveillance of WikiLeaks Volunteer By Ryan Gallagher @rj_gallagher The Obama administration fought a legal battle against Google to secretly obtain the email records of a security researcher and journalist associated with WikiLeaks. Newly unsealed court documents obtained by The Intercept reveal the Justice Department won an order forcing Google to turn over more than one year?s worth of data from the Gmail account of Jacob Appelbaum (pictured above), a developer for the Tor online anonymity project who has worked with WikiLeaks as a volunteer. The order also gagged Google, preventing it from notifying Appelbaum that his records had been provided to the government. The surveillance of Appelbaum?s Gmail account was tied to the Justice Department?s long-running criminal investigation of WikiLeaks, which began in 2010 following the transparency group?s publication of a large cache of U.S. government diplomatic cables. < - > https://firstlook.org/theintercept/2015/06/20/wikileaks-jacob-appelbaum-google-investigation/ -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 22 05:50:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Jun 2015 06:50:24 -0400 Subject: [Infowarrior] - =?utf-8?q?After_Taylor_Swift=E2=80=99s_Criticism?= =?utf-8?q?=2C_Apple_Will_Pay_Royalties_in_Trial_Period?= Message-ID: <37B77826-9E48-4091-B315-88E8CBD10B84@infowarrior.org> After Taylor Swift?s Criticism, Apple Will Pay Royalties in Trial Period By BEN SISARIO JUNE 21, 2015 http://www.nytimes.com/2015/06/22/business/media/taylor-swift-criticizes-apples-terms-for-streaming-music-service.html When Taylor Swift speaks, even the most powerful company in the world listens. Less than 24 hours after Ms. Swift complained publicly that Apple was not planning to pay royalties during a three-month trial period of its new streaming music service, the company changed course, and confirmed that it will pay its full royalty rates for music during the free trial. ?When I woke up this morning and read Taylor?s note, it really solidified that we need to make a change,? Eddy Cue, Apple?s senior vice president of Internet software and services, said in an interview late Sunday. In a letter posted Sunday morning to her Tumblr page, called ?To Apple, Love Taylor,? Ms. Swift addressed a situation that had begun to send shock waves through the music industry: Apple, which has announced a subscription streaming service to compete with Spotify, Rhapsody and Deezer, was not going to pay royalties during the trial period. Continue reading the main story Related Coverage ? Apple Music Streaming Service Terms Dismay Indie Record CompaniesJUNE 17, 2015 ? Apple Music Is Unveiled, Along With Operating System UpgradesJUNE 8, 2015 ? Apple Takes On a Market Full of Streaming ServicesJUNE 3, 2015 Ms. Swift, who last year pulled her music from Spotify in another dispute over royalties, called Apple?s policy ?shocking, disappointing and completely unlike this historically progressive company.? ?We don?t ask you for free iPhones,? she added. ?Please don?t ask us to provide you with our music for no compensation.? Ms. Swift had framed her letter as an explanation for why she was withholding her latest album, ?1989,? from Apple?s new service. But she said that she was also speaking for other musicians who were afraid to speak up about the issue, and her comments found wide support in the music world. On Twitter, Elvis Costello called Ms. Swift?s note ?a note from our future President.? Apple?s new service, called Apple Music, is set to become available worldwide on June 30. Besides its longstanding iTunes download store, it will include a $10 streaming subscription plan, a free Internet radio station and a media platform that will let artists upload songs, videos and other content for fans. Unlike Spotify, which lets customers listen free or pay monthly fees to eliminate ads, Apple?s subscription feature will have no permanent free level. Apple?s arrival in streaming music has been much anticipated by the music industry, but its plan not to pay royalties during its trial period drew complaints from independent music groups around the world, saying that the company?s terms were unfair. But the criticism from Ms. Swift ? perhaps the biggest star in pop today ? was a damaging public-relations misstep for Apple on the eve of its big new product release. Mr. Cue, the Apple executive in charge of iTunes and Apple?s new music service, said that he had spoken to Ms. Swift on Sunday. ?I did let her know that we heard her concerns and made the change,? he said. Early Monday, after Apple?s change was announced, Ms. Swift tweeted: ?I am elated and relieved. Thank you for your words of support today. They listened to us.? Mr. Cue said the company?s original plan was to pay a slightly higher royalty rate ? at least 71.5 percent of the money it collects from sales, as opposed to the industry standard of about 70 percent ? in exchange for the free trial. But many record executives, particularly at small labels where margins are thin, had described a frightening scenario in which income from important new albums that came out during the free period would not only lose out on crucial download income, but also get nothing from Apple?s new streaming feature. Mr. Cue said that Apple will now pay royalties to both record companies and music publishers for the use of music during the trial period. He declined to specify how much money that might cost the company, which is the biggest retailer of music. Ms. Swift has long been outspoken on economic issues for musicians. In