Search
Net Spying Firm and ISPs Sued Over Ad System: Via Threat Level
Net eavesdropping firm NebuAd and its partner ISPs violated hacking and wiretapping laws when they tested advertising technology that spied on ISP customers web searches and surfing, according to a lawsuit filed in federal court Monday.
The lawsuit seeks damages on behalf of thousands of subscribers to the five ISPs that are known to have worked with NebuAd. If successful, the suit could be the final blow to the company, which abandoned its eavesdropping plans this summer after powerful lawmakers began asking if the companies and ISPs violated federal privacy law by monitoring customers to deliver targeted ads.
NebuAd paid ISPs to let it install internet monitoring machines inside their network. Those boxes eavesdropped on users' online habits -- and altered the traffic going to users in order to track them better. That data was then used to profile users in order to deliver targeted ads on other websites.
For instance, if NebuAd noted that someone had repeatedly searched for information about smart phones, it would serve a targeted ad for iPhones the next time you went to a webpage NebuAd sold advertising on. Having that breadth of info on a user, which would be far deeper than any other only ad firm, the compnay would be able to charge advertisers a steep premium.
The suit alleges the ISPs and NebuAd both violated anti-wiretapping statutes by capturing users' online communications without giving adequate notice or getting consent. read more »
Internet black boxes to record every email and website visit - Via Telegraph(UK):
Internet "black boxes" could be used to record every email and website visit made by computer users in Britain, it has been reported.
Under Government plans to monitor internet traffic, raw data would be collected and stored by the black boxes before being transferred to a giant central database.
The vision was outlined at a meeting between officials from the Home Office and Internet Service Providers earlier this week.
It is further evidence of the Government's desire to have the capability to vet every telephone call, email and internet visit made in the UK, which has already provoked an outcry.
Richard Thomas, the Information Commissioner, has described it as a "step too far".
The proposal is expected to be put out to consultation as part of the new Communications Data Bill early next year. read more »
Three Plead Guilty in $2 Million Citibank ATM Caper - Via Threat Level:
Three New Yorkers accused of using hacked Citibank ATM card numbers and PINs to steal $2 million from customer accounts in four months have pleaded guilty to federal conspiracy and access device fraud charges.
The defendants -- Ivan Biltse, Angelina Kitaeva and Yuriy Rakushchynets, aka Yuriy Ryabinin -- are among 10 suspects charged earlier this year in connection with a breach of a server that processes ATM transactions from 7-Eleven convenience stores. Those ATMs are branded Citibank, but they're owned by Houston-based Cardtronics.
Court records indicate a Russian hacker cracked the ATM server in late 2007, and monitored transactions from 7-Eleven cash machines long enough to capture thousands of account numbers and PINs. The Russian then farmed out the stolen data to mules in the United States, who burned the account numbers onto blank mag-stripe cards and withdrew cash from Citibank ATMs in the New York area for at least five months, sending 70 percent of the take back to Russia. read more »
PA County's Voting Machines Impounded Following Complaints - Via Threat Level:
Touch-screen voting machines used yesterday in Northumberland County, Pennsylvania, have been impounded on a judge's order after voters experienced problems on the machines when trying to vote a straight-party ticket.
County poll workers discovered around 7:30 am Tuesday morning that voters who chose to vote a straight-party ticket could not see their selections on the summary review screen. The summary review screen allows voters to verify that the machine has registered their selections accurately before they cast their ballot. read more »
Election Problems Around the Country - Via Threat Level:
Voters around the country are experiencing problems this morning as voting machines break down and long lines form.
There are only a few surprises among the issues voters are reporting, since we've seen many of the same problems in past elections.
Virginia and Pennsylvania are standing out as especially problematic. Neither state provided open early voting, so the turnout is especially large. (Virginia and Pennsylvania offered some early voting but it was limited mostly to voters who had specific reasons for being unable to vote at a poll on election day and, in Virginia, to voters who wanted to vote only in the presidential race and no other race on the ballot.)
About a dozen locations in Pennsylvania have experienced widespread voting machine problems and voters in dozens of Virginia precincts are reporting machines that are down as well. There are reports of precincts that are at a standstill or have been closed down.
