The current practices of the Foreign Intelligence Surveillance Act court are effective and don’t need to be changed, according to former FBI director Robert Mueller.
“Yes, it’s worthwhile. Metadata of telephone companies is terribly helpful,” Mueller said, speaking Tuesday morning at an American Bar Association breakfast held at the the University Club in Washington, D.C.
Mueller cited the example of the Boston Marathon bombing as evidence that bulk collection is important, saying that analysis of metadata was able to rule out potential associates of the Tsarnaev brothers. “They had additional IEDs [Improvised Explosive Devices],” Mueller said, adding that bulk collection helped prevent a second attack.
Metadata collection, he said, “is tremendously helpful in identifying contacts.”
The FISA court’s bulk metadata collection program has come under intense scrutiny in light of disclosures made by former National Security Agency contractor Edward Snowden. Congress now has until the end of May to decide whether to reauthorize Section 215 of the Patriot Act, which allows the bulk collection program.
Legislators are working on the language for a reauthorization bill, according to Mueller. “They’re tweaking it, trying to accommodate additional concerns, like privacy,” he said.
Mueller also defended current procedures, which have been criticized for not allowing those subject to surveillance to argue in front of the FISA court. “I’m not sure you need to change what’s been in effect,” he said.
Mueller also didn’t mince words when asked about a possible plea deal for Snowden.
“He’s indicted,” Mueller said of Snowden. “He should come back and face the music.”
Month: February 2015
FCC Commissioner Ajit Pai Is Leading An Incoherent, Facts-Optional Last Minute War On Net Neutrality…For The American People
Over the last few months we’ve discussed how FCC Commissioner Ajit Pai has been waging a one man war on net neutrality and Title II using what can only be described as an increasingly aggressive barrage of total nonsense. Back in January Pai tried to claim that Netflix was a horrible neutrality hypocrite because the company uses relatively ordinary content delivery networks. Earlier this month Pai one-upped himself by trying to claim that meaningful neutrality consumer protections would encourage countries like Iran and North Korea to censor the Internet.
Now on the surface, it appears that Pai just doesn’t understand technology very well. Of course, once you understand that he was once a regulatory lawyer for Verizon, you realize he’s simply dressing broadband duopoly profit protection up as some kind of deeper, meaningful ethos. As such, lamenting that Title II is “Obamacare for the Internet,” is just political theater designed to rile up the base to the benefit of the broadband industry.
With net neutrality set for a vote this week, Pai has accelerated his master plan to make the largest number of inaccurate net neutrality statements in the shortest amount of time possible. For example, Pai co-wrote an editorial in the Chicago Tribune last week that tries to use Obamacare fears to insist Americans will lose the right to choose their own wireless plans if Title II based rules come to pass:
“If you like your wireless plan, you should be able to keep it. But new federal regulations may take away your freedom to choose the best broadband plan for you. It’s all part of the federal government’s 332-page plan to regulate the Internet like a public utility…take T-Mobile’s Music Freedom program, which the Internet conduct rule puts on the chopping block. The “Un-carrier” allows consumers to stream as much online music as they want without charging it against their monthly data allowance.”
Popcorn Time “Fan Pages” Nuked By Anti-Piracy Outfit
Released in the first quarter of 2014, any minute now Popcorn Time will celebrate its one year anniversary.
It’s been a roller-coaster ride for the various forks of the project after generating hundreds of headlines between them. Needless to say, many have focused on how the project provides sleek access to unauthorized content.
Predictably that ease of use has proven most popular in the United States but interestingly Popcorn Time also proved itself a disproportionate hit in the Netherlands. Last September one fork reported 1.3 million installs in a population of just 17 million.
No surprise then that Popcorn Time has appeared on the radar of Dutch anti-piracy group BREIN. The Hollywood-affiliated group has been relatively quiet in recent months but is now reporting action aimed at stemming the flow of users to the popular torrent streaming application.
Denouncing Popcorn Time as an “illegal service”, BREIN reports that it has recently shut down “six Dutch Popcorn Time sites” and reached a settlement with their operators.
BREIN usually keeps the names of shuttered sites a closely guarded secret, but on this occasion has chosen to name four out of the six.