a piece in The Wall Street Journal last year, she wrote: ?Valuable things should be paid for. It?s my opinion that music should not be free.? -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 22 12:12:17 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Jun 2015 13:12:17 -0400 Subject: [Infowarrior] - Google Chrome & audio privacy Message-ID: Google Chrome Listening In To Your Room Shows The Importance Of Privacy Defense In Depth Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to ?we can do that?. < - > https://www.privateinternetaccess.com/blog/2015/06/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/ -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 22 15:19:44 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Jun 2015 16:19:44 -0400 Subject: [Infowarrior] - WaPo writes about L0pht and net history Message-ID: Net of insecurity A disaster foretold ? and ignored LOpht?s warnings about the Internet drew notice but little action Story by Craig Timberg Published on June 22, 2015 The seven young men sitting before some of Capitol Hill?s most powerful lawmakers weren?t graduate students or junior analysts from some think tank. No, Space Rogue, Kingpin, Mudge and the others were hackers who had come from the mysterious environs of cyberspace to deliver a terrifying warning to the world. The making of a vulnerable Internet: This story is the third of a multi-part project on the Internet?s inherent vulnerabilities and why they may never be fixed. Your computers, they told the panel of senators in May 1998, are not safe ? not the software, not the hardware, not the networks that link them together. The companies that build these things don?t care, the hackers continued, and they have no reason to care because failure costs them nothing. And the federal government has neither the skill nor the will to do anything about it. Above: L0pht hackers Brian Oblivion, Tan, Kingpin, Mudge, Weld Pond, Space Rogue and Stefan von Neumann testify before a Senate panel in 1998. (Douglas Graham/Congressional Quarterly via Getty Images) ?If you?re looking for computer security, then the Internet is not the place to be,? said Mudge, then 27 and looking like a biblical prophet with long brown hair flowing past his shoulders. The Internet itself, he added, could be taken down ?by any of the seven individuals seated before you? with 30 minutes of well-choreographed keystrokes. The senators ? a bipartisan group including John Glenn, Joseph I. Lieberman and Fred D. Thompson ? nodded gravely, making clear that they understood the gravity of the situation. ?We?re going to have to do something about it,? Thompson said. What happened instead was a tragedy of missed opportunity, and 17 years later the world is still paying the price in rampant insecurity. The testimony from L0pht, as the hacker group called itself, was among the most audacious of a rising chorus of warnings delivered in the 1990s as the Internet was exploding in popularity, well on its way to becoming a potent global force for communication, commerce and criminality.... < - > http://www.washingtonpost.com/sf/business/2015/06/22/net-of-insecurity-part-3/ -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 22 17:17:08 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Jun 2015 18:17:08 -0400 Subject: [Infowarrior] - OPM hack could actually affect 18 million Message-ID: <57F1BA79-3FFF-4B30-8FE1-D02B0FF40791@infowarrior.org> U.S. government hack could actually affect 18 million - CNNPolitics.com Evan Perez and Shimon Prokupecz, CNN http://www.cnn.com/2015/06/22/politics/opm-hack-18-milliion/index.html ? A data hack that the U.S. government says originated in China may affect far more people than originally reported ? The U.S. Office of Personnel Management still says the hack could affect 4.2 million Americans ? The FBI director told lawmakers the actual number could be 18 million Americans Washington (CNN)The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management - more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to U.S. officials briefed on the investigation. FBI Director James Comey gave the 18 million estimate in a closed-door briefing to Senators in recent weeks, using the OPM's own internal data, according to U.S. officials briefed on the matter. Those affected could include people who applied for government jobs, but never actually ended up working for the government. The same hackers who accessed OPM's data are believed to have last year breached an OPM contractor, KeyPoint Government Solutions, U.S. officials said. When the OPM breach was discovered in April, investigators found that KeyPoint security credentials were used to breach the OPM system. Some investigators believe that after that intrusion last year, OPM officials should have blocked all access from KeyPoint, and that doing so could have prevented more serious damage. But a person briefed on the investigation says OPM officials don't believe such a move would have made a difference. That's because the OPM breach is believed to have pre-dated the KeyPoint breach. Hackers are also believed to have built their own backdoor access to the OPM system, armed with high-level system administrator access to the system. One official called it the "keys to the kingdom." KeyPoint did not respond to CNN's request for comment. U.S. investigators believe the Chinese government is behind the cyber intrusion, which are considered the worst ever against the U.S. government. OPM has so far stuck by the 4.2 million estimate, which is the number of people