Security News This Week: Tim Cook Demands That the White House Defend Encryption

By -

Security News This Week: Tim Cook Demands That the White House Defend Encryption

 

This week, Ross Ulbricht’s defense team dropped a brief appealing for a new trial, arguing that the court erroneously suppressed information about the corrupt federal agents investigating Silk Road. Using a clue from leaked Hacking Team files, researchers at Kaspersky Lab found a valuable zero-day exploit attacking a vulnerability in Microsoft’s Silverlight software. A researcher found a way for hackers to remotely burn industrial motors. Oh, and Netflix is cracking down on VPNs with the goal of acquiring global content rights for its movies and shows.
But that’s not all. Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there!

Apple CEO Calls on White House Officials to Defend Unbreakable Encryption

Looks like Tim Cook hasn’t changed his stance on encryption. During the delegation called by the White House to discuss counterterrorism issues with tech leaders, the Apple CEO apparently lashed out at Obama administration officials for not issuing a public statement defending the use of encryption without backdoors, according to two people briefed on the meeting who relayed the information to The Intercept. The meeting was attended by the White House Chief of Staff, Attorney General, and Secretary of Homeland Security, as well as NSA Director Michael Rogers, FBI Director James Comey, and Director of National Intelligence James Clapper.

Spamhaus Project Accuses Verizon of Routing Millions of IP Addresses for Spammers

A new post by the Spamhaus Project, an international non-profit organization fighting spam and cybercrime, says that Verizon is “currently by far the largest single source of snowshoe spam in operation today,” with more than 4 million spam IP addresses being routed through its network. (Snowshoe spam is a term for a technique used to get around spam filters and regulations, wherein spammers strategically send out their emails from a wide range of IP addresses, so that if one IP address gets caught, others may still get through.) Spamhaus Project claims that spammers are forging authorization documents alleging permission to use large IP blocks, and that Verizon is routing traffic based on those documents, even after being informed that the IP addresses were illegally  obtained by spammers.

Homeland Security Asks Hotel Staff to Spy on Guests

The Department of Homeland Security is rolling out a so-called “Safe Action Project,’ in which it is asking hotel and hospitality staff to look at warnings of sex trafficking. The only problem is that the so-called red flags are broad enough to sweep up unsuspecting hotel patrons. Among other things, they include paying for rooms with cash or a rechargeable credit card, refusing maid service for several days, having “suspicious tattoos,” or photography equipment, or “excessive sex paraphernalia”—or too few personal possessions, trash cans with a lot of used condoms, or even the presence of multiple computers and devices.

US Spy Chief Gets Hacked by the Teen Who Hacked the CIA’s Director

Crackas with Attitude is back again—after hacking into CIA director John Brennan’s email account last October, and accessing online tools and portals used by law enforcement agencies, one of the group’s hackers, Cracka, has targeted Director of National Intelligence James Clapper. Cracka told Motherboard he accessed Clapper’s home phone and internet accounts, personal email account, and his wife’s email account. The teenage hacker had calls to Clapper’s home phone number forwarded to the Free Palestine Movement. He also sent Motherboard call logs to Clapper’s home number. The Office of the Director of National Intelligence confirmed the hack.

Librarians at New York University Purge Records to Protect User Privacy

The Graduate Center at the City University of New York has begun purging its older interlibrary loan records to protect the privacy of its patrons, deleting the date before the government can demand it. Although the Graduate Center’s chief librarian Polly Thistlethwaite told the Guardian that there was “nothing burning that prompted” the change, she described being approached by an NYPD officer while she was working at a different library. He was looking for users who’d checked out astrological books while looking for the Zodiac killer. The Graduate Center currently plans to keep all interlibrary loan requests dating back to 2013, but eventually hopes to keep a rolling record of only a year or less.

Dutch and Canadian Police Say They Can Read BlackBerry PGP Encrypted Email

The details are murky, but police in the Netherlands and in Canada have claimed that they can access deleted emails and read encrypted email messages on BlackBerry PGP devices, which are sold by resellers like GhostPGP who customize the devices with PGP encryption. Their technique requires physical access to the device.

