Learn to Build 14 Websites with 28 Hours of Instruction on HTML, JavaScript, MySQL & More for $14 ×

Child Porn Suspect Jailed Indefinitely For Refusing To Decrypt Hard Drives (arstechnica.com) 739

An anonymous reader quotes a report from Ars Technica: A Philadelphia man suspected of possessing child pornography has been in jail for seven months and counting after being found in contempt of a court order demanding that he decrypt two password-protected hard drives. The suspect, a former Philadelphia Police Department sergeant, has not been charged with any child porn crimes. Instead, he remains indefinitely imprisoned in Philadelphia's Federal Detention Center for refusing to unlock two drives encrypted with Apple's FileVault software in a case that once again highlights the extent to which the authorities are going to crack encrypted devices. The man is to remain jailed "until such time that he fully complies" with the decryption order. The government successfully cited a 1789 law known as the All Writs Act to compel (PDF) the suspect to decrypt two hard drives it believes contain child pornography. The All Writs Act was the same law the Justice Department asserted in its legal battle with Apple.

A Complete Guide To The New 'Crypto Wars' (dailydot.com) 68

blottsie writes: The latest debate over encryption did not begin with a court order demanding Apple help the FBI unlock a dead terrorist's iPhone. The new "Crypto Wars," chronicled in a comprehensive timeline by Eric Geller of the Daily Dot, dates back to at least 2003, with the introduction of "Patriot Act II." The battle over privacy and personal security versus crime-fighting and national security has, however, become a mainstream debate in recent months. The timeline covers a wide-range of incidents where the U.S. and other allied governments have tried to restrict citizens' access to strong encryption. The timeline ends with the director of national intelligence blaming NSA whistleblower Edward Snowden for advancing the spread of user-friendly, widely available strong encryption.

Schools Are Helping Police Spy On Kids' Social Media Activity (orlandosentinel.com) 215

schwit1 shares this excerpt from an article in The Washington Post: Schools in Florida are renewing a program that monitors their students' social media activity for criminal or threatening behavior, although it has caused some controversy since its adoption last year. The school system in Orange County, where Orlando is located, recently told the Orlando Sentinel that the program, which partners the school system with local police departments, has been successful in protecting students' safety, saying that it led to 12 police investigations in the past year. The school district says it will pay about $18,000 annually for SnapTrends, the monitoring software used to check students' activity. It's the same software used by police in Racine, Wisconsin, to track criminal activity and joins a slew of similar social media monitoring software used by law enforcement to keep an eye on the community.

SnapTrends collects data from public posts on students' social media accounts by scanning for keywords that signify cases of cyberbullying, suicide threats, or criminal activity. School security staff then comb through flagged posts and alert police when they see fit.


Dutch Police Seize Encrypted Communication Network With 19,000 Users (reuters.com) 77

An anonymous reader writes: Dutch police have seized and shut down Ennetcom, an encrypted communications network with 19,000 users, according to Reuters. The network's 36-year-old owner, Danny Manupassa, has also been arrested, and faces charges of money laundering and illegal weapons possession, while the information obtained in the seizure may also be used for other criminal prosecutions. "Police and prosecutors believe that they have captured the largest encrypted network used by organized crime in the Netherlands," prosecutors said in a statement.

"Although using encrypted communications is legal," Reuters reports, "many of the network's users are believed to have been engaged in 'serious criminal activity,' said spokesman Wim de Bruin of the national prosecutor's office, which noted that the company's modified phones have repeatedly turned up in cases involving drugs, criminal motorcycle gangs, and gangland killings.

A spokesman for the National Prosecutor's office "declined to comment on whether and how police would be able to decrypt information kept on the servers."
United Kingdom

UK Intel Agencies Have Been Spying on Millions of People 'Of No Security Interest' Since 1990s (arstechnica.com) 101

The UK's intelligence agencies such as MI5, MI6, and GCHQ have been collecting personal information from citizens who are "unlikely to be of intelligence or security interest" since the 1990s, a thousand pages of documents published on Thursday revealed. The documents were published as a result of a lawsuit filed by Privacy International, a UK-based registered charity that defends and promotes the right to privacy across the world. According to the documents, GCHQ and others have been collecting bulk personal data sets since 1998 under the provisions of section 94 of the Telecommunications Act 1984. J.M. Porup, reports for Ars Technica: These records can be "anything from your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities," Privacy International legal officer Millie Graham Wood said in a statement. "The information revealed by this disclosure shows the staggering extent to which the intelligence agencies hoover up our data." Nor, it seems, are BPDs only being used to investigate terrorism and serious crime; they can and are used to protect Britain's "economic well-being" -- including preventing pirate copies of Harry Potter books from leaking before their release date. The so-called "Bulk Personal Datasets," or BPDs are so powerful, in fact, that the normally toothless UK parliament watchdog that oversees intelligence gathering, the Intelligence and Security Committee (ISC), recommended in February that "Class Bulk Personal Dataset warrants are removed from the new legislation." These data sets are so large and collect so much information so indiscriminately that they even include information on dead people.

