Elon Musk Says Humans Will Go To Mars by 2024

Elon Musk (Reuters / Stephen Lam)

In my weekly segment on KCRW's “Press Play” news program with host Madeleine Brand, we listen to Elon Musk wax poetic about artificial intelligence and whether life might be a dream--and his plans to send humans to Mars by 2025.

Read the rest

No warrant is needed to get your phone's location data, U.S. appeals court rules

REUTERS/Zoran Milich
In a major blow to security and privacy advocates, a U.S. appeals court on Tuesday ruled that police don't have to have a warrant to obtain your cellphone location data. The ruling means that in America, you have zero expectation of privacy over the historical location data generated by your cell phone.

Read the rest

How security and privacy pros can help save the web from legal threats over vulnerability disclosure

drm-og-1

I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression. Read the rest

United Arab Emirates hacked UK journalist

roadmap

A new research report from Citizenlab painstaking traces the origins of a series of sophisticated hacking attacks launched at Rori Donaghy, a UK journalist for Middle East Eye who founded the Emirates Center for Human Rights, which reports critically on the autocratic regime that runs the UAE, and 27 other targets. Read the rest

Security researcher discovers glaring problem with patient data system, FBI stages armed dawn raid

20160525_082708b

Justin Shafer was roused from his bed this week by thunderous knocking at his North Richland Hills, Texas home, and when he opened the door, found himself staring down the barrel of a 'big green' assault weapon, wielded by one of the 12-15 armed FBI agents on his lawn. Read the rest

DDoSers sell attacks for $5 on Fivver

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1068

Many years ago, EFF co-founder John Gilmore and I were discussing the prevalence of botnets, which are commonly used to launch distributed denial of service (DDoS) attacks that overwhelm websites with floods of traffic; John said that if the botnets were really on the rise at the reported rate, we should expect to see a massive crash in the price of DDoS services, following simple supply/demand logic. Read the rest

EFF fights order to remove public records documents detailing Seattle's smart-meters

animation (3)

Earlier this week, I wrote about the legal threats from Landis and Gyr against the Freedom of Information service Muckrock, which had received documents from the City of Seattle detailing the workings of Landis and Gyr's smart-meter system, which Seattle has purchased from them at public expense. Read the rest

Edward Snowden performs radical surgery on a phone to make it "go black"

animation (1)

If you think that your phone may have been hacked so that your adversaries can watch you through the cameras and listen through the mics, one way to solve the problem is to remove the cameras and microphones, and only use the phone with a headset that you unplug when it's not in use. Read the rest

Undetectable proof-of-concept chip poisoning uses analog circuits to escalate privilege

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1068

In A2: Analog Malicious Hardware, a paper given at the 2016 IEEE Symposium on Security and Privacy, a group of researchers from the University of Michigan detail a novel, frightening attack on the integrity of microprocessors that uses nearly undetectable tampering, late in the manufacturing process, to allow attackers to trip the "privilege" bit on the chip from userspace processes. Read the rest

Tor Project is working on a web-wide random number generator

hs_montreal_4

Random number generators are the foundation of cryptography -- that's why the NSA secretly sabotaged the RNG standard that the National Institute for Standards and Technology developed. Read the rest

Pastejacking: using malicious javascript to insert sneaky text into pasted terminal commands

DEC_VT100_terminal

When a computer stops behaving, the solution often involves looking up an obscure command and pasting it into the terminal -- even experienced administrators and programmers aren't immune to this, because remembering the exact syntax for commands you use once every couple years is a choresome task. Read the rest

Smart-meter vendor says that if we know how their system works, the terrorists will win

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1073

Phil Mocek filed a public records request to find out how Seattle's new smart meters -- supplied by Landis and Gyr -- will work. As Mocek writes, these meters are based on "unspecified and unverifiable sensors that monitor activity inside of private property and can communicate collected information in real-time to unspecified machines in remote locations, the workings of which are obscured from ratepayers, with interfaces used by [the city] that require specialized equipment and are thus completely unavailable to ratepayers for personal use or monitoring and verification of information communicated, is already shrouded in secrecy and seemingly proceeding despite repeated voicing of public concern and complete lack of public justification of expense." Read the rest

TSA head of security 'removed from his position'

Kelly Hoggan, former head of security for TSA.
The U.S. Transportation Security Administration asked its head of security to turn in his badge and bright blue gloves. Kelly Hoggan has been 'removed from his post.'

Read the rest

Google may abandon passwords for 'trust score'

REUTERS

Hate passwords? Google does too, and may begin doing away with conventional passwords on Android devices this year. At Google I/O, the company announced the next steps in its plans to begin using a password alternative: "trust scores" that determine your creds based on various data points. Developed by Google's Google's Advanced Technology and Projects group, the Trust API will roll out to "several very large" financial institutions within the next few weeks.

Read the rest

Google to kill Flash by default in Chrome.

flush
Commanding two thirds or so of the browser market, Google's decision to turn off Adobe Flash by default in Chrome before 2017 seems like the end of an era that's always said to be ending.
Later this year we plan to change how Chromium hints to websites about the presence of Flash Player, by changing the default response of Navigator.plugins and Navigator.mimeTypes. If a site offers an HTML5 experience, this change will make that the primary experience. We will continue to ship Flash Player with Chrome, and if a site truly requires Flash, a prompt will appear at the top of the page when the user first visits that site, giving them the option of allowing it to run for that site (see the proposal for the mock-ups).

As usual, there are exceptions, starting with an official list of exempted Flash-serving domains. Can you guess what they are?

YouTube.com Facebook.com Yahoo.com VK.com Live.com Yandex.ru OK.ru Twitch.tv Amazon.com Mail.ru

Read the rest

Phoenix airport threatens to kick out TSA, hire private (unaccountable) contractors

PHX in Valley of the Sun - 10-4655

The administrators of the Phoenix Sky Harbor airport are apparently considering getting rid of the TSA and replacing them with private contractors, similar to the setup at San Francisco International Airport. Read the rest

US Gov't survey: Half of Americans reluctant to shop online due to privacy & security fears

download (2)

A study by the Department of Commerce's National Telecommunications and Information Administration found that half of American Internet users are "deterred" from engaging in online transactions because of fears over privacy and security breaches. Read the rest

More posts