Fresno Police Use Proprietary Software that Calculates “Threat Levels” of Addresses and Residents

When responding to 911 calls, police operators in Fresno have been consulting the threat-scoring software Beware, which analyzes people’s potential for violence using a series of data points such as arrest reports, social media posts, commercial databases, and property records. The software generates a color-coded threat level for an address and each resident. Only Beware’s manufacturer, Intrado, knows how threat scores are calculated, since it considers this a trade secret. Critics point out that these tools have little public oversight, have enormous potential for error, are intrusive, and have potential to be misused. After a November Fresno City Council hearing in which residents expressed concern, Fresno’s police chief said he’s working with Intrado to turn off the color-coded rating system.

ISIS Has Its Own Encrypted Messaging App

According to Defense One and the unnamed Ghost Security sources it spoke with, ISIS has its own new Android-based app, Alrawi.apk, for encrypted communication. This is in addition to the previously discovered Amaq Agency app, which GhostSec says is used primarily for distributing propaganda.

Companies, Activists, and Tech Experts Call on Global Leaders to Support Strong Encryption

Activists from 42 countries have signed an open letter demanding an end to global government efforts to coerce software companies to weaken encryption via backdoors. The letter was created by digital rights group Access now, and was posted in 10 different languages to SecuretheInternet.org. 195 experts, civil society groups, and companies, including United Nations special rapporteur for freedom of opinion and expression David Kaye, signed the letter.

 

Comments

Post a Comment

Popular posts from this blog

The Mystery of the Canadian Whiskey Fungus

By -
Image
The Mystery of the Canadian Whiskey Fungus The air outside a distillery warehouse smells like witch hazel and spices, with notes of candied fruit and vanilla—warm and tangy- mellow. It’s the aroma of fresh cookies cooling in the kitchen while a fancy cocktail party gets out of hand in the living room. James Scott encountered that scent for the first time a decade ago in a town called Lakeshore, Ontario. Just across the river from Detroit, Lakeshore is where barrels of Canadian Club whiskey age in blocky, windowless warehouses. Scott, who had recently completed his PhD in mycology at the University of Toronto, had launched a business called Sporometrics. Run out of his apartment, it was a sort of consulting detective agency for companies that needed help dealing with weird fungal infestations. The first call he got after putting up his website was from a director of research at Hiram Walker Distillery named David Doyle. Doyle had a problem. In the neighborhood s...
Read more

The Zero1 Flexible Football Helmet May Save Players’ Brains

By -
Image
The Zero1 Flexible Football Helmet May Save Players’ Brains   Football is a game of simple physics: One player has a ball, and many other players who do not have the ball want to stop him in his tracks. Sometimes this interaction happens at high speed. Speeds so fast that the parties involved bang into each other with a G force equivalent to a bowling ball being dropped on a head from 8 feet high. Football is a beautifully violent game, which is the reason Americans simultaneously exalt and fear the sport. It’s the reason people cheer when a cornerback makes the tackle or a linebacker pummels his opponent. It’s also the reason that one out of every three players in the NFL will experience some form of brain trauma during his career. According to an investigation from Frontline, there have been nearly 200 concussions so far this NFL season, and those are just the concussions that were officially reported. The NFL has a ver...
Read more

Psst: You Could Probably Lift a Car by Sucking Through a Straw

By -
Image
Psst: You Could Probably Lift a Car by Sucking Through a Straw   In another great MythBusters moment, Adam and Jamie managed to lift a car with a vacuum cleaner. That’s pretty cool, but could you replace the vacuum cleaner with just a human sucking on a straw? How Do You Lift a Car With Suction? Really, there is no suction. There is only air pressure. Yes, we are immersed in air. It’s all around us and when air molecules (let’s say it’s mostly nitrogen) collide with some surface it’s like a super tiny little push. Since air has lots of molecules, you get lots of collisions and pushes. The greater the surface area, the greater the force from these pushes. But really, we just like to talk about the push per unit area—we call this pressure. The air around us doesn’t just push down on us. It also pushes up and to the side and every which way since the air molecules are moving in all directions. Ok, technically the air pushes more up than down and this leads ...
Read more