PopcornTime.nl, Popcorn-Time.eu, Popcorn-Time.info and PopcornTimeFilms.nl are now non-operational and currently display the warning message below as per their agreement with BREIN.
This site has been removed by the BREIN foundation for propagating Popcorn Time Software.
Popcorn Time encourages illegal use and uses an illegal online supply of films and television series.
WARNING: Popcorn Time software uses peer-to-peer (P2P) technology allowing users to both up – and download. Streaming, uploading and downloading of illegal content is prohibited by law and will therefore result in liability for the damages caused.
NOTE: Uploading is illegal and causes greater damage than a single download.
SUPPORT CREATIVITY: Go to Thecontentmap.nl and see where you can legally download and stream.
Lawmaker Who Said Snowden Committed Treason, Now On The Other Side Of Metadata Surveillance
Rep. Aaron Schock is frequently referred to as a “rising star” in Congress, but this week, the Associated Press reported on a scandal involving Schock and his use of taxpayer and campaign funds for things like flights on private jets (owned by key donors) and a Katy Perry concert. Frankly, I think some of the “scandal” here is a bit overblown. But what struck me is part of how the AP tracked these details about Schock down:
The AP tracked Schock’s reliance on the aircraft partly through the congressman’s penchant for uploading pictures and videos of himself to his Instagram account. The AP extracted location data associated with each image then correlated it with flight records showing airport stopovers and expenses later billed for air travel against Schock’s office and campaign records.
In short, the metadata brought Schock down. Of course, as we’ve been describing, anyone who says that we shouldn’t be concerned about the NSA’s surveillance of metadata, or brushes it away as “just metadata,” doesn’t understand how powerful metadata can be. As former NSA/CIA boss Michael Hayden has said, the government kills people based on metadata.
But it does seem noteworthy that Schock was one of those who claimed that Ed Snowden’s leaking of how the NSA collected metadata on nearly everyone amounted to treason. I wonder if he still feels that way…
Male Legislator Asks If Swallowed Camera Could Be Used for Gynecology
BOISE, Idaho — An Idaho lawmaker received a brief lesson on female anatomy after asking if a woman can swallow a small camera for doctors to conduct a remote gynecological exam.
The question Monday from Republican Rep. Vito Barbieri came as the House State Affairs Committee heard nearly three hours of testimony on a bill that would ban doctors from prescribing abortion-inducing medication through telemedicine.
Dr. Julie Madsen was testifying in opposition to the bill when Barbieri asked the question. Madsen replied that would be impossible because swallowed pills do not end up in the vagina.
Avicii and Other DJs Produce Hits Using Pirated Software
Tim Bergling, aka Avicii, has become one of the world’s best known DJs, scoring hit after hit in recent years.
With a net worth estimated at $60 million the Swede has plenty of cash to splash. Enough to buy an expensive Hollywood Hills mansion.
Interestingly, however, some of the tracks he made his millions with were produced with the help of pirated software.
In an interview with Future Music Magazine Avicii proudly shows his setup and the associated video reveals that he’s using a cracked version of Lennar Digital’s popular Sylenth1 plugin, which normally costs €139.
The plugin, which appears 42 minutes into the video, is registered to “Team VTX 2011,” referencing the name of a well-known cracking group.
The interview with Avicii was shot a while ago so there’s a chance that the DJ bought a legal copy in the meantime. However, the use of pirated Sylenth1 plugins among top DJs is not an isolated incident.
Just a few months ago DJ Deadmau5 called out Martin Garrix on Twitter for making the same mistake. Garrix, who’s also a multi-millionaire, was using a version cracked by “Team AIR.”
Leaky battery attack reveals the paths you walk in life
Here’s another one that shows how seemingly anonymous data is never truly anonymous:
More than 100 mobile apps leak users’ location regardless of whether they opt to keep the information private, according to researchers.
Power consumption data is the source of the leaks, which make it possible to determine users’ whereabouts with 90 percent accuracy.
A quartet from Stanford University and Israeli defence contractor Rafael developed an app called PowerSpy to demonstrate the leak.