Child Porn Is Being Hidden on Legal Commercial Websites (theguardian.com) 92

People who visit porn websites or search for adult pornography on the Web are facing the risk of being arrested for accessing child abuse images. The Internet Watch Foundation is warning that vicious minds are increasingly hiding criminal content on legal commercial websites, according to a report on The Guardian. The IWF found 743 websites in 2015, compared with 353 in 2013, in which child sexual abuse content was hosted on legal porn websites, and could be accessed if a special link was requested. From the report: "It has really started to become an accepted practice for the commercial side of the paedophilic community because this obfuscation technique is more effective at keeping its content live for longer," said Fred Langford, chief executive of the UK charity. Last year, the IWF found that 21% of the webpages containing illegal images and videos were commercial and those seeking to profit from the abuse were increasingly disguising it behind legal content, usually adult pornography. Langford said the trend raised the risk that people searching for adult pornography could unwittingly access child abuse images on disguised websites.

Anders Behring Breivik, Norway Murderer, Wins Human Rights Case 491

An anonymous reader writes: Norwegian mass murderer Anders Behring Breivik has won part of his lawsuit against the state over his solitary confinement in a high-security prison, the Oslo district court ruled on Wednesday. Breivik, who killed 77 people in a shooting rampage and bombing attack in 2011 (the country's worst acts of violence since the second world war), was served with "inhuman or degrading treatment," the court found, adding that his conditions must be eased. The court said that the prison violated Article 3 of the European Convention on Human Rights. Brevik had noted that "solitary confinement, as well as frequent strip searches and the fact that he was often handcuffed while moving between cells, violated his human rights." The court, in addition, also ordered the government to pay legal costs of roughly $40,600 for the right-wing extremist. The Guardian reports, "Although Breivik is detained in a three-cell complex where he can play video games, watch TV and exercise, judge Helen Andenaes Sekulic of the Oslo district court ruled that the Norwegian state had broken article 3 of the convention. The prohibition of inhuman and degrading treatment "represents a fundamental value in a democratic society", she said in a written decision. "This applies no matter what -- also in the treatment of terrorists and killers."

Popular Dark Web Market Disappears, Users Migrate In Panic (vice.com) 217

An anonymous reader cites an article on Motherboard: Like the changing of the seasons, a natural stage in the dark web marketplace life cycle has once again manifested. Nucleus market, which primarily sold illegal drugs such as cocaine, methamphetamine, and cannabis, has disappeared: The site is unresponsive, and the market administrators have not made any announcements about planned downtime. This has forced vendors to migrate to other sites and panicked users to figure out where to go next, all amidst a whirlwind of rumours and speculation of where Nucleus -- and its cash -- has gone. 'Nucleus is an awesome market. One of the best. Hope all the admins are ok and nothing serious happened,' someone identifying themselves as a vendor wrote in a comment on the news site Deep Dot Web. At the moment, it's not totally clear why Nucleus' website is unresponsive. It could be an exit scam -- a scam where site administrators stop allowing users to withdraw their funds and then disappear with the stockpile of bitcoins.

Amazon Begins Housing Homeless In Seattle (jeffreifman.com) 184

reifman writes: Amazon announced that it will commit one of its buildings to housing 200 Seattle homeless people for the next year, allowing a nonprofit organization to oversee the facilities... With more than 4,505 living on the streets, Seattle's mayor recently declared a homelessness emergency... More than 45 people died on the streets in 2015, heroin related deaths in King County are at a 20-year high, and neighborhoods are up in arms about homeless drug use, crime and people living in cars.
The Seattle Times notes that Amazon's construction on the lot isn't scheduled until 2017, so they reached out to the homelessness nonprofit to temporarily offer its use, hoping to later offer the group a second site. (The nonprofit will pay the site's utility bills).

