Posts

Feds Move to Seize Web Firms’ User Account Passwords

/9 Comments/in , /by

Photo Credit: James MartinThe U.S. government has demanded that major Internet companies divulge users’ stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person’s password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.

“I’ve certainly seen them ask for passwords,” said one Internet industry source who spoke on condition of anonymity. “We push back.”

A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies “really heavily scrutinize” these requests, the person said. “There’s a lot of ‘over my dead body.'”

Some of the government orders demand not only a user’s password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts.

Read more from this story HERE.

Feds Now Seek Punitive Fines Against Tech Companies Who Won't Eavesdrop on Internet Users

/1 Comment/in , /by

Photo Credit: Truthout.orgA government task force is preparing legislation that would pressure companies such as Face­book and Google to enable law enforcement officials to intercept online communications as they occur, according to current and former U.S. officials familiar with the effort.

Driven by FBI concerns that it is unable to tap the Internet communications of terrorists and other criminals, the task force’s proposal would penalize companies that failed to heed wiretap orders — court authorizations for the government to intercept suspects’ communications.

Rather than antagonizing companies whose cooperation they need, federal officials typically back off when a company is resistant, industry and former officials said. But law enforcement officials say the cloak drawn on suspects’ online activities — what the FBI calls the “going dark” problem — means that critical evidence can be missed.

“The importance to us is pretty clear,” Andrew Weissmann, the FBI’s general counsel, said last month at an American Bar Association discussion on legal challenges posed by new technologies. “We don’t have the ability to go to court and say, ‘We need a court order to effectuate the intercept.’ Other countries have that. Most people assume that’s what you’re getting when you go to a court.”

There is currently no way to wiretap some of these communications methods easily, and companies effectively have been able to avoid complying with court orders.

Read more from this story HERE.

U.S. Gives Big, Secret Push to Internet Surveillance

/4 Comments/in , /by

Photo Credit: Getty Images Senior Obama administration officials have secretly authorized the interception of communications carried on portions of networks operated by AT&T and other Internet service providers, a practice that might otherwise be illegal under federal wiretapping laws.

The secret legal authorization from the Justice Department originally applied to a cybersecurity pilot project in which the military monitored defense contractors’ Internet links. Since then, however, the program has been expanded by President Obama to cover all critical infrastructure sectors including energy, healthcare, and finance starting June 12.

“The Justice Department is helping private companies evade federal wiretap laws,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, which obtained over 1,000 pages of internal government documents and provided them to CNET this week. “Alarm bells should be going off.”

Those documents show the National Security Agency and the Defense Department were deeply involved in pressing for the secret legal authorization, with NSA director Keith Alexander participating in some of the discussions personally. Despite initial reservations, including from industry participants, Justice Department attorneys eventually signed off on the project.

The Justice Department agreed to grant legal immunity to the participating network providers in the form of what participants in the confidential discussions refer to as “2511 letters,” a reference to the Wiretap Act codified at 18 USC 2511 in the federal statute books.

Read more from this story HERE.

The Internet is a Surveillance State

/7 Comments/in , /by

I’m going to start with three data points.

One: Some of the Chinese military hackers who were implicated in a broad set of attacks against the U.S. government and corporations were identified because they accessed Facebook from the same network infrastructure they used to carry out their attacks.

Two: Hector Monsegur, one of the leaders of the LulzSac hacker movement, was identified and arrested last year by the FBI. Although he practiced good computer security and used an anonymous relay service to protect his identity, he slipped up.

And three: Paula Broadwell,who had an affair with CIA director David Petraeus, similarly took extensive precautions to hide her identity. She never logged in to her anonymous e-mail service from her home network. Instead, she used hotel and other public networks when she e-mailed him. The FBI correlated hotel registration data from several different hotels — and hers was the common name.

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period.

Increasingly, what we do on the Internet is being combined with other data about us. Unmasking Broadwell’s identity involved correlating her Internet activity with her hotel stays. Everything we do now involves computers, and computers produce data as a natural by-product. Everything is now being saved and correlated, and many big-data companies make money by building up intimate profiles of our lives from a variety of sources.

Read more from this story HERE.

US Plan Calls For More Scanning Of Private Web Traffic, Email (+video)

/0 Comments/in , /by

Photo Credit: YouTube

The U.S. government is expanding a cyber security program that scans Internet traffic headed into and out of defense contractors to include far more of the country’s private, civilian-run infrastructure.

As a result, more private sector employees than ever before, including those at big banks, utilities and key transportation companies, will have their emails and Web surfing scanned as a precaution against cyber attacks.

Under last month’s White House executive order on cyber security, the scans will be driven by classified information provided by U.S. intelligence agencies — including data from the National Security Agency (NSA) — on new or especially serious espionage threats and other hacking attempts. U.S. spy chiefs said on March 12 that cyber attacks have supplanted terrorism as the top threat to the country.

The Department of Homeland Security will gather the secret data and pass it to a small group of telecommunication companies and cyber security providers that have employees holding security clearances, government and industry officials said. Those companies will then offer to process email and other Internet transmissions for critical infrastructure customers that choose to participate in the program.

DHS as the middleman
By using DHS as the middleman, the Obama administration hopes to bring the formidable overseas intelligence-gathering of the NSA closer to ordinary U.S. residents without triggering an outcry from privacy advocates who have long been leery of the spy agency’s eavesdropping.

Watch video here:

Read more from this story HERE.

Google Reports Growing Government Surveillance

/1 Comment/in , /by

photo credit: brionvGoogle received more requests from the U.S. government to hand over user data during the first half of this year than from any other country, according to the search company’s biannual “Transparency Report” released on Tuesday.

From January to June, Google received nearly 8,000 requests for user data from the U.S. government. The search company said it “fully or partially” compiled with roughly 90 percent of them. That’s up from the 5,950 requests for user data that Google received from the U.S. government during the same period a year ago.

More than 16,000 Google accounts were specified in the U.S. government’s user data requests, according to the report.

However, the search company cautioned that the total number of U.S. government requests for user data also tallied requests “issued by U.S. authorities on behalf of other governments pursuant to mutual legal assistance treaties and other diplomatic mechanisms.”

Still, that number dwarfs the requests from other countries: India and Brazil came after the U.S. with 2,319 and 1,566 requests for user data, respectively, during the first half of 2012.

Read more from this story HERE.