Welcome to the Police State

Where the press does the bidding of the government (at the Dems in power), and your phone company spies for the .gov as well. AT&T reportedly spies on its customers for government cash

The Daily Beast is reporting that the telco has essentially turned itself into a spy-for-hire in the pay of the government. According to the piece, the company’s Project Hemisphere is providing warrantless surveillance, thanks to some legal gray areas, that score it millions of dollars from taxpayers.

And no one seems to care.

More Ways for Your Smartphone to Track Your Every Move

The super cookies the telecoms were using can now be (almost) replicated thanks to the W3C apis to give websites access to data that no website needs. How Your Smartphone Light Sensor Could Help Websites Track You

Does a website really need to access the amount and the red/green/blue character of the ambient light in your location? I wish someone at W3C would explain the use case.

Well it’s clear that the advertisers have a use case.

Tapping into this data, it will be possible to “profile, detect, recognize and track” users and their behavior, such as what time they usually work, what lighting conditions they prefer, and how frequently they are in their house or office, according to [Lukasz] Olejnik.

Not just advertisers who might be interested in that data.

I wish people would consider the security implications of things before running headlong off a cliff.

Already these APIs are in Firefox. Coming soon to Chrome and Opera (not sure if this means the APIs are being added to Chromium base, or if other Chromium browsers will be impacted). They may be coming to Safari as well.

You can eliminate this from Firefox by going to about:config and changing “device.sensors.enabled” to “false.”

The more recent results posted to twitter show these sensors being used (in the wild) in industrial espionage.

“Alexa, tell the Feds where the bodies are buried.”

More FBI Spying. The FBI Can Neither Confirm Nor Deny Wiretapping The Amazon Echo. Are you surprised? Then you haven’t been paying attention.

In many ways the Echo is a law enforcement dream. Imagine if you could go back in time and tell police that one day people would willingly put microphones in their own homes that, with a little hacking, could be heard from anywhere in the world 24/7.

And it isn’t clear that warrants are being obtained. Fourth Amendment? What is that?

Welcome to the Panoptican.

(The history of FBI hacking – which goes back farther than you may think – can be found at this link.)

Everybody Hates Feinstein and Burr’s Anti-encryption Bill

It will destroy a whole lot of things. Like any hope of security. Tech coalitions pen open letter to Burr and Feinstein over bill banning encryption | TechCrunch

The Venn Diagram tells the story.

It goes on to point out “unintended consequences” such as compromised security being compromised for bad actors as well as good, and also that any national attempt to hamper the operation of a global industry is foolish and bound to fail and, in failing, damage the reputation and economy of the U.S. (I’m paraphrasing).

RSA Cryptographers’ Panel – Privacy vs Mass Surveillance

Whitfield Diffie and Martin Hellman (The 2 people responsible for public key encryption), Moxie Marlinspike (Founder of Open Whisper Systems – the providers of some easy-to-use rock-solid secure communications), and Ronald Rivest and Avi Shamir (two university professors) discuss the current state and the future of cryptography.

They cover Apple vs the FBI. The future of cryptography in the face of quantum computing, and a few other things. They don’t all agree on all things. With a fair bit of NSA bashing along the way. And yes it is fairly techie at times. 47 minutes or so.

(Whitfield Diffie looks like Gandalf – or that’s the comment that Leo Laporte made on the latest episode of Security Now.)

Your Thermostat is Spying On You. (And your light bulbs, fridge, etc.)

As if smart phones weren’t enough… US intelligence chief: we might use the internet of things to spy on you | Technology | The Guardian

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” [James Clapper, the US director of national intelligence,] said.

Because your security is not important to corporations. And maybe not even to you.

In Orwell’s 1984 the televisions spied on the population. Now it is going to be everything in the house.

For a video describing this, and a few other security issues, see this week’s Threat Wire.