Drone-Shooting is Now a Federal Crime, FAA Confirms (slate.com) 192

An anonymous reader writes: At least 12 different drones have been shot from the sky in the United States, including drone shootings in Arkansas, Oklahoma, Virginia, Kentucky, and New Jersey. Now the FAA is confirming that drone shooting is a federal offense, citing regulations against aircraft sabotage. An aviation attorney (teaching drone law at New York's Vaughn College of Aeonautics) tells Forbes this means penalties of up to 20 years in prison for interfering with the "authorized" operation of an aircraft, while threatening a drone or a drone operator would also be a federal crime subject to five years in prison.
Slate notes that "This is bad news if you were planning to invest in the DroneDefender, a goofy-looking gun that promised to disrupt intrusive drones by bombarding them 'with radio waves that disrupt [their] remote control and GPS signals'." And Popular Science adds that "It also poses a complication for some local and state laws, like Utah's proposed HB 420, which would let police shoot down drones in emergency situations." Meanwhile, police in the Netherlands are actually training eagles to attack drones. And last week in South Africa, a drone crashed through the window of an office building and hit an unarmed office worker on the head.

Feds: TVA Executive Traded Nuclear Information For Cash In Chinese Espionage Case (knoxnews.com) 98

mdsolar quotes a report from Knoxville News Sentinel: An East Tennessean who served as a senior manager in the Tennessee Valley Authority's nuclear program swapped information with one of China's top nuclear power companies in exchange for cash, according to federal court records unsealed Thursday. The U.S. Attorney's Office in Knoxville on Thursday announced an espionage conspiracy indictment against China General Nuclear Power, Chinese nuclear engineer Szuhsiung 'Allen' Ho, and Ho's firm, Energy Technology International. Prosecutors said Ho conspired with the companies to lure nuclear experts in the U.S. into providing information to allow China to develop and produce nuclear material based on American technology and under the radar of the U.S. government. Ho was taken into custody in Atlanta on Thursday afternoon and will be returned to U.S. District Court in Knoxville to face the two-count indictment. The indictment consists of one count of conspiracy to illegally engage and participate in the production and development of special nuclear material outside the U.S. and one count of conspiracy to act in the U.S. as an agent of a foreign government.

Whistleblowers Fear Prosecution Under New European Trade Secrets Law (bbc.com) 27

An anonymous reader writes: The European Parliament is debating the Trade Secrets Protection Act critics say threatens to turn whistleblowers into criminals. The bill is aimed to protect European companies from corporate spying by their rivals in other parts of the world. But critics fear that the legislation will make it possible for corporations to define any information they do not want released as a trade secret, and then prosecute journalists or whistleblowers who release it to the public. Campaigner Martin Pigeon, from Corporate Europe Observatory in Brussels says the Trade Secrets Protection Act would have potentially criminalized the release of the Panama Papers. On the flip side, supporters of the bill say there is nothing to worry about because it contains a defense for those who release information exposing criminal wrongdoing or who are acting in the public interest. The bill will still need to be passed into law by national parliaments across the 28 nations of the EU, assuming the bill is approved by the European Parliament.

Canadian Police Have Had BlackBerry's Global Decryption Key Since 2010 (vice.com) 62

Justin Ling and Jordan Pearson, reporting for Vice News: A high-level surveillance probe of Montreal's criminal underworld shows that Canada's federal policing agency has had a global encryption key for BlackBerry devices since 2010. The revelations are contained in a stack of court documents that were made public after members of a Montreal crime syndicate pleaded guilty to their role in a 2011 gangland murder. The documents shed light on the extent to which the smartphone manufacturer, as well as telecommunications giant Rogers, cooperated with investigators. According to technical reports by the Royal Canadian Mounted Police that were filed in court, law enforcement intercepted and decrypted roughly one million PIN-to-PIN BlackBerry messages in connection with the probe. The report doesn't disclose exactly where the key -- effectively a piece of code that could break the encryption on virtually any BlackBerry message sent from one device to another -- came from. But, as one police officer put it, it was a key that could unlock millions of doors. Government lawyers spent almost two years fighting in a Montreal courtroom to keep this information out of the public record. Motherboard has published another article in which it details how Canadian police intercept and read encrypted BlackBerry messages. "BlackBerry to Canadian court: Please don't reveal the fact that we backdoored our encryption," privacy and security activist Christopher Soghoian wittily summarizes the report. "Canadian gov: If you use Blackberry consumer encryption, you're a "dead chicken".

FBI Offers $25K Reward For Andy Warhol Campbell's Soup Painting Heist (networkworld.com) 109

coondoggie quotes a report from Networkworld: The FBI today said it was offering a reward of up to $25,000 for information leading to the recovery of seven Andy Warhol paintings stolen from the Springfield Art Museum in Springfield, Missouri. The collection, which has been owned by the Springfield Art Museum since 1985, is set number 31 of the Campbell's Soup I collection and is valued at approximately $500,000. Each painting in the screen print collection measures 37 inches high by 24.5 inches wide and framed in white frames, the FBI stated. The FBI says that seven of 10 Andy Warhol paintings Campbell's Soup I collection, made in 1968, were taken. Since its inception, the FBI's Art Crime Team has recovered more than 2,650 items valued at over $150 million.

Cybercriminals Are Adopting Corporate Best Practices 66

Orome1 writes: Cybercriminals are adopting corporate best practices and establishing professional businesses in order to increase the efficiency of their attacks against enterprises and consumers. This new class of professional cybercriminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime. Low-level criminal attackers are even creating call center operations to increase the impact of their scams. "Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off," said Kevin Haley, director, Symantec Security Response. "We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams."

Experts Crack Petya Ransomware, Enable Hard Drive Decryption For Free 49

Reader itwbennett writes: Petya appeared on researchers' radar last month when criminals distributed it to companies through spam emails that masqueraded as job applications. It stood out from other file-encrypting ransomware programs because it overwrites a hard drive's master boot record (MBR), leaving infected computers unable to boot into the operating system. Now, security experts have devised a method that, while not exactly straightforward, allows users to recover data from computers infected with the ransomware without paying money to cyber criminals. Folks over at BleepingComputer have confirmed that the aforementioned technique works.

CIA's Venture Capital Arm Is Funding Skin Care Products That Collect DNA (theintercept.com) 62

sittingnut writes: The Intercept reports that Skincential Sciences, whose main product line is Clearista, has attracted media coverage because its "innovative line of cosmetic products marketed as a way to erase blemishes and soften skin" are funded by In-Q-Tel, a venture capital arm of the CIA. According to Russ Lebovitz, the chief executive of Skincential Sciences, the CIA fund told him they share an interest in looking at DNA extraction from "normal skin" using the method pioneered by his company. Lebovitz said he was unsure of the intent of the CIA's use of the technology, but the fund was "specifically interested in the diagnostics, detecting DNA from normal skin." He added, "There's no better identifier than DNA, and we know we can pull out DNA." Perhaps law enforcement could use the biomarker extraction technique for crime scene identification or could conduct drug tests, Lebovitz suggested.

Japan To Begin Testing Fingerprints As 'Currency' (the-japan-news.com) 106

schwit1 quotes a report from The Japan News: Starting this summer, the government will test a system in which foreign tourists will be able to verify their identities and buy things at stores using only their fingerprints. The government hopes to increase the number of foreign tourists by using the system to prevent crime and relieve users from the necessity of carrying cash or credit cards. It aims to realize the system by the 2020 Tokyo Olympic and Paralympic Games. The experiment will have inbound tourists register their fingerprints and other data, such as credit card information, at airports and elsewhere. Tourists would then be able to conduct tax exemption procedures and make purchases after verifying their identities by placing two fingers on special devices installed at stores. The Inns and Hotels Law requires foreign tourists to show their passports when they check into ryokan inns or hotels. The government plans to substitute fingerprint authentication for that requirement.

Adobe Patches Flash Zero-Day Exploited By Magnitude Exploit Kit (securityweek.com) 69

wiredmikey writes: Adobe released a Flash Player update on Thursday night to patch a zero-day vulnerability that has been leveraged by cybercriminals to deliver malware via the Magnitude exploit kit. The vulnerability [CVE-2016-1019], a memory corruption that can be exploited for remote code execution, was discovered after, on April 2, security researcher Kafeine of Proofpoint noticed a change in the Magnitude exploit kit. The sample was then investigated by FireEye, which determined that Magnitude EK had been exploiting a previously unknown vulnerability in Flash Player."Despite the fact that this new exploit could potentially work on any version of Adobe Flash, including a fully patched instance of Flash, the threat actors implemented it in a manner that only targeted older versions of Flash. In other words, equipped with a weapon that could pierce even the latest armor, they only used it against old armor, and in doing so exposed to security researchers a previously unreported vulnerability," Proofpoint said in a blog post.

Top FBI Attorney Worried About WhatsApp Encryption (usnews.com) 182

An anonymous reader shares an article on USNews:WhatsApp on Tuesday announced that all types of messages on the latest version of its app are now automatically protected by end-to-end encryption, and the FBI's top attorney is worried some of the platform's more than 1 billion global users will take advantage of the move to hide their crime- or terrorism-related communications. FBI General Counsel James Baker said in Washington on Tuesday that the decision by the Facebook-owned messaging platform to encrypt its global offerings "presents us with a significant problem" because criminals and terrorists could "get ideas." "If the public does nothing, encryption like that will continue to roll out," he said. "It has public safety costs. Folks have to understand that, and figure out how they are going to deal with that. Do they want the public to bear those costs? Do they want the victims of terrorism to bear those costs?"Maybe the government shouldn't have imposed so many surveillance programs on its citizens -- and kept quiet about it for years -- that they now feel the need to use sophisticated security technologies.

Slashdot Top Deals