Ciberguerra: cuando el arma más poderosa es un ejército de hackers

La ciberguerra ha dejado de ser una excentricidad reservada a actos aislados, a pequeñas cosas. Las nuevas tecnologías forman parte de los civiles y sus ejércitos. Y atacarlas se ha puesto a la par de la guerra convencional.

Fuente: Ciberguerra: cuando el arma más poderosa es un ejército de hackers


Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates

A new report from Rand Corp. may help shed light on the government’s arsenal of malicious software, including the size of its stockpile of so-called “zero days” — hacks that hit undisclosed vulnerabilities in computers, smartphones, and other digital devices.The report also provides evidence that such vulnerabilities are long lasting. The findings are of particular interest because not much is known about the U.S. government’s controversial use of zero days.

Fuente: Malware Attacks Used by the U.S. Government Retain Potency for Many Years, New Evidence Indicates


Long-Secret Stingray Manuals Detail How Police Can Spy on Phones

Harris Corp.’s Stingray surveillance device has been one of the most closely-guarded secrets in law enforcement for more than 15 years. The company and its police clients across the United States have fought to keep information about the mobile-phone-monitoring boxes from the public against which they are used. The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.

Fuente: Long-Secret Stingray Manuals Detail How Police Can Spy on Phones


The NSA’s British Base at the Heart of U.S. Targeted Killing

in the heart of the tranquil English countryside, is the National Security Agency’s largest overseas spying base. Originally used to monitor Soviet communications through the Cold War, its focus has since dramatically shifted, and today it is a vital part of the NSA’s sprawling global surveillance network.

Fuente: The NSA’s British Base at the Heart of U.S. Targeted Killing


Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas

Un grupo de hackers vinculado a la Agencia de Seguridad Nacional de los Estados Unidos, mejor conocida como la NSA (National Security Agency), ha sido hackeado recientemente y sus herramientas de espionaje, recolección de información, malware y más, han sido puestas en venta por 1 millón de bitcoins (más de 550 millones de dólares al momento de la publicación).

Fuente: Hackean grupo de espionaje de la NSA y subastan información por 1 millón de bitcoins | CriptoNoticias – Bitcoin, Blockchain y criptomonedas


¿Son estas las armas de espionaje de la NSA? | Derechos Digitales

Un grupo de hackers dice haber obtenido información confidencial de Equation Group, un conocido y sofisticado grupo de ciber atacantes ligado a la NSA. Parte de la información publicada permite por primera vez echar un vistazo a las herramientas utilizadas por la agencia de seguridad estadounidense.

Fuente: ¿Son estas las armas de espionaje de la NSA? | Derechos Digitales


Israeli firm accused of creating iPhone spyware | World news | The Guardian

An Israeli technology company has been accused of creating and supplying an aggressive interception program capable of taking over Apple’s iPhones and turning them into remote spying devices, after it was allegedly used to target a Middle Eastern human rights activist and others.

Fuente: Israeli firm accused of creating iPhone spyware | World news | The Guardian


Privacy Scandal Haunts Pokemon Go’s CEO

The suddenly vast scale of Pokemon Go adoption is matched by the game’s aggressive use of personal information. Unlike, say, Twitter, Facebook, or Netflix, the app requires uninterrupted use of your location and camera — a “trove of sensitive user data,” as one privacy watchdog put it in a concerned letter to federal regulators.All the more alarming, then, that Pokemon Go is run by a man whose team literally drove one of the greatest privacy debacles of the internet era, in which Google vehicles, in the course of photographing neighborhoods for the Street View feature of the company’s online maps, secretly copied digital traffic from home networks, scooping up passwords, email messages, medical records, financial information, and audio and video files.

Fuente: Privacy Scandal Haunts Pokemon Go’s CEO


New Zealand Spied on WTO Director Candidates – The Intercept

New Zealand Spied on WTO Director Candidates – The Intercept.

Featured photo - New Zealand Spied on WTO Director Candidates

New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals.

In the period leading up to the May 2013 appointment, the country’s electronic eavesdropping agency programmed an Internet spying system to intercept emails about a list of high-profile candidates from Brazil, Costa Rica, Ghana, Indonesia, Jordan, Kenya, Mexico, and South Korea.

