Feds say Apple's pro-privacy response to iPhone hacking order is a 'marketing stunt'

Apple CEO Tim Cook

Apple said no to the government, and the government is pissed.

Read the rest

Apple update unbricks phones disabled by Error 53

Apple-concept-video-1987-640x426

Apple has apologized to users whose phones were bricked by a recent update that interpreted third-party repairs as attempts to hack the device. It also released a new update that revives the dead handsets through iTunes.

Some customers’ devices are showing ‘Connect to iTunes’ after attempting an iOS update or a restore from iTunes on a Mac or PC. This reports as an Error 53 in iTunes and appears when a device fails a security test. This test was designed to check whether Touch ID works properly before the device leaves the factory.

Today, Apple released a software update that allows customers who have encountered this error message to successfully restore their device using iTunes on a Mac or PC.

We apologize for any inconvenience, this was designed to be a factory test and was not intended to affect customers. Customers who paid for an out-of-warranty replacement of their device based on this issue should contact AppleCare about a reimbursement.

Previously. Read the rest

Can Apple crack the San Bernardino killers' iPhone for the FBI? Sure, if they build an 'FBiOS'

An Apple logo at a retail location in San Francisco, 2014. REUTERS

The iPhone battle between the FBI and Apple isn't about getting help unlocking a terrorist's phone. It's about our government forcing Apple to invent a customized-on-demand version of its iOS operating system, effectively stripped of all security and privacy features. Command performance coding. As security researcher Dan Guido describes it in his widely cited technical explainer blog post, what they're asking for is an 'FBiOS.'

Read the rest

The first-ever tech expert on Obama's NSA advisory board is *A*W*E*S*O*M*E*

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x964

The president's NSA advisory board grew teeth in the wake of the Snowden revelations, and they have done good service in identifying the civil liberties issues raised by the NSA's program of secret mass surveillance. Read the rest

FBI demands iPhone backdoor access; Tim Cook tells them to get lost

Apple CEO Tim Cook

The FBI has ordered Apple to provide it backdoor access to the iPhone operating system, writes CEO Tim Cook in a letter to customers published Wednesday. Apple opposes the order, he says, because it would be impossible to do so without putting millions of customers' privacy at risk.

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

The circumstances of the order center on the investigation into last year's San Bernardino terror shootings in California: "Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession."

Once a backdoor exists, no-one can control who copies the keys, picks the locks, or kicks it down with brute force:

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

Read the rest

UK surveillance bill condemned by a Parliamentary committee, for the third time

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x957

Paul Strasburger sits in the House of Lords as a Libdem peer; he sits on the Joint Select Committee that is the latest Parliamentary group to scrutinise the Investigatory Powers Bill (AKA the Snoopers Charter) and, as with the previous investigations, he's concluded that the spying bill is a dangerous, poorly drafted, overbroad dog's breakfast. Read the rest

Domestic surveillance the old-fashioned way: cameras installed on utility poles, watching your home

bigbrotherwhite

Rocky Houston was a felon in possession of a gun, and is headed to jail for years for that crime. How did they catch him? They installed a video camera on a utility pole near a family-owned property until useful footage was captured.

A federal appeals court upheld his conviction this week, with Judge John Rogers writing that "no reasonable expectation of privacy [exists] in video footage recorded by a camera that was located on top of a public utility pole and that captured the same views enjoyed by passersby on public roads," even if there was no warrant.

David Kravets:

"John Whitehead, president of The Rutherford Institute, said the ruling is bad news for privacy.

"Obviously, the new era of technology, one that was completely unimaginable to the men who drafted the Constitution and the Bill of Rights, requires an updated legal code to enshrine the right to privacy. New technologies which enable the radical expansion of police surveillance operations require correspondingly robust legal frameworks in order to maintain the scope of freedom from authoritarian oversight envisioned by the Framers," he said.

Read the rest

Gmail will warn you when your correspondents use unencrypted mail transport

Unencrypted Message

A basic best-practice for email servers is to use TLS (Transport Layer Security) when they connect to one another, which guards against "man in the middle" attacks that would allow attackers to read or change emails while they travel between mail-servers. Read the rest

Vtech, having leaked 6.3m kids' data, has a new EULA disclaiming responsibility for the next leak

vtech-mobigo-2-touch-learning-system_4

Last December, Vtech, a crapgadget/toy company, suffered a breach that implicated the data of 6.3 million children, caused by its negligence toward the most basic of security measures. Read the rest

Hacker promises dump of data from 20K FBI and 9K DHS employees

800px-Afghan_HINO_dump_truck

A hacker has told Motherboard that they have extracted 200GB of data from the US government, including confidential records pertaining to 20,000 FBI employees and 9,000 DHS employees. Read the rest

British spies want to be able to suck data out of US Internet giants

giphy (1)

As the UK government passes increasingly far-reaching surveillance laws that bind companies to capture, store and share data on their customers' activities, US tech giants like Facebook and Google are caught in a dilemma: much of what the UK government demands of them, the US government prohibits. Read the rest

Celebrating the 20th anniversary of the Declaration of Independence of Cyberspace

animation (1)

In 1996, in the midst of the Clinton administration's attack on the Internet and cryptography, Grateful Dead lyricist and EFF co-founder John Perry Barlow sat down in Davos, Switzerland, where he'd been addressing world leaders on the subject of the Internet and human rights, and wrote one of net-culture's formative documents: The Declaration of Independence of Cyberspace.

Read the rest

Maryland's Attorney General: you consent to surveillance by turning on your phone

apple-157031_960_720.png

Maryland attorney general Brian E Frosh has filed a brief appealing a decision in the case of Kerron Andrews, who was tracked by a Stingray cell-phone surveillance device. Read the rest

Watch: how to make security tools for normal humans

Users_Are_People_Too

Another amazing Shmoocon talk is "Users Are People Too: How to Make Your Tools Not Suck for Humans," presented by two key people from Simply Secure, a nonprofit devoted to improving security tool usability (I am a volunteer advisor to Simply Secure). Read the rest

Vice now has a Securedrop for anonymous whistleblower docs

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x949

Securedrop is a robust, secure, anonymous system for whistleblowers to convey documents to news organizations, created by Aaron Swartz and taken up by the Freedom of the Press Foundation after his death. Read the rest

FBI's war on encryption is unnecessary because the Internet of Things will spy on us just fine

Reuters

The war on encryption waged by the F.B.I. and other intelligence agencies is unnecessary, because the data trails we voluntarily leak allow “Internet of Things” devices and social media networks to track us in ways the government can access.

That's the short version of what's in “Don’t Panic: Making Progress on the ‘Going Dark’ Debate,” a study published today by the Berkman Center for Internet and Society at Harvard.

Read the rest

UK Snooper's Charter is so broad, no one can figure out what it means

New-Collection-Posture-No-Place-To-Hide

In Investigatory Powers Bill: technology issues, the UK Parliament's Science and Technology select committee takes the government to task for its signature mass surveillance law, the "Snoopers Charter" whose provisions are so broad and vague that companies can't figure out how much of their customers' data they're supposed to be storing, and whether they're meant to be backdooring all the crypto they distribute. Read the rest

More posts