• DHS drops plans for national license-plate database

    DHS has recalled its solicitation for bids by private companies to help the department create a national license-plate database which would allow unlimited access to information obtained from commercial and law enforcement license plate readers (LPRs). DHS wanted to use the database to track fugitive undocumented immigrants and others sought by law enforcement, but the database, which could have contained more than one billion records, raised privacy concerns and questions about the safeguards which would be used to protect innocent citizens.

  • Identifying, thwarting insider threats before they do damage

    Researchers argue that one way to identify and predict potential insider threats even before these individuals begin to do damage like stealing and leaking sensitive information, is by using Big Data to monitor changes in behavior patterns. Researchers at PARC, for example, found that individuals who exhibit sudden decrease in participation in group activity, whether in a game like World of Warcraft or corporate e-mail communications, are likely to withdraw from the organization. A withdrawal represents dissatisfaction with the organization, a common trait of individuals who are likely to engage in insider security breaches.

  • Snowden stole co-worker’s password to gain access to secret databanks: NSA

    One reason National Security Agency (NSA) former analyst Edward Snowden was able to gain such broad access to a wide variety of agency’s secret documents was that he copied a password from a co-worker who has since resigned. After Snowden was denied access to NSANet, the agency’s computer network which connects into many of the agency’s classified databases, he persuaded a co-worker, an NSA civilian employee, to use his – the co-worker’s — Public Key Infrastructure (PKI) certificate to gain access. The NSA told Congress Snowden used what the agency describes as “digital deception”: the civilian NSA employee entered his password on Snowden’s computer, not realizing that Snowden was able to capture the password, allowing him even greater access to classified information. Once he gained access to NSANet, Snowden released a “Web crawler” inside the system. The crawler automatically indexed the NSANet, and using the passwords Snowden held – one his, one or more those of co-workers – copied every document in its path.

  • German IT industry hopes to benefit from NSA leaks-inspired distrust of U.S. tech companies

    The German IT sector is hoping to benefit from trust lost in American technology firms in the aftermath of Edward Snowden’s leaks. The German government is looking to develop Internet security initiatives, with government departments vying with each other for a lead role. Both inside and outside the German government a proposal, known as “Schengen Routing,” is advanced which calls for data originated in Europe to be processed and stored within Europe. Critics warn that plans to create a European routing system could affect the openness of the Internet.

  • FAA vetoes Valentine flower-delivery drone

    Detroit-area florist Flower Delivery Express wanted to use drones to deliver flowers to customers on Valentine Day. The FAA rejected the request, dryly noting that “A commercial flight requires a certified aircraft, a licensed pilot, and operating approval.” The florist is not giving up yet, cryptically saying it is testing “other guarded secret methods” for flower delivery.

  • Unmanned aerial logistics system to bypass ground-based threats, challenges

    Rugged terrain and threats such as ambushes and Improvised Explosive Devices (IEDs) can make ground-based transportation to and from the front lines a dangerous challenge. Combat outposts require on average 100,000 pounds of material a week, and high elevation and impassable mountain roads often restrict access. Unmanned aerial logistics system would bypass ground-based threats and enable faster, more effective delivery of cargo and other essential services in hard-to-reach areas.

  • Portland’s Christmas Bomber challenges NSA-gathered evidence used to convict him

    Mohamed Mohamud, a Somali immigrant and former Oregon State University student, was convicted last year of attempting to detonate a bomb in 2010 near Portland’s Christmas holiday tree-lighting ceremony at Pioneer Courthouse Square. His lawyers are questioning the legality of evidence used against him. Attorneys for Mohamud are claiming that the evidence used was obtained without a warrant and should have been barred by the court.

  • Nevada trial of Sikh terrorist postponed by two years to clarify FISA-related issues

    Balwinder Singh, 39, who received asylum in the United States in 1997, was indicted as a member of Babbar Khalsa International (BKI) and Khalistan Zindabad Force (KZF). Both groups use bombings, kidnappings, and murders in a campaign to establish an independent Sikh state in the Punjab region of India, to be called Khalistan. U.S. District Judge Larry Hicks agreed with the prosecution and defense that the trial should be postponed from February 2014 to February 2016 so that issues related to FISA-authorized NSA surveillance of Singh could be clarified. Judge Hicks said that “the ends of justice served by this continuance outweighs the defendant’s and public’s best interests in a speedy trial.”