New Zealand’s trade minister Tim Groser was one of nine candidates in contention for the position at the WTO, a powerful international organization based in Geneva, Switzerland that negotiates trade agreements between nations. The surveillance operation, carried out by Government Communications Security Bureau, or GCSB, appears to have been part of a secret effort to help Groser win the job.


Documents Reveal Canada’s Secret Hacking Tactics – The Intercept

Documents Reveal Canada’s Secret Hacking Tactics – The Intercept.

Featured photo - Documents Reveal Canada’s Secret Hacking Tactics

Canada’s electronic surveillance agency has secretly developed an arsenal of cyber weapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents.

Communications Security Establishment, or CSE, has also covertly hacked into computers across the world to gather intelligence, breaking into networks in Europe, Mexico, the Middle East, and North Africa, the documents show.

The revelations, reported Monday by CBC News in collaboration with The Intercept, shine a light for the first time on how Canada has adopted aggressive tactics to attack, sabotage, and infiltrate targeted computer systems.

The latest disclosures come as the Canadian government debates whether to hand over more powers to its spies to disrupt threats as part of the controversial anti-terrorism law, Bill C-51.

Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?”

According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems. The most well-known example of a state-sponsored “attack” operation involved the use of Stuxnet, a computer worm that was reportedly developed by the United States and Israel to sabotage Iranian nuclear facilities.


Secret 'BADASS' Intelligence Program Spied on Smartphones – The Intercept

Secret ‘BADASS’ Intelligence Program Spied on Smartphones – The Intercept.

BY MICAH LEE 

British and Canadian spy agencies accumulated sensitive data on smartphone users, including location, app preferences, and unique device identifiers, by piggybacking on ubiquitous software from advertising and analytics companies, according to a document obtained by NSA whistleblower Edward Snowden.

The document, included in a trove of Snowden material released by Der Spiegel on January 17, outlines a secret program run by the intelligence agencies called BADASS. The German newsweekly did not write about the BADASS document, attaching it to a broader article on cyberwarfare. According to The Intercept‘s analysis of the document, intelligence agents applied BADASS software filters to streams of intercepted internet traffic, plucking from that traffic unencrypted uploads from smartphones to servers run by advertising and analytics companies.

Programmers frequently embed code from a handful of such companies into their smartphone apps because it helps them answer a variety of questions: How often does a particular user open the app, and at what time of day? Where does the user live? Where does the user work? Where is the user right now? What’s the phone’s unique identifier? What version of Android or iOS is the device running? What’s the user’s IP address? Answers to those questions guide app upgrades and help target advertisements, benefits that help explain why tracking users is not only routine in the tech industry but also considered a best practice.

For users, however, the smartphone data routinely provided to ad and analytics companies represents a major privacy threat. When combined together, the information fragments can be used to identify specific users, and when concentrated in the hands of a small number of companies, they have proven to be irresistibly convenient targets for those engaged in mass surveillance. Although the BADASS presentation appears to be roughly four years old, at least one player in the mobile advertising and analytics space, Google, acknowledges that its servers still routinely receive unencrypted uploads from Google code embedded in apps.

For spy agencies, this smartphone monitoring data represented a new, convenient way of learning more about surveillance targets, including information about their physical movements and digital activities. It also would have made it possible to design more focused cyberattacks against those people, for example by exploiting a weakness in a particular app known to be used by a particular person. Such scenarios are strongly hinted at in a 2010 NSA presentation, provided by agency whistleblower Edward Snowden and published last year in The New York TimesPro Publica, andThe Guardian. That presentation stated that smartphone monitoring would be useful because it could lead to “additional exploitation” and the unearthing of “target knowledge/leads, location, [and] target technology.”

The 2010 presentation, along with additional documents from Britain’s intelligence service Government Communications Headquarters, or GCHQ, showed that the intelligence agencies were aggressively ramping up their efforts to see into the world of mobile apps. But the specifics of how they might distill useful information from the torrent of internet packets to and from smartphones remained unclear.


Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica

Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica.

