The Tor Project claimed last year that researchers at Carnegie Mellon University (CMU) were behind an attack on Tor that was used to unmask users. CMU released a vague statement that strongly implied that the FBU had indeed subpoenaed the university for its research, and now we have confirmation. A court filing from one of the associated criminal cases explains how Carnegie’s Software Engineering Institute (SEI) helped the FBI track down some wanted Tor users.
Thursday, February 25, 2016
No one ever said, “We can, therefore we won't.” Once the ability exists, users will want to use it!
NYPD wants access to ALL iPhones (with a warrant)
The New York City Police Department says they'd like Apple to unlock every iPhone currently subject to a court-ordered search. Once the San Bernardino doors are broken down by the FBI, the NYPD has made clear: they want in, too. That'd mean every iPhone entered into evidence in a court case and subjected to a search ordered by a judge could be forced open by law enforcement, courtesy of a piece of software they've forced Apple to create. That software would be an entirely new version of iOS which the FBI (then the NYPD, and every other law enforcement agency in the USA) would then install on each iPhone, bypassing Apple's security measures, opening the locks to access data.
(Related) The only rational response? (Will they use the Kim Dotcom model?)
Apple developing iPhone and iCloud encryption that counters FBI-requested workaround, reports say
A pair of reports on Friday cite unnamed sources as saying Apple is in the process of designing next-generation encryption technology that would nullify government-requested decryption methods at the heart of a court case against involving the FBI.
It is unclear what, exactly, is being developed to thwart future incursions, but The New York Times reports Apple is working to negate a workaround requested by the FBI in its investigation of an iPhone used by San Bernardino shooter Syed Rizwan Farook. Law enforcement officials are asking Apple to design and install a custom operating system on Farook's iPhone 5c designed to bypass iOS' passcode counter, leaving the device open to a brute-force attack.
A separate report from the Financial Times claims the company is also looking to shore up its cloud service security, a task potentially more complex than devising viable on-device encryption. According to sources, Apple plans to restrict access to iCloud passkeys in much the same manner as the on-device encryption method introduced with iOS 8.
Interesting. Confirms what we thought. Perhaps the FBI could ask them to do what Apple won't?
Ryan Whitwam reports:
If not North Korea, who? Will the US ever respond in kind?
Sony Hackers Linked to Many Espionage, Destruction Campaigns
For my Computer Security students.
‘Ten Commandments’ of Cyber Security Can Enhance Safety
… As a caveat to the ‘Ten Commandments’ of cybersecurity, we remind our readers of the Mel Brooks movie A History of the World, Part I, where Brooks plays Moses. He returns from Mount Sinai with three tablets and announces: “I give you the Fifteen Commandments,” but then accidentally drops and shatters one of the stones. He quickly recovers and re-announces “The Ten Commandments.” Already, we are aware of important and emerging “commandments” that will need to be shared in the future.
In this vein — because no single sector, industry, enterprise or individual can have all the answers — we invite your continued thoughts and suggestions about a problem that must be addressed, collectively and collaboratively, before it grows to Biblical proportions.
I can't think of a more improbable introduction to coding. Another win for the Cult of Al Gore?
Linda Liukas: A delightful way to teach kids about computers
… In this talk, she invites us to imagine a world where the Ada Lovelaces of tomorrow grow up to be optimistic and brave about technology and use it to create a new world that is wonderful, whimsical and a tiny bit weird.
Tools for my students? Most are online and free!
4 Free Online OCR Tools Put to the Ultimate Test
If you want to convert any printed text into digital text that you can copy, paste, edit, and search, you’ll need to use Optical Character Recognition (OCR) scanners.
When you choose to scan or take a photo of a document, this will be saved in a format such as JPEG or PDF. OCR software can then recognize the letters and numbers within these documents, and convert them into a searchable PDF, or into a file that you can edit in programs like Microsoft Word.
… Seems most people now use their smartphones to do their scanning for them, I decided to use Evernote’s Scannable app (Free on iOS and Android).