My car has rights? What about my
laptop?
January 23, 2012
EPIC:
Supreme Court Upholds Fourth Amendment in GPS Tracking Case
"Today the Supreme Court
unanimously held
in U.S. v. Jones that
the warrantless use of a GPS tracking device by the police violated
the Fourth Amendment. The Court said that a warrant
is required "[w]here, as here, the government obtains
information by physically intruding on a constitutionally protected
area," like a car. Concurring opinions by Justices
Sotomayor and Alito urged the court to focus on the reasonableness of
the suspect's expectation of privacy because physical
intrusion is unnecessary to surveillance in the digital age.
EPIC, joined by 30 legal and technical experts,filed a "friend
of the court" brief.
EPIC warned that, "it is critical that police access to GPS
tracking be subject to a warrant requirement." For more
information, see EPIC: US v.
Jones, and EPIC:
Location Privacy"
(Related) How about an Internet
service that routes your data to a country/provider of your choice,
but does not record where you sent it?
Judge
Orders Defendant to Decrypt Laptop
A judge on Monday ordered a Colorado
woman to decrypt her laptop computer so prosecutors can use the files
against her in a criminal case.
The defendant, accused of bank fraud,
had unsuccessfully argued that being forced to do so violates the
Fifth Amendment’s protection against compelled self-incrimination.
“I conclude that the Fifth Amendment
is not implicated by requiring production of the unencrypted contents
of the Toshiba Satellite M305 laptop computer,” Colorado U.S.
District Judge Robert Blackburn ruled
Monday. (.pdf)
… The case is being closely
watched (.pdf) by civil rights groups, as the issue has never
been squarely weighed in on by the Supreme Court.
… The government had argued that
there was no Fifth Amendment breach, and that it might “require
significant resources and may harm the subject computer” if the
authorities tried to crack the encryption.
Assistant U.S. Attorney Patricia Davies
said
in a court filing (.pdf) that if Judge Blackburn did not rule
against the woman, that would amount to “a concession to her and
potential criminals (be it in child exploitation, national security,
terrorism, financial crimes or drug trafficking cases) that
encrypting all inculpatory digital evidence will serve to defeat the
efforts of law enforcement officers to obtain such evidence through
judicially authorized search warrants, and thus make their
prosecution impossible.”
A factually
similar dispute involving child pornography ended with a Vermont
federal judge ordering the defendant to decrypt the hard drive of his
laptop. While that case never reached the Supreme Court, it differed
from the Fricosu matter because U.S. border agents already knew there
was child porn on the computer because they saw it while the computer
was running during a 2006 routine stop along the Canadian border.
The judge in the Colorado case said
there was plenty of evidence — a jailhouse recording of the
defendant — that the laptop might contain information the
authorities were seeking.
It's nice that they are looking at cost
efficient technology, but how often would they find terrorists spread
over so much space?
Homeland
Security Wants to Spy on 4 Square Miles at Once
… The Department of Homeland
Security says it’s interested in a system that can see between five
to 10 square kilometers — that’s between two and four square
miles, roughly the size
of Brooklyn, New York’s Bedford-Stuyvesant neighborhood — in
its “persistent mode. By “persistent,” it means the cameras
should stare at the area in question for an unspecified number of
hours to collect what the military likes to call “pattern of life”
data — that is, what “normal” activity looks like for a given
area. Persistence typically depends on how long the vehicle carrying
the camera suite can stay aloft; DHS wants something that can fit
into a manned P-3 Orion spy plane or a Predator drone — of which it
has a couple. When not in “persistent mode,” the
cameras ought to be able to see much, much further: “long linear
areas, tens to hundreds of kilometers in extent, such as open, remote
borders.”
(Related)
http://gizmodo.com/5878417/a-must+watch-video-on-how-military-drones-are-changing-war
A Must-Watch Video On How
Military Drones Are Changing War
If Homeland Security really wanted to
shut the door on terrorists they would use a tool like this to
identify organizations that don't “get it” and “encourage”
them to improve. Might be a fun, if somewhat trivial project for my
Ethical Hackers...
10K
Reasons to Worry About Critical Infrastructure
A security researcher was able to
locate and map more than 10,000 industrial control systems hooked up
to the public internet, including water and sewage plants, and found
that many could be open to easy hack attacks, due to lax security
practices.
Infrastructure software vendors and
critical infrastructure owners have long maintained that industrial
control systems (ICSes) — even if rife with security
vulnerabilities — are not at risk of penetration by outsiders
because they’re “air-gapped” from the internet — that is,
they’re not online.
But Eireann Leverett, a computer
science doctoral student at Cambridge University, has developed a
tool that matches information about ICSes that are connected to the
internet with information about known vulnerabilities to show how
easy it could be for an attacker to locate and target an industrial
control system.
… To debunk the myth that
industrial control systems are never connected to the internet,
Leverett used the SHODAN search
engine developed by John Matherly, which allows users to find
internet-connected devices using simple search terms. He then
matched that data to information from vulnerability databases to find
known security holes and exploits that could be used to hijack the
systems or crash them. He used Timemap to chart the information on
Google maps, along with red markers noting brand devices that are
known to have security holes in them. He described
his methodology in a paper (.pdf) about the project.