Lunes 5 Ene 2015

Carlos Castillo

En pocos días he llegado a un punto de saturación respecto a leer predicciones para el 2015. Muchas de las predicciones son, fundamentalmente, cosas que ya están sucediendo y que al autor de la predicción le gustaría que continuaran sucediendo. Eso no tiene nada de malo, pero no estaría mal llamar a las cosas por su nombre.

En ese espíritu, creo que hay algo muy importante que sucedió a fines del 2014 y que estaría muy bien que continuara sucediendo el 2015. Me refiero a la transición que están experimentando las tecnologías de nube con conocimiento cero, en particular la encriptación punto-a-punto.

Conocimiento cero = bueno

Almacenar cosas en la “nube” es valioso por varios motivos. Primero, poder acceder a tus propios archivos desde cualquier dispositivo (móvil, tabletlaptop, etc.) es muy conveniente. Segundo, un efecto secundario positivo es que tienes un respaldo de estos archivos. Tercero, es más fácil compartir un archivo con otra persona si tu archivo ya está en la “nube”.

Para muchas personas, resulta obvio que si, por ejemplo, subes algunas fotos a un sistema de almacenamiento, entonces tus fotos quedan a disposición de la gente que opera esa nube. La gente que trabaja para esa empresa puede ver tus fotos, y si los hackean a ellos, o si adivinan tu clave sin necesidad de tener acceso a tu dispositivo, entonces tus fotos pueden acabar en cientos de sitios en Internet.

Para un cliente corporativo, el problema de almacenar secretos de negocio en la nube es mucho más serio, sobre todo si se trata de un negocio del sector tecnológico (posible competidor del proveedor de nube) o que compite con alguna empresa estadounidense, como le sucedió a Petrobras.

Un proveedor de almacenamiento remoto no necesita tener acceso al contenido de tus archivos para poder almacenarlos.

Resulta obvio para casi todo el mundo que esta desventaja es una consecuencia inevitable de subir un archivo a Internet, pero no tiene por qué ser así. Desde hace décadas que existe tecnología para encriptar un archivo antes de subirlo, y decriptarlo después de bajarlo. En otras palabras, para que, sin necesidad de que tú tengas que hace nada ni siquiera preocuparte de lo que está sucediendo, un sistema de almacenamiento pueda funcionar con conocimiento cero.

En algunos casos, el proveedor de almacenamiento ofrece esta característica como una de sus cualidades principales, como es el caso de SpiderOak. En otros casos (e.g. Dropbox), es el mismo usuario el que debe configurar su computador para que utilice cero-conocimiento, como explicamos en un artículo anterior.


El final de las contraseñas | Tecnología | EL PAÍS

El final de las contraseñas | Tecnología | EL PAÍS.

 

Los ataques convierten en obsoletos los sistemas de seguridad en la Red. La doble autenticación y la biometría se abren camino

 

 

Emilio Martínez muestra el programa de contraseña por voz. / santi burgos

Con saqueos masivos de datos como el de Sony, el mayor ciberataque padecido por una empresa, o el que sufrió Apple hace unos meses, cuando decenas de fotos privadas de actrices de Hollywood fueron robadas y difundidas por todos los rincones de la red, hablar de Internet y seguridad se ha convertido casi en un oxímoron, una contradicción en los términos. La mayoría de los expertos considera que el actual sistema de contraseñas que rige la red ha caducado por lo incómodo que resulta para los usuarios y, como queda cada vez más claro, por su falta de fiabilidad. El futuro se encuentra en los sistemas de doble autenticación y en la biometría, campo en el que varias empresas españolas están en la vanguardia. Mientras tanto todos los expertos en seguridad dan el mismo consejo: generar contraseñas más complejas para, en la medida de lo posible, entorpecer el trabajo de los ladrones de datos.

Como ha escrito el experto en informática de The New York Times, Farhad Manjoo, “no mandes un mail, no subas una foto a la nube, no mandes un mensaje de texto, al menos si tienes cualquier esperanza de que siga siendo privado”. El problema está en que cada vez tenemos más datos y más importantes en Internet, ya sean bancarios, profesionales o personales, y cada vez están más expuestos. La página web www.databreaches.net calcula que se han producido 30.000 robos de datos en todo tipo de empresas en los últimos diez años, con una inquietante aceleración en 2013 y 2014. Javier García Villalba, profesor del Departamento de Ingeniería de Software e Inteligencia Artificial de la Universidad Complutense de Madrid, asegura: “Una contraseña por sí sola ya no ofrece suficiente seguridad. Los ataques informáticos comprometen por igual cualquier contraseña, sea buena, mala o regular”.


Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco

Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco.

BY RYAN GALLAGHER 

When the incoming emails stopped arriving, it seemed innocuous at first. But it would eventually become clear that this was no routine technical problem. Inside a row of gray office buildings in Brussels, a major hacking attack was in progress. And the perpetrators were British government spies.

It was in the summer of 2012 that the anomalies were initially detected by employees at Belgium’s largest telecommunications provider, Belgacom. But it wasn’t until a year later, in June 2013, that the company’s security experts were able to figure out what was going on. The computer systems of Belgacom had been infected with a highly sophisticated malware, and it was disguising itself as legitimate Microsoft software while quietly stealing data.

Last year, documents from National Security Agency whistleblower Edward Snowden confirmed that British surveillance agency Government Communications Headquarters was behind the attack, codenamed Operation Socialist. And in November, The Intercept revealed that the malware found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who named it “Regin.”

The full story about GCHQ’s infiltration of Belgacom, however, has never been told. Key details about the attack have remained shrouded in mystery—and the scope of the attack unclear.

Now, in partnership with Dutch and Belgian newspapers NRC Handelsbladand De StandaardThe Intercept has pieced together the first full reconstruction of events that took place before, during, and after the secret GCHQ hacking operation.

Based on new documents from the Snowden archive and interviews with sources familiar with the malware investigation at Belgacom’s networks,The Intercept and its partners have established that the attack on Belgacom was more aggressive and far-reaching than previously thought. It occurred in stages between 2010 and 2011, each time penetrating deeper into Belgacom’s systems, eventually compromising the very core of the company’s networks.


Cops Are Handing Out Spyware to Parents—With Zero Oversight | WIRED

Cops Are Handing Out Spyware to Parents—With Zero Oversight | WIRED.

Mere days after a government crackdown on a spyware manufacturer comes the startling revelation that law enforcement agencies have been purchasing commercial spyware themselves and handing it out to the public for free.

Police departments around the country have been distributing thousands of free copies of spyware to parents to monitor their children’s activity, a fact that’s come to light in the wake of a federal indictment this week against the maker of one commercial spyware tool on wiretapping charges.

The tool being distributed by agencies, known as ComputerCOP, has been purchased in bulk by more than two hundred police departments in thirty-five states as well as by sheriff’s offices and district attorneys. It’s designed to search computers for files and videos based on a keyword dictionary that comes with the software and also can log every keystroke on a computer, sending some of that data—in an unsecured manner—to a server belonging to the company that makes the software.

But according to the Electronic Frontier Foundation, which examined the spyware and uncovered the arrangement with law enforcement agencies, the spyware works badly and there is nothing to prevent parents who receive it from using it against other adults.

Computer Cop Promotional Poster

Computer Cop Promotional Poster EFF

“It’s certainly ironic that law enforcement agencies are going after spyware makers while also distributing software that could be used for the same purposes,” says Dave Maas, an investigator with the EFF. “Obviously there’s a difference in how these were marketed by the maker. But certainly law enforcement needs to train their magnifying glasses on their own operations.”


The U.S. Government's Secret Plans to Spy for American Corporations – The Intercept

The U.S. Government’s Secret Plans to Spy for American Corporations – The Intercept.

By

Featured photo - The U.S. Government’s Secret Plans to Spy for American Corporations

Throughout the last year, the U.S. government has repeatedly insisted that it does not engage in economic and industrial espionage, in an effort to distinguish its own spying from China’s infiltrations of Google, Nortel, and other corporate targets. So critical is this denial to the U.S. government that last August, an NSA spokesperson emailed The Washington Post to say (emphasis in original): “The department does ***not*** engage in economic espionage in any domain, including cyber.”

After that categorical statement to the Post, the NSA was caught spying on plainly financial targets such as the Brazilian oil giant Petrobraseconomic summitsinternational credit card and banking systems; the EU antitrust commissioner investigating Google, Microsoft, and Intel; and the International Monetary Fund and World Bank. In response, the U.S. modified its denial to acknowledge that it does engage in economic spying, but unlike China, the spying is never done to benefit American corporations.