so far notified that their information was compromised. An agency spokesman said the investigation is ongoing and that it hasn't verified the larger number. The actual number of people affected is expected to grow, in part because hackers accessed a database storing government forms used for security clearances, known as SF86 questionnaires, which contain the private information of multiple family members and associates for each government official affected, these officials said. OPM officials are facing multiple congressional hearings this week on the hack and their response to it. There's growing frustration among lawmakers and government employees that the Obama administration's response has minimized the severity of breach. OPM's internal auditors told a House Oversight and Government Affairs Committee last week that key databases housing sensitive national security data, including applications for background checks, had not met federal security standards. "Not only was a large volume (11 out of 47 systems) of OPM's IT systems operating without a valid Authorization, but several of these systems are among the most critical and sensitive applications owned by the agency," Michael Esser, OPM's assistant inspector general for audits, wrote in testimony prepared for committee. Katherine Archuleta, who leads OPM, is beginning to face heat for her agency's failure to protect key national security data -- highly prized by foreign intelligence agencies -- as well as for how slowly the agency has provided information. Rep. Stephen Lynch, D-Mass., at a hearing last week told Archuleta: "I wish that you were as strenuous and hardworking at keeping information out of the hands of hacker as are at keeping information out of the hands of Congress." -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 23 10:48:55 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Jun 2015 11:48:55 -0400 Subject: [Infowarrior] - Senate advances controversial TPP Message-ID: <92B94EC9-228F-4FF1-8865-9C6FF86CB2D6@infowarrior.org> (Wondering how many voting 'yes' actually read the thing first. Not many, I bet. --rick) Senate Hands a Victory to Obama on Trade Pact Jonathan Weisman http://www.nytimes.com/2015/06/24/us/politics/senate-vote-on-trade-bill.html WASHINGTON ? The Senate on Tuesday narrowly voted to end debate on legislation granting President Obama enhanced negotiating powers to complete a major Pacific trade accord, virtually ensuring final passage on Wednesday of Mr. Obama?s top legislative priority in his final years in office. The procedural decision barely cleared the 60 votes needed ? the tally was 60 to 37 ? but final passage will need only 51 votes. It was the second time the Senate blocked a filibuster of the so-called trade promotion authority, but this time the bill was shorn of a measure to offer enhanced retraining and education assistance to workers displaced by international trade accords. That measure faces a crucial procedural vote on Wednesday as well. Passage of a stand-alone trade promotion bill will put pressure on House Democrats. Earlier this month, they brought down the worker aid provision when it was legislatively linked to the trade-negotiating legislation, believing that the maneuver would torpedo the entire trade package. But Republican leaders ? with the White House?s support ? found a parliamentary way to corner the Democrats by separating the two pieces of the bill. By Wednesday evening, legislation will most likely be on the president?s desk giving him the power to complete the trade accord, the 12-nation Trans-Pacific Partnership, knowing Congress could not amend or filibuster the final agreement. He can sign it whether or not the House passes worker dislocation assistance, which is scheduled to come to a vote on Friday. ?Today is a very big vote,? declared Senator Mitch McConnell of Kentucky, the majority leader. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 23 12:52:37 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Jun 2015 13:52:37 -0400 Subject: [Infowarrior] - =?utf-8?q?Software_companies_are_leaving_the_UK_b?= =?utf-8?q?ecause_of_government=E2=80=99s_surveillance_plans?= Message-ID: Software companies are leaving the UK because of government?s surveillance plans Growing concerns about Snooper's Charter and crypto backdoors fuelling exodus. by Glyn Moody - Jun 23, 2015 7:15am EDT http://arstechnica.co.uk/tech-policy/2015/06/software-companies-are-leaving-the-uk-because-of-governments-surveillance-plans/ The company behind the open-source blogging platform Ghost is moving its paid-for service out of the UK because of government plans to weaken protection for privacy and freedom of expression. Ghost's founder, John O'Nolan, wrote in a blog post: "we?ve elected to move the default location for all customer data from the UK to DigitalOcean?s [Amsterdam] data centre. The Netherlands is ranked #2 in the world for Freedom of Press, and has a long history of liberal institutions, laws and funds designed to support and defend independent journalism." O'Nolan was particularly worried by the UK government's plans to scrap the Human Rights Act, which he said enshrines key rights such as "respect for your private and family life" and "freedom of expression." The Netherlands, by contrast, has "some of the strongest privacy laws in the world, with real precedents of hosting companies successfully rejecting government requests for data without full and legal paperwork," he writes. This is by no means the first software company to announce that it will be