[Quote]:

Anyone who uses Skype has consented to the company reading everything they write. The H’s associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond.

[Quote]:

On Wednesday night, Burnett interviewed Tim Clemente, a former FBI counterterrorism agent, about whether the FBI would be able to discover the contents of past telephone conversations between the two. He quite clearly insisted that they could:

BURNETT: Tim, is there any way, obviously, there is a voice mail they can try to get the phone companies to give that up at this point. It’s not a voice mail. It’s just a conversation. There’s no way they actually can find out what happened, right, unless she tells them?

CLEMENTE: "No, there is a way. We certainly have ways in national security investigations to find out exactly what was said in that conversation. It’s not necessarily something that the FBI is going to want to present in court, but it may help lead the investigation and/or lead to questioning of her. We certainly can find that out.

BURNETT: "So they can actually get that? People are saying, look, that is incredible.

CLEMENTE: "No, welcome to America. All of that stuff is being captured as we speak whether we know it or like it or not."

"All of that stuff" – meaning every telephone conversation Americans have with one another on US soil, with or without a search warrant – "is being captured as we speak".

Quote

The federal government needs to do better at tracking and evaluating some of its program spending to ensure taxpayer dollars are being well-spent, Auditor General Michael Ferguson found in his spring report released today, and one of the most striking examples is that it can’t account for $3.1 billion in anti-terrorism funding.

Out of $12 billion, $3.1 billion can’t be accounted for. Not exactly missing, we just can’t say what we did with it.

[Quote]:

A man’s attempt to bring the ashes of his grandfather home to Indianapolis ended with an angry scene in a Florida airport, with the ashes spilled on the terminal floor.

John Gross, a resident of Indianapolis’ south side, was leaving Florida with the remains of his grandfather — Mario Mark Marcaletti, a Sicilian immigrant who worked for the Penn Central Railroad in central Indiana — in a tightly sealed jar marked “Human Remains.”

Gross said he didn’t think he’d have a problem, until he ran into a TSA agent at the Orlando airport.

“They opened up my bag, and I told them, ‘Please, be careful. These are my grandpa’s ashes,’” Gross told RTV6′s Norman Cox. “She picked up the jar. She opened it up.

“I was told later on that she had no right to even open it, that they could have used other devices, like an X-ray machine. So she opened it up. She used her finger and was sifting through it. And then she accidentally spilled it.”

Gross says about a quarter to a third of the contents spilled on the floor, leaving him frantically trying to gather up as much as he could while anxious passengers waited behind him.

“She didn’t apologize. She started laughing. I was on my hands and knees picking up bone fragments. I couldn’t pick up all, everything that was lost. I mean, there was a long line behind me.”

TSA rules say a crematory container in carry-on baggage must pass through the X-ray machine at the security checkpoint.

But the agency’s own website says human remains are to be opened under, “no circumstances.”

“I want an apology,” said Gross. “I want an apology from TSA. I want an apology from the lady who opened the jar and laughed at me. I want them to help me understand where they get off treating people like this.”

 

[Quote]:

In trying to clear up the ‘misconceptions’ about the conduct of fusion centers, Arkansas State Fusion Center Director Richard Davis simply confirmed Americans’ fears: the center does in fact spy on Americans – but only on those who are suspected to be ‘anti-government’.

“The misconceptions are that we are conducting spying operations on US citizens, which is of course not a fact. That is absolutely not what we do,” he told the NWA Homepage, which supports KNWA-TV and Fox 24.

After claiming that his office ‘absolutely’ does not spy on Americans, he proceeded to explain that this does not apply to those who could be interpreted as a ‘threat’ to national security. Davis said his office places its focus on international plots, “domestic terrorism and certain groups that are anti-government. We want to kind of take a look at that and receive that information.”

[Quote]:

A bumbling TSA agent “playing around” with a pepper-spray container at Kennedy Airport fired the caustic liquid at five fellow screeners yesterday, sending all six to the hospital, a source told The Post.

The agent, Chris Yves Dabel, discovered the device at the Terminal 2 security checkpoint and tried to determine if it was real, a source told The Post.