Director of National Intelligence James Clapper, for instance, responded to the Petrobras revelations by claiming: “It is not a secret that the Intelligence Community collects information about economic and financial matters…. What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of—or give intelligence we collect to—U.S. companies to enhance their international competitiveness or increase their bottom line.”

But a secret 2009 report issued by Clapper’s own office explicitly contemplates doing exactly that. The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response. It anticipates a series of potential scenarios the U.S. may face in 2025, from a “China/Russia/India/Iran centered bloc [that] challenges U.S. supremacy” to a world in which “identity-based groups supplant nation-states,” and games out how the U.S. intelligence community should operate in those alternative futures—the idea being to assess “the most challenging issues [the U.S.] could face beyond the standard planning cycle.”

One of the principal threats raised in the report is a scenario “in which the United States’ technological and innovative edge slips”— in particular, “that the technological capacity of foreign multinational corporations could outstrip that of U.S. corporations.” Such a development, the report says “could put the United States at a growing—and potentially permanent—disadvantage in crucial areas such as energy, nanotechnology, medicine, and information technology.”

How could U.S. intelligence agencies solve that problem? The report recommends “a multi-pronged, systematic effort to gather open source and proprietary information through overt means, clandestine penetration (through physical and cyber means), and counterintelligence” (emphasis added). In particular, the DNI’s report envisions “cyber operations” to penetrate “covert centers of innovation” such as R&D facilities.


Cómo es el 'Google' secreto de la NSA y cuáles son sus peligros

Cómo es el ‘Google’ secreto de la NSA y cuáles son sus peligros.


La última filtración de los “papeles de Snowden” revela la creación del buscador ICREACH para rastrear entre los metadatos espiados

La herramienta pudo servir para detenciones e interrogatorios de sospechosos

El anterior director de la NSA, Keith Alexander, ahora consultor privado, fue su promotor

Cárcel de Guantánamo. Foto: EFE

Aunque hace más de un año empezaron a salir a la luz las prácticas de espionaje masivo de la NSA con la publicación del rastreo de las llamadas de los usuarios de Verizon, el caso está lejos de cerrarse.

El último de los programas conocidos, revelado por “The Intercept” la semana pasada, es “ICREACH”, un buscador que la NSA habría desarrollado en secreto para rastrear entre miles de millones de metadatos obtenidos en sus actividades de espionaje indiscriminado.

Se trata, entre los sistemas de espionaje hasta ahora desvelados, de uno de los más graves por la cesión de millones de datos registrados a otras agencias como la CIA, el FBI o la DEA (que carecen del control y autorización excepcional con que supuestamente contaría la NSA), porquehabría servido para detenciones e interrogatorios a quienes se consideraban sospechosos “a la luz” del tratamiento de dichos metadatos.

Estas prácticas vulnerarían, tal como apuntaron enseguida las primeras reacciones, la Cuarta Enmienda de la Constitución norteamericana que establece que solo se podrá ser objeto de investigación o detención por causas “razonables”:

“El derecho de los habitantes de que sus personas, domicilios, papeles y efectos se hallen a salvo de pesquisas y aprehensiones arbitrarias, será inviolable, y no se expedirán al efecto mandamientos que no se apoyen en un motivo verosímil…”


Software libre: seguridad y conveniencia – ONG Derechos Digitales

Software libre: seguridad y conveniencia – ONG Derechos Digitales.

La aprobación de dos proyectos de acuerdo opuestos y excluyentes en la Cámara de Diputados puso al software libre en el centro de la discusión pública. ¿Cuáles son los factores a considerar al momento de decidir el gasto estatal en tecnología? Las revelaciones de espionaje político aportadas por Edward Snowden dan nuevas pistas al respecto.