  • Snowden’ leaks derailed important cybersecurity initiatives

    Edward Snowden’s leaks created such a climate of distrust around the NSA that many important cybersecurity initiatives died, stalled, or became non-starters. Security experts say that this is a case of throwing the baby out with the bathwater, and that the result of these stalled cybersecurity initiatives is that the United States is now more vulnerable to cyberattacks on its infrastructure, and government agencies and American corporations more exposed to sensitive information being compromised and stolen. U.S. officials have found it more difficult to respond to cyberattacks from Russia, China, and elsewhere. “All the things [the NSA] wanted to do are now radioactive, even though they were good ideas,” says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies(CSIS).

  • Arizona lawmaker pushes measure to limit NSA operations in the state

    Arizona State Senator Kelli Ward, a tea party Republican representing the Lake Havasu area, is pushing a bill in the State Senate which would impose limits on the ability of the NSA to operate in Arizona. In December Ward became the first legislator in the nation to declare she would introduce legislation to limit NSA activities in the state, and so far legislators in twelve other states have introduced similar bills. Arizona SB 1156 would. Among other things, prohibit local and state law enforcement officials from cooperating with the NSA and would prevent state or local prosecutors from using NSA-collected information which had not been obtained with a warrant. The bill would also withhold funds from state universities and colleges supporting the NSA with research or recruitment. Legal scholars say the courts would in all likelihood strike down Ward’s measure because Arizona, in essence, is trying to regulate the federal government.

  • A first: Constitutionality of NSA warrantless surveillance challenged by terrorism suspect

    Jamshid Muhtorov, a refugee from Uzbekistan now facing terrorism charges in Colorado, is the first criminal defendant who, as part of his lawyers’ defense strategy, is challenging the constitutionality of the NSA’s warrantless surveillance program. Muhtorov filed a motion Wednesday in federal court in Denver to suppress any evidence obtained through the agency’s surveillance program on grounds that it was unlawful. In July 2013 the Justice Department reversed an earlier policy, and now informs defendants whether the case against them, in whole or in part, is based on information obtained through warrantless surveillance. To date, six months after the review process at Justice was launched, Muhtorov and Mohamed Mohamud, a Portland, Oregon teenager who had been convicted after an FBI sting operation of attempting to detonate a bomb at a Christmas tree lighting ceremony, are the only defendants to receive such a disclosure.

  • A first: Judge in terrorism case rules defense may examine government secret FISA application

    U.S. District Judge Sharon Johnson Coleman ruled yesterday (Wednesday) that the U.S. government cannot keep secret its request to conduct clandestine surveillance of an accused would-be terrorist. The ruling gives defense attorneys an unprecedented access to a request made to the Foreign Intelligence Surveillance Act (FISA) court for permission to spy on an American citizen. Judge Coleman said her ruling is the first time a defendant’s lawyers will be given access to an application prosecutors submitted to the FISA court. Security experts warned that opening FISA applications to review in a criminal case may set a dangerous precedent.

  • “Space cops” to help control traffic in space, prevent satellites from colliding

    Collisions in space of satellites and space debris have become increasingly problematic. A team of scientists are using mini-satellites that work as “space cops” to help control traffic in space. The scientists used a series of six images over a 60-hour period taken from a ground-based satellite to prove that it is possible to refine the orbit of another satellite in low earth orbit.

  • Minnesota wants to limit law-enforcement use of wireless tracking devices

    The Minnesota Department of Public Safety’s acquisition of Kingfish and Stingray II wireless surveillance devices has come under scrutiny as the department’s Bureau of Criminal Apprehension(BCA) has used the devices in investigations. Some legislators are considering placing limits on law enforcement’s use of the data captured by the devices because of concerns over who has access to the data and how long it is being kept.

  • Expert calls for “surveillance minimization” to restore public trust

    Surveillance minimization — where surveillance is the exception, not the rule — could help rebuild public trust following revelations about the collection of personal data, according to an expert on privacy and surveillance. “Surveillance minimization requires surveillance to be targeted rather than universal, controlled and warranted at the point of data gathering rather than of data access, and performed for the minimum necessary time on the minimum necessary people,” he says.