President Obama Rightly Emphasizes Need For Better Intelligence, But Erroneously Defends State Of Terror Watch Lists: Via ACLU - Privacy.

Government Should Protect Civil Liberties While Protecting Safety, Says ACLU

FOR IMMEDIATE RELEASE
CONTACT: (212) 549-2666; media@aclu.org

NEW YORK – President Obama today addressed airport security in remarks responding to the Christmas Day attack on a plane headed for Detroit.

The following can be attributed to Anthony D. Romero, Executive Director of the American Civil Liberties Union:

"We welcome President Obama's emphasis on better information and intelligence sharing between government agencies. Our limited security resources should be invested where they will do the most good and have the best chance of thwarting attacks, and that means developing competent intelligence and law enforcement agencies that will stop terrorists before they get to the airport. [ Read more ... ]

The Joys of Airstrikes and Anonymity: Via Salon: Glenn Greenwald.

Each time the U.S. bombs a new location in the Muslim world, the same pattern emerges.  First, officials from the U.S. or allied governments run to their favorite media outlet to claim -- anonymously -- that some big, bad, notorious, "top" Al Qaeda leader "may have been" or "likely was" killed in the strike, and this constitutes a "stinging" or "devastating" blow against the Terrorist group.  These compliant media outlets then sensationalistically trumpet that claim as the dominant theme of their "reporting" on the attack, drowning out every other issue.  [ Read more ... ]

A court decision that reflects what type of country the U.S. is: Via Salon: Glenn Greenwald.

It's not often that an appellate court decision reflects so vividly what a country has become, but such is the case with yesterday's ruling by the Second Circuit Court of Appeals in Arar v. Ashcroft (.pdf).  Maher Arar is both a Canadian and Syrian citizen of Syrian descent.  A telecommunications engineer and graduate of Montreal's McGill University, he has lived in Canada since he's 17 years old.  In 2002, he was returning home to Canada from vacation when, on a stopover at JFK Airport, he was (a) detained by U.S. officials, (b) accused of being a Terrorist, (c) held for two weeks incommunicado and without access to counsel while he was abusively interrogated, and then (d) was "rendered" -- despite his pleas that he would be tortured -- to Syria, to be interrogated and tortured.  He remained in Syria for the next 10 months under the most brutal and inhumane conditions imaginable, where he was repeatedly tortured.  Everyone acknowledges that Arar was never involved with Terrorism and was guilty of nothing.  I've appended to the end of this post the graphic description from a dissenting judge of what was done to Arar while in American custody and then in Syria. [ Read more ... ]

Mossad Hacked Syrian Official’s Computer Before Bombing Mysterious Facility: Via Threat Level.

Agents of Israel’s Mossad intelligence service hacked into the computer of a senior Syrian government official a year before Israel bombed a mysterious facility in Syria in 2007, according to Der Spiegel.

The intelligence agents planted a Trojan horse on the official’s computer in late 2006 while he was staying at a hotel in the Kensington district of London, the German newspaper reported Monday in an extensive account of the bombing attack.

The official reportedly left his computer in his hotel room when he went out, making it easy for agents to install the malware that siphoned files from the laptop. The files contained construction plans for the Al Kabir complex in eastern Syria — said to be an illicit nuclear facility — as well as letters and hundreds of detailed photos showing the complex at various stages of construction. [ Read more ... ]

"Evil Maid" Attacks on Encrypted Hard Drives: Via Schneier on Security.

Earlier this month, Joanna Rutkowska implemented the "evil maid" attack against TrueCrypt. The same kind of attack should work against any whole-disk encryption, including PGP Disk and BitLocker. Basically, the attack works like this:

Step 1: Attacker gains access to your shut-down computer and boots it from a separate volume. The attacker writes a hacked bootloader onto your system, then shuts it down.

Step 2: You boot your computer using the attacker's hacked bootloader, entering your encryption key. Once the disk is unlocked, the hacked bootloader does its mischief. It might install malware to capture the key and send it over the Internet somewhere, or store it in some location on the disk to be retrieved later, or whatever. [ Read more ... ]

It’s Funny Because It’s True: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

Yesterday, Newark, N.J. Mayor Cory Booker jokingly placed Tonight Show host Conan O’Brien on the “Newark New Jersey Airport No-Fly List,” after the comedian poked fun at the city on his late night television show.  Mayor Booker’s joke about O’Brien’s potential barring from flying out of New Jersey is very funny. Maybe O’Briens across the country should be worried and leave extra time for future hassles at the airport, as should O’Brians, Obriens, Obermans, and people named Conan.  Just ask the wife of Alaska Senator Ted Stevens, Catherine.  She shares a name with No-Fly lister Yusuf Islam, a.k.a. Cat Stevens.

