Friday, April 20, 2012

The Privacy Foundation ( has the flier for their May 11th Seminar up on their website. Where else can you gain so much wisdom for a mere $20? And they toss in lunch for FREE!

(Related) An exception to every rule...
Judges Drive Truck Through Loophole in Supreme Court GPS Ruling
A federal judge in Iowa has ruled that evidence gathered through the warrantless use of covert GPS vehicle trackers can be used to prosecute a suspected drug trafficker, despite a Supreme Court decision this year that found such tracking unconstitutional without a warrant.
U.S. District Judge Mark Bennett in Sioux City ruled last week (.pdf) that the GPS tracking evidence gathered by federal DEA agents last year against suspected drug trafficker Angel Amaya, prior to the Supreme Court ruling, can be submitted in court because the agents were acting in good faith at the time. The agents, the judge said, were relying on what was then a binding 8th U.S. Circuit Court of Appeals precedent that authorized the use of warrantless GPS trackers for surveillance in Iowa and six other states.

(Related) Wonderful! Now my Ethical Hackers will be able to “PROVE!” they were only going 15 mph when they passed that cop.
"A bill already passed by the Senate and set to be rubber stamped by the House would make it mandatory for all new cars in the United States to be fitted with black box data recorders from 2015 onwards. Section 31406 of Senate Bill 1813 (known as MAP-21), calls for 'Mandatory Event Data Recorders' to be installed in all new automobiles and legislates for civil penalties to be imposed against individuals for failing to do so. 'Not later than 180 days after the date of enactment of this Act, the Secretary shall revise part 563 of title 49, Code of Federal Regulations, to require, beginning with model year 2015, that new passenger motor vehicles sold in the United States be equipped with an event data recorder that meets the requirements under that part,' states the bill."

I'm designing a line of foil lined baseball caps with pictures of my favorite lawyers on top...
When drones start flying over our neighborhoods, what will protect our privacy?
April 20, 2012 by Dissent
Congressmen Ed Markey and Joe Barton, co-chairs of the Congressional Bi-Partisan Privacy Caucus, have sent a letter to the FAA about drones and privacy concerns. They ask the right questions about transparency and privacy protections – questions I wish the FAA had been asked before the law had been passed. A response is requested by May 10.

This could be very informative, but... When this study started, did we even know what sexting was?
"A University of Texas-Dallas developmental psychology professor has used a $3.4 million NIH grant to purchase Blackberries for 175 Texas teens, capturing every text message, email, photo, and IM they've sent over the past 4 years. Half a million new messages pour into the database every month. The researchers don't 'directly ask' the teens about privacy issues because they don't want to remind them they're being monitored. So many legal and ethical issues here. I can't believe this is IRB-approved. Teens sending nude photos alone could make that database legally toxic. And then there's the ethical issue of monitoring those who have not consented to be part of the study, but are friends with those who have. When a friend texted one participant about selling drugs, he responded, 'Hey, be careful, the BlackBerry people are watching, but don't worry, they won't tell anyone.'"
This sounds like an American version of the "Seven Up" series.

Children have no rights! “Go ahead and tell the parents when we're done.”
Cops Take School Kids’ DNA in Murder Case
April 19, 2012 by Dissent
Alyssa Newcomb reports:
Samples of DNA were collected without parental consent from students at a Sacramento, Calif., middle school in connection with the murder of an 8th grade student who was found stabbed, strangled and beaten to death near the dugout of a local park.
The Sacramento Sheriff’s Department, which has been spearheading the investigation into the murder of Jessica Funk-Haslam, 13, said parental consent was not required in the DNA collection and interview of minors, several of whom were taken out of class during the day last week at Albert Einstein Middle School.
These are interviews, not interrogations,” Sheriff’s Deputy Jason Ramos told “They are all consensual. Once it’s done, there is a mechanism in place for school administrators to notify parents.”
There is nothing under California law that prohibits DNA collection of consenting minors, said John Myers, a professor at the McGeorge School of Law in Sacramento.
Say what?? How can minors meaningfully consent? And what happens to the DNA samples after this investigation? Will they be destroyed or will some profile be stored in a state or federal database? And were the students told what would happen to the samples before they were asked for their consent?
“Paging ACLU to Aisle 4….”
Read more on ABC.

It's now a question for the Supremes...
"In a somewhat startling decision, the U.S. Court of Appeals for the Ninth Circuit has ruled that several employees at an executive recruitment firm did not exceed their authorized access to their company's database when they logged into the system and stole confidential data from it. The appellate court's decision affirms a previous ruling made by the U.S. District Court for the Northern District of California. The government must now decide if it wants to take the case all the way to the U.S. Supreme Court. The judge wrote that the Computer Fraud and Abuse Act, under which they were charged, applies primarily to unauthorized access involving external hackers. The definition of 'exceeds authorized access' under the CFAA applies mainly to people who have no authorized access to the computer at all, the judge wrote. The term would also apply to insiders who might have legitimate access to a system but not to specific information or files on the system Applying the language in the CFAA any other way would turn it into a 'sweeping Internet-policing mandate,' he wrote."

