Sign up for our Technology Newsletter 
Twitter Blocks Intelligence Agencies
May 17, 2016 by admin
Filed under Around The Net
Comments Off on Twitter Blocks Intelligence Agencies
Twitter has prohibited a data-mining firm from providing analytics of real-time tweets to U.S. intelligence agencies, according to a Wall Street Journal report, quoting a person familiar with the matter.
Twitter, which provides Dataminr with real-time access to public tweets, seems to be trying to distance itself from appearing to aid government surveillance, a controversial issue after former National Security Agency contractor Edward Snowden revealed that the government was collecting information on users through Internet and telecommunications companies.
Executives of Dataminr told intelligence agencies recently that Twitter, which holds around 5 percent of the equity in the startup and provides the data feed, did not want the company to continue providing the service to the agencies.
Twitter’s move appears to be in line with its policy on the use of its tweet data by external companies.
“Dataminr uses public Tweets to sell breaking news alerts to companies such as Wall Street Journal parent Dow Jones and government agencies such as the World Health Organization, for non-surveillance purposes,” Twitter said in a statement Sunday. “We have never authorized Dataminr or any third party to sell data to a government or intelligence agency for surveillance purposes.”
U.S. intelligence agencies gained access to Dataminr’s service after In-Q-Tel, aventure capital organization backed by U.S. intelligence agencies, put money in the firm, the WSJ said, quoting a person familiar with the matter. Twitter is said to have conveyed to Dataminr that it didn’t want to continue the relationship with intelligence agencies at the end of a pilot by the data analysis firm arranged by In-Q-Tel. Dataminr does not figure in the list of In-Q-Tel portfolio companies on its website.
Source-http://www.thegurureview.net/uncategorized/twitter-blocks-intelligence-agencies-access-to-tweet-analytics.html
Britain’s New Surveillance Plans Raises Privacy Concerns
November 16, 2015 by admin
Filed under Around The Net
Comments Off on Britain’s New Surveillance Plans Raises Privacy Concerns
Britain has announced plans for sweeping new surveillance powers, including the right to find out which websites people visit, measures ministers say are vital to keep the country safe but which critics denounce as an assault on freedoms.
Across the West, debate about how to protect privacy while helping agencies operate in the digital age has raged since former U.S. intelligence contractor Edward Snowden leaked details of mass surveillance by British and U.S. spies in 2013.
Experts say part of the new British bill goes beyond the powers available to security services in the United States.
The draft was watered down from an earlier version dubbed a “snoopers’ charter” by critics who prevented it reaching parliament. Home Secretary Theresa May told lawmakers the new document was unprecedented in detailing what spies could do and how they would be monitored.
“It will provide the strongest safeguards and world-leading oversight arrangements,” she said. “And it will give the men and women of our security and intelligence agencies and our law enforcement agencies … the powers they need to protect our country.”
They would be able to require communication service providers (CSPs) to hold their customers’ web browsing data for a year, which experts say is not available to their U.S. counterparts.
“What the British are attempting to do, and what the French have already done post Charlie Hebdo, would never have seen the light of day in the American political system,” Michael Hayden, former director of the U.S. National Security Agency and Central Intelligence Agency, told Reuters.
May said that many of the new bill’s measures merely updated existing powers or spelled them out.
Police and spies’ access to web use would be limited to “Internet connection records” – which websites people had visited but not the particular pages – and not their full browsing history, she said.
“An Internet connection record is a record of the communications service that a person has used – not a record of every web page they have accessed,” May said. “It is simply the modern equivalent of an itemised phone bill.”
Source-http://www.thegurureview.net/aroundnet-category/britains-new-surveillance-plans-raise-ire-of-privacy-advocates.html
U.S. And Britain Ramping Up Cyber Defense
Comments Off on U.S. And Britain Ramping Up Cyber Defense
The U.S. and Britain are increasing their collaboration to thwart digital threats. They are planning to launch more attacks against each other to test their defenses and scare away possible enemies.
The U.S. and the U.K. have been working together to prevent cyber attacks for some time, but are going to increase the collaboration. They will combine their expertise to set up “cyber cells” on both sides of the Atlantic to increase sharing information about threats and to work out how to best protect themselves and create a system that lets hostile states and organization know they shouldn’t attack, said U.K. prime minister David Cameron in an interview published by the BBC.
Cyber attacks “are one of the biggest modern threats that we face,” according to Cameron who is visiting Washington for talks with U.S. president Barack Obama. One of the topics high on the agenda is digital security.
The countries will increase the “war games” launched at each other to test defenses. “It is happening already but it needs to be stepped up,” Cameron said, adding that British intelligence service GCHQ and the U.S. equivalent NSA have know-how that should be shared more.
