U.S. lawmakers expected to introduce major encryption bill

L: House Homeland Security Committee Chair Michael McCaul (R-TX). R: Sen. Mark Warner (D-VA)

Two lawmakers are reported to be planning to unveil details of a major encryption bill Wednesday, as the FBI's battle with Apple continues and a debate grows over what role government should play in regulating technology.

Read the rest

To improve national security, improve crypto usability

SOC_Security_Monitors

Scout Sinclair Brody (previously) is executive director of Simply Secure, a nonprofit I volunteer for that works on impriving the usability of privacy tools so that normal people can understand and benefit from them. Read the rest

NH bill would explicitly allow libraries to run Tor exit nodes

IMG_0050

Inspired by the Library Freedom Project's uncompromising bravery in the face of a DHS threat against a town library in Kilton, NH, that was running a Tor exit node to facilitate private, anonymous communication, the New Hampshire legislature is now considering a bill that would explicitly permit public libraries to "allow the installation and use of cryptographic privacy platforms on public library computers for library patrons use." Read the rest

California parents: file this form to ask for your kids' school records to be kept private

3275420128_71ea483862_o

There's a hard-fought lawsuit underway about whether California schools failed in their duty to provide special ed to students, and as a part of that, the court has ordered disclosure of the school records of every California so the plaintiffs can analyze them. Read the rest

Feds say Apple's pro-privacy response to iPhone hacking order is a 'marketing stunt'

Apple CEO Tim Cook

Apple said no to the government, and the government is pissed.

Read the rest

Apple update unbricks phones disabled by Error 53

Apple-concept-video-1987-640x426

Apple has apologized to users whose phones were bricked by a recent update that interpreted third-party repairs as attempts to hack the device. It also released a new update that revives the dead handsets through iTunes.

Some customers’ devices are showing ‘Connect to iTunes’ after attempting an iOS update or a restore from iTunes on a Mac or PC. This reports as an Error 53 in iTunes and appears when a device fails a security test. This test was designed to check whether Touch ID works properly before the device leaves the factory.

Today, Apple released a software update that allows customers who have encountered this error message to successfully restore their device using iTunes on a Mac or PC.

We apologize for any inconvenience, this was designed to be a factory test and was not intended to affect customers. Customers who paid for an out-of-warranty replacement of their device based on this issue should contact AppleCare about a reimbursement.

Previously. Read the rest

Can Apple crack the San Bernardino killers' iPhone for the FBI? Sure, if they build an 'FBiOS'

An Apple logo at a retail location in San Francisco, 2014. REUTERS

The iPhone battle between the FBI and Apple isn't about getting help unlocking a terrorist's phone. It's about our government forcing Apple to invent a customized-on-demand version of its iOS operating system, effectively stripped of all security and privacy features. Command performance coding. As security researcher Dan Guido describes it in his widely cited technical explainer blog post, what they're asking for is an 'FBiOS.'

Read the rest

The first-ever tech expert on Obama's NSA advisory board is *A*W*E*S*O*M*E*

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x964

The president's NSA advisory board grew teeth in the wake of the Snowden revelations, and they have done good service in identifying the civil liberties issues raised by the NSA's program of secret mass surveillance. Read the rest

FBI demands iPhone backdoor access; Tim Cook tells them to get lost

Apple CEO Tim Cook

The FBI has ordered Apple to provide it backdoor access to the iPhone operating system, writes CEO Tim Cook in a letter to customers published Wednesday. Apple opposes the order, he says, because it would be impossible to do so without putting millions of customers' privacy at risk.

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

The circumstances of the order center on the investigation into last year's San Bernardino terror shootings in California: "Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession."

Once a backdoor exists, no-one can control who copies the keys, picks the locks, or kicks it down with brute force:

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

Read the rest

UK surveillance bill condemned by a Parliamentary committee, for the third time

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x957

Paul Strasburger sits in the House of Lords as a Libdem peer; he sits on the Joint Select Committee that is the latest Parliamentary group to scrutinise the Investigatory Powers Bill (AKA the Snoopers Charter) and, as with the previous investigations, he's concluded that the spying bill is a dangerous, poorly drafted, overbroad dog's breakfast. Read the rest

Domestic surveillance the old-fashioned way: cameras installed on utility poles, watching your home

bigbrotherwhite

Rocky Houston was a felon in possession of a gun, and is headed to jail for years for that crime. How did they catch him? They installed a video camera on a utility pole near a family-owned property until useful footage was captured.

A federal appeals court upheld his conviction this week, with Judge John Rogers writing that "no reasonable expectation of privacy [exists] in video footage recorded by a camera that was located on top of a public utility pole and that captured the same views enjoyed by passersby on public roads," even if there was no warrant.

David Kravets:

"John Whitehead, president of The Rutherford Institute, said the ruling is bad news for privacy.

"Obviously, the new era of technology, one that was completely unimaginable to the men who drafted the Constitution and the Bill of Rights, requires an updated legal code to enshrine the right to privacy. New technologies which enable the radical expansion of police surveillance operations require correspondingly robust legal frameworks in order to maintain the scope of freedom from authoritarian oversight envisioned by the Framers," he said.

Read the rest

Gmail will warn you when your correspondents use unencrypted mail transport

Unencrypted Message

A basic best-practice for email servers is to use TLS (Transport Layer Security) when they connect to one another, which guards against "man in the middle" attacks that would allow attackers to read or change emails while they travel between mail-servers. Read the rest

Vtech, having leaked 6.3m kids' data, has a new EULA disclaiming responsibility for the next leak

vtech-mobigo-2-touch-learning-system_4

Last December, Vtech, a crapgadget/toy company, suffered a breach that implicated the data of 6.3 million children, caused by its negligence toward the most basic of security measures. Read the rest

Hacker promises dump of data from 20K FBI and 9K DHS employees

800px-Afghan_HINO_dump_truck

A hacker has told Motherboard that they have extracted 200GB of data from the US government, including confidential records pertaining to 20,000 FBI employees and 9,000 DHS employees. Read the rest

British spies want to be able to suck data out of US Internet giants

giphy (1)

As the UK government passes increasingly far-reaching surveillance laws that bind companies to capture, store and share data on their customers' activities, US tech giants like Facebook and Google are caught in a dilemma: much of what the UK government demands of them, the US government prohibits. Read the rest

Celebrating the 20th anniversary of the Declaration of Independence of Cyberspace

animation (1)

In 1996, in the midst of the Clinton administration's attack on the Internet and cryptography, Grateful Dead lyricist and EFF co-founder John Perry Barlow sat down in Davos, Switzerland, where he'd been addressing world leaders on the subject of the Internet and human rights, and wrote one of net-culture's formative documents: The Declaration of Independence of Cyberspace.

Read the rest

Maryland's Attorney General: you consent to surveillance by turning on your phone

apple-157031_960_720.png

Maryland attorney general Brian E Frosh has filed a brief appealing a decision in the case of Kerron Andrews, who was tracked by a Stingray cell-phone surveillance device. Read the rest

More posts