The DoJ is using a boring procedure to secure the right to unleash malware on the internet

Screen-Shot-2016-06-21-at-4.48.28-PM

The upcoming Rule 41 modifications to US Criminal Justice procedure underway at the Department of Justice will let the FBI hack computers in secret, with impunity, using dangerous tools that are off-limits to independent scrutiny -- all without Congressional approval and all at a moment at which America needs its law-enforcement community to be strengthening the nation's computers, not hoarding and weaponizing defects that put us all at risk. Read the rest

IoT malware exploits DVRs, home cameras via default passwords

2003

The Internet of Things business model dictates that devices be designed with the minimum viable security to keep the products from blowing up before the company is bought or runs out of money, so we're filling our homes with net-connected devices that have crummy default passwords, and the ability to probe our phones and laptops, and to crawl the whole internet for other vulnerable systems to infect. Read the rest

Weird 'artificial' quake was 'clearly' North Korea's fifth nuclear test

North Korean leader Kim Jong Un provides field guidance during a fire drill of ballistic rockets by Hwasong artillery units of the KPA Strategic Force, in  undated KCNA photo released Sep. 6, 2016.

If the “man-made seismic event” reported along the North Korea/China border tonight by the USGS is confirmed to be a new nuclear test, America's next Commander-in-Chief will have complex new Pyongyang problems on their plate.

Read the rest

This week in terrifying, mind-boggling password breaches

images

800,000 usernames and passwords from Brazzers, a giant porn site; 98 million passwords from Rambler.ru ("Russia's Yahoo") and, coming soon, the entire user database for VKontakte/VK.com, Russia's answer to Facebook. Read the rest

How To Be At War Forever

A man fills barrels with rubble to make a barricade to protect shops in the rebel held Douma area of Damascus, Syria Sep. 2, 2016. REUTERS

If you were the government and wanted to maintain a state of perpetual war, how would you go about it? Read the rest

Unprotected database exposes off-grid energy users in Guatemala, South Africa

Two of the leaked identification cards -- on the left, a South African ID, and a Guatemalan ID on the right. (Image: leaked database, via ZDnet)

An unprotected Kingo Solar database with the personal data and photos for thousands of off-the-grid electricity customers was accessible for months, reports Zack Whittaker at ZDnet. “Thousands of remote villagers in Guatemala and South Africa are living off the grid, but their personal information isn't,” he writes.

Read the rest

Baltimore police respond to report they secretly spied on city with aerial surveillance tech from Iraq War

surveillance-loop

A report out this week from Bloomberg says that since January, 2016, people in the city of Baltimore, Maryland have secretly and periodically been spied on by police using cameras in the sky. Authorities today effectively admitted that the report is accurate.

Read the rest

Singapore will disconnect entire civil service from the internet

ParliamentHouse-Singapore-20071120

Singapore, fearing cyberattacks -- especially ones related to the ongoing South China Sea cold war -- will, as of next May, disconnect its entire civil service from the internet, airgapping the whole government. Read the rest

Unsuccessful hack targeted New York Times in Moscow, FBI blames Russia

NYT2
U.S. officials are investigating online security attacks that targeted reporters at The New York Times in Moscow. A U.S. official said Tuesday that the Times was among various U.S. news organizations targeted. CNN was first to report the story, and the Times has since confirmed and corrected some details.

Read the rest

EFF takes a deep dive into Windows 10's brutal privacy breaches

og-windows10

Microsoft's deceptive hard-sell to gets users to "upgrade" to Windows 10 (the most control-freaky OS to ever come out of Redmond) is made all the more awful by just how much personal, sensitive, compromising data Microsoft exfiltrates from its users' PCs once they make the switch. Read the rest

The Equation Group's sourcecode is totally fugly

With the leak of exploits developed by The Equation Group, the long-secret, NSA-adjacent super-elite hacking squad -- published by The Shadow Brokers, who have some extremely heterodox theories about auction design -- it's now possible to audit the source code of some of the NSA's crown-jewel cyberweapons. Read the rest

The NSA's program of tech sabotage created the Shadow Brokers

glass-984457_960_720

The more we learn about the Shadow Brokers, who claim to be auctioning off "cyberweapons" that crafted for the NSA's use, the scarier the breach gets: some of the world's biggest security companies are tacitly admitting that the exploits in the Shadow Brokers' initial release can successfully penetrate their products, and they have no fix at hand. Read the rest

Walmarts are high-crime zones thanks to staff cuts, but America gets the bill

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1192

Starting in 2000, Walmart began an aggressive cost-cutting campaign that removed greeters, reduced floor staff, and replaced cashiers with automated checkouts; the more this went on, the higher the crime-rate at Walmart soared, everything from shoplifting to deadly violence. In true Walmart style, the world's largest retailer has offloaded the costs associated with this crime to tax-funded law-enforcement. Read the rest

Podcast: How we'll kill all the DRM in the world, forever

I'm keynoting the O'Reilly Security Conference in New York in Oct/Nov, so I stopped by the O'Reilly Security Podcast (MP3) to explain EFF's Apollo 1201 project, which aims to kill all the DRM in the world within a decade. Read the rest

Snowden explains the Shadow Brokers/Equation Group/NSA hack

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1187

The news that a group of anonymous hackers claimed to have stolen some of the NSA's most secret, valuable weaponized vulnerabilities and were auctioning them off for bitcoin triggered an epic tweetstorm from Edward Snowden, who sets out his hypothesis for how the exploits were captured and what relation that has to the revelations he made when he blew the whistle on illegal NSA spying in 2013. Read the rest

What happens if you try to steal a Rolls-Royce hood ornament?

P90136312-rolls-royce-spirit-of-ecstasy-2254px

This anti-theft feature has apparently been standard on all Rolls-Royce models since 2004. Also, the hood ornament has a name: The Spirit of Ecstasy.

(via Geekologie)

Read the rest

Hackers claim to have stolen NSA cyberweapons, auctioning them to highest bidder

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1185

The Shadow Brokers, a previously unknown hacker group, has announced that it has stolen a trove of ready-to-use cyber weapons from The Equation Group (previously), an advanced cyberweapons dealer believed to be operating on behalf of, or within, the NSA. Read the rest

More posts