“It is not just about protecting companies, it is also about protecting people’s data, about protecting people’s finances. These attacks can have real consequences to people’s prosperity,” he said.
However, in order to protect companies and citizens better, increased snooping powers to track terrorists on social networks are necessary, said Cameron. He is planning to discuss this issue with Obama and U.S. companies including Google and Facebook.
The increased cooperation between the countries comes in the wake of the Sony hack and the apparent hacking of the U.S. Central Command’s Twitter account by ISIS (Islamic State of Iraq and Syria), which posted tweets threatening families of U.S. soldiers and claiming to have hacked into military PCs.
Should Encryption Be The Norm?
Encryption should be a matter of priority and used by default. That’s the message from the Internet Architecture Board (IAB), the worldwide body in charge of the internet’s technology infrastructure.
The IAB warned in a statement that “the capabilities and activities of attackers are greater and more pervasive than previously known”.
It goes on to say: “The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default.
“We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic.”
The purpose, the IAB claims, is to instill public trust in the internet after the myriad high-profile cases in which computer traffic has been intercepted, ranging from bank details to email addresses and all points in between.
The news will be unwelcome to the security services, which have repeatedly objected to initiatives such as the default encryption in iOS8 and Android L, claiming that it is in the interest of the population to retain the right to intercept data for the prevention of terrorism.
However, leaked information, mostly from files appropriated by rogue NSA contractor Edward Snowden, suggests that the right of information interception is abused by security services including the UK’s GCHQ.
These allegations include the collection of irrelevant data, the investigation of cold cases not in the public interest, and the passing of pictures of nude ladies to colleagues.
Microsoft Adds Anti-snooping Safeguards
July 16, 2014 by admin
Filed under Around The Net
Comments Off on Microsoft Adds Anti-snooping Safeguards
Microsoft has added encryption safeguards to the Outlook.com webmail service and to the OneDrive cloud storage service, in part to better protect these consumer products from government surveillance.
“Our goal is to provide even greater protection for data across all the great Microsoft services you use and depend on every day. This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data,” Matt Thomlinson, vice president, Trustworthy Computing Security, at Microsoft wrote in a blog post.
The move follows similar ones from other cloud computing providers. For example, Google announced end-to-end encryption for Gmail in April, including protection for email messages while they travel among Google data centers. It recently announced similar encryption for its Google Drive cloud storage service.
It’s not clear from Microsoft’s announcement whether the encryption protection it announced covers Outlook.com messages and OneDrive files as they travel within Microsoft data centers. It’s also not clear what, if any, encryption OneDrive and Outlook.com have had until now. Microsoft didn’t immediately respond to a request for comment.
Cloud computing providers like Microsoft, Google, Amazon and many others have been rattled by disclosures from former National Security Agency contractor Edward Snowden regarding government snooping into online communications, due to the effect on their consumer and business customers.
As a result, these companies have been busy boosting encryption on their systems, while also lobbying the U.S. government to stop the stealthy and widespread monitoring of Internet services.
Lavaboom Offers To Encrypt
A new webmail service named Lavaboom promises to provide easy-to-use email encryption without ever learning its users’ private encryption keys or message contents.
Lavaboom, based in Germany and founded by Felix MA1/4ller-Irion, is named after Lavabit, the now defunct encrypted email provider believed to have been used by former NSA contractor Edward Snowden. Lavabit decided to shut down its operations in August in response to a U.S. government request for its SSL private key that would have allowed the government to decrypt all user emails.
Lavaboom designed its system for end-to-end encryption, meaning that only users will be in possession of the secret keys needed to decrypt the messages they receive from others. The service will only act as a carrier for already encrypted emails.
Lavaboom calls this feature “zero-knowledge privacy” and implemented it in a way that allows emails to be encrypted and decrypted locally using JavaScript code inside users’ browsers instead of its own servers.
The goal of this implementation is to protect against upstream interception of email traffic as it travels over the Internet and to prevent Lavaboom to produce plain text emails or encryption keys if the government requests them. While this would protect against some passive data collection efforts by intelligence agencies like the NSA, it probably won’t protect against other attack techniques and exploits that such agencies have at their disposal to obtain data from computers and browsers after it was decrypted.
Security researchers have yet to weigh in on the strength of Lavaboom’s implementation. The service said on its website that it considers making parts of the code open source and that it has a small budget for security audits if any researchers are interested.
Those interested in trying out the service can request to be included in its beta testing period, scheduled to start in about two weeks.
