Surveillance State- Page 3

Turkish police may have beaten encryption key out of TJ Maxx suspect

Updated Jan 27 2009 with a comment from the Turkish Government. See below

When criminals turn to disk encryption to hide the evidence of their crimes, law enforcement investigations can hit a brick wall. Where digital forensics software has failed to recover encryption passwords, one tried and true technique remains: violence. It is is this more aggressive form of good cop bad cop behavior which the Turkish government is alleged to have turned to, in order to learn the cryptographic keys of one of primary ringleaders in the TJ Maxx credit card theft investigation.

The 2005 theft of tens of … Read more

McCain seeks special 'fair use' copyright rules for VIPs

John McCain's presidential campaign has discovered the remix-unfriendly aspects of American copyright law, after several of the candidate's campaign videos were pulled from YouTube.

McCain has now discovered the rights holder friendly nature of the Digital Millennium Copyright Act, which forces remixers to fight an uphill battle to prove that their work is a "fair use."

However, instead of calling for an overhaul of the much hated law, McCain is calling for VIP treatment for the remixes made by political campaigns.

McCain's proposal: complaints about videos uploaded by a political campaign would be manually reviewed … Read more

With 'Ubiquity,' Mozilla chooses functionality over security

How popular can a piece of software get before being in "beta" is no longer a legitimate excuse for known software flaws? Or, to put it another way, is it responsible to allow hundreds of thousands of people to install your product, when you know ahead of time that doing so opens them up to attack?

The software visionaries at the Mozilla Corporation, which makes the popular Firefox web browser, have taken the approach that creativity and functionality is king--even if security has to take a backseat. Case in point: The widely praised "Ubiquity" software add-on, which brings an amazingly rich and extensible new form of interaction to the Firefox Web browser.

The technology press has showered praise upon the developers of this software tool. However, in prioritizing functionality over security, Mozilla Labs punted complex trust choices to end users--the vast majority of whom are ill-equipped to make such decisions. The end result is that the hundreds of thousands of users of Ubiquity face a significant risk of browser hijacking by attackers, which could result in the theft of e-mail and online banking account information.

State attorneys general push online child safety snake oil

Updated:This post originally contained incorrect information about Sentinel's products. That has been corrected (see below).

Attorneys general from a number of states have given their support to a collection of weak and ineffective age verification technologies, all of which aim to protect children on the Internet. At a meeting of the Internet Safety Technical Task Force at Harvard University on Tuesday, the consensus seemed to be that while none of the technologies actually work, doing anything at all was better than nothing. Simply put, no one wants to be blamed for inaction against online child predators.

Kicking off … Read more

ESPN's ISP discrimination shakes Net neutrality hornet's nest

Now that the FCC has delivered a smackdown to Comcast for its sketchy anti-BitTorrent activities, it's about time that some other company stepped up to the plate and breathed life into the Net neutrality debate. Surveillance State is happy to report that the Walt Disney-owned ESPN sports network, through its selective blocking of people from particular Internet service providers, may very well wake the sleeping giant that is Net neutrality.

ESPN360.com bills itself as the premier destination for streaming access to live sports events. If the sport or team you love isn't important enough to be shown … Read more

Debunking Google's log anonymization propaganda

Google announced on Monday that the company will be reducing the amount of time that it will keep sensitive, identifying log data on its search engine customers. To the naive reader, the announcement seems like a clear win for privacy. However, with a bit of careful analysis, it's possible to see that this is little more than snake oil, designed to look good for the newspapers, without delivering real benefits to end users.

In a post to the company blog on Monday, the company announced that it will be significantly reducing the amount of time that it hangs onto … Read more

Exclusive: Widespread cell phone location snooping by NSA?

If you thought that the National Security Agency's warrantless wiretapping was limited to AT&T, Verizon and Sprint, think again.

While these household names of the telecom industry almost certainly helped the government to illegally snoop on their customers, statements by a number of legal experts suggest that collaboration with the NSA may run far deeper into the wireless phone industry. With over 3,000 wireless companies operating in the United States, the majority of industry-aided snooping likely occurs under the radar, with the dirty-work being handled by companies that most consumers have never heard of.

A recent … Read more

University clears Tor snooping researchers of misconduct

An internal review by University of Colorado officials has found that a controversial research project conducted by a team of computer scientists did not constitute research misconduct. University lawyers have also stated their belief that the team probably did not violate US wiretapping laws.

As I reported in a blog post yesterday, a team of researchers from both the University of Colorado and University of Washington recently presented a controversial study in which they recorded a limited portion of the communications of users of Tor -- a popular anonymizing proxy network.

According to a written statement posted by the research team, … Read more

Researchers could face legal risks for network snooping

A group of researchers from the University of Colorado and University of Washington could face both civil and criminal penalties for a research project in which they snooped on users of the Tor anonymous proxy network. Should federal prosecutors take interest in the project, the researchers could also face up to 5 years in jail for violating the Wiretap Act.

The team of two graduate students and three professors neither sought legal review of the project, nor ran it past the Human Subjects Committee at their university, putting them in a particularly dangerous position.

The academic paper, "Shining Light in Dark Places: Understanding the Tor Network&… Read more

Cable giants bullied into new child porn censorship deal

The major national cable providers are all to sign a troubling yet major censorship deal with a private anti-child porn organization. The deal would give the National Center for Missing and Exploited Children (NCMEC) carte blanche power to issue a takedown of any customer's content hosted on a cable provider's servers.

The group will provide each cable company with a list of Web site addresses that they believe contain child porn. The cable companies will then, per the agreement, scrub the content from their servers.

A press release describing the agreement states that:

The cable operators that have … Read more