The issue that concerns legal experts is what these and other states are doing when machines fail. read more »
ES&S Voting Machines in Michigan Flunk Tests, Don't Tally Votes Consistently - Via Threat Level:
Optical-scan machines made by Election Systems & Software failed recent pre-election tests in a Michigan county, producing different tallies for the same ballots every time, the top election official in Oakland County revealed in a letter made public Monday.
The problems occurred during logic and accuracy tests in the run-up to this year's general election, Oakland County Clerk Ruth Johnson disclosed in a letter submitted October 24 (.pdf) to the federal Election Assistance Commission (EAC). The machines at issue are ES&S M-100 optical-scan machines, which read and tally election results from paper ballots.
Johnson worried that such problems -- linked tentatively to paper dust build-up in the machines -- could affect the integrity of the general election this week. read more »
Report: ES&S Voting Machines Can Be Maliciously Calibrated to Favor Specific Candidates - Via Threat Level:
Touchscreen voting machines at the center of recent vote-flipping reports can be easily and maliciously recalibrated in the field to favor one candidate in a race, according to a report prepared by computer scientists for the state of Ohio.
At issue are touchscreen machines manufactured by ES&S, 97,000 of which are in use in 20 states, including counties in the crucial swing states of Ohio and Colorado. The process for calibrating the touchscreens allows poll workers or someone else to manipulate specific regions of the screen, so that a touch in one region is registered in another. Someone attempting to rig an election could thus arrange for votes for one candidate to be mapped to the opponent. read more »
Video the Vote Slammed Over Misleading Vote-Flipping Video - Via Threat Level:
A group that organizes citizen journalists has run afoul of election officials in West Virginia who are threatening to file a civil rights complaint after the group posted an edited video showing a West Virginian election clerk voting on an uncalibrated touch-screen voting machine made by Election Systems & Software.
In the video, which was edited down from its original 36 minutes (see the video above) to about 2 minutes (see video at end of post), Jackson County Election Clerk Jeff Waybright shows how a machine can flip votes from one candidate to another if it's not calibrated. But when Waybright calibrates the machine, it appears to still register a vote incorrectly. read more »
Lab that Tests and Certifies Voting Machines Suspended - Via Threat Level:
An independent lab that tests and certifies voting machines is being suspended by the federal Election Assistance Commission from testing voting systems for failing to conform to procedures and requirements set by the National Institute of Standards and Technology (NIST).
The Colorado-based SysTest Labs is an independent lab that has been accredited for testing voting systems for federal certification. But according to the EAC, which assumed oversight responsibility for the testing and certification process only in 2006, SysTest failed to create and validate test methods, maintain proper documentation of its testing and employ properly trained or qualified personnel. read more »
Video: Recalibrated Machine in W. Virginia Appears to Record Vote Inaccurately - Via Threat Level:
Video the Votehas a video showing Jackson County Clerk Jeff Waybright demonstrating how votes cast on uncalibrated touchscreen machines can jump from one candidate to another. This is the kind of problem that voters reported havingin several West Virginia counties last week on touchscreen machines made by Election Systems & Software. Voters in Tennessee also complained about the same problem on ES&S machines.
In the video, after Waybright demonstrates the phenomenon on the uncalibrated machine, he calibrates the machine and votes again. But even though the machine is supposed to be fixed at that point, it appears to record a vote incorrectly. read more »
Keys Can be Copied From Afar, Jacobs School Computer Scientists Show - Via UCSD - Jacobs School of Engineering
San Diego, CA, October 30, 2008--UC San Diego computer scientists have built a software program that can perform key duplication without having the key. Instead, the computer scientists only need a photograph of the key.
“We built our key duplication software system to show people that their keys are not inherently secret,” said Stefan Savage, the computer science professor from UC San Diego’s Jacobs School of Engineering who led the student-run project. “Perhaps this was once a reasonable assumption, but advances in digital imaging and optics have made it easy to duplicate someone’s keys from a distance without them even noticing.” read more »
DMCA Week: Where's My DVD Jukebox? - Via Freedom to Tinker:
A difficult challenge in thinking about public policy is understanding which innovations have not happened as a result of bad government policies. For example, it's generally believed that the Bell phone monopoly stifled innovation in the telecommunications sector during the 1950s and 1960s. But if we had been assessing things from the standpoint of the mid-1960s, it would have been hard to say exactly which innovations were missing. It wasn't until after the Carterfone decision in 1968, and further liberalizations in the 1970s and 1980s, that we started to see just how many innovations could be unleashed by a competitive market: modems, answering machines, fax machines, competitive long distance service, etc.