Free Lavaboom accounts will come with 250MB of storage space and will use two-way authentication based on the public-private keypair and a password. A premium subscription will cost a!8 (around US$11) per month and will provide users with 1GB of storage space and a three-factor authentication option.
Microsoft Issues New Policies
Microsoft Corp, under fire for accessing an employee’s private Hotmail account to prove he was illegally passing computer code to a blogger, has said it will now refer all suspicious activity on its email services to law enforcement.
The decision, announced by head lawyer Brad Smith on Friday, reverses Microsoft’s initial reaction to complaints last week, when it laid out a plan to refer such cases to an unidentified former federal judge, and proceed to open a suspect email account only if that person saw evidence to justify it.
“Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves,” said Smith, in a blog post on the software company’s website. “Instead, we will refer the matter to law enforcement if further action is required.”
Microsoft – which has recently cast itself as a defender of customer privacy – was harshly criticized last week by civil liberties groups after court documents made public in the prosecution of Alex Kibkalo in Seattle federal court for leaking trade secrets showed that Microsoft had accessed the defendant’s email account before taking the matter to legal authorities.
The company said last week its actions were within its legal rights under the terms of use of its email services, but has now acknowledged that its actions raised concerns about customer privacy.
The issue is poignant for Microsoft, which routinely criticizes Google Inc for serving up ads based on the content of users’ Gmail correspondence.
It has also been campaigning for more transparency in the legal process through which U.S. intelligence agencies can get access to email accounts following the revelations of former National Security Agency contractor Edward Snowden.
“While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us,” said Smith in his blog. “Therefore, rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures.”
Virtru Goes Office 365
April 8, 2014 by admin
Filed under Around The Net
Comments Off on Virtru Goes Office 365
Virtru has added Microsoft’s Office 365 and Outlook Desktop services to its growing list of compatible email platforms available on its encryption product.
The company, headquartered in Washington, D.C. and launched in January, is targeting people using major email providers who want stronger privacy controls for more secure communication.
The service is designed to be easy to use for end users who may not have the technical gumption to set up PGP (Pretty Good Privacy), a standard for signing and encrypting content.
Virtru is compatible with most major webmail providers, including Google’s Gmail, Yahoo’s Mail and Microsoft’s Outlook webmail, which replaced Hotmail.
Emails sent using Virtru through those services would look like gibberish, providing a greater degree of privacy. Law enforcement or other entities would not be able to read the content unless they could obtain the key.
Virtru uses a browser extension to encrypt email on a person’s computer or mobile device. The content is decrypted after recipients receive a key, which is distributed by Virtru’s centralized key management server.
Although Virtru handles key management, the company is working on a product that would allow that task to be managed on-site for users, as some administrators would be uncomfortable with another entity managing their keys.
Virtru has said it put aside funds to contest government orders such as a National Security Letter or law enforcement request that are not based on a standard of probable cause.
Web Pioneer Calls For Bill of Rights
The inventor of the world wide web, Tim Berners-Lee, voiced his support for bill of rights to protect freedom of speech on the Internet and users’ rights after leaks about government surveillance of online activity.
25 years since the London-born computer scientist invented the web, Berners-Lee said there was a need for a charter like England’s historic Magna Carta to help guarantee fundamental principles online.
Web privacy and freedom have come under scrutiny since former U.S. National Security Agency contractor Edward Snowden last year leaked a raft of secret documents revealing a vast U.S. government system for monitoring phone and Internet data.
Accusations that NSA was mining personal data of users of Google, Facebook, Skype and other U.S. companies prompted President Barack Obama to announce reforms in January to scale back the NSA program and ban eavesdropping on the leaders of close friends and allies of the United States.
Berners-Lee said it was time for a communal decision as he warned that growing surveillance and censorship, in countries such as China, threatened the future of democracy.
“Are we going to continue on the road and just allow the governments to do more and more and more control – more and more surveillance?” he told BBC Radio on Wednesday.
“Or are we going to set up something like a Magna Carta for the world wide web and say, actually, now it’s so important, so much part of our lives, that it becomes on a level with human rights?” he said, referring to the 1215 English charter.
While acknowledging the state needed the power to tackle criminals using the Internet, he has called for greater oversight over spy agencies such Britain’s GCHQ and the NSA, and over any organizations collecting data on private individuals.
He has previously spoken in support of Snowden, saying his actions were “in the public interest”.
Berners-Lee and the World Wide Web Consortium, a global community with a mission to lead the web to its full potential, have launched a year of action for a campaign called the Web We Want, urging people to push for an Internet “bill of rights” for every country.
NSA Developing System To Crack Encryption
Comments Off on NSA Developing System To Crack Encryption
The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.
The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.
In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.
Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.
The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.
Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.
His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.
Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.
On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.