SSL and internet security news

Monthly Archive: October 2014

Hacking Team Documentation

The Intercept has published the complete manuals for Hacking Team’s attack software. This follows a detailed report on Hacking Team’s products from August. Hacking Team sells computer and cell phone hacking capabilities to the governments of Azerbaijan, Colombia, Egypt, Ethiopia, Hungary, Italy, Kazakhstan, Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Saudi Arabia, Sudan, Thailand, Turkey, UAE, and Uzbekistan… and probably others as well.

This is important. The NSA’s capabilities are not unique to the NSA. They’re not even unique to countries like the US, UK, China, Russia, France, Germany, and Israel. They’re available for purchase by any totalitarian country that wants to spy on foreign governments or its own citizens. By ensuring an insecure Internet for everyone, the NSA enables companies like Hacking Team to thrive.

Powered by WPeMatico

The Risk of Unfounded Ebola Fears

Good essay.

Worry about Ebola (or anything) manifests physically as what’s known as a fight, flight, or freeze response. Biological systems ramp up or down to focus the body’s resources on the threat at hand. Heart rate and blood pressure increase, immune function is suppressed (after an initial burst), brain chemistry changes, and the normal functioning of the digestive system is interrupted, among other effects. Like fear itself, these changes are protective in the short term. But when they persist, the changes prompted by chronic stress — defined as stress beyond the normal hassles of life, lasting at least one to two weeks — are associated with increased risk of cardiovascular disease (the leading cause of death in America); increased likelihood and severity of clinical depression (suicide is the 10th leading cause of death in America); depressed memory formation and recall; impaired fertility; reduced bone growth; and gastrointestinal disorders.

Perhaps most insidious of all, by suppressing our immune systems, chronic stress makes us more likely to catch infectious diseases, or suffer more­ — or die­ — from diseases that a healthy immune system would be better able to control. The fear of Ebola may well have an impact on the breadth and severity of how many people get sick, or die, from influenza this flu season. (The CDC reports that, either directly or indirectly, influenza kills between 3,000 and 49,000 people per year.)

There is no question that America’s physical, economic, and social health is far more at risk from the fear of Ebola than from the virus itself.

EDITED TO ADD (10/30): The State of Louisiana is prohibiting researchers who have recently been to Ebola-infected countries from attending a conference on tropical medicine. So now we’re at a point where our fear of Ebola is inhibiting scientific research into treating and curing Ebola.

Powered by WPeMatico

Survey on What Americans Fear

Interesting data:

Turning to the crime section of the Chapman Survey on American Fears, the team discovered findings that not only surprised them, but also those who work in fields pertaining to crime.

“What we found when we asked a series of questions pertaining to fears of various crimes is that a majority of Americans not only fear crimes such as, child abduction, gang violence, sexual assaults and others; but they also believe these crimes (and others) have increased over the past 20 years,” said Dr. Edward Day who led this portion of the research and analysis. “When we looked at statistical data from police and FBI records, it showed crime has actually decreased in America in the past 20 years. Criminologists often get angry responses when we try to tell people the crime rate has gone down.”

Despite evidence to the contrary, Americans do not feel like the United States is becoming a safer place. The Chapman Survey on American Fears asked how they think prevalence of several crimes today compare with 20 years ago. In all cases, the clear majority of respondents were pessimistic; and in all cases Americans believe crime has at least remained steady. Crimes specifically asked about were: child abduction, gang violence, human trafficking, mass riots, pedophilia, school shootings, serial killing and sexual assault.

Powered by WPeMatico

Apple Copies Your Files Without Your Knowledge or Consent

EDITED TO ADD (10/28): This is a more nuanced discussion of this issue. At this point, it seems clear that there is a lot less here than described in the blog post below.

The latest version of Apple’s OS automatically syncs your files to iCloud Drive, even files you choose to store locally. Apple encrypts your data, both in transit and in iCloud, with a key it knows. Apple, of course, complies with all government requests: FBI warrants, subpoenas, and National Security Letters — as well as NSA PRISM and whatever-else-they-have demands.

EDITED TO ADD (10/28): See comments. This seems to be way overstated. I will look at this again when I have time, probably tomorrow.

Powered by WPeMatico

US Intelligence "Second Leaker" Identified

There’s a report that the FBI has identified a second leaker:

The case in question involves an Aug. 5 story published by The Intercept, an investigative website co-founded by Glenn Greenwald, the reporter who first published sensitive NSA documents obtained from Snowden.

Headlined “Barack Obama’s Secret Terrorist-Tracking System, by the Numbers,” the story cited a classified government document showing that nearly half the people on the U.S. government’s master terrorist screening database had “no recognized terrorist affiliation.”

The story, co-authored by Jeremy Scahill and Ryan Devereaux, was accompanied by a document “obtained from a source in the intelligence community” providing details about the watch-listing system that were dated as late as August 2013, months after Snowden fled to Hong Kong and revealed himself as the leaker of thousands of top secret documents from the NSA.

I think this is “Leaker #3” on my list, even though it’s probably the “second leaker” discussed in the documentary Citizen Four.

Powered by WPeMatico