leaving the UK because of the government's plans to attack privacy through permanent bulk surveillance of online activities and weakened crypto. At the beginning of May, Aral Balkan revealed that he would be moving his Ind.ie software project out of the country: "Following the election of a Tory government with a mandate to further mass surveillance, we?re leaving the UK to avoid the possibility of having to add backdoors to our products at Ind.ie." Like O'Nolan, Balkan cited the abolition of the Human Rights Act as one reason for his decision, as well as plans to introduce the Snooper's Charter and backdoors in messaging applications. A few weeks later, Eris Industries became the second company to react to the new UK government and its plans. Eris is "free software that allows anyone to build their own secure, low-cost, run-anywhere data infrastructure using blockchain and smart contract technology." The company's move was prompted by the threat that new laws could require backdoors in its encryption technology. Preston Byrne, COO and General Counsel of Eris, explained in a blog post: "with immediate effect, we have temporarily moved our corporate headquarters to New York City, where open-source cryptography is firmly established as protected speech pursuant to the First Amendment to the Constitution of the United States." That temporary move will become permanent if the Snooper's Charter is enacted with provisions that would require crypto to be backdoored. Byrne wrote: "If this Bill is passed into law, we are likely to see a mass exodus of tech companies and financial services firms alike from the United Kingdom. We are happy to lead by example." -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 23 14:39:33 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Jun 2015 15:39:33 -0400 Subject: [Infowarrior] - Comcast Experiencing Outages Nationwide Message-ID: <1B7543A8-E3D0-407F-B003-38ADAC0403FD@infowarrior.org> Comcast Experiencing Outages Nationwide By Derek ForrestJune 23, 2015 11:30 AM - Source: Tom's Hardware US http://www.tomshardware.com/news/comcast-outages-nationwide,29434.html Comcast is experiencing outages across the country, making for a bad day for many. Like most enthusiast gamers, I started my day excited as a child on Christmas morning, about to open a highly anticipated gift in the form of Batman: Arkham Knight. I'd downloaded my game-ready driver, the game itself, poured a cup of java and hit the streets of Arkham City as the world's greatest detective. Sheer bliss would ensue. Except that was not the case for me and many other Comcast customers today, as nationwide service outages are being reported from the worst-rated customer service ISP in the country. After troubleshooting all the normal avenues and discovering that indeed, there was no Internet, my first instinct was to call every friend I have in search of a working connection. As I called more and more friends, reaching as far as sixty miles away, it became apparent that this was not just "my service area" as Comcast customer service had told me. Working off of my smartphone, I logged into my customer support page to see exactly how far-reaching this problem was, somehow feeling as though perhaps with my luck, this was just an isolated case and that perhaps the outage just in my home state. As the outage map image loaded, it was apparent that I wasn't alone. Yikes.All we know for sure is that yes, there is a problem. A serious, serious problem. Comcast would not comment on the cause of the outages, and its original estimates of service restoration have come and gone. Without any further information, one has to guess at what the problem could be, but this writer's prevailing theory is that Batman broke the Internet. We will update this article with more information as it is made available. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 24 06:17:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Jun 2015 07:17:56 -0400 Subject: [Infowarrior] - =?utf-8?q?Obama=E2=80=99s_Cyber_Meltdown?= Message-ID: (x-posted) This is a decent (surprisingly) cyber op-ed from the WSJ on this issue. However in terms of the last paragraph, may I suggest we officially declare this incident a "Cyber 9/11" and then drop any further use of this sensational and moronic term? --rick Obama?s Cyber Meltdown June 23, 2015 7:14 p.m. ET http://www.wsj.com/articles/obamas-cyber-meltdown-1435097288 If you thought Edward Snowden damaged U.S. security, evidence is building that the hack of federal Office of Personnel Management (OPM) files may be even worse. When the Administration disclosed the OPM hack in early June, they said Chinese hackers had stolen the personal information of up to four million current and former federal employees. The suspicion was that this was another case of hackers (presumably sanctioned by China?s government) stealing data to use in identity theft and financial fraud. Which is bad enough. Yet in recent days Obama officials have quietly acknowledged to Congress that the hack was far bigger, and far more devastating. It appears OPM was subject to two breaches of its system in mid-to-late 2014, and the hackers appear to have made off with millions of security-clearance background check files. These include reports on Americans who work for, did work for, or attempted to work for the Administration, the military and intelligence agencies. They even include Congressional staffers who left government?since their files are also sent to OPM. This means the Chinese now possess sensitive information on everyone from current cabinet officials to U.S. spies. Background checks are specifically done to report personal histories that might put federal employees at risk for blackmail. The Chinese now hold a blackmail instruction manual for millions of targets. These background checks are also a treasure trove of names, containing sensitive information on an applicant?s spouse, children, extended family, friends, neighbors, employers, landlords. Each of those people is also now a target, and in ways they may not contemplate. In many instances the files contain reports on applicants compiled by federal investigators, and thus may contain information that the applicant isn?t aware of. Of particular concern are federal contractors and subcontractors, who rarely get the same security training as federal employees, and in some scenarios don?t even know for what agency they are working. These employees are particularly ripe targets for highly sophisticated phishing emails that attempt to elicit sensitive corporate or government information. The volume of data also allows the Chinese to do what the intell pros call ?exclusionary analysis.? We?re told, for instance, that some highly sensitive agencies don?t send their background checks to OPM. So imagine a scenario in which the Chinese look through the names of 30 State Department employees in a U.S. embassy. Thanks to their hack, they?ve got information on 27 of them. The other three they can now assume are working, undercover, for a sensitive agency. Say, the CIA. Or imagine a scenario in which the Chinese cross-match databases, running the names of hacked U.S. officials against, say, hotel logs. They discover that four Americans on whom they have background data all met at a hotel on a certain day in Cairo, along with a fifth American for whom they don?t have data. The point here is that China now has more than enough information to harass U.S. agents around the world. And not only Americans. Background checks require Americans to list their contacts with foreign nationals. So the Chinese may now have the names of thousands of dissidents and foreigners who have interacted with the U.S. government. China?s rogue allies would no doubt also like this list. This is a failure of extraordinary proportions, yet even Congress doesn?t know its extent. The Administration is still refusing to say, even in classified briefings, which systems were compromised, which files were taken, or how much data was at risk. *** While little noticed, the IRS admitted this spring it was also the subject of a Russian hack, in which thieves grabbed 100,000 tax returns and requested 15,000 fraudulent refunds. Officials have figured out that the hackers used names and Social Security data to pretend to be the taxpayers and break through weak IRS cyber-barriers. As Wisconsin Senator Ron Johnson has noted, the Health and Human Services Department and Social Security Administration use the same weak security wall to guard ObamaCare files and retirement information. Yet the Administration is hardly rushing to fix the problem. Way back in March 2014, OPM knew that Chinese hackers had accessed its system without having downloaded files. So the agency was on notice as a target. It nonetheless failed to stop the two subsequent successful breaches. If this were a private federal contractor that had lost sensitive data, the Justice Department might be contemplating indictments. Yet OPM director Katherine Archuleta and chief information officer Donna Seymour are still on the job. Mr. Obama has defended Ms. Archuleta, and the Administration is trying to change the subject by faulting Congress for not passing a cybersecurity bill. But that legislation concerns information sharing between business and government. It has nothing to do with OPM and the Administration?s failure to protect itself from cyber attack. Ms. Archuleta appears before Congress this week, and she ought to remain seated until she explains the extent of this breach. While Russia and Islamic State are advancing abroad, the Obama Administration may have allowed a cyber 9/11 at home. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 24 16:10:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Jun 2015 17:10:56 -0400 Subject: [Infowarrior] - Samsung deliberately disabling Windows Update Message-ID: Samsung deliberately disabling Windows Update http://bsodanalysis.blogspot.nl/2015/06/samsung-deliberately-disabling-windows.html -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 24 16:11:36 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Jun 2015 17:11:36 -0400 Subject: [Infowarrior] - DOJ's goofy retractions on Google gag order Message-ID: The Ridiculous Redactions The DOJ Required To Try To Hide The Details Of Its Google Gag Order https://www.techdirt.com/articles/20150624/00310831441/ridiculous-redactions-doj-required-to-try-to-hide-details-google-gag-order.