(Related) A more profitable tool? Is
this what happens when managers ask IT to make it “simple enough
for the CEO to operate?”
I
Spy Your Company’s Boardroom
It’s a good thing Rupert Murdoch’s
News of the World reporters are out of business, because they would
have loved the hacking opportunity recently uncovered by two security
professionals.
HD Moore and Mike Tuchen of Rapid7
discovered that they could remotely infiltrate conference rooms in
some of the top venture capital and law firms
across the country, as well as pharmaceutical and oil companies and
even the boardroom of Goldman Sachs — all by simply calling in to
unsecured videoconferencing systems that they found by doing a scan
of the internet.
“These are literally some of the
world’s most important boardrooms — this is where their most
critical meetings take place — and there could be silent attendees
in all of them,” Moore
told the New York Times.
… Despite the fact that the most
expensive systems offer encryption, password protection and the
ability to lock down the movement of cameras, the researchers found
that administrators were setting them up outside firewalls and
failing to configure security features to keep out intruders. Some
systems, for example, were set up to automatically accept inbound
calls so that users didn’t need to press an “accept” button
when a caller dialed into a videoconference, opening the way for
anyone to call in and eavesdrop on a meeting.
(Related) “This is how they did it”
is less valuable than “Your system is vulnerable”
An anonymous reader sends this excerpt
from Nextgov:
"Hackers, possibly from abroad,
executed an attack on a Northwest rail company's computers that
disrupted
railway signals for two days in December, according to a
government memo recapping outreach with the transportation sector
during the emergency. ... While government and critical industry
sectors have made strides in sharing threat intelligence, less
attention has been paid to translating those analyses into usable
information for the people in the trenches, who are running the
subways, highways and other transit systems, some former federal
officials say. The recent TSA outreach was
unique in that officials told operators how the breach interrupted
the railway's normal activities, said Steve Carver,
a retired Federal Aviation Administration information security
manager, now an aviation industry consultant, who reviewed the memo."
Perspective Not as very large
reaction... Are we still waiting for the Windows version?
"On Jan. 19, Apple introduced
iBooks 2, its digital solution to the physical textbook. In the
first three days of release, users have downloaded
more than 350,000 e-textbooks from the new platform, and more
than 90,000 users have downloaded the authoring tool to make those
e-textbooks, called iBooks Author. It makes sense that Apple's
iBooks 2 platform is taking off in such a short period of time; there
is very little merit to the physical textbook, and the education
industry has been waiting for a viable solution like this for some
time. Physical textbooks lack portability, durability,
accessibility, consistent quality, interactivity and searchability,
and they're not environmentally friendly."
(Related) You da school?
"Professor Sebastian Thrun has
given
up his Stanford position to start Udacity
— an online educational venture. Udacity's first two free courses
are Building a Search Engine and Programming a Robotic Car. In a
moving speech at the Digital Life Design conference, he explained
that after presenting the online AI course to thousands of students
he
could no longer teach at Stanford: 'Now that I saw the true
power of education, there is no turning back. It's like a drug. I
won't be able to teach 200 students again, in a conventional
classroom setting.' Let's hope Udacity works out; Stanford is a
tough act to follow."
Perspective
It's the cost per “adword” that I
find amusing (and amazing)
Who
Buys All Those Google Ads? An Infographic Breakdown
It's not coding, it's developing a
process...
"An article by Andy Young in
The Kernel makes the case that lessons
in programming should be compulsory learning for modern school
kids. He says, 'Computers help us automate and repeat the many
complicated steps that make up the search for the answer to some of
our hardest problems: whether that's a biologist attempting to model
a genome or an office administrator tasked with searching an endless
archive of data. The use of tools is a big part of what make us
human, and the computer is humanity's most powerful tool. ... The
computer makes us more efficient, and enables and empowers us to
achieve far more than we ever could otherwise. Yet the majority of
us are entirely dependent on a select few, to enable us to achieve
what we want. Programming is the act of giving computers
instructions to perform. This is true whether the output is your
word processor, central heating or aircraft control system. If you
can't code, you are forced to rely on those that can to ensure that
you can benefit from the greatest tool at your disposal.'"
Potential tool
… There are other
options when it comes to recording your screen, however.
Camstudio is a simple open-source screen recorder that’s great for
someone who’s starting
out his or her YouTube show on software tips and how-to’s. If
you’re looking for something that allows you to enhance your videos
even more, check out what ActivePresenter offers. ActivePresenter is
a screencasting software that you can use to author
training tutorials and software walkthroughs.
… ActivePresenter comes in three
different versions: Free,
Standard and Professional. You can read the feature comparison here,
but basically, the Standard and Professional versions allow a bit
more interactivity with the final video product and can export to a
few more formats than the Free version (e.g. Flash, HTML, AJAX, PDF).
… In this article, we’ll be
testing the Free
version.
No comments:
Post a Comment