Sadly though, many innocent Americans are tangled in the web of the no-fly list every day because they have a name similar to a possible terrorist suspect.  The list has over a million names on it.  We’re not sure if making a joke that someone else doesn’t like will get you on the list, but for all the people who can’t find out why they’ve been listed and can’t get off, it might as well be true.

Read Original Article:(Via Blog of Rights: Official Blog of the American Civil Liberties Union.)

Safety first for IT executives in China: Via CRN Australia .

US Government recommends weighing laptop before and after each visit.

Senior executives in US IT companies have been advised by the US Government to follow extremely strict policies for visits to China which extend far beyond standard software protection.

The policies encourage them to leave their standard IT equipment at home and to buy separate gear only for use in China. [ Read more ... ]

A Freedom-of-Speech Approach To Limiting Filesharing - Part I: Filesharing and Spam: Via Freedom to Tinker.

[Today we kick off a series of three guest posts by Mitch Golden. Mitch was a professor of physics when, in 1995, he was bitten by the Internet bug and came to New York to become an entrepreneur and consultant. He has worked on a variety of Internet enterprises, including one in the filesharing space. As usual, the opinions expressed in these posts are Mitch's alone. -- Ed]

The battle between the record labels and filesharers has been somewhat out of the news a bit of late, but it rages on still. There is an ongoing court case Arista Records v LimeWire, in which a group of record labels are suing to have LimeWire held accountable for the copyright infringing done by its users. Though this case has attracted less attention than similar cases before it, it may raise interesting issues not addressed in previous cases. Though I am a technologist, not a lawyer, this series of posts will advocate a way of looking at the issues, including legal, using a freedom-of-speech based approach, which leads to some unusual conclusions.

Let's start by reviewing some salient features of filesharing. [ Read more ... ]

Like Frankenstein’s Monster, DHS and the Senate Try to Revive Real ID: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

Secretary of Homeland Security Janet Napolitano said today that Real ID was "DOA". That’s "Dead On Arrival" for the tiny percentage of you out there who don’t watch a lot of cop shows on TV. What she meant was that states are not implementing Real ID. She repeatedly referenced the fact that 13 states have opted out of Real ID altogether, passing statutes that bar participation in the program. Of course the ACLU agrees with that message, we’ve been shouting it from the rooftops for years. But the real question is: If Real ID is dead, why is everybody working so hard to bring it back to life?

That was the theme at a hearing held today by the Senate Committee on Homeland Security and Governmental Affairs entitled Identification Security: Reevaluating the REAL ID Act . [ Read more ... ]

Chinese Spying Claimed in Purchases of NSA Crypto Gear: Via Threat Level.

A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.

Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuok indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” [ Read more ... ]

IFPI boss at TPB trial: you're either with us or against us: Via Law & Disorder Section - Ars Technica

Since it began last week, the trial of the Pirate Bay in Sweden has truly been a "spectrial"—and not just because of juvenile Pirate Bay antics such as last night's open letter to IFPI boss John Kennedy. The spectacle kicked back into high gear Wednesday as Kennedy traveled from London to Sweden to give testimony in the trial on behalf of the worldwide major-label music industry. [ Read more ... ]

Senate Set to Re-Up Bush Warrantless Spying Powers in U.S. - Via Threat Level:

The Senate is set to revisit the legislation permanently granting the government's spies a free hand to unilaterally wiretap American telecom facilities and services and give immunity to the government's corporate partners in its warrantless wiretapping program, as Senate leaders and President Bush hope to push the measure through a typically slow legislative process by February 1.

That's the day that the controversial Protect America Act expires, leaving the nation's spooks without a tool to order new wiretaps on American soil without actually getting a court order from a special court.

The contours of the battle seemed not to have changed since the last skirmish in December, despite the Mr. Smith Goes to Washington-like opposition by Senator Christopher Dodd (D-Connecticut) that won a month's reprieve for anti-immunity forces. [ Read more ... ]

Embattled Attorney General Resigns: WACO, Tex., Aug. 27 — Attorney General Alberto R. Gonzales, whose tenure has been marred by controversy and accusations of perjury before Congress, has resigned. He is expected to announce the decision to reporters at 10:30 Eastern time this morning in Washington.