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Wed Jun 24 17:53:19 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Jun 2015 18:53:19 -0400 Subject: [Infowarrior] - OT: The Story of the Most Daring Cliffhanger in 'Next Generation' History Message-ID: 'Star Trek': The Story of the Most Daring Cliffhanger in 'Next Generation' History http://www.hollywoodreporter.com/heat-vision/star-trek-story-daring-cliffhanger-803642 -- It's better to burn out than fade away. From rforno at infowarrior.org Thu Jun 25 10:01:21 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Jun 2015 11:01:21 -0400 Subject: [Infowarrior] - Hackers got FBI files as part of OPM breach Message-ID: (As one commenter posted, "maybe OPM should tell us what China did NOT get." Indeed, that might be easier for the DC crowd to comprehend. --rick) Hackers got FBI files as part of OPM breach By Cory Bennett - 06/25/15 08:12 AM EDT http://thehill.com/policy/cybersecurity/246098-hackers-got-fbi-files-as-part-of-opm-breach Suspected Chinese hackers breached FBI agents? personnel files as part of the broader attack on the federal government that has laid bare millions of people?s data, Newsweek reported. Putting FBI agents' data at risk could have national security implications; many investigate domestic terrorist plots and foreign spies. It?s still unclear exactly whose information has been pilfered following a massive digital siege on the Office of Personnel Management. Initially, the OPM said a hack had exposed 4.2 million current and former executive branch employees. A week later, the personnel agency revealed a second breach of a security clearance database that contained the background check files of millions of military and intelligence community. The FBI is part of the intelligence community. A widely reported estimate that 18 million people were affected by the second intrusion was disputed by OPM Director Katherine Archuleta on Thursday, who said that number could rise even higher. It?s not clear whether the reported FBI infiltration was part of the first or second breach. As an intelligence community agency, it would make sense it was part of the larger hack. But an unnamed FBI source told Newsweek the OPM notified him in May that his personnel file had been compromised, which was before the agency had started sending notices about the second breach. The FBI has more than 35,000 employees. The ramifications of those employees? info getting out could be ?mind boggling,? the source told Newsweek, ?because there are counterintelligence implications, national security implications.? -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 26 06:43:08 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Jun 2015 07:43:08 -0400 Subject: [Infowarrior] - Stop the Entertainment Lobby's Dumb Attempt to Cripple Internet Privacy Message-ID: Stop the Entertainment Lobby's Dumb Attempt to Cripple Internet Privacy Chris Mills http://gizmodo.com/stop-the-entertainment-lobbys-dumb-attempt-to-cripple-i-1714083384 If you?ve ever registered a domain name, you?ve probably stumbled across WHOIS, a series of databases that contains basic information on whoever registered a particular domain name. While WHOIS makes this information public by default, it?s long been possible to hide behind a proxy ? something the entertainment industry is hellbent on changing. The benefits of using a WHOIS proxy should be evident to anyone who?s ever come across the nasty side of Twitter. WHOIS makes it easy to dox anyone who gets on the wrong side of 4chan trolls, so using a proxy to register a domain name is a perfectly sensible precaution. If someone really needs to get in touch ? say, to issue a DMCA notice ? the proxy service can be legally obliged to pass a message on, or surrender a registrant?s information (depending on the laws of a particular country). But that?s not enough for the entertainment industry. Under the murky umbrella of the ?Coalition for Online Accountability?, they?re petitioning ICANN, the organization that manages WHOIS data. They claim that proxy services are too slow to act, and any website registered for commercial purposes should be obliged to make its WHOIS records public. That would be awful news for internet privacy. As the Electronic Frontier Foundation ? which is strongly against the proposal ? points out, any website that publishes ads could arguably be considered commercial. Putting the phone numbers and addresses of millions of internet users out there would be a huge blow to the internet?s cornerstones of privacy and anonymity ? not to mention make it easier to dox people, which really doesn?t need to happen. Even worse, it?s not like this would serve any real purpose in combating piracy, which is the entertainment lobby?s key argument. WHOIS data is submitted by users and not really verified, meaning that it?s absurdly easy to lie ? something you?d probably be inclined to do if you were starting The Pirate Bay 2.0. In all likelihood, then, making WHOIS data public would negatively impact the internet?s most vulnerable citizens, whilst doing jack shit in the crusade against piracy. ICANN is still accepting public comment on the matter: you can add your voice to thousands of others by writing to comments-ppsai-initial-05may15 at icann.org. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 26 17:18:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Jun 2015 18:18:24 -0400 Subject: [Infowarrior] - GOP Rep: OPM hack response exposes hypocrisy Message-ID: <4743EFE1-3CD9-4B6B-9047-D7D4A81A2A39@infowarrior.org> (Many of us have been saying this for years, too. ---rick) GOP Rep: OPM hack response exposes hypocrisy By Cory Bennett - 06/26/15 01:40 PM EDT http://thehill.com/policy/cybersecurity/246278-gop-rep-opm-hack-response-exposes-hypocrisy The Obama administration's handling of the recent massive data breach has exposed ?the federal government?s prevarication and hypocrisy when it comes to handling cybersecurity incidents,? Rep. Will Hurd (R-Texas) wrote in an op-ed for The Wall Street Journal. While no one has been fired or held accountable following repeated breaches at numerous agencies, the government levies fines on private companies for their