He told Port Authority cops that he “found the canister on the floor and thought it was a laser pointer.”

“They were playing around with it,” said one Kennedy Airport official.

The screener sprayed five other TSA agents around him, sending all six to Jamaica Hospital and halting security checks at Kennedy for at least 15 minutes, police said.

[Quote]:

Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has a difficult time monitoring Gmail, Google Voice, and Dropbox in real time. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage a “top priority” this year.

[Quote]:

A businessman sold fake bomb detectors to Iraq, Saudi Arabia, Georgia and Niger, the Old Bailey has been told.

James McCormick’s Advanced Detection Equipment was based on a golf ball finder device and marketed to military, governments and police, the jury heard.

Prosecutors said fake detectors sold for up to $40,000 (£27,000) had no grounding in science and made “fantastic” claims.

Now if he only would have sold dowsing rods, it would have been fine…

[Quote]:

A short while ago, I discovered that JavaScript allows you to change the <a> href after you click on it. It may not seem that serious at first glance, but rest assured, it can trick customers into giving in their details to fraudsters.

[Quote]:

A Department of Homeland Security program intended to give “trusted traveler” status to low-risk airline passengers soon will be extended to Saudi travelers, opening the program to criticism for accommodating the country that produced 15 of the 19 hijackers behind the Sept. 11, 2001, terrorist attacks.

[Quote]:

A 23-year-old man being sought by police Wednesday made his way through a security checkpoint at John F. Kennedy International Airport while carrying a stun-gun, a law-enforcement official said.

The suspect, who was wanted after allegedly raping his former girlfriend, had been waiting in line inside Terminal Four to board an 8:40 a.m. flight to London on Wednesday when he was taken into custody by U.S. Customs and Border Protection officers, the official said. He was carrying a gym bag which was found to contain clothing, toiletries and a 3,800K-volt stun-gun, which is on the list of banned items for airplane travel.

The suspect was turned over to New York Police Department detectives, who are investigating accusations that he assaulted and raped his 19-year-old ex-girlfriend at her Queens apartment after arriving from Greece three days ago. He was expected to be charged later Wednesday and his name wasn’t released.

A TSA spokesperson couldn’t immediately comment on the incident.

[Quote]:

“The internet of things, in a broad sense, is where we are starting to see everything from planes to cargo devices getting connected,” Bulman said. “The latest planes we are getting, the Boeing 787s, are incredibly connected. Literally every piece of that plane has an internet connection, from the engines, to the flaps, to the landing gear.

He continued: “If there is a problem with one of the engines we will know before it lands to make sure that we have the parts there. It is getting to the point where each different part of the plane is telling us what it is doing as the flight is going on.”

This level of operational insight will involve generating large amounts of data from each 787 aircraft, he explained. “We can get upwards of half a terabyte of data from a single flight from all of the different devices which are internet connected,” Bulman said.

%ssh left-engine.flightKL746.boeing.com
Last login: Sat Mar  9 13:14:12 2013 from 195.241.2.131
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
	The Regents of the University of California.  All rights reserved.

left-engine$ 
left-engine$ shutdown -h now

left-engine shutting down. Log off now or risk losing your work!

connection lost.
%

[Quote]:

In a notable relaxation of its existing security protocols, the Transportation Security Administration announced Thursday that it will henceforth allow small terrorists on commercial aircraft. “After reviewing our longstanding policies, we have decided to ease our boarding requirements to allow any terrorist 5 feet tall or shorter to enter the airplane cabin,” TSA administrator John S. Pistole said in a prepared statement, specifying that any violent radical attempting to pass through security will be subject to an additional screening ensuring they weigh less than 135 pounds and are no broader than 18 inches at their widest point. “It’s a simple system that hopefully everyone will be able to understand. We will also display a height chart outside security checkpoints so as to eliminate any confusion.” Pistole added that any terrorists not falling within the acceptable boarding dimensions will have to be checked.

[Quote]:

eaver County schools had their lives “flipped, turned upside down” Thursday morning when a phone greeting involving the theme song from the 1990s sitcom “The Fresh Prince of Bel-Air” was taken as a threat.

