Security News This Week: Apple Hires a Crypto Guru for Future Battles With the Feds #JHedzWorlD
http://www.bloglinkz.xyzhttp://www.bloglinkz.xyzhttp://www.bloglinkz.xyzhttp://www.bloglinkz.xyz
‘);
You are how you drive, we learned this week, when researchers showed how your car’s computer can identify you based on patterns in your driving techniques. And it doesn’t take much data to do so. Information collected from a car’s brake pedal alone let the researchers distinguish the correct driver nine times out of 10. Patterns, of a different sort, also played a role in a map researchers have created to track where government hackers around the world are spying on journalists, activists, lawyers, and NGOs. And speaking of surveillance—whistleblower Edward Snowden also popped up in a Vice episode this week to show you how to make your phone “go black” so it’s harder to surveil.
But there was more: Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
Apple Hires Crypto Guru Amidst Battles With the Feds
As Apple’s battle with the FBI over the San Bernardino shooter’s iPhone played out earlier this year, the tech giant vowed to find more ways to secure its devices so that eventually even Apple itself would not be able to access customer data, or help anyone else do it. That plan apparently includes hiring some of the security world’s top crypto talent. This month, Apple hired, or rather rehired, Jon Callas, who has a long and storied career in crypto and security. He cofounded many of the top crypto firms, including the PGP Corporation, Silent Circle, and Blackphone—known variously for providing encrypted email, text, and voice communications. Just as importantly, he worked for Apple in the past to secure its operating system and develop whole disk encryption for Apple computers. Apple wouldn’t say what Callas would be doing for the company, but it’s fair to say the FBI, in its continuing court battles with Apple, should be worried.
Pentagon’s Betrayal of Whistleblower Shows Why Edward Snowden Was Right to Leak to Media
The Obama administration’s war on whistleblowers got a little more uncomfortable this week when a former Pentagon watchdog blew the whistle on the government’s ill treatment of whistleblower Thomas Drake, thereby underscoring why whistleblowers take their troubles to the media instead of reporting problems internally. John Crane, a former assistant inspector general at the Pentagon, revealed that colleagues in his own office had retaliated against Drake after he and other NSA workers filed a complaint with the inspector general’s office in 2002 about an over-priced and underperforming data-mining tool known as Trailblazer. After information about the failed program leaked to reporters, Crane says he believes the inspector general’s office betrayed Drake by giving his name to Justice Department officials investigating the leak; Pentagon officials also destroyed documents that might have helped Drake’s criminal defense, Crane said. After Edward Snowden leaked thousands of NSA documents to reporters in 2013, critics condemned him for going to the media instead of following established protocols for reporting wrongdoing internally at the NSA. But the revelations about Drake show why that path might not be the smartest choice for whistleblowers.
Hillary Clinton’s Secret Email Server Wasn’t So Secret to Hackers
Speaking of inspector generals, another one made headlines this week when he told Congress that former Secretary of State Hillary Clinton and her staff failed to report two incidents in 2011 when they believed hackers had targeted the secretary’s private email server. In the first incident, the technician operating Clinton’s controversial server thought the server was under attack and shut it down for a few minutes, apparently believing this was an adequate response to an intrusion attempt. Months later, Clinton feared her email was being targeted again, the inspector general reports, though neither she nor her staff reported the incidents to State Department IT staff. Clinton’s staff has long maintained that her private email server never got breached. The inspector general doesn’t dispute this, though at least one hacker does. See below.
Guccifer Blows Whistle on Clinton
This week, the Romanian hacker known as Guccifer, aka Marcel Lehel Lazar, pleaded guilty to a hacking spree—one that he says included breaching Clinton’s server in 2013. He claims he copied files from her server and posted them to his Guccifer Archive online. Anonymous government officials told Fox News they think he’s lying about hacking Clinton’s server. But an intelligence source said it was no coincidence Lazar was extradited to the US just as the investigation of Clinton’s server was concluding, suggesting US officials want to keep a tight rein on him.
Thieves Score $13 Million in Three Hours in a Cashout Heist
A hacking crime of a different sort struck South African banks last week, when criminals used bank card details for some 1,600 customers of the Standard Bank in South Africa for a massive cashout operation in Japan. The coordinated cashout began around 5 am the morning of May 15, a Sunday, but was just publicly reported this week. Thieves made more than 14,000 withdrawals over the course of three hours at about 1,400 different 7-Eleven ATMs located in Tokyo and other cities across Japan. At about $900 per transaction—the maximum for a single withdrawal—they made off with about $13 million in three hours before anyone knew what was happening.
Secret Text in Senate Bill Would Give FBI Warrantless Access to Email Records
In a sneaky move of their own, US senators snuck a provision into the Intelligence Authorization Act that would let the FBI obtain email transaction records—the “to,” “from,” and subject lines of emails—without a court-sanctioned warrant. Instead, they could obtain the data by simply sending a National Security Letter—essentially a self-issued subpoena—to ISPs seeking the data. National Security Letters come with a gag order that prevents the recipient from disclosing that they’ve received one, and lawmakers have been known to abuse their use of NSLs in the past. It’s not known which senator or senators snuck the language into the Intelligence Authorization Act, but it was no accident that this was the bill they chose—it is considered a must-pass bill for lawmakers. Indeed, the Senate Intelligence Committee voted nearly unanimously this week to pass the bill, with only Senator Ron Wyden (D—Oregon) voting against it. Wyden noted in a statement that the email provision “would allow any FBI field office to demand email records without a court order, a major expansion of federal surveillance powers.”
Go Back to Top. Skip To: Start of Article.
Security News This Week: Apple Hires a Crypto Guru for Future Battles With the Feds #JHedzWorlD
No comments:
Post a Comment