We face a somewhat analogous situation with the Digital Millennium Copyright Act. Like a lot of other people, I've made the argument that the DMCA has stifled important high-tech innovations. And the DMCA has been on the books long enough that if we're right, then we're probably missing out on some important innovations. But it's difficult to say exactly what they are; they're what Bastiat called "what is not seen", and what Don Rumsfeld called unknown unknowns. read more »
Beware: your keyboard may be tattling on your typing
- Via Ars Technica :
The paranoid have lots of reasons to fear the current information age. Iffy wireless security protocols leave many wireless networking devices prone to snooping, while keyloggers have been used by malware writers to compromise security of wired systems. But researchers in Switzerland have given the security conscious another reason to be worried: they've found that they can snoop in on the emissions caused by keyboards sending signals down the wires, back to the main computer.
The researchers, Martin Vuagnoux and Sylvain Pasini, work in the Security and Cryptography Laboratory at the Ecole Polytechnique Fédérale de Lausanne, located on the shores of Lake Geneva. The duo reasoned that any information sent through electronic devices has to involve some sort of electrical signal, and these signals might be detectable as electromagnetic radiation as they traveled down unshielded wires. They weren't the first to consider this possibility, but they couldn't find any evidence in the literature that indicated it had been tested.
As you can see from videos posted on their site, the answer was a clear "yes." A paper describing the snooping is currently under review; in the meantime, Martin Vuagnoux was kind enough to provide some additional details. read more »
EFF's "Yellow Dots of Mystery" on Instructables - Via EFF.org Updates:
Since late 2004, EFF has been warning the public about "printer dots" -- tiny yellow dots that appear on documents produced by many color laser printers and copiers. These yellow dots form a coded pattern on every page the printer produces and can be used to identify specific details about a document; for example, the brand, model, and serial number of the device that printed it and when it was printed. In short, the printer dots are a surveillance tool that can link each printed page to the printer that printed it.
To help individuals learn more about printer dots and how to find them, EFF posted a video and tutorial to Instructables, titled, "Yellow Dots of Mystery: Is Your Printer Spying on You?". You can also watch the video here: read more »
PAYD: Privacy And Your Driving - Via CDT - PolicyBeta:
Major car insurance companies, such as Progressive and GMAC, have recently begun offering “pay-as-you-drive” (PAYD) programs. To participate, drivers connect a device to their vehicle that monitors mileage, speed, time of day, hard braking, quick accelerations, and other data points. This information can be sent wirelessly to the insurance company, and drivers’ premiums are adjusted accordingly.
So now when some crazed fool suddenly cuts you off and you brake hard in response, that other motorist is costing you money in addition to endangering you. read more »
Voting Machines Switch Votes; Officials Blame Voters - Via Threat Level:
Voters using touch-screen voting machines for early voting in two West Virginia counties have complained that when they tried to vote for Democratic candidates, the machine registered their vote for other Republican candidates instead.
At least three voters in Jackson County, West Virginia, complained that when they tried to cast a vote for Democratic presidential candidate Barack Obama, the machine recorded a check in the box for Republican presidential candidate John McCain. read more »
DARPA Contract Description Hints at Advanced Video Spying - Via washingtonpost.com :
Real-time streaming video of Iraqi and Afghan battle areas taken from thousands of feet in the air can follow actions of people on the ground as they dig, shake hands, exchange objects and kiss each other goodbye.
The video is sent from unmanned and manned aircraft to intelligence analysts at ground stations in the United States and abroad. They watch video in real time of people getting in and out of cars, loading trunks, dropping things or picking them up. They can even see vehicles accelerate, slow down, move together or make U-turns. read more »
Delicious
Digg
Reddit
Google
Yahoo
Technorati