All schools in the county were advised to lock down for about 20 minutes while police searched for a 19-year-old Ambridge Area High School student whose greeting to callers was mistakenly taken as a threat about “shooting people outside of the school.”

The actual line from the song is “And all shooting some b-ball outside of the school.”

[..]

Even though the situation turned out to be a mistake, Mann said, “I believe everyone acted appropriately. Our first concern is the safety of kids.”

Yes. At the cost of everything else, including common sense.

[Quote]:

The US gun-control debate may have both sides shooting their mouths off, gunning for each other, going off half-cocked, and [insert tiresome idiom here], but a group of biostatisticians and epidemiologists decided to cut through the cant and apply rigorous research to one critical question: does carrying a gun increase your safety?

“On average,” the researchers concluded, “guns did not protect those who possessed them from being shot in an assault.” The finding was published in an American Journal of Public Health paper entitled, straighforwardly enough, “Investigating the Link Between Gun Possession and Gun Assault”.

“Although successful defensive gun uses can and do occur,” the report contends, “the findings of this study do not support the perception that such successes are likely.”

[..]

The resulting data, after suitable massaging, revealed a clear result. “[I]ndividuals in possession of a gun were 4.46 (P < .05) times more likely to be shot in an assault than those not in possession. Among gun assaults where the victim had at least some chance to resist, this adjusted odds ratio increased to 5.45 (P < .05)."

[Quote]:

from the interesting-4th-amendment-interpretation dept

We’ve written many times over the years concerning the legality of Homeland Security searching your laptop at the border without reasonable suspicion. Many courts have held that, effectively, the 4th Amendment does not apply at the border, so they don’t need a warrant to search your laptop. However, they’ve been continually pushing this ability further and further. For example, they got a court to say that this applies not just while you’re at the border — they can take your laptop off site to search it and hang onto it for a while. However, that time, they at least needed to have a “reasonable suspicion.” DHS has taken a pretty firm stand that it must be able to keep doing this. While the ACLU and the EFF and others keep challenging these rules, to date the only possible crack was in a case where there’s evidence that the search was politically motivated.

Late last week, a bizarre finding popped up. Back in 2009, when DHS announced its new rulesfor laptop searches at the border, it also promised that it would do its own “Civil Liberties Impact Assessment” within 120 days. Three years later, Homeland Security’s Orwellian “Office of Civil Rights and Civil Liberties” has finally released a two page executive summary of the findings, which more or less says “there are no civil liberties issues” with laptop searches. What else would you expect them to say? The ACLU has filed a FOIA request for the full report, but let’s just focus on the most horrifying statement in the executive summary:

We conclude that CBP’s and ICE’s current border search policies comply with the Fourth Amendment. We also conclude that imposing a requirement that officers have reasonable suspicion in order to conduct a border search of an electronic device would be operationally harmful without concomitant civil rights/civil liberties benefits.

That statement is so bizarre I read it half a dozen times before I was sure it really said what it appears to say. It appears to be a somewhat stunning redefinition of how one reviews whether or not something violates the 4th Amendment. Rather than recognizing the rather explicit restrictions under the 4th Amendment, they merely say that it is okay to do these searches because not doing them would not have civil rights/civil liberties “benefits.” That is incredible. The double negative logic there is truly amazing. In other words, we can violate the Constitution, so long as not doing so would not have civil liberties benefits. Wow.

Meanwhile, since Homeland Security has similarly argued (as part of these cases) that its Constitution Free zone for searches applies to any place 100 miles from the United States border, some are pointing out that this means that every electronic device — computers, cell phones, you name it — in Detroit can be searched with absolutely no reasonable suspicion under DHS’s interpretation (since Detroit is less than 100 miles from Canada). But don’t worry, since there is little civil liberties or civil rights benefits to not searching your stuff, DHS says it’s okay.

Oh, and in case you’re wondering on what basis DHS makes this assessment, it appears to bebased on their own directives rather than on any “laws.”

So, if you’re playing along at home, DHS has decided, based on its own review of its own directives, that it can search any electronic device within 100 miles of the border without requiring a warrant, probable cause, reasonable suspicion or anything like that — because actually respecting the Constitution “would be operationally harmful” and wouldn’t really create any “civil rights/civil liberties benefits” for you.

