Category: Privacy, Surveillance, & Security

There’s nothing stopping attackers from manipulating the data they make public.

It’s one thing to have all of your dirty laundry aired in public for everyone to see. It’s another thing entirely for someone to throw in a few choice items that aren’t real.

Imagine trying to explain to the press, eager to publish the worst of the details in the documents, that everything is accurate except this particular email. Or that particular memo. That the salary document is correct except that one entry. Or that the secret customer list posted up on WikiLeaks is correct except that there’s one inaccurate addition. It would be impossible. Who would believe you? No one. And you couldn’t prove it.

Source: Hackers, Organizational Doxing, and Data Forgeries – The Atlantic

Notice and consent is an absurd legal fiction. … But as terrible as notice-and-consent is, at least it pretends that people should have some say in the destiny of the data that evanescences off of their lives as they move through time, space, and information.

The next generation of networked devices are literally incapable of participating in that fiction.

The best way to secure data is never to collect it in the first place. Data that is collected is likely to leak. Data that is collected and retained is certain to leak. A house that can be controlled by voice and gesture is a house with a camera and a microphone covering every inch of its floorplan.

Source: Locus Online Perspectives » Cory Doctorow:The Privacy Wars Are About to Get A Whole Lot Worse

FBI Director James Comey presented the morning government keynote address to cyber security experts at the Symantec Government Symposium in Washington, D.C. on August 30, 2016

Here’s why I think it requires an adult conversation. Our nation’s founders struck a bargain 240 ago. In our great country, we have a reasonable expectation of privacy in all of our private spaces—in our houses, in our cars, in our safe deposit boxes, in our devices. That is a very important part of being an American. The government cannot invade our private spaces without good reason—good reason that is reviewable in court.

But it also means that with good reason, the people of the United States, through judges and law enforcement, can invade our private spaces. That is the bargain that has been at the heart of ordered liberty in this country since its founding.

We need a conversation that starts from a place where we recognize that there are no evil people in this conversation. We share the same values. We all care deeply about the same things—privacy on the one hand, security and safety on the other. We may weigh them differently. I may see the world more darkly than somebody who lives in sunny Silicon Valley. I may over-weight the dark side. But we have the same values. That should allow us to have a thoughtful conversation without demonizing anybody or trying to bumper-sticker anybody. I hope you will participate in that conversation, and that we can have it next year when we’re not engaged, as you may have heard, in an election.

Source: Inside the FBI: Director Comey Addresses Cyber Security Experts — FBI

One cybersecurity firm estimates that extortive attacks now cost small and medium companies at least $75 billion in expenses and lost productivity each year.

banks have started to keep tens of thousands of dollars in Bitcoin ready in case of an attack. “Buying bitcoin on any one of the U.S. exchanges is a three-to-five day wait time, so we’ve been forced into the position of having to stock bitcoin as if it were computer equipment and have it ready for our use,”

Source: How Ransomware Became a Billion-Dollar Nightmare for Businesses – The Atlantic

Since January, police have been testing an aerial surveillance system adapted from the surge in Iraq. And they neglected to tell the public.

A company called Persistent Surveillance Systems, based in Dayton, Ohio, provided the service to the police, and the funding came from a private donor. No public disclosure of the program had ever been made.

McNutt believes the technology would be most effective if used in a transparent, publicly acknowledged manner; part of the system’s effectiveness, he said, rests in its potential to deter criminal activity. … In 2006 he gave the military Angel Fire, a wide-area, live-feed surveillance system that could cast an unblinking eye on an entire city. … This produced a searchable, constantly updating photographic map that was stored on hard drives. His elevator pitch was irresistible: “Imagine Google Earth with TiVo capability.”

Even six months after the flights began, some Baltimore police officers still didn’t know exactly how the surveillance program worked.

[McNutt]’s exasperated when his system is criticized not for what it does, but for its potential. Yet for critics like Stanley, the two can’t be separated. … McNutt says he’s sure his system can withstand a public unveiling and that the more people know about what his cameras can—and can’t—do, the fewer worries they’ll have. But the police ultimately decide who and what should be tracked.

Source: Secret Cameras Record Baltimore’s Every Move From Above

 

“I said to myself, ‘This is where the rubber hits the road. The technology has finally arrived, and Big Brother, which everyone has always talked about, is finally here.’ ”

— Jay Stanley, ACLU senior policy analyst and privacy expert