Saturday, September 14, 2013

Apple's Fingerprint ID May Mean You Can't 'Take The Fifth'

Source: Wired Threat Level

...the constitutional protection of the Fifth Amendment, which guarantees that “no person shall be compelled in any criminal case to be a witness against himself,” may not apply when it comes to biometric-based fingerprints (things that reflect who we are) as opposed to memory-based passwords and PINs (things we need to know and remember).

6 Whopping Misstatements By The Government About The NSA

Source: Wired Threat Level

“… NSA takes significant care to prevent any abuses and that there is a substantial oversight system in place.” -- Sen. Dianne Feinstein (D-California), August 23.

“The ongoing national dialogue is not about your performance. The NSA/CSS work force has executed its national security responsibilities with equal and full respect for civil liberties and privacy.” -- NSA chief Keith Alexander, June 25.

“The government cannot target anyone under the court-approved procedures for this program unless there is an appropriate and documented foreign intelligence purpose for the acquisition, such as for the prevention of terrorism, hostile cyber activities or nuclear proliferation” --  Attorney General Eric Holder, June 15

“Now part of the reason [NSA spy powers] are not abused is because they’re — these checks are in place, and those abuses would be against the law and would be against the orders of the FISC,”  -- President Barack Obama, August 9.

“The administration is obeying the law, but the fact is we want more oversight.” -- House Minority Leader Nancy Pelosi (D-California), June 6

Sen. Ron Wyden (D-Oregon) asked “So what I wanted to see is if you could give me a yes or no answer to the question: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?”

“Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly.” --  James Clapper, director of national intelligence, March 12

Reporter’s note: Government officials have uttered plenty of other untruths in the wake of Snowden’s revelations.

FBI Admits It Controlled Tor Servers Behind Mass Malware Attack

Source: Wired Threat Level

It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors.

Freedom Hosting was a provider of turnkey “Tor hidden service” sites — special sites, with addresses ending in .onion, that hide their geographic location behind layers of routing, and can be reached only over the Tor anonymity network. Tor hidden services are used by sites that need to evade surveillance or protect users’ privacy to an extraordinary degree – including human rights groups and journalists.

...the FBI took over the servers in late July...

On August 4, all the sites hosted by Freedom Hosting ... began serving an error message with hidden code embedded in the page. ... it exploited a security hole in Firefox to identify users of the Tor Browser Bundle ...

... It looked up the victim’s MAC address — a unique hardware identifier for the computer’s network or Wi-Fi card — and the victim’s Windows hostname. Then it sent it to a server in Northern Virginia server, bypassing Tor, to expose the user’s real IP address, coding the transmission as a standard HTTP web request.