[Quote]:

“It is not as if the FBI actually thinks Saadiq is a threat. If it did – and it had actual evidence – the FBI would simply arrest him. As they surely recall, they let him fly just a few months ago. It turns out, though, the only reason for doing so is because it is, in the FBI’s view, slightly more indefensible to prevent an American citizen from flying home than it is to prevent him from flying abroad.

“And because we told the FBI ahead of time when Saadiq would be flying, hardly the behavior of a criminal, they could have stuck an air marshal right next to him. They could have subjected his person and luggage to extra scrutiny. But the FBI does not do these things because the No Fly List is not used to protect aircraft. This watchlist – and the many others like it – is a means by which the FBI metes out extra-judicial punishment.”

[Quote]:

The Department of Homeland Security’s civil rights watchdog has concluded that travelers along the nation’s borders may have their electronics seized and the contents of those devices examined for any reason whatsoever — all in the name of national security.

[..]

“We also conclude that imposing a requirement that officers have reasonable suspicion in order to conduct a border search of an electronic device would be operationally harmful without concomitant civil rights/civil liberties benefits,” the executive summary said.

Oh, and “the border” extends 100 miles inland.

[Quote]:

A confidential Justice Department memo concludes that the U.S. government can order the killing of American citizens if they are believed to be “senior operational leaders” of al-Qaida or “an associated force” — even if there is no intelligence indicating they are engaged in an active plot to attack the U.S.

The 16-page memo, a copy of which was obtained by NBC News, provides new details about the legal reasoning behind one of the Obama administration’s most secretive and controversial polices: its dramatically increased use of drone strikes against al-Qaida suspects, including those aimed at American citizens, such as the  September 2011 strike in Yemen that killed alleged al-Qaida operatives Anwar al-Awlaki and Samir Khan. Both were U.S. citizens who had never been indicted by the U.S. government nor charged with any crimes.  

Note also that ‘an associated force’ is a term so elastic as to be meaningless; it can be any person or organization that has ever exchanged an email with someone defined as being a friend of the gardener of the second cousin removed of a member of Al Qaeda. Ergo, if you are assassinated in this way, it seems likely that you will be declared retroactively guilty, even if you weren’t the original target. And, man, is it ever hard to find and pay a lawyer from the grave.

For example, Jubair Ahmad can easily be argued to fall under this memo:

[Quote]:

Over the past several years, the Justice Department has increasingly attempted to criminalize what is clearly protected political speech by prosecuting numerous individuals (Muslims, needless to say) for disseminating political views the government dislikes or considers threatening. The latest episode emerged on Friday, when the FBI announced the arrest and indictment of Jubair Ahmad, a 24-year-old Pakistani legal resident living in Virginia, charged with “providing material support” to a designated Terrorist organization (Lashkar-e-Tayyiba (LeT)).

What is the “material support” he allegedly gave? He produced and uploaded a 5-minute video to YouTube featuring photographs of U.S. abuses in Abu Ghraib, video of armored trucks exploding after being hit by IEDs, prayer messages about “jihad” from LeT’s leader, and — according to the FBI’s Affidavit — “a number of terrorist logos.”

[Quote]:

You may recall that in its quixotic attempt to go after Wikileaks, the US government has been snooping through the private communications of a bunch of folks they’re trying to connect to the organization, including Icelandic politician Birgitta Jonsdottir and Jacob Appelbaum, who gets detained and harassed every time he re-enters the country. All of this came to light only because Twitter actually stood up to the US government and refused to just hand over info that was requested using the obscure 2703(d) process. Twitter also got the court to allow it to reveal the existence of the order (something that every other company which has received one has kept secret). A court eventually ruled that Twitter had to hand over the requested info.

Following this, Jonsdottir, Appelbaum and one other person, Rop Gonggrijp, (represented by the ACLU and the EFF), chose not to challenge that ruling, but did appeal concerning the secrecy around the order — asking the court to have the specific 2703(d) order unsealed — arguing that they have the right to access judicial documents about themselves. However, last week, an appeals court rejected that appeal, and basically said that the feds can sniff through your digital data without your knowledge, and, well, too bad if you don’t like it.

