Christopher Soghoian's NYT op-ed on one important lesson from Wikileaks: infosec for journalists and their sources. "Sadly, operational computer security is still not taught in most journalism schools, and poor data security practices remain widespread in news organizations. Confidential information is sent over regular phone lines and via text messages and e-mail, all of which are easy to intercept. — Read the rest
Senator Ron Wyden [D-Equestria] sent a letter to the chairs of the Senate Committee on Rules & Administration asking why Senate staffers have been issued ID cards whose "security chips" are just photographs of a chip.
Apple has acknowledged that its Icloud service is a weak link in its security model, because by design Apple can gain access to encrypted data stored in its customers' accounts, which means that the company can be hacked, coerced or tricked into revealing otherwise secure customer data to law enforcement, spies and criminals.
"There's classified, and then there's classified," President Barack Obama recently told Fox News anchor Chris Wallace in response to a question about the now-classified material on Hillary Clinton's private email server from when she was Secretary of State. — Read the rest
In early 2015, Reddit published a transparency report that contained heading for National Security Requests, noting, "As of January 29, 2015, reddit has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information."
"Everywhere they went, the attackers left behind their throwaway phones."
From a March 19, 2016 New York Times article:
— Read the rest
One of the terrorists pulled out a laptop, propping it open against the wall, said the 40-year-old woman. When the laptop powered on, she saw a line of gibberish across the screen: "It was bizarre — he was looking at a bunch of lines, like lines of code.
It took a while, but FBI director Jim Comey got a little bit of the grilling he has earned in the FBI vs. Apple case. Freedom of the Press Foundation's Trevor Timm writes on today's House Judiciary Committee hearings on Capitol Hill, at which both the government and the Cupertino tech giant were represented. — Read the rest
FBI Director James Comey and Apple's senior vice president and general counsel, Bruce Sewell, are scheduled to testify at a House Judiciary Committee hearing today titled 'The Encryption Tightrope: Balancing Americans' Security and Privacy.' — Read the rest
Two lawmakers are reported to be planning to unveil details of a major encryption bill Wednesday, as the FBI's battle with Apple continues and a debate grows over what role government should play in regulating technology. — Read the rest
Daniel Rigmaiden was a prolific and talented fraudster who made more than a million dollars filing tax-returns for dead people, using ninja forgery skills and super-tight operational security to avoid arrest for years.
— Edward Snowden (@Snowden) November 11, 2015
Documents published by Vice News: Motherboard and further reporting by Wired News suggest that a team of researchers from Carnegie Mellon University who canceled their scheduled 2015 BlackHat talk identified Tor hidden servers and visitors, and turned that data over to the FBI. — Read the rest
If you've been struggling to make sense of the stories about Stingrays (super-secretive cellular surveillance tech used by cops and governments) (previously) this week's Note to Self podcast does the best job I've yet seen (heard) of explaining them.
Redditor Fallenmyst just started a job at Walk N'talk Technologies, where she listens to randomly sampled speech-to-text recordings from our mobile phones, correcting machine conversions.
“We found that news organizations like the Associated Press, Le Monde, LA Times, CBS News, Forbes, Baltimore Sun, and Der Spiegel are still not protecting journalists and their sources from this type of surveillance.”
I'm in Washington, D.C. today with the Freedom of the Press Foundation for a day-long event, "News Organizations and Digital Security, Solutions to Surveillance Post-Snowden."
Heavy hitters are present, talking about encryption and security in real-world practice–including including Dana Priest, investigative reporter, Washington Post; James Risen, investigative reporter, New York Times; Christopher Soghoian, principal technologist and senior policy analyst, ACLU; Julia Angwin, investigative reporter, ProPublica; all of The Intercept's security team and others. — Read the rest