“Modern mobile platforms like Android enable applications to read aggregate power usage on the phone … We show that by simply reading the phone’s aggregate power consumption over a period of a few minutes an application can learn information about the user’s location,” the team wrote in the paper PowerSpy: Location Tracking using Mobile Device Power Analysis (PDF).
“Aggregate phone power consumption data is extremely noisy due to the multitude of components and applications simultaneously consuming power.
“Nevertheless, we show that by using machine learning techniques, the phone’s location can be inferred.”
Power consumption increases the further a user is from a base station and the more objects are in the line of sight between the two.
If an attacker has a general idea where their target is they can track them by plotting these variations, the boffins say.
The World’s Most Idiotic Copyright Complaint
At least once a month TorrentFreak reports on the often crazy world of DMCA takedown notices. Google is kind enough to publish thousands of them in its Transparency Report and we’re only too happy to spend hours trawling through them.
Every now and again a real gem comes to light, often featuring mistakes that show why making these notices public is not only a great idea but also in the public interest. The ones we found this week not only underline that assertion in bold, but are actually the worst examples of incompetence we’ve ever seen.
German-based Total Wipes Music Group have made these pages before after trying to censor entirely legal content published by Walmart, Ikea, Fair Trade USA and Dunkin Donuts. This week, however, their earlier efforts were eclipsed on a massive scale.
wipedFirst, in an effort to ‘protect’ their album “Truth or Dare” on Maze Records, the company tried to censor a TorrentFreak article from 2012 on how to download anonymously. The notice, found here, targets dozens of privacy-focused articles simply because they have the word “hide” in them.
But it gets worse – much worse. ‘Protecting’ an album called “Cigarettes” on Mona Records, Total Wipes sent Google a notice containing not a single infringing link. Unbelievably one of the URLs targeted an article on how to use PGP on the Mac. It was published by none other than the EFF.
After this you look around and at your webcam
European Lawmakers Demand Answers on Phone Key Theft
European officials are demanding answers and investigations into a joint U.S. and U.K. hack of the world’s largest manufacturer of mobile SIM cards, following a report published by The Intercept Thursday.
The report, based on leaked documents provided by NSA whistleblower Edward Snowden, revealed the U.S. spy agency and its British counterpart Government Communications Headquarters, GCHQ, hacked the Franco-Dutch digital security giant Gemalto in a sophisticated heist of encrypted cell-phone keys.
The European Parliament’s chief negotiator on the European Union’s data protection law, Jan Philipp Albrecht, said the hack was “obviously based on some illegal activities.”
“Member states like the U.K. are frankly not respecting the [law of the] Netherlands and partner states,” Albrecht told the Wall Street Journal.
Sophie in ’t Veld, an EU parliamentarian with D66, the Netherlands’ largest opposition party, added, “Year after year we have heard about cowboy practices of secret services, but governments did nothing and kept quiet […] In fact, those very same governments push for ever-more surveillance capabilities, while it remains unclear how effective these practices are.”
“If the average IT whizzkid breaks into a company system, he’ll end up behind bars,” In ’t Veld added in a tweet Friday.
The EU itself is barred from undertaking such investigations, leaving individual countries responsible for looking into cases that impact their national security matters. “We even get letters from the U.K. government saying we shouldn’t deal with these issues because it’s their own issue of national security,” Albrecht said.
Still, lawmakers in the Netherlands are seeking investigations. Gerard Schouw, a Dutch member of parliament, also with the D66 party, has called on Ronald Plasterk, the Dutch minister of the interior, to answer questions before parliament. On Tuesday, the Dutch parliament will debate Schouw’s request.
Additionally, European legal experts tell The Intercept, public prosecutors in EU member states that are both party to the Cybercrime Convention, which prohibits computer hacking, and home to Gemalto subsidiaries could pursue investigations into the breach of the company’s systems.
According to secret documents from 2010 and 2011, a joint NSA-GCHQ unit penetrated Gemalto’s internal networks and infiltrated the private communications of its employees in order to steal encryption keys, embedded on tiny SIM cards, which are used to protect the privacy of cellphone communications across the world. Gemalto produces some 2 billion SIM cards a year.
The company’s clients include AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers. “[We] believe we have their entire network,” GCHQ boasted in a leaked slide, referring to the Gemalto heist.