• Passwords, privacy and protection: can Apple meet FBI’s demand without creating a ‘backdoor’?

    By H. V. Jagadish

    The point of encryption is to make decryption hard. However, hard does not mean impossible. The FBI could decrypt this data, with sufficient effort and computational power, and they could do this with no help from Apple. However, this route would be expensive, and would take some time. In effect, what they’re requesting of Apple is to make their job easier, cheaper and faster. Ultimately, how this matter gets resolved may depend more on the big-picture question of what privacy rights we as a society want for the data we record on our personal devices. Understanding the technical questions can inform this discussion.

  • How mobile ads leak personal data

    The personal information of millions of smartphone users is at risk due to in-app advertising that can leak potentially sensitive user information between ad networks and mobile app developers, according to a new study.

  • Detecting hidden malicious ads hidden in apps

    The danger of acquiring a computer virus or spyware used to come with the risk of visiting the dark, sketchy corners of the Internet. But now trusted and harmless smartphone apps like MyFitnessPal and Candy Crush carry their own risks. As more and more people own smartphones, the number of malicious ads hidden in apps is growing — tripling in just the past year.

  • Snowden ready to return to U.S. for “fair trial”

    Edward Snowden has told friends and supporters he was ready to return to the United States if he could be guaranteed a fair trial. Snowden said his representatives had approached the U.S. Justice Department in an effort to negotiate a plea deal, even one involving him spending time in jail. He told the BBC Panorama last year, however, that the Justice Department had made no effort to respond.

  • NYPD has used Stingrays since 2008 -- with lower-level court orders rather than warrants

    The NYPD has confirmed that it owns and operates Stingrays— surveillance devices that spy on cell phones nearby and which can be used to track location. In response to an NYCLU FOIL request, the NYPD disclosed it used Stingrays nearly 1,016 times between 2008 and May of 2015 without a written policy and following a practice of obtaining only lower-level court orders rather than warrants. This is the first time the extent of the use of Stingrays by the NYPD has been made public.

  • Intelligence agencies could use Internet-of-things to spy on people

    James Clapper, the director of U.S. national intelligence, told lawmakers the other day that the Internet of things — baby monitors, TV set, home security devices, voice recognition dolls – may be used by intelligence services to spy on people. Clapper, testifying yesterday before a Senate panel, said that intelligence agencies might be able to use this new generation of household devices to increase their surveillance capabilities.

  • Anaheim police employed Stingray surveillance devices

    Police in Anaheim, California have been using Stingray surveillance devices, as well as employing the more intrusive cousin, “dirtboxes,” during active investigations, without the knowledge of residents. More than 400 new documents obtained by the American Civil Liberties Union show that the department has requested funds for the technology, and that it has been using the devices since at least 2009.

  • World leaders urged to oppose encryption back doors

    In an open letter made public on Monday, nearly 200 Internet and digital rights leaders and experts, companies, and organizations are calling on the Obama administration and other world leaders to reject efforts to create “back doors” to encryption. “Encryption tools, technologies, and services are essential to protect against harm and to shield our digital infrastructure and personal communications from unauthorized access,” the letter states.

  • Majority of Americans believe it is sometimes necessary for govt. to sacrifice freedoms

    Survey conducted after the Paris and San Bernardino attacks finds a majority of respondents from both parties think it is acceptable for the government to analyze the Internet activities and communications of American citizens without a warrant.

  • NSA kept Benjamin Netanyahu under surveillance during Iran negotiations

    As part of the effort by the Obama administration earlier this year to make sure that the negotiations between the P5+1 powers and Iran over the latter’s nuclear program would not be derailed or obstructed, the National Security Agency (NSA) kept a close watch on Israel’s prime minister Benjamin Netanyahu. The agency collected intelligence on Netanyahu and other Israeli leaders in an attempt to learn what moves the Israeli leader was planning as part of his campaign to have Congress reject the agreement the United States was negotiating.

  • DHS questioned over pressure it put on a library to disable Tor node

    Back in September, Kilton Public Library in Lebanon, New Hampshire briefly disabled its Tor relay after local police, following a tip from agents with Homeland Security’s investigations branch that the network may be used by criminals or terrorists. A Congresswoman from California wants to know why DHS officials pressured the New Hampshire library to take down the relay node, and whether DHS has leaned on other organizations to do so.

  • Civil liberties coalition condemns cybersecurity bill

    Civil libertarians in the United States have a new ally in the fight against the new surveillance bill now being considered in Congress: librarians. The critics of the bill call it both “unhelpful” and “dangerous to Americans’ civil liberties.” House speaker Paul Ryan (R-Wisconsin) has been actively pushing for reconciliation of two bills, the Protecting Cyber Networks Act (PCNA) and the National Cybersecurity Protection Advancement with the Cybersecurity Information Sharing Act of 2015 (CISA), which passed a Senate vote in October.

  • Untraceable communication -- guaranteed

    By Larry Hardesty

    Anonymity networks, which sit on top of the public Internet, are designed to conceal people’s Web-browsing habits from prying eyes. The most popular of these, Tor, has been around for more than a decade and is used by millions of people every day. Recent research, however, has shown that adversaries can infer a great deal about the sources of supposedly anonymous communications by monitoring data traffic though just a few well-chosen nodes in an anonymity network. Researchers have developed a new, untraceable text-messaging system designed to thwart even the most powerful of adversaries.

  • Good apps talking to bad Web sites behind your back

    In one of the first studies to analyze behind-the-scenes behaviors of good applications, researchers conducted a large-scale analysis of URLs embedded in 13,500 free android apps downloaded from Google Play. The apps tested were created by reputable developers and downloaded by many people, among them popular social media, shopping, news and entertainment apps. The researchers found that almost 9 percent of popular apps downloaded from Google Play interact with Web sites that could compromise users’ security and privacy; 15 percent talked to bad Web sites (with intentions that vary from harming devices, stealing confidential data or annoying users with spam); and 73 percent talked to low-reputation Web sites(those receiving a Web of Trust rating lower than 60/100).

  • New cybersecurity legislation would shield companies from public records laws

    A legislation which passed both houses of Congress, but has not yet signed into law by the president, aims to encourage companies and organizations to share with the U.S. government information about cyberattacks and cyberthreats they experience –but critics say there is a catch: the legislation would severely restrict what the public can learn about the program.