I use and love Waze every day to make driving in Los Angeles manageable for me. I still use it despite periodic bursts of tech news reports that the app leaves me vulnerable to security attacks and surveillance.
There's been an awful lot of talk about “cyber pathogens” and “cyber bombs” lately from the mouths of American officials discussing terrorism, and how we will vanquish it. President Obama mentioned “cyber ops” against Islamic State terrorists in one recent address. Today, we know a little more about what was behind last week's cyber-hawkish hacking headlines.
On Wednesday, former Reuters.com social media editor Matthew Keys received a two year prison sentence for computer hacking. That's a sentence of 24 months, for a website defacement that lasted only 40 minutes, which Keys himself didn't even execute.
Earlier today in an unrelated high-profile case, the "affluenza teen" who actually murdered people also got two years in jail.
The FBI has ordered Apple to provide it backdoor access to the iPhone operating system, writes CEO Tim Cook in a letter to customers published Wednesday. Apple opposes the order, he says, because it would be impossible to do so without putting millions of customers' privacy at risk.
Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.
All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.
The circumstances of the order center on the investigation into last year's San Bernardino terror shootings in California: "Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession."
Once a backdoor exists, no-one can control who copies the keys, picks the locks, or kicks it down with brute force:
Read the rest
Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.
Sensitive electronic files from America’s biggest police union were posted online this week after a hacker breached the Fraternal Order of Police website. The ill-gotten dump includes officers' names and addresses, message board posts bashing Barack Obama, and details of eyebrow-raising contracts made between the union and city authorities.
At the Black Hat hacker convention in 2013, Former NSA director Keith Alexander asked hackers to help the NSA come up with ways to protect Americans' privacy and civil liberties.
"How do we start this discussion on defending our nation and protecting our civil liberties and privacy?" Alexander asked the Las Vegas crowd. "The reason I'm here is because you may have some ideas of how we can do it better. We need to hear those ideas."
Jim Stickley of Stickley Online Security uses his handy $8 Utili-Key to open a locked hotel safe at the Horseshoe Hotel in Bossier City, LA. He unscrews the nameplate on the safe, which reveals a physical lock. He then unbends a paper clip, wiggles it around for a while, and viola! the safe is open. He says a thief could use this method to take something from the safe without any sign that the safe had been opened. Read the rest
Wall Street Journal columnist Geoffrey A Fowler: "There’s a fight brewing between giant tech companies and tinkerers that could impact how we repair gadgets or choose the shop where we get it done by a pro. At issue: Who owns the knowledge required to take apart and repair TVs, phones and other electronics?" Read the rest
Self-proclaimed Ashley Madison hackers the Impact Team today released what looks like another 20 gigabytes of ill-gotten data. The just-dropped “other shoe” includes emails from the cheater-dating website's CEO.
A phone slams into an acoustic coupler on the desk. Screeching beeping sounds. Two people sitting side-by-side in front of a computer. One is a socially awkward nerd. The other is cooler, but dumber.
The nerd types something really fast on the keyboard. A rotating Necker cube appears on the green monochrome monitor. SECTOR-INFILTRATE SEQUENCE INITIATED. We see rapidly scrolling strings of hexadecimals reflected in the nerd's wireframe glasses.
They stop scrolling, and begin to disintegrate, and are replaced by a jolly roger. "HA HA HA!" it says, lower jaw cycling.
"We're in," says the nerd, grinning. "How did you do that!?" interrobangs the cool person. Enjoy this supercut of computer hacking scenes from the 1980s.
"Hacking Team" is a badly-named security contractor that helps governments spy on activists and journalists. It got hacked, badly, and more than 400GB of its data is now public.
Widely shared online, the stolen data includes a list of the countries that have bought Hacking Team's main surveillance tool, Da Vinci, and emails suggesting intelligence agencies use it to spy on activists and journalists. The list includes: Azerbaijan, Chile, Egypt, Kazakhstan, Russia, Saudi Arabia, Spain, Sudan.
… Confirmation of the breach came via the Twitter account of Hacking Team engineer Christian Pozzi.
"We are awake. The people responsible for this will be arrested. We are working with the police at the moment," he said in one message.
Soon after, this and other messages about the breach were removed as Mr Pozzi's Twitter account was deleted.
What better outcome for this company than tweeted authoritarian outrage, sputtering its way into the memory hole. Read the rest