Mr. Gonzales, who had rebuffed calls for his resignation for months, submitted his to President Bush by telephone on Friday, a senior administration official said.

Mr. Bush has not yet chosen a replacement but will not leave the position open long, the official said early this morning, speaking on condition of anonymity because the resignation had not yet been made public. [ Read more ... ]

Government Busts Identity Theft Ring That Targeted Forbes 400 Richest -- ID Theft:
A 24-year-old Russian and four co-conspirators are accused of stealing $1.5 million by obtaining victims' personal identifying information.

[...]

Government authorities arrested and indicted five members of an alleged identity theft ring that was targeting billionaires from Forbes magazine's ranking of the 400 richest Americans.

Manhattan District Attorney Robert M. Morgenthau announced on Thursday that the defendants -- four of whom were arrested Thursday and are in custody in Michigan, Texas, Florida, and Kentucky -- have been charged with stealing $1.5 million and attempting to steal another $10.7 million from their victims' financial accounts. Another defendant, Igor Klopov, was arrested in May and is in custody in New York. [ Read more ... ]

Michigan man dodges prison in theft of Wi-Fi | Tech news blog - CNET News.com: "A Michigan man who used a coffee shop's unsecured Wi-Fi to check his e-mail from his car could have faced up to five years in prison, according to local TV station WOOD. But it seems few in the village of Sparta, Mich., were aware that using an unsecured Wi-Fi connection without the owner's permission--a practice known as piggybacking--was a felony. [ Read more ... ]

Michigan Man Charged for Using Free WiFi: "Nichole writes 'Sam Peterson II was charged with unauthorized use of computer access for using a coffee shop's free WiFi. He is facing a 5 year felony charge and a $10,000 fine but apparently got off lucky and received only a $400 fine and 40 hours of community service because he was a first time offender. [ Read more ... ]

Officials vow security probe at Palo Verde: "State and federal officials plan inquiries into operations at Palo Verde Nuclear Generating Station in the wake of accusations that a former plant employee illegally downloaded software with details of the plant while he was in Iran.

Arizona Congressmen Harry Mitchell and John Shadegg on Saturday termed the allegations 'troubling' and promised a detailed review.

'It is very troubling to learn that a Palo Verde employee may have smuggled secrets about the nuclear plant to a dangerous regime dead-set on developing a nuclear weapon,' said Mitchell, a freshman Democrat. 'This requires an internal review of all security procedures in the plant and requires us to look closely at what can be done to prevent this from happening again.' [ Read more ... ]

Rapid Expansion of Smart Cards in Government Evident - April 2007: "Speakers at the Smart Card Alliance government conference reported on the significant progress in smart card programs and available technology since they last met in Washington D.C. one year ago.

'The e-passport program is putting millions of smart cards in the hands of U.S. citizens, and Registered Traveler and HSPD-12 identity programs are now up and running and will also be issuing millions of smart cards by this time next year,' said Randy Vanderhoof, executive director of the Smart Card Alliance. [ Read more ... ]

Stalking Strangers%u2019 DNA to Fill in the Family Tree - New York Times: "They swab the cheeks of strangers and pluck hairs from corpses. They travel hundreds of miles to entice their suspects with an old photograph, or sometimes a free drink. Cooperation is preferred, but not necessarily required to achieve their ends.

If the amateur genealogists of the DNA era bear a certain resemblance to members of a 'CSI' team, they make no apologies. Prompted by the advent of inexpensive genetic testing, they are tracing their family trees with a vengeance heretofore unknown. [ Read more ... ]

Mayor Defends Spying by Police Before G.O.P. Convention - New York Times: "'We had a fundamental responsibility to learn whether groups might include any potential terrorists or anarchists planning to cause or take advantage of any disruptions,' Mr. Bloomberg told reporters at a news conference. Toward that end, he said, the Police Department monitored those who said they intended vandalism or disruptions and, he added, 'in a few instances, we did keep track of groups or individuals who did plan to come to New York for the R.N.C. convention and who might have been planning violent acts.' [ Read more ... ]

Son of TIA Will Mine Asian Data: "Iran-Contra conspirator John Poindexter travels to Singapore for the kick-off an improved version of the Total Information Awareness program. By Sharon Weinberger.

(Via Wired News: Security Blanket.)