I missed this interesting (if legal) FBI hack.
Feds bust
through huge Tor-hidden child porn site using questionable malware
A newly unsealed FBI search warrant application
illustrates yet another example of how the government deploys malware
and uses sophisticated
exploits in an attempt to bust up child pornography rings.
The 28-page
FBI affidavit (text-only, possibly NSFW) was unsealed in a
federal court in Brooklyn, New York earlier this month. It describes
a North Carolina server hosting a Tor hidden service site. The setup
was seized in February 2015, but law enforcement allowed it to run
for two additional weeks as a way to monitor its nearly 215,000
users.
… Legal experts told Ars that there are
significant questions about precisely how the unnamed Tor site was
breached, exactly how its "Network Investigative Tool" (or
NIT, i.e., malware) works, how many of the users were outside of the
judicial district, and if the seized server contained other
non-criminal content.
"This is another example of the FBI obtaining
a warrant that they are not yet authorized to obtain or execute based
on the lack of technical expertise of the judiciary," Ahmed
Ghappour, a law professor at the University of California,
Hastings, told Ars. Ghappour pointed to a proposed
change to Rule
41 that is currently working its way through the judicial system.
He has written
at length about this potential upcoming modification to Rule 41.
An OpEd by people who should understand the issue.
I would add that “selective” decryption works only if you know
one or more of the parties communicating are already targets of
interest.
Why the
fear over ubiquitous data encryption is overblown
… In the wake
of global controversy over government surveillance, a number of U.S.
technology companies have developed and are offering their users what
we call ubiquitous encryption — that is, end-to-end encryption of
data with only the sender and intended recipient possessing
decryption keys. With this technology, the plain text of messages is
inaccessible to the companies offering the products or services as
well as to the government, even with lawfully authorized access for
public safety or law enforcement purposes.
The FBI director
and the Justice Department have raised serious and legitimate
concerns that ubiquitous encryption without a second decryption key
in the hands of a third party would allow criminals to keep their
communications secret, even when law enforcement officials have
court-approved authorization to access those communications. There
also are concerns about such encryption providing secure
communications to national security intelligence targets such as
terrorist organizations and nations operating counter to U.S.
national security interests.
… We believe
that the greater public good is a secure communications
infrastructure protected by ubiquitous encryption at the device,
server and enterprise level without building in means for government
monitoring.
First, such an
encryption system would protect individual privacy and business
information from exploitation at a much higher level than exists
today. As a recent MIT paper explains, requiring duplicate keys
introduces vulnerabilities in encryption that raise the risk of
compromise and theft by bad actors.
… Second, a requirement that U.S. technology
providers create a duplicate key will not prevent malicious actors
from finding other technology providers who will furnish ubiquitous
encryption.
… Finally, and most significantly, if the
United States can demand that companies make available a duplicate
key, other nations such as China will insist on the same. There will
be no principled basis to resist that legal demand.
Perspective.
Windows 10
Hits Stride With 67 Million Installs And Counting
Microsoft's strategy to offer Windows 10 as a
no-cost upgrade option to Windows 7 and Windows 8.1 users is paying
off. Just one day after launch, the Redmond outfit announced that
Windows 10 had found its way onto more than 14 million devices. By
Friday morning, that number unofficially ballooned to 67 million
devices.
Trivial for the Post Office, but would it open
opportunities for wine/beer/whiskey of the month clubs? I would
volunteer to be a beer scout!
Booze-by-mail
bill would give USPS a better shot
… Rep. Jackie Speier, D-Hillsborough, this
week introduced legislation that would overturn a pre-Prohibition
restriction on shipping “spirituous, vinous, malted, fermented, or
other intoxicating liquors” to consumers through the U.S. mail,
allowing the postal service to better compete with rivals such as UPS
and FedEx.
“It will give us the opportunity to do what our
competitors are doing,” said Augustine Ruiz, a Bay Area Postal
Service spokesperson. “We can use that revenue, and it will
definitely raise our spirits, so to speak.”
While wineries, breweries and distilleries
generally support the effort, the main winner would be the Postal
Service, which has been in the red since 2007.
(Related)
The one
item every beer enthusiast should own
In case you’re unfamiliar with the term, a
growler is an airtight vessel that’s used for transporting beer
from one place to another without compromising its quality.
For my geeky students.
Now that Windows 10 is available
for download, many of you might be planning to install
Microsoft's new desktop operating system on your computer. There are
plenty of reasons
to install Windows, and different
editions to choose from. You can automatically upgrade
to Windows 10 or you can make a bootable disk to install Windows
10 on one or more computers in a hurry.
… Make sure that the USB or DVD (if
rewritable) you pick to be your Windows 10 bootable media has no
important data on it, because this process will format the drive,
which means you will lose everything on it. Also make sure that the
drive is of minimum 4GB capacity, as the process requires 3GB of
space. With that in mind, here's is the list of steps you need to
follow to make a bootable Windows 10 drive:
No comments:
Post a Comment