Even though the court did find that 2703(d) orders are “judicial records,” which could make them subject to a right to access, they then claimed that, well, when the government investigates things, it should be able to do so in absolute secrecy, and who really cares about pesky little things like oversight or a right to know about it.

The USA urgently needs an amendment to the Constitution that forbids unreasonable, dragnet searches like this. Let me suggest some language:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

[Quote]:

A quick, well crafted Google search returns “About 86,800 results” for publically accessible HP printers.

There’s something interesting about being able to print to a random location around the world, with no idea of the consequence.

Lock down your printer

Just wait until the spammers discover this..

[Quote]:

Transit police who were training bomb-sniffing dogs left a bomb on a commercial plane at Vancouver International Airport and didn’t tell anyone about it for two days.

The mishap was revealed in documents obtained by the Canadian Taxpayers Federation under a Freedom of Information request.

On Jan. 14, 2011, a Transit Police dog handler realized the explosive device was missing from his training kit, according to the South Coast British Columbia Transportation Authority’s internal documents.

It had last been seen two days before, on Jan. 12, while training on board an Air Canada Boeing 767 at YVR.

The plane took off en route to Toronto. When it landed, a thorough search was conducted but the bomb didn’t turn up. It has never been found.

The bomb was inert without its blasting cap, and investigators stated in their internal report that they believed it was thrown out in the garbage.

Well, the odds of having TWO bombs one a plane are virtually zero, so those people were really safe those two days!

[Quote]:

MOUNT CARMEL — The family of a kindergarten student in Northumberland County is thinking about filing a lawsuit after their five-year-old was suspended from school.  The family’s attorney says she was suspended because she threatened to shoot herself and a classmate with a Hello Kitty bubble gun.

A pink Hello Kitty bubble gun is the reason a five-year-old girl was suspended from kindergarten at Mount Carmel Area Elementary School.  Her family’s attorney says she was at her school bus stop last week when she told a classmate she was going to shoot her and herself with the bubble gun…a gun she did not have with her.  People in the community can’t believe it.

“It’s just bubbles. It can’t harm anybody. It’s not hard and won’t puncture anything or harm anybody in any way,” Kayla Nash of Shamokin said.

According to the family’s lawyer, district officials at Mount Carmel Area Elementary School questioned her for three hours without her parent’s knowledge.

She was suspended for ten days for making terroristic threats.

“I would be very upset about that.  They should have called the mother right away.  My son is 13.  If he got called into the office I would want to know right away,” Michele Krah of Mount Carmel said.

“It’s only a bubble gun.  For a five-year-old.  To give them a ten-day suspension.  That’s horrible,” Ray Scott of Mount Carmel said.

The Hello Kitty bubble gun is similar to this one except it’s pink and has a picture of Hello Kitty on it.  It is considered a toy.  When you pull the trigger, it shoots out bubbles.

The family’s lawyer says a psychologist examined the girl and said she was not a danger to others, so district officials reduced the suspension from ten days to four days.

Mount Carmel’s superintendent told Newswatch 16, “We don’t comment on issues involving staff or students because of confidentiality.”

“I know they’re trying to I guess ban stuff like that at school but obviously I don’t think bubbles would hurt any child…except get them wet,” Diane Bressi of Mount Carmel said.

The family’s attorney says the incident will go on her permanent record, which the family will fight.  He says the family is also considering suing the Mount Carmel Area School District.

To Onion or not to Onion..news…

[Quote]:

A previously unknown and currently unpatched security hole in the latest version of the Java software framework is under attack online, according to security researchers and bloggers.

Attack code that exploits vulnerability in Java’s browser plugin has been added to the Blackhole, Cool, Nuclear Pack, and Redkit exploit kits, according to the Malware Don’t Need Coffee blog, prompting its author to say that the bug is being “massively exploited in the wild.” Miscreants use these products to turn compromised websites into platforms for silently installing keyloggers and other types of malicious software on the computers of unsuspecting visitors. KrebsOnSecurity reporter Brian Krebs said the curators of both Blackhole and Nuclear Pack have taken to the underweb to boast of the addition to their wares. It’s not yet clear how many websites have been outfitted with the exploits.