Another “suspect” legal interpretation?
Motorcycle Club’s Attorney Scoffs at FBI Assessment
… The FBI assessment, which Threat Level reported Wednesday, concluded that the Vagos Motorcycle Club, which the bureau has declared an outlaw motorcycle gang based in Southern California, has trademarked its jacket patch — replete with the trademark registration symbol — to block “law enforcement agencies from inserting undercover officers” into the club.
“It’s the most ridiculous thing I’ve ever heard in my life,” Joseph Yanny, the group’s attorney, said in a telephone interview from Los Angeles. Yanny quipped that the bureau, in coming to its conclusions, was likely “interviewing clowns in Vegas.”

It used to be “Sport.” “Everything that is not trademarked is copyrighted. We own the rights to all Olympic performances. We own all Olympic venues. In fact, we own the athletes too. ”
"With London's summer 2012 games due to take place in the very near future, you'd think that organizers would make more of an effort and persuade people to show more of an interest — yet it appears the complete opposite has happened, with strict guidelines banning athletes from posting photos of themselves on Twitter with products that aren't official Olympics sponsors, as well as prohibiting videos or photos to be taken from the athlete's village. Oh and just for good measure, fans could find themselves barred from sharing videos and photos on Facebook and YouTube of themselves delighting in said Olympics action."

NBC have just announced that they will be streaming the entire London 2012 Olympic Games online live. All 32 sports featured at the Summer Olympics will be shown live on the NBC Olympics site.

Now TSA can play with even more data.
"The European Parliament has approved the controversial data transfer agreement, the bilateral PNR (passenger name register), with the US which requires European airlines to pass on passenger information, including name, contact details, payment data, itinerary, email and phone numbers to the Department of Homeland Security. Under the new agreement, PNR data will be 'depersonalized' after six months and would be moved into a 'dormant database' after five years. However the information would still be held for a further 15 years before being fully 'anonymized.'"

Now this could be interesting.
EPIC demands full copy of FCC's probe of Google Street View
An Internet privacy advocacy group wants the Federal Communications Commission to release the full report of its investigation of Google's Street View, which collected and stored data from unencrypted wireless networks.
The Electronic Privacy Information Center has filed a Freedom of Information Act request to see the commission's full 25-page report, saying it "raised questions about the scope of the FCC's Street View investigation." A heavily redacted version painted Google as being too busy to respond with alacrity to its request for information and suggested more than slight frustration.

Survey says 1 in 4 organizations have had issues with mobile malware
Getting a virus on your computer is bad enough, but getting one on your phone is a whole other story. All your personal information leaks, and sometimes that includes the login credentials for many of the services you use. But how big of a problem is mobile malware? Goode Intelligence has had a go at quantifying the issue, and what they have to say isn’t pretty: 24% of the organizations they surveyed reported that they had to deal with infected devices during 2011. Back in 2010 that number was just 9%. How many companies enforce the use of some sort of anti-virus software on their smartphones? Less than 1 in 5.

A network without hardware... Once upon a time, “networks” didn't exist at all. If you wanted to send information from point A to point B you needed a direct, dedicated circuit.
Vanishing Webpage Links Google to Network Maverick Nicira
As part of its new-age system for moving traffic between its massive data centers, Google is using a network controller built in tandem with swashbuckling Silicon Valley startup Nicira, according to a Google presentation posted to the web.
On Tuesday, during a speech in Santa Clara, California, Google’s Urs H√∂lzle — the man who oversees the company’s worldwide network of data centers — revealed that the company is now using an open source protocol known as OpenFlow to completely overhaul the links between the computing facilities that drive its sweeping collection of web services, and a slide presentation that accompanied the speech was posted to the web.
The presentation has now been removed, but an extra slide tacked on to the end of the file indicated that Google is driving its OpenFlow-based network gear using a controller called Onix. (We’ve uploaded a copy of the presentation here.) Onix serves as the basis for the software offered by Nicira, an outfit that recently emerged from stealth mode touting a new breed of network that exists only as software. According to a 2010 research paper, Onix was designed by four Nicira engineers, three Googlers, an NEC employee, and an academic who was among Nicira’s co-founders. The top four contributors to the paper are Nicira employees.

I want copies...
"Two 70-year-old papers by Alan Turing on the theory of code breaking have been released by the government's communications headquarters, GCHQ. It is believed Turing wrote the papers while at Bletchley Park working on breaking German Enigma codes. A GCHQ mathematician said the fact that the contents had been restricted 'shows what a tremendous importance it has in the foundations of our subject.'"
[From the article:
The two papers are now available to view at the National Archives at Kew, west London. [No electronic version? Fire up the jet, Kato. Bob]

e-Discovery, for my Ethical Hackers...
Verifeyed uses a camera’s ‘mathematical fingerprint’ to find manipulated images
Image analysis startup Verifeyed wants to bring a new a sense of legitimacy to the world of digital images.
“Today, digital images are everywhere. But, image editing tools like Adobe Photoshop easily allow the creation of fake images with just a few clicks,” the startup told VentureBeat. “As a result, digital images have lost their trustworthiness. This situation only worsens as products such as Photoshop become more prevalent, sophisticated, and easy to use.”
… it plans solve the problem using its patent pending technology that is able to certify the originality (or absence of modification) for digital images taken from any device. Also, it uses math (a lot of it) — a product of the founders specialty as PhD researchers in the area of applied mathematics.

No comments: