WebProNews

Tag: Spying

  • 26 Senators Demand NSA Release Information About Its Spy Programs

    26 Senators Demand NSA Release Information About Its Spy Programs

    Early this month, it was revealed that the NSA collects mountains of phone and Internet data on American citizens. Some members of government defend the program, while others have been creating legislation to reign it in. Now a group of Senators are taking it a step further.

    The Hill reports that 26 senators led by Sen. Ron Wyden have demanded in a letter that the NSA publicly reveal information about its spy programs. The senators argue that making this information public will lead to a better debate over the necessity of these programs:

    “We are concerned that by depending on secret interpretations of the PATRIOT Act that differed from an intuitive reading of the statute, this program essentially relied for years on a secret body of law. [Misleading statements] have prevented our constituents from evaluating the decisions that their government was making, and will unfortunately undermine trust in government more broadly. The debate that the President has now welcomed is an important first step toward restoring that trust.”

    To help create a more transparent NSA, the senators are requesting the agency answer the following questions:

  • How long has the NSA used PATRIOT Act authorities to engage in bulk collection of Americans’ records? Was this collection underway when the law was reauthorized in 2006?
  • Has the NSA used USA PATRIOT Act authorities to conduct bulk collection of any other types of records pertaining to Americans, beyond phone records?
  • Has the NSA collected or made any plans to collect Americans’ cell-site location data in bulk?
  • Have there been any violations of the court orders permitting this bulk collection, or of the rules governing access to these records? If so, please describe these violations.
  • Please identify any specific examples of instances in which intelligence gained by reviewing phone records obtained through Section 215 bulk collection proved useful in thwarting a particular terrorist plot.
  • Please provide specific examples of instances in which useful intelligence was gained by reviewing phone records that could not have been obtained without the bulk collection authority, if such examples exist.
  • Please describe the employment status of all persons with conceivable access to this data, including IT professionals, and detail whether they are federal employees, civilian or military, or contractors.

    • If the NSA is truthful (which is unlikely), we might get some solid answers for once. The senators pretty much covered every cause for concern that popped up when the surveillance programs were revealed.

    Personally, I’m interested in the second to last question. Every terrorist threat thus revealed could have been stopped with traditional investigation methods, and didn’t require the collection of Americans’ data. The NSA will likely spin it to sound like they are the only agency standing in the way between you and the terrorists though.

  • Bold Move: Lawyer Demands Phone Records from NSA to Prove Client’s Innocence

    Bold Move: Lawyer Demands Phone Records from NSA to Prove Client’s Innocence

    This is either the most brilliantly executed defensive move I’ve heard about in quite some time, or possibly the most ill-conceived air-grab since my buddy asked to read his wife’s texts “to prove she’s getting them ok.” Only time will tell.

    Another question to remand to the future historians – what’s the deal with the NSA’s recently revealed phone data collection program? Massive invasion of privacy? A necessary, albeit heavy-handed tactic in the ongoing fight against terrorists?

    I don’t know. I have opinions, but I don’t know. One thing I do know is that June 12th, 2013 will always be remembered as the day one defense attorney first turned the tables on the NSA’s no-longer-secret surveillance program.

    This is beautiful, really. Marshall Dore Louis, attorney for Florida’s Terrance Brown, has decided to use recent revelations to his avantage. “Oh, NSA, I hear you’re spying on all of our phone calls. Well, how bout you let me see what you found so I can prove my client’s innocence”* – or something like that.

    According to the Sun-Sentinel, Brown is one of five men accused of robbing a series of armored trucks making cash deliveries to banks a few years ago. The prosecution has been using phone records to prove that the men were all nearby when the robberies occurred.

    Well, the only problem is that prosecutors have been unable to obtain records for Brown during the period before September, 2010 (when at least one of the robberies took place). You see, Brown’s carrier, MetroPCS, simply doesn’t keep records that far back.

    But wait a minute. Louis says he wants those records to exonerate his client by proving he was nowhere near the area of the robbery at Lighthouse Point in July, 2010.

    “Who has extensive phone records on American citizens? Aha! The NSA of course! I just heard about that on the news.”**

    “The president of the United States has recognized this program has been ongoing since 2006…to gather the phone numbers [and related information] of everybody including my client in 2010,” Louis said.***

    He has a point. Imagine if this ploy actually worked. Seriously. Imagine it. Imagine lawyers all over the country asking the NSA to help prove their clients’ innocence.

    Imagine the NSA laughing and saying no. That’s a lot easier to imagine, I guess.

    ————

    * I don’t know what Mr. Louis was thinking. This is what I would have been thinking.
    ** Once again, I assume he must’ve had this train of thought. Just go with it, please.
    *** He really said that – in court on Wednesday.

    [Image via gadgetdan, Flickr]

  • 1984 Book Sales Spike Due To NSA Scandal

    1984 Book Sales Spike Due To NSA Scandal

    Nearly everyone knows what the phrase “Big Brother” means in a political discussion – a government that keeps a close eye on its people’s comings and goings, a surveillance state. Surprisingly few people these days know that the phrase comes from George Orwell’s dystopian science fiction novel, 1984.

    That, it seems, is rapidly changing. In the wake of recent revelations regarding the NSA’s surveillance of American citizens the book has shot up Amazon’s bestseller rankings. One edition – the centennial edition – has seen sales increase by a staggering 5,800%, moving from 7,397th to 125th. Another edition has moved from 810th in the rankings to 209th. Other booksellers have reported similar spikes in sales, including Barnes & Noble and The Strand in New York City. The book is currently 43rd in the iBooks store’s top books list.

    The book, in case you haven’t read it, tells the story of a totalitarian government run by the mysterious dictator Big Brother. The government engages in extensive surveillance and mind control of the populace (hence the phrase “Big Brother is watching you,” which appears on propaganda materials in the book).

    1984 isn’t the only book to enjoy a boost in sales thanks to the NSA scandal. Other dystopian novels have seen similar, if not as striking, surges, including Orwell’s other classic, Animal Farm, Ray Bradbury’s Fahrenheit 451, and Aldous Huxley’s Brave New World.

    So, on the down side, it turns out that the government is paying way more attention to your business than (almost) anybody thought. On the bright side, a whole new generation of readers are being introduced to some literary classics. So there’s that.

  • ACLU Files Suit Against NSA’s Phone Data Collection, Cites 1st and 4th Amendement Violations

    In a move that can’t be too shocking to most, the American Civil Liberties Union (ACLU), along with the New York Civil Liberties Union, has filed a lawsuit challenging the recently-revealed NSA phone records program.

    The initiative, unearthed by The Guardian, involves the National Security Agency obtaining customer metadata (phone call duration, location, and more) from Verizon.

    Interestingly enough, the ACLU has filed the lawsuit on the basis that they are Verizon customers.

    The ACLU charges that the NSA’s actions violate both their First Amendment rights of free speech and association, as well as their Fourth Amendment rights that protect against illegal search and seizure.

    They also say the the program goes way beyond what it permissible through the Patriot Act.

    “This dragnet program is surely one of the largest surveillance efforts ever launched by a democratic government against its own citizens,” said Jameel Jaffer, ACLU deputy legal director. “It is the equivalent of requiring every American to file a daily report with the government of every location they visited, every person they talked to on the phone, the time of each call, and the length of every conversation. The program goes far beyond even the permissive limits set by the Patriot Act and represents a gross infringement of the freedom of association and the right to privacy.”

    The ACLU lawsuit named five defendants: James Clapper, Director of National Intelligence; Lt. Gen. Keith B. Alexander, Director of the National Security Agency; Charles T. Hagel, Secretary of Defense; Eric H. Holder, U.S. Attorney General; and Robert S. Mueller, Director of the FBI.

    This isn’t the first time the the ACLU has waded into these waters. Back in 2008, the group filed another lawsuit against the so-called “warrantless wiretapping program” authorized by the FISA Amendments Act. That case made it all the way to the Supreme Court before eventually turning in favor of the federal government (5-4 decision).

    “The crux of the government’s justification for the program is the chilling logic that it can collect everyone’s data now and ask questions later,” said Alex Abdo, a staff attorney for the ACLU’s National Security Project. “The Constitution does not permit the suspicionless surveillance of every person in the country.”

    You can read the entire lawsuit here.

    [Photo via Ryan Welsh, Flickr]

  • “George W. Obama” Photo Takes Aim At NSA Scandal

    If you’ve been anywhere near the internet in the last couple days, you are probably aware of the recent government surveillance scandals. It started yesterday with the revelation that the government was collecting data from Verizon customers phone calls (all of them). And if that wasn’t Big Brother-y enough for you, news broke this morning about the NSA’s secret PRISM program, which gathers data from the servers a shocking array of the most popular and ubiquitous tech companies: Facebook, Google, Apple, Microsoft, and more.

    Unsurprisingly, this double-whammy of privacy scandals has prompted a number of unfavorable comparisons between the Obama administration and the Bush administration. As you may recall, the Bush administration came under fire repeatedly for programs – including warrantless wiretapping of suspected terrorists – that were seen as violations of the civil rights of American citizens. These comparisons have run the gamut from articulate and well-thought to… less so (as you might expect from the internet). None, perhaps, is as simple and succinct as the Huffington Post’s front page image from yesterday.

    The image, which you can see above, consists of the title “GEORGE W. OBAMA” and a blending of a photo of former President Bush with a photo of President Obama. The image is quite well done, and surprisingly unsettling, as though my brain can’t decide who it thinks I’m looking at.

    The president, who has long been reluctant to discuss government surveillance programs, finally spoke out in defense of the two controversial programs today, claiming that the programs were necessary, and that they carried on under the watchful eye of Congress, which he said could stop the programs easily if it felt there were abuses.

    How comforting you find that depends, I suppose, on how much you trust Congress.

  • White House Probe Reportedly Finds No Evidence Of Spying From Chinese Telecom

    White House Probe Reportedly Finds No Evidence Of Spying From Chinese Telecom

    Earlier this month, the House Intelligence Committee accused Chinese tech companies Huawei and ZTE of spying on America. They feared that these two companies were investing in American telecoms only to gain access to critical American infrastructures. Turns out those fears may be unfounded.

    Speaking to sources familiar with the matter, Reuters has found that a White House probe into Huawei turned up nothing. The company is being just that – a company. There’s no clear evidence that they are working with the Chinese government to undermine American infrastructure.

    With that being said, the probe did find something very interesting. Most of Huawei’s products can be easily exploited by hackers. In particular, Huawei-made routers have bad code that investigators say is the result of poor coding, not intentional sabotage. The fear now is that Huawei’s products could be used by any private or state-sponsored hackers to gain access to privately stored information.

    Other sources speaking to Reuters say the bad code was deliberate. A computer scientist told them that Huawei’s routers contain “back doors” that he feels were deliberately inserted “with care.” If the company was spying, it would allow them to siphon data from citizens and government entities using the routers.

    In their defense, Huawei’s US spokesperson Bill Plummer said that the company’s products do not contain any backdoors. He also points out that all hardware is susceptible to hackers, and that Huawei would fix any vulnerabilities found in their products.

    For now, the probe hasn’t found any damning evidence. That means Huawei is in the clear for now, but the House Intelligence Committee will most likely not back down. Co-author of the House Intelligence Committee report, Dutch Ruppersberger, told Reuters that “China has the means, opportunity, and motive to use telecommunications companies for malicious purposes.”

    It’s almost looking like America is ready to enter a new Cold War with China. A big problem with that is that China has far more resources at their disposal than the Soviet Union ever did. The advanced technology at both countries’ disposal could make things far more complicated as well. It’s been said before that the next World War would be fought over the Internet, and events like this make that future seem all the more possible.

  • Skype Promises That They’re Not Spying On You

    Skype has been in the news more often the past few weeks thanks to some rumors that Microsoft is now using the service to spy on users. It all started with some rumor mongering that their upgrade to Linux servers was at the behest of Microsoft to make spying easier. A Washington Post article later claimed that inside sources confirmed that Skype was spying on text chats. The Corporate Vice President of Skype Product Engineering & Operations says it’s all hogwash and he’s here to set the record straight.

    In a massive and rather frank post on the Skype blog, CVP Mark Gillett addresses all the concerns that people have in regards to privacy and Skype. He says that every single accusation levied against the company is false and that they are still the consumer friendly company they have always been.

    The accusation that started all of this was the changes to Skype’s architecture. Gillett says that Skype made the changes “to provide the best possible product to our users.” He says that the company was already in the process of moving supernodes to the cloud long before they were acquired by Microsoft.

    As for their cooperation with law enforcement, Gillett claims that their policy has not changed since 2005. They will accomodate law enforcement when it “follows appropriate procedures” and they “respond where legally required and technically feasible.”

    The move to in-house hosting does not give Skype the ability to monitor or record your conversations. The in-house servers were only added help establish calls. The data that’s transferred during calls (audio and video) are only passed between the two Skype clients and never through their servers.

    The company addressed the claims from the Washington Post that said Skype was actively monitoring instant messages on Skype. Gillett does say that messages are stored on their servers temporarily if the message can’t get through to another user. The key word is temporarily as they are never hosted on their servers for that long. They will of course respond to legitimate law enforcement requests whenever possible in regards to instant messages.

    The company has also not skimped out on protecting your conversations from other prying eyes. Gillett says that Skype still applies the same encryption to messages that it always has. The only version of Skype that has been altered is the version available in China, which allows for a chat filter in accordance with local laws.

    As I said, it’s surprising to see Skype’s CVP be so frank about his company’s operations. Of course, the company’s hand was forced as stories of surveillance and unwarranted wiretapping became the norm when Skype was mentioned in the news. There will still be those who believe Skype is spying on them, but Gillett’s responses should help calm the majority of people who were concerned.

  • Skype Is Spying On You, But Only In Chat

    Skype Is Spying On You, But Only In Chat

    We brought you word earlier this week that some people think Skype is beginning to spy on people who use the service. The switch to dedicated servers instead of P2P would make it easier for the folks at Skype to store chat logs and audio records. Microsoft wouldn’t say if they were spying or not, but all signs pointed to probably not.

    I might have spoken too soon as the folks at The Washington Post spoke to a couple of people close to the matter to get the real story. They found that Skype is spying on you, but only your text chats. The company can’t effectively share your audio and video logs with authorities, but they will cooperate with police if they have a suspicion that you’re up to no good.

    Before you get all worried, know that Microsoft is treating your data with “tremendous sensitivity and a canny awareness of what the issues would be.” That probably doesn’t make you any less worried, but it looks like Microsoft is just cooperating with police when the need arises.

    The authorities don’t care that you use Skype to keep in touch with your parents or that you send messages to your long distance significant others. What they care about is nabbing the criminals who use Skype because it has traditionally been more secure than other forms of communication.

    Of course, these criminals are going to move from Skype now that the news is out. It seems that the authorities are always one step behind the technology curve, but they’re fine with gutting other forms of communication while they’re trying to play catch up. Skype will not necessarily fall to the hands of the authorities in their misguided attempt to catch criminals, but it might have the negative consequence of forcing legitimate users to leave over concerns of privacy.

  • Google “Surprised” that UK Privacy Agency Cares About Privacy

    Google “Surprised” that UK Privacy Agency Cares About Privacy

    The Information Commissioner’s Office in the United Kingdom announced last week that it would be re-opening its inquiry of Google and its payload data-collecting Street View cars. In a letter sent to Google’s Global Privacy Counsel, Peter Fleischer, ICO Head of Enforcement Steve Eckersley cited recent revelations that arose from the Federal Communication Commission’s investigation of the Street View cars’ spying habits as grounds to revisit the case.

    Today, The Telegraph has obtained and published in full a copy of Fleischer’s reply to the ICO and, unsurprising, Google resorts to the most commonly accepted form of apology in our modern era: the non-apology.

    Fleischer’s lengthy missive to the ICO begins with how “profoundly sorry” the company was about the payload data collection then reminisced about Google’s cooperation with the ICO. However, before individually addressing each of Eckersley’s questions, Fleischer added, “Google is surprised that the ICO has decided to re-open its investigation into this matter,” and proceeded to redirect the ICO with an undue lesson in data storage as well as adherence to the story that Google didn’t know nothin’ about no Street View spying before 2010.

    Fleischer continues to attest that Google doesn’t actually know what is included in the collected data apart from what it supplied the ICO with in 2010 because it hasn’t looked at it. Whether you believe that or not is up to you, but given Google’s bloodlust for consumer information, believing that Google wouldn’t access that data is akin to expecting that a rabid pack of cheetahs wouldn’t run down a zebra coated in bacon grease.

    However, Google did comply with the ICO’s request to supply a copy of the original software design with the reply. Fleischer also included “certificates of destruction in respect of payload data collected in the UK” and closed the letter with the suggestion that the ICO should have no other questions for Google.

    That last part is a dry pill to swallow. I understand that this is legal-speak politesse, leading an investigator into agreeing that, yes, there is nothing more to see here, but that is ingenuine. In all truth, there may be nothing left to see here but it’s hard to take Google at its word because the company has become a masterful escape artist when it comes to directly answering questions. With that history of obfuscation never far behind, Google should leave it to the ICO to decide when the investigation is over.

  • One Man’s Crusade Against Google Street View’s Payload Data Collection [Updated]

    Nobody really knows what kind of information Google obtained when it was collecting payload data as its Street View car drove around the neighborhoods of the world sponging up personal information from people using unsecured wi-fi networks. Speculation abounds about what exactly the Street View cars collected, everything from personal emails, passwords, browsing histories, IP addresses, telephone numbers, full names of users, and even the porno websites some people might frequent. Yesterday, following an investigation by the Federal Communications Commission, the United Kingdom’s Information Commissioner’s Office reopened its probe into Google’s collection of payload data to find out what exact information Google was able to obtain and, perhaps more foreboding, why Google denied knowing about the data collection back in 2010.

    Perhaps emboldened by his government’s decision to reopen its investigation of Google, The Daily Mail‘s David Thomas has declared a one-man battle with the company in order to find out just what information may have been secretly lifted from his online life when the Street View car cruised his way.

    In a spirited op-ed published yesterday in the Mail, Thomas describes how he was working from home at the time he suspects Google may have sopped up some of his personal information, including financial discussions with his agent, confidential medical information, and material related to his writing (he is an author). Thomas is rightfully upset about his information possibly being secretly collected by Google and although he admits that he was naive to believe it was unnecessary to secure his wi-fi network because he lives in the countryside of West Essex, he isn’t about to let Google off the hook.

    Although the ICO has decided to reopen its inquiry into Google, Thomas intends to pursue his own crusade against the mapping service. Citing Britain’s Data Protection Act of 1998, he wrote of his plans to extract from Google what information of his the company may have in its possession.

    The Data Protection Act gives us all the right to demand the information an organisation (whether public body or commercial corporation) holds about us. It’s called a Subject Access Request. It costs between £2 and £10, and a reply must be received within 40 days.

    So I have decided to make my own small stand against the Google monster. I want to know what it knows about me, and what it might have stolen. If the Street View cars stole data from my system, and it hasn’t yet been destroyed, then I want to know what they’ve got.

    And if Google has been passing my personal information on to third-party companies so they can bombard me with advertising, I want to know about that, too.

    I’m in no way a sharp tack when it comes to legal issues, but to my mind the United States doesn’t have a comparable law to the UK’s Data Protect Act. While we yankees might not have the same legal opportunities to see what (if any) information was collected on us over here States-side, if Thomas is successful in obtaining any of the information that Google may have obtained from him it could provide some insights of how big this trove of payload data really is.

    On the other hand, while Google’s practice of collecting user information with their secret wardriving Street View cars is shady any way you look at it, the potential for Google to scrape off tons of sensitive information from each person on each wi-fi network the Street View cars pass is questionable. For one, if the average speed limit is 25 miles per hour in these neighborhoods where the Street View car travels, that’s an extremely narrow window to collect any information off of any random wi-fi-connected devices. Two, the reach of most home wi-fi networks doesn’t really produce the most powerful connection; if I walk out to my driveway I lose the connection from my apartment that’s less than 60 feet away. Trying to connect from a car in the middle of my street? Not really feasible.

    Still, Google got something from wardriving software, we just don’t know what. Google was contacted for comment for this article and asked if it had any intention to comply with the ICO’s requests, but Google did not reply.

    Thomas might be escalating this issue further than it deserves to go, or maybe he’s unimpeachably righteous in his effort against Google. There’s no way to tell, and there will not be any way to tell until Google becomes more transparent about the types and depths of information its Google Street View cars collected, which is why Thomas’ determined battle against Google matters.

    Update: A spokesperson with Google replied to my request for comment on the ICO’s investigation:

    We’re happy to answer the ICO’s questions. We have always said that the project leaders did not want and did not use this payload data. Indeed, they never even looked at it.

    While trying to put some distance between itself and the payload data, that doesn’t exactly give any indication about the nature of the payload data.

  • Google Street View Faces Probe in Australia

    Google Street View Faces Probe in Australia

    The Google Street View wi-fi spying scandal may have been quelled in the United States, but the fun’s just getting started in other parts of the world. Over the weekend, an independent privacy watchdog in United Kingdom launched an investigation into Google’s use of the Street View cars to sponge up information from people using unsecured wi-fi networks. Today, Australia’s government is joining Team Investigate Google.

    Australia’s Privacy Commissioner, Timonthy Pilgrim, is planning to reassess whether Google should be referred to the Australian Federal Police following the U.S. Federal Communications Commission report that found Google had essentially covered up the wi-fi spying habits of the Google Street View car in spite of Google previously saying it wasn’t really doing all that spying.

    Google’s Street View cars typically drive around the world and photograph ground-level images so that users of Google Maps can take walking virtual tours of different areas. However, information was recently made public that not only were Google Street View cars secretly collecting personal information from unencrypted wi-fi networks like browser histories, emails, chats, passwords, and many other bits of personal data, but that supervisors at the company actually knew about the info-siphoning.

    The FCC has fined Google for delaying and obstructing the agency’s investigation into the Google Maps spying on wi-fi practice but didn’t really do anything to Google for being a Big Brother creep and spying on people. More, the fine was a measly $25,000, which is barely a bite of bread crust for Google. Stay tuned to see what Australia’s government decides to dish out to Google (if anything).

  • Windows 8 Makes it Easy For Parents to Spy on Their Children

    Microsoft has unveiled the Family Safety features that are built into Windows 8. One of the main features of the software is a weekly report, seen below, that is emailed to parents detailing their child’s computer use. The report details what websites the child visits, what they are searching for, what they are downloading, and how much time they spend doing various computing activities. Parents can then, directly from links in the email, block or limit their child’s activities through a simple web interface. Windows 8 requires logging in with a Windows Account, which is cloud-based, meaning all activity on any computer logged into the child’s account will make it into the report.

    An example of a Microsoft Family Safety report

    Steven Sinofsky, president of the Windows division at Microsoft, detailed how the Family Safety software will work over at the Building Windows 8 blog. Microsoft is touting Family Safety as a good way to teach children about internet safety and limit the amount of time they spend playing video games. From the blog post:

    Windows 8 gives you a “monitor first” approach, which provides informative activity reports for each child. As previously discussed on this blog, signing in to Windows 8 with a Microsoft account makes setup much simpler: just create a separate user account for each child and then check the box to turn on Family Safety. As soon as you do, you’ll receive a welcome email followed by weekly email reports summarizing your child’s computer activities. We expect you’ll find activity reports a great tool for teaching your kids about responsible computer use. Of course, you can also easily add restrictions by just clicking a link in the activity report. With the simplicity of activity reports, we believe more parents will adopt Family Safety, resulting in a safer computing environment for children.

    The sentiment is nice, and the software looks well-designed for this purpose. But there is no getting around the fact that these Family Safety Reports leave children no shred of privacy on their Windows Accounts. Perhaps that is OK for most parents, who will responsibly monitor their child’s computer use with an understanding of childhood curiosity. However, there are parents who will use the software to keep their children trapped in a cloistered web of insular ideas. Parents who will punish children not for looking at porn, but for looking at ideas and world-views that contradict their own.

    Also, while it’s true that children aren’t necessarily entitled to privacy from their parents, the feature could easily be abused to surreptitiously monitor the activities of an unsuspecting spouse or roommate. Like any tool, the Windows 8 family safety software can and will be used for both good and evil.

    Take a look at the video demonstration fo the Family Safety features in Windows 8 and see for yourself just how easy the software makes it to monitor a user:

  • Living in Google’s World; or, Lessons from Street View Wi-Fi Spying

    Living in Google’s World; or, Lessons from Street View Wi-Fi Spying

    A friend of mine spotted the Google Street View car here in my city a couple of days ago. It’s always fun to hear about those sightings because it feels like catching a glimpse of a full-on double rainbow or maybe even a celebrity discreetly ordering at a Starbucks. Well, at least that’s how I used to feel when I’d hear about somebody spying the Street View car. After the whole Wi-Fi spying-gate scandal, though, news of the car canvasing through town just makes me feel resentful.

    You’ve always heard these bogeyman stories about how you should always, at a minimum, secure your Wi-Fi network with a password. I’ve been hearing about it since the nascent days of Wi-Fi networks: using an unsecured network is basically the internet version of leaving the front door of your house open while you’re not home. You never know who could be lurking on your network, siphoning off the password to your email account or waiting for you to enter your credit card number to order that cat litter on Amazon. In short, it’s not safe; it’s the economic way to invite somebody to steal your personal information.

    And yet, even as somebody who definitely falls into the category of Should Know Better, I still use unsecured Wi-Fi networks. I use them a lot, actually. Sometimes it can’t be helped, say if you’re at the public library or at a coffee house. Sometimes it can be helped. Me? I usually throw caution to the wind and never think about the risks whenever I need to use a public Wi-Fi network. I don’t think I’ve ever once paused before connecting to one and though, “Wait, on second thought, I shouldn’t do this because someone could swipe my information.” Even though I should know better, I ask myself, why do I still do it? I really don’t know. Sometimes I’m just that stupid, I guess.

    Part of that illogical reasoning comes from the fact that I don’t do anything important, at least, anything important to petty cyberthieves. It’s naive, but I always think that if somebody really wants to steal my identity that badly, go ahead – I’m nobody of consequence and, really, I could certainly use the help paying back my student loans if anybody else wants to take on that debt with me.

    My weird rationalization for suspending my disbelief only functions if I picture some meddling 26-year-old in the next room of the coffee shop eavesdropping on the Wi-Fi network. I can’t imagine anything more boring than watching the average person browse the internet. You’re not going to secure any confidential trade secrets of Wall Street or stumble upon somebody’s ingenious yet unpatented idea to solve the energy crisis. You probably wouldn’t even learn how to fold a winning paper airplane, let alone instructions on how to make a bomb. For that ostensible Wi-Fi spier, I don’t really see how anything on a general network could be of much use.

    I wish I could say the same about the Google Street View Wi-Fi eavesdropping story. These are not middling twentysomethings in a coffee shop just being nosy. This a corporation for whom personal information is a mountain range of Martian blood diamonds. Google makes untold millions of dollars from crunching your personal information into advertising revenue. That kid in the coffee shop with the Jimmy Neutron haircut and an Ubuntu-powered PC might not have much use for what trivia I happen to be browsing in the middle of the afternoon, but the same can’t be said for Google.

    That said, I’m not opposed to the general concept of Google having my information (we won’t get into the specifics regarding how long they hold onto it or any other aspects I do have a problem with). I realize that’s how I’m paying for some of their really great services, like Gmail, search (which is sometimes great), and Chrome, to name a few. If that’s what keeps those services top-rate and free, I think I can agree to the simple terms that they collect my data and use it for advertising.

    I don’t mind that because it’s a mutual agreement wherein I know when they’re collecting it and what information they’re collecting. What I do mind is Google cat-burglaring people’s information by driving a vehicle around that’s siphoning off personal information from people using an unsecured Wi-Fi network. What I do mind is Google picking the locks on people’s browser security settings so that it can still track user data.

    While both of these vampiric practices are irksome, the Street View/payload collecting issue irks me even more because Google has consistently misled the public about it, as if equivocating just enough will satisfy investigators and inquisitors so that they’ll all go away and Google won’t ever actually have to come clean about the what they’ve been up to. After saying it wasn’t collecting payload data but then it actually was, Google blamed it on a “rogue” engineer. After blaming it on said engineer, a Federal Communications Commission report shows that, in fact, several people at Google knew about the payload collection, therefore sinking the “rogue” engineer alibi. After all of that, nobody except Google still knows what data was collected in the Google Street View payload.

    Given that kind of duplicity, no wonder so many people were cautious if not accusatory when Google Drive was launched last month: people aren’t so comfortable trusting Google these days.

    Beyond all of this, Google already gets loads and loads of information via user consent. What is there to possibly gain from side-stepping security and possible legal protections to acquire even more? It’s like Google’s a data zombie that just can’t ever quite satiate that hunger for more brains.

    As mentioned, Google’s bread and butter is information. I get that. I also realize that Google’s habit of holding its cards close to its vest in order to not reveal what it’s doing with the information is probably more indicative of the competitive industry than sincere malice (at least, I hope that Google doesn’t have some Skynet future planned for all of us). However, Google needs to scale back the intensity with which it goes after personal information of people on the internet.

    It is not Google’s manifest destiny to pursue your personal data and it has done nothing to really earn any rights to it by misrepresenting its respect (or lack thereof) for privacy. If the company wants more personal data than it already has, it should be approaching the public directly instead of using some under-handed method that nobody knows about until after Google gets caught.

    Sorry, Google, but when we shook hands and I agreed to use Google services in exchange for you to use my information, I didn’t realize you had your fingers crossed behind your back. Not cool.

    In the end, there’s not really much else that can be done about the Google Street View eavesdropping. The FCC delivered its ceremonial slap on the wrist and Google still gets to keep the info it collected, so all in all, after a cost-benefit analysis at the day’s end, Google did pretty well for itself with the Street Car ordeal.

    Google has this irresistible habit of making people feel like it’s Google’s world and we’re just lucky to live in it. Such an approach creates this incredible cognitive dissonance with users, myself included, because I think Google does do a lot of great stuff. But this isn’t a zero-sum game and doing a good thing here or there shouldn’t mean that Google gets some credit to spend on breaking bad.

    But if this is indeed Google’s world, the lesson here is to protect your little corner of it and do common things like keep your Wi-Fi network secured. Anymore, if you’re savvy enough with encryption, you should probably limit what devices have permission to access the network, too. It sounds like it could be a pain for allowing visitors or neighbors access to your network, but hey – just assume that companies are spying on you and protect yourself according to your levels of fear. Better to be safe than sorry, really.

    And that’s the beast stalking between the lines of every story that comes out about Google’s sponging up of payload data via Wi-Fi networks: better to be safe than sorry because, anymore, it’s obvious that random upstart hackers are no longer the biggest concern for whenever we’re using unsecured connections. They’re still a concern, sure, but now we have to worry that enormous tech companies like Google are out there spying on us, which could have much greater ramifications. And if Google’s already spying on us, that begs the question: just how many other huge corporate (or even government) entities are out there spying on us, too?

    It’s probably a safe bet to assume all of them are.

  • Google Street View “Rogue” Engineer Identified in Spying Scandal

    When basically anything you want to know about the world is out there on the internet and all you need in order to find it is some gumption and know-how, is anybody surprised that the concealed identity of the engineer at the center of Google’s Street View scandal would stay concealed very long? Ironic, then, that the identity of the engineer who created the program that allowed Google’s Street View car to surreptitiously spy on internet users via unsecured Wi-Fi networks would be revealed by an anonymous former state investigator involved in a different Street View investigation.

    According to the New York Times, the former investigator, who spoke on the condition of anonymity, named the Google engineer as Marius Milner, a Wi-Fi specialist with a background in telecommunications. According to his LinkedIn page, which the Times was able to glimpse before it apparently went on lockdown, he described himself as, “I know more than I want to about Wi-Fi.”

    Both Google and the Federal Trade Commissions had refused to name Milner, referring to him only as Engineer Doe.

    A reporter for the Times apparently spoke to Milner on his doorstep, where he declined comment except for the cryptic defense against Google’s claims he acted as a rogue. Milner said that such an argument “requires putting a lot of dots together.” Beyond that, he declined comment and deferred the reporter to speak with his lawyer (who also declined to comment). Milner invoked his Fifth Amendment right to not talk during the FCC inquiry, which was why he was dubbed with the spooky moniker Engineer Due.

    Milner had been with Google since 2003. It was around that time that he developed the program NetStumbler, which was a Windows program capable of detecting Wi-Fi networks, also known as wardriving.

    The F.C.C. report notes that wardriving is “the practice of driving streets and using equipment to locate wireless local-area networks using Wi-Fi, such as wireless hot spots at coffee shops and home wireless networks.”

    To design Street View’s code for locating wireless hot spots, the F.C.C. report states, “Google tapped Engineer Doe.”

    The engineer — Mr. Milner’s LinkedIn entry says he has worked at Google’s YouTube subsidiary since November 2008 — wrote the code during the 20 percent of work time that the company gives employees to pursue ideas on their own, Google told the F.C.C., according to the agency’s full report.

    Prior to today’s big reveal, privacy advocate Consumer Watchdog had requested from the U.S. Senate that he be granted immunity in exchange for a testimony about the Street View scandal. However, it’s hard to parse exactly what immunity he’d be granted since the FCC has already deemed that Google broke no laws other than obstructing the investigation, for which the company was fined $25,000. Additionally, the Department of Justice apparently already looked into the matter and concluded it would not “pursue a case for violation of the Wiretap Act.”

    At any rate, it doesn’t sound like Milner isn’t going to easily let go of the fact that it sounds like Google may have tried to throw him under the bus when this story soured.

  • Jon Stewart Derides FCC for Weak Google Spying Fine

    Jon Stewart Derides FCC for Weak Google Spying Fine

    Do you remember earlier this week when the Federal Communications Commission issued a $25,000 fine to Google? You know, because of the unauthorized collection of personal information Google obtained from unsecured wi-fi networks while the Google Street View car was cruising around taking photos for Google Maps? If you do, good on you – you’re olfactory senses are keen to the smell of rotten. However, you would be forgiven for not remembering because the risible amount of the fine was hardly of note. In Google terms of money, it was less a fine and more like losing a few quarters to the cushioned trenches of the living room couch.

    Worse, the investigation was dropped by the FCC. And the fine wasn’t because Google was eavesdropping on unsecured wi-fi networks, either – it was because of Google’s obstinate lack of cooperation with the FCC’s investigation.

    While consumer advocacy groups have decried the FCC for taking a knee on Google’s wi-fi spying, the scandal officially debuted in the mainstream this past Wednesday when The Daily Show’s Jon Stewart assailed the government agency for producing a yawn in place of its Google investigation.

    Stewart repeatedly expressed his trademark derision-enshrouded-in-sarcasm at the FCC for letting Google essentially get away with spying on people. Mocking the amount that Google was fined, Stewart described the fine as “less than what you would get for a particularly flashy NFL touchdown dance.”

    Stewart’s final three words, delivered in such a way that was meant to clearly entertain, impute a bracing gravity of the entire situation when it comes to the government’s lack of interest or understanding in actually penalizing Google in a meaningful way: “We’re completely f—ed.”

    The full video is below.

    Of course, some have suggested that the FCC’s fine could step up the expected fines Google could receive from the Federal Trade Commission due to the company’s circumvention of the privacy settings of Safari users. Then again, The FCC’s lax punishment to Google could also swing the other way by setting the precedent of going easy on the search engine goliath when they don’t play by the rules.

  • Chinese Spies Target US Made Systems In Taiwan

    14 months ago Taiwanese Major General Lo Hsieh-che was arrested for being a Chinese spy. Since then 3 more people have been arrested for the same crime. The Chinese spies all seem to want one of two things. Either the Lockheed Martin and Raytheon-built Patriot Missile System made famous in the first gulf war for it’s ability to shoot down Scud missiles, Or the Lockheed-designed Po Sheng command and control system.

    Defense expert Arthur Ding of Taiwan’s Institute for International Relations said “China wants radar data so they can develop countermeasures, If you have this data, you can jam the system or redirect its missiles.” This would obviously be a blow to any future conflict between the United States and China over Taiwan. The United States has publicly declared that an attack on Taiwan by China would be considered an act of war against the U.S..

    Two former U.S. government officials familiar with American defense sales to Taiwan said that “despite some Taiwanese media reports, China’s recent espionage activity on the island does not threaten the integrity of U.S. defense technology. They said Washington withholds sensitive information and equips highly classified electronic components with anti-tamper devices.”

    “How Po Sheng is used, the network layouts, what systems are integrated into the network and what are not, all this would be very useful for the Chinese to know,” he said.

    The tension between the United States and China has been ramping up in the past few months. China is angry with the U.S. for getting involved in disputes in what it claims is it’s territories, and the U.S. is constantly admonishing China over it’s human rights violations. With China’s recent air craft carrier launch and leak of a new stealth fighter, they are looking to be a bigger player on the world wide scale. And the one place that the U.S. is leaps and bounds ahead of the rest of the world is military proprietary software. The defense systems in planes and ships is what the enemies want, not necessarily the hardware.

    (image)

    (image)

  • Guy Spies On Wife’s Sex Life With Under-The-Bed Transmitter

    Sometimes, a man can only take so much. And after walking in time after time on your wife and her boyfriend having sex, you have to take some steps to protect yourself.

    Wait, what?

    As odd as that sounds, that’s the quandary that faced 66-year-old Wayne Cripe of Raccoon Township, Pennsylvania. He’s being charged with misdemeanor invasion of privacy and felony attempt to intercept private communications after he allegedly planted a transmitter under his wife’s bed.

    If this sounds odd to you, let me explain. No, it wasn’t some sort of Lucy and Ricky bed scenario where a happily married couple just had their own beds. Mr. Cripe and his wife, Suzanne, apparently had been separated for awhile but were still married and lived in the same house.

    The Beaver County Times reports that Suzanna found the transmitter and immediately called the police. Since it was pretty obvious who would have a reason to place a transmitter under their estranged wife’s bed, police contacted Wayne, who immediately copped to the plant.

    His reasoning? He said he was simply tired of coming home to his wife and her boyfriend having sex and simply wanted to know if he was free to enter his house without having to walk in on them. Apparently, by the time the police questioned him, he had already thrown away the receiver.

    Hidden pieces of technology are not new to the jealousy games. Whether is be a hidden camera to catch a philandering husband or a GPS tracker to track the whereabouts of an unfaithful wife – people have been planting the ones they (used to) love with devices for decades. But this is the first time that I’ve heard of a man spying on his wife and her boyfriend inside their shared home – an odd one indeed.

    Some of the commenters on the Beaver Times are skeptical of the illegality of Mr. Cripe’s actions. “Charging a felony for putting a transmitter in your own home is asinine, and this tacky woman has no expectation of privacy so long as she chooses to live with her husband in their family home,” says one reader. What do you think? Let us know in the comments.

  • Android Users: Facebook May Have Read Your Text Messages

    You may not know it, Android users, but when you installed the Facebook mobile app on to your phone, you gave Facebook access to read your text messages. This fact rose to the surface yesterday after a report from the The Sunday Times revealed Facebook may or may not have been reading the text messages stored on the phones of Android users. And while scandal immediately begins to simmer with the start of those words, Facebook wasn’t exactly concealing this info as the company deferred to the Permissions page on Android Market and maintains that it didn’t do anything wrong.

    Facebook states that the reason it asked for the permission to read text messagers in the first place was because Facebook is prepping to launch its own messaging service. While it’s likely that most people missed this detail, Facebook actually – and very simply – states in the Permissions tab of Android Market that by installing the app the user thereby grants Facebook access to read their text messages:

    Facebook purports that it didn’t do anything wrong and dismissed the claims of spying on app users’ text messages as “creative conspiracy theorizing.” While Facebook may have a tight defense in the fact that they clearly stated in the Permissions that the app gives Facebook access to text messages stored on the phone, the company seems to be pushing back rather aggressively to the quasi-revelation. Facebook issued a statement to Business Insider explaining everything. It’s an interesting exercise in triangulation, so let’s take a piecemeal examination of Facebook’s defense and what is really wrong with it (the bits from Facebook’s statement are in italics).

    There is no reading of user text messages.

    Okay then, but what about that permission you stated on the Android Market?

    On the Android App store, the Facebook app permissions include SMS read/write.

    As evidenced above, we’ve already established this. Two sentences into the statement, though, Facebook’s already contradicted itself. Is it reading texts or is it not reading texts? Quandary abounds.

    The reason it is on there is because we have done some testing (not with the general public) of products that require the SMS part of the phone to talk to the Facebook App. That’s what the read&write refers to – the line of communication needed to integrate the two things.

    Hm. Well, okay, that makes sense, I suppose. “Not with the general public” is kind of cryptic, though.

    Lots of communications apps use these permissions. Think of all those apps that act as replacements to the build-in sms software.

    When are tech companies going to learn that when trying to argue away the possibility that they violated users’ privacy, don’t point to other companies that are doing the same thing and say, “Well they’re doing it, too, so what’s the problem?” For one, what other companies are doing may be wrong or cyberstalky and so aligning yourself with those companies might not be in the best public relations move. Second, even if what other companies are doing isn’t exactly wrong, do you really want to liken yourself to the lowest common denominator?

    Third, it’s just a childish response, Seriously, who are your handlers, Facebook? Do you guys not read this stuff before you send it out?

    That’s not necessarily what we’re working on. SMS can be used for carrier billing (where users opt to pay for things like apps through their phone bill). Again – that’s not to say we’re launching this. It’s just an example of why an app might use these permissions. The Sunday Times leap to the conclusion that is was a messaging feature.

    So Facebook wanted to study the messaging data of app users but the data is not going towards the launch of a messaging app from Facebook and, while the company could see where such information could be used toward launching such a messaging service, Facebook is confidently denying that they’re not working on a messaging app. Everybody clear on that?

    Anyway – we have yet to make any such features available to the public. (so the Sunday Times is completely wrong when it says Facebook is reading people’s SMS. Wrong on the terminology, and wrong on the suggestion that it has been implemented).

    Uh, what? Facebook says that the Times is completely wrong about the company reading people’s SMS, but then the second sentence of this same statement says “the Facebook app permissions include SMS read/write.” So does that mean while Facebook gave itself permission to read users’ texts, they didn’t actually take the opportunity to read those text messages? Facebook has unfettered and legal access to read all of the texts from Android users of the Facebook app, yet they didn’t read the the texts? We’re supposed to believe that?

    But Facebook is right to insert this into the Android app permissions – because yes, the app technically has the capability to integrate with the phone’s SMS system – even if that is just for our own testing.

    Even if it was for your own testing, Facebook, this still means you were reading the texts. Even if it meant you were only printing out the texts and printing them on rolls of customized toilet paper, it still means you were reading the texts that people had stored on their SIM card.

    In a separate statement from their offices in the United Kingdom, Facebook reiterated their dismissal of the Times’ report.

    “The Sunday Times has done some creative conspiracy theorising. The suggestion that we’re secretly reading people texts is ridiculous. Instead, the permission is clearly disclosed on the app page in the Android marketplace and is in anticipation of new features that enable users to integrate Facebook features with their reading and sending of texts.”

    Now it sounds like Facebook is admitting that they’re reading people’s text messages, just not secretly – something that was understood all along.

    Well, whatever excuse-juggling Facebook wants to offer up, two points remain salient in this frivolous exercise: One, Facebook has acquired access to Android app users’ text messages; two, Facebook can’t make up its mind as to why it wanted access to these texts nor whether or not they actually read them. For you Android users out there, how does this news make you feel? Were you aware the you’d agreed to allow Facebook access your SMS messages stored on the phone? Feel free to join the discussion below in the comments section.

  • Robot Cockroach Produces Its Own Power

    I think we can all agree that cockroaches are pretty gross. Science has always stuck up for the disgusting vermin and are once again championing the little guys as the first step towards cyborgs.

    Science has found a way, according to MSNBC, to convert the sugars in a cockroaches belly into electricity through a fuel cell. Once fuel cells are shrunk enough to be non-invasive to cockroaches, they can be implanted to power sensors or recording devices.

    Daniel Scherson, a chemist at Case Western Reserve University, explains how the nightmare fuel will be powered. A rechargeable battery is inserted alongside a biofuel cell that would store the small amount of energy it generates.

    “If you want to be futuristic, one may use the energy stored to try to control the neurological system of the cockroach and then you might be able to (control) the cockroach (with) a joystick,” Scherson told MSNBC.

    The alarming research points to a future of cockroach spies. Controllable cockroaches scurrying around being not only disgusting, but also spy equipment from the CIA.

    Looking deeper into the research, the scientists reveal that a cockroach’s diet is the main power source behind the electricity it can generate. This makes other forms of harnessing electricity, such as through movement, obsolete.

    The fuel cell developed by the team uses a series of reactions by enzymes to break down the sugar into electricity. The first enzyme breaks down the sugar produced by the cockroach into two simpler sugars. The second enzyme oxidizes the two simple sugars. This releases electrons that are funneled together to electrodes.

    The team tested it by inserting prototype electrodes into the belly of a female cockroach. The biofeul cell 0.2 volts of electricity. While not a huge amount, it’s the first baby step to the creation of robot cockroach monsters.

    The scientists have noble goals for now with this new found technology. They hope to equip social insects like bees or ants with sensors that can detect dangerous chemicals.

    The battery operating at 0.2 volts is enough to send a message by a few inches. Theoretically, you could line up a bunch of ants and play a wicked game of telephone to spy on potential criminals.

    This does bring into question what science will do once they develop true robot cockroaches or ants that can’t be killed by radiation or big guns. The world will not end with zombies, but rather robot cockroaches. Regardless, the technology is still pretty impressive. It just terrifies me.

  • Assange to iPhone, Blackberry, Gmail Users: “You’re All Screwed.”

    Yesterday marked the launch of Wikileaks’ newest project, the Spyfiles, following an announcement from Julian Assange while speaking on a panel at the Bureau of Investigative Journalism at the City University of London. Addressing the audience, Assange casually dropped the bomb that a new batch of files uncover the “international mass-surveillance industry.” From the conference:

    In what sounds like the most dystopian novel I’ve ever read, Wikileaks explained the extent of the surveillance operation in a release:

    International surveillance companies are based in the more technologically sophisticated countries, and they sell their technology on to every country of the world. This industry is, in practice, unregulated. Intelligence agencies, military forces and police authorities are able to silently, and on mass, and secretly intercept calls and take over computers without the help or knowledge of the telecommunication providers. Users’ physical location can be tracked if they are carrying a mobile phone, even if it is only on stand by.

    But the WikiLeaks Spy Files are more than just about ’good Western countries’ exporting to ’bad developing world countries’. Western companies are also selling a vast range of mass surveillance equipment to Western intelligence agencies. In traditional spy stories, intelligence agencies like MI5 bug the phone of one or two people of interest. In the last ten years systems for indiscriminate, mass surveillance have become the norm. Intelligence companies such as VASTech secretly sell equipment to permanently record the phone calls of entire nations. Others record the location of every mobile phone in a city, down to 50 meters. Systems to infect every Facebook user, or smart-phone owner of an entire population group are on the intelligence market.

    The Wikileaks release also explains that citizens involved in overthrowing their respective dictators during the Arab Spring this year discovered listening rooms “where devices from Gamma corporation of the UK, Amesys of France, VASTech of South Africa and ZTE Corp of China monitored their every move online and on the phone.” Further, the Spyfiles announcement details how surveillance entities in the U.S., Italy and France have manufactured viruses to infiltrate private computers and smart phones – they’re looking at you, iPhone, Blackberry, and Gmail users – in order to essentially hijack the device and record its every movement.

    Wikileaks cohort OWNI have taken the Spyfiles release and created a remarkably fascinating – and outright terrifying – interactive map to help make sense of this new information to the visually-inclined. Go ahead and play around with it and become scared.

    Not included in the video above is an extended account of how intelligence surveillance isn’t only limited to certain regions of the world:

    But software users in the West are not safe either. Assange and other members of the panel told reporters how Western intelligence services used electronic devices to monitor the activities of its citizens. In Britain MI5 apparently used specialized voice recognition software implanted into cell phones that could make out who was speaking to whom. Other intelligence agencies had the ability to figure out where exactly the user was located, what they were typing and what they looked like. One of the programs allowed agencies to take photos of unsuspecting victims by using cameras implanted into their phones.

    One intrepid tweeter already seems to have corroborated Wikipedia’s claim:

    @SinkDeep
    submarine    This means MX has a “Nationwide Voice Identification and Database Management” or WTF? Scroll to 14:00-14:30 http://t.co/T0VlPcy0 #spyfiles 51 minutes ago via YoruFukurou · powered by @socialditto

    More mysterious is that Wikileaks seems to be experiencing some accessibility issues with their website right now following the release of the Spyfiles:

    @wikileaks
    WikiLeaks    http://t.co/FmXHDt3X is blocked following #SpyFiles release. We are investigating cause, but it isn’t a capacity issue. 25 minutes ago via web · powered by @socialditto

    Not to be crass about what has been a pretty sobering article up to this point, but does this mean that I should hurry up and pay my parking tickets now or is it really just too late to even worry about that?