According to researchers at Alienvault Labs, the exploits work against fully patched installations of Java. Attack files are highly obfuscated and are most likely succeeding by bypassing security checks built in to the program. KrebsOnSecurity said the malware authors say the exploits work against all versions of Java 7.

Update: Analysis from antivirus provider Kaspersky Lab indicates the exploits are already deployed on a variety of websites.

“There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem,” Kaspersky Lab expert Kurt Baumgartner wrote. “We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole implementation delivering the Java 0day. These sites include weather sites, news sites, and of course, adult sites.”

People who don’t use Java much should once again consider unplugging Java from their browser, while those who don’t use it at all may want to uninstall it altogether.

[Quote]:

Want to know the White House’s key propaganda lines for refusing to allow proper oversight into how the NSA is spying on us all? Well, sit back and read on, because the White House’s “talking points” on why the Senate should reject four key amendments to try to roll back some of the excesses of the broad and massive secret program to collect tons of data on Americans, has been leaked.

If only there were a progressive Democrat constitutional law scholar President, then this kind of shenanigans would be unthinkable.

[Quote]:

When we last checked in on the DIY innovations of Mexican cartel drug smugglers, we found them lobbing four-pound bales of marijuana over the Mexico-Arizona border with a trailer-mounted catapult. But technology never stands still. U.S. Customs and Border Patrol agents recently found 33 canisters of marijuana in a field on the U.S. side near the point where the Colorado River crosses the U.S.-Mexico border, and they think the pot got there after being launched from a huge pneumatic cannon.

[Quote]:

AT&T, Verizon Wireless, Sprint, and other wireless providers would be required to record and store information about Americans’ private text messages for at least two years, according to a proposal that police have submitted to the U.S. Congress.

CNET has learned a constellation of law enforcement groups has asked the U.S. Senate to require that wireless companies retain that information, warning that the lack of a current federal requirement “can hinder law enforcement investigations.”

[Quote]:

“That search was absolutely useless.” I said. “And just shows how much of all of this is security theatre. You guys are just feeling up passengers for no good effect, which means that you get all the downsides of a search – such as annoyed travellers who feel like they have had their privacy violated – without any of the benefits. I could have hidden half a dozen items on my person that you wouldn’t have had a snowball’s chance in a supernova of finding. That’s what I meant.”

“Sir, are you hiding something?” he said, and as he did, I saw three other security guys coming our way. Oh dear.

“Of course not.” I said. “But if I had wanted to, I could have.”

“Why do you have such a problem with being searched?” another security guy said, presumably the first guy’s supervisor.

“Look, I have absolutely no problem with being searched. But if you’re going to do it, do it properly – the plane is no safer at all after this gentleman half-heartedly stroked me for a couple of seconds” I said.

“How do you mean?” the supervisor asked.

“He was stroking me as if he was trying to get me to sleep with him, not as if he was trying to find anything on me.” I said. “I’ve been searched many, many times, and in this case, I could have hidden things in my socks, taped to my thigh, taped to the small of my back, the insides of my upper arms, under my testicles or anywhere on my buttocks.”

“Why have you been searched so many times?” the supervisor asked sharply.

“I’m a police officer. I help train other police officers. When we search someone, we assume that the person who searches us may have a knife or something else they can use to harm us, so we search properly. And yes, this means that you have to take a firm grip of somebody’s groin, yes, this means that you search even the parts that are less comfortable to have searched, and yes, this means that you’re probably going to incur a couple of sexual harassment accusations along the way.” I nodded at the security guard who had searched me. “This fellow here did by far the most useless search I have ever been subjected to, and if I wanted to, I could have smuggled half a dozen knives onto the flight. I don’t have a problem with being searched at all – in fact, if you guys think it’s necessary, I’d be the first to admit that I look a little bit suspicious before I’ve had my first cup of coffee in the morning – but if you’re going to stroke me gently in front of hundreds of people, you’d better buy me a fucking drink first, is all I am saying.”

The security supervisor was standing there, frozen at my rant.