security breaches, Hurd argued. ?If federal agencies wish to provide effective oversight of the private sector, then they should start by looking in the mirror,? he said. The White House has come under considerable heat from Congress following revelations that two separate digital intrusions at the Office of Personnel Management (OPM) have exposed tens of millions of people?s most sensitive information. Hurd sits on the House Oversight and Government Reform Committee, which has held two hearings in as many weeks on the OPM breach. The Texas freshman also chairs the Oversight panel?s Information Technology Subcommittee. He was given the title, in part, because of his four years working as a senior adviser for security firm FusionX. Hurd and other lawmakers have bashed officials for withholding information and for failing to respond to years of warnings that the OPM networks ? which hold personnel files and security clearance background checks on all federal workers ? were not locked down. ?In report after report going back to 2010, the OPM?s Office of the Inspector General had identified insecure, outdated and poorly managed IT systems and practices that left the agency?s information vulnerable,? Hurd wrote. Yet during multiple congressional hearings the past two weeks, OPM Director Katherine Archuleta ?declined to apologize for, or even acknowledge, her agency?s refusal to implement security best practices recommended for several years by the OPM?s own inspector general," he continued. Lawmakers in particular have latched onto Archuleta?s decision not to shut down 11 computer systems that didn?t have a security certificate, going against the inspector general?s recommendation. Archuleta has repeatedly insisted the agency could not turn off those systems without disrupting employee?s benefits and paychecks. The answer has not satisfied lawmakers or the inspector general. Many want Archuleta ousted for her role in the breach. Hurd indicated Archuleta?s firing would be a welcome change for an administration that has lacked accountability. Hurde recounted asking the head of the Government Accountability Office whether ?he could recall ever seeing any federal government employee fired for delays or cost overruns on IT projects.? ?After a long pause, he could not name a single instance,? Hurd continued. ?This ?do as I say, not as I do? culture runs rampant in Washington. Our government demands accountability from others but offers little itself.? -- It's better to burn out than fade away. From rforno at infowarrior.org Fri Jun 26 17:45:49 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Jun 2015 18:45:49 -0400 Subject: [Infowarrior] - Samsung reverse its Windows Update plans Message-ID: <8DE887F7-D941-473B-91F4-C9D971F5A542@infowarrior.org> Samsung Will Stop Breaking Windows Update With Its Crappy Bloatware http://gizmodo.com/samsung-disables-windows-updates-to-favor-its-own-crapp-1713558005/1714247168 Earlier this week, a Microsoft security researcher wrote a scathing account of how Samsung?s SW Update tool (installed by default on all Samsung PCs) is disabling Windows Update, potentially leaving millions of computers vulnerable to critical security flaws. Thankfully, Samsung?s crack bloatware programmers have seen the light, and are pushing an update. Samsung provided the following statement to Gizmodo, confirming the update: ?Samsung has a commitment to security and we continue to value our partnership with Microsoft. We will be issuing a patch through the Samsung Software Update notification process to revert back to the recommended automatic Windows Update settings within a few days.? An apology (or admission that breaking Windows Update in the first place was a really dick move) would?ve been nice, but we?ll take our functioning Windows Updates in either case. If you?re using a Samsung PC and haven?t uninstalled SW Update yet, keep your eyes peeled for an update in the next few days. -- It's better to burn out than fade away. From rforno at infowarrior.org Mon Jun 29 18:00:51 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Jun 2015 19:00:51 -0400 Subject: [Infowarrior] - =?utf-8?q?Federal_background_check_system_shut_do?= =?utf-8?b?d24gYmVjYXVzZSBvZiDigJh2dWxuZXJhYmlsaXR54oCZ?= Message-ID: Federal background check system shut down because of ?vulnerability? By Joe Davidson June 29 at 3:00 PM http://www.washingtonpost.com/blogs/federal-eye/wp/2015/06/29/federal-background-check-system-shut-down-because-of-vulnerability/ The web-based system used for federal background investigations for employees and contractors has been suspended after ?a vulnerability? was detected, the Office of Personnel Management (OPM) announced Monday. OPM has been the subject of intense congressional probing following the cyber attack on the personnel records of at least 4.2 million current and former federal employees. The decision to suspend the agency?s ?E-Qip? system, however, is not directly related to that hack or another one of a security clearance data base that was previously announced. ?The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited,? an OPM statement said. ?Rather, OPM is taking this step proactively, as a result of its comprehensive security assessment, to ensure the ongoing security of its network.? The agency?s statement did not define the nature of the vulnerability, but Samuel Schumach, OPM?s press secretary, said, ?Everyone concurred that vulnerability posed a significant risk that warranted immediate action.? OPM said the system will be down four to six weeks, which will cause delays for those seeking background investigations. ?The security of OPM?s networks remains my top priority as we continue the work outlined in my IT Strategic Plan, including the continuing implementation of modern security controls,? said OPM Director Archuleta. ?This proactive, temporary suspension of the e-QIP system will ensure our network is as secure as possible for the sensitive data with which OPM is entrusted.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 30 08:09:30 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Jun 2015 09:09:30 -0400 Subject: [Infowarrior] - Cisco buys OpenDNS Message-ID: (x-posted) OpenDNS and Cisco By David Ulevitch, Founder/CEO June 30, 2015 https://blog.opendns.com/2015/06/30/cisco-announces-intent-to-acquire-opendns/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 30 12:16:47 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Jun 2015 13:16:47 -0400 Subject: [Infowarrior] - Court temporarily brings back NSA surveillance program Message-ID: <5C3B8B3A-B8DF-4978-B72B-8CF2CE8901E0@infowarrior.org> Court temporarily brings back NSA surveillance program By David McCabe - 06/30/15 12:38 PM EDT http://thehill.com/policy/technology/246543-court-temporarily-brings-back-nsa-surveillance-program A federal court said in a Monday order that the National Security Agency can resume the bulk collection of American?s phone records for roughly five months as the program is phased out. Under the recent law aimed at ending the surveillance program, the USA Freedom Act, the government has a six-month transition period in which to continue collecting phone records. In an order published by National Journal, a Foreign Intelligence Surveillance Court judge said that the program could continue for the remainder of that transition period. ?This application presents the question whether the recently-enacted USA FREEDOM Act, in amending Title V of FISA, ended the bulk collection of telephone metadata,? Judge Michael W. Mosman wrote. ?The short answer is yes. But in doing so, Congress deliberately carved out a 180-day period following the date of enactment in which such collection was specifically authorized.? The ruling was in response to a government request to continue the program. ?[T]he government respectfully submits that it may seek and this court may issue an order for the bulk production of tangible things,? the Justice Department said in a memo less than an hour after the USA Freedom Act was signed into law. Former Virginia Attorney General Ken Cuccinelli, in consort with FreedomWorks, briefed the court on concerns raised by the government?s application to continue the program. Under the new law, the court will have a panel of experts to consult on controversial privacy cases ? but that body hasn?t been created yet. The USA Freedom Act marked the zenith of a debate over the program sparked by revelations about its existance and scope from leaker Edward Snowden. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue Jun 30 16:24:59 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Jun 2015 17:24:59 -0400 Subject: [Infowarrior] - WH asks Mudge to form US software safety lab Message-ID: Whitehouse Taps Google Advanced Projects Lead for Software Safety Lab The Obama Whitehouse has tapped famed hacker Peiter Zatko (aka ?Mudge?) to head up a new project aimed at developing an ?underwriters? lab? for cyber security. Zatko announced the new initiative on Monday via Twitter. ?The White House asked if I would kindly create a #CyberUL, so here goes,? he wrote. The new organization would function as an independent, non-profit entity designed to assess the security strengths and weaknesses of products and publishing the results of its tests. The White House has tapped Peiter ?Mudge? Zatko to head up a non profit that will seek to verify the safety and reliability of software. Zatko is a famed hacker and security luminary, who cut his teeth with the Boston-based hacker collective The L0pht in the 1990s before moving on to work in private industry and, then, to become a program manager at the DARPA in 2010. Though known for keeping a low profile, his scruffy visage (circa 1998) graced the pages of the Washington Post last week in a piece that looked at testimony Mudge and other L0pht members gave to Congress about the dangers posed by insecure software. Since leaving DARPA, Zatko has served as Deputy Director of Google?s Advanced Technology and Projects division. He did not respond to requests for comment prior to publication. Underwriters Lab ? or ?UL? ? was founded in 1894 as a private firm dedicated to developing testing and safety standards for everything from fire extinguishers to lithium batteries to heating and cooling equipment and trash cans. UL has developed safety and performance standards for evaluating quality of information technology equipment, as well, but does not make a practice of testing software security or quality. The idea of an ?Underwriters Laboratory? for software has long been bandied about in policy circles and among security experts. In fact, a 1999 paper penned by John Tan (aka ?Tan?) a L0pht compatriot of Zatko?s may have been the first to coin the term ?CyberUL? and make connections between the problems created by the adoption of insecure or shoddy software and the dangers presented by the adoption of electrification in the late 19th and early 20th centuries. < - > https://securityledger.com/2015/06/whitehouse-taps-google-advanced-projects-lead-for-software-safety-lab/ -- It's better to burn out than fade away.