Richard Stallman, fundador del movimiento de Software libre, el GNU Project y el Free Software Foundation, representado como un personaje de Lego. CC BY ( Andrew Becraft ) NC - SARichard Stallman, fundador del movimiento de Software libre, el GNU Project y el Free Software Foundation, representado como un personaje de Lego. CC BY ( Andrew Becraft
) NC – SA

Durante las últimas semanas se instaló, con sorpresa, la discusión respecto del uso del software libre en el Estado. La polémica no estuvo motivada por una cuestión técnica, que en parte lo es, sino por una discusión política: ¿Es razonable que el Estado pague millones año a año en licencias de software a cargo del presupuesto fiscal? ¿Debiera el Estado promover alternativas abiertas o libres en lugar de pagar por el uso de software propietario?


México y Bahréin comparten equipo de espionaje informático

México y Bahréin comparten equipo de espionaje informático.

Espionaje político en la UE. Foto: AP
Espionaje político en la UE.
Foto: AP

BRUSELAS (apro).- El mismo equipo de espionaje informático que adquirió el gobierno del presidente Felipe Calderón, y que ha continuado en servicio bajo el gobierno de Enrique Peña Nieto, lo ha utilizado el régimen autoritario de Bahréin para intervenir las computadoras de activistas de derechos humanos, abogados y periodistas opositores.

Se trata del programa espía FinFisher, o FinSpy, que produce la compañía británica Gamma International y que vende sólo a instituciones gubernamentales para, supuestamente, perseguir criminales y terroristas.

Tal empresa enfrenta una queja ante la Organización para la Cooperación y el Desarrollo Económico (OCDE) –a la cual pertenece México—que interpuso en febrero de 2013 un grupo de organizaciones de derechos humanos basadas en Gran Bretaña. Encabezadas por Privacy International, acusan a Gamma International por violar las directrices corporativas de ese organismo en materia de derechos humanos al exportar su programa espía a Bahréin para vigilar a la oposición.


ICREACH: How the NSA Built Its Own Secret Google -The Intercept

ICREACH: How the NSA Built Its Own Secret Google -The Intercept.

 

architecture
By 200

The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept.

The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.

ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden.

Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.


Gato espía rondaba casas vecinas para conseguir WiFi gratis – BioBioChile

Gato espía rondaba casas vecinas para conseguir WiFi gratis – BioBioChile.


Coco y el collar scanner | Gene Bransfield

Coco y el collar scanner | Gene Bransfield

Publicado por Eduardo Woo
Un hombre experto en informática equipó a su gato para espiar y hackear redes inalámbricas WiFi dentro de su barrio, en Washington, DC.

Se trata de Gene Bransfield, quien puso a ‘Coco’ -como se llama el felino siamés- un collar que contenía una placa base Spark Core, un chip GPS, una tarjeta WiFi y una batería recargable, denominada “WarKitteh”.

Los elementos con que funciona el collar | Gene Bransfield

Los elementos con que funciona el collar | Gene Bransfield

El aparato sirve como scanner, el que gracias a las andanzas de ‘Coco’ permitía descubrir y geolocalizar lugares con redes WiFi sin protección, o con seguridad débil, basadas en WEP, una encriptación con más de 10 años que es fácilmente manipulable por terceros.

La revista de tecnología Wired explica que Bransfield realizó el experimento con la intención de llamar la atención ante lo vulnerables que son algunas personas con sus señales de internet.

“Mi intención no era mostrarle a la gente dónde pueden conseguir WiFi. Sólo le puse tecnología al gato y le dejé dar vueltas porque la idea me divertía”, afirmó, agregando que el resultado fue sorprendente ya que encontró muchos puntos abiertos.


Cisco Systems to cut 6000 jobs

Cisco Systems to cut 6000 jobs.

Cisco has had to make more adjustments to counter sluggish sales.Cisco has had to make more adjustments to counter sluggish sales. Photo: Albert Gea

In what has become almost an annual ritual, computer networking and communications colossus Cisco Systems on Wednesday said it was laying off thousands of employees as it struggles with sluggish sales and a range of fierce competitors.

The company announced 6000 job cuts on a conference call following its quarterly earnings report, or roughly 8 per cent of its workforce, and has trimmed nearly 20,000 jobs worldwide over the last five years. Although Chief Financial Officer Frank Calderoni said the company expected to reinvest much of the savings from the cuts announced Wednesday into key growth areas, Cisco officials would not say how many new people would be hired in those areas or where they would be employed. They also did not say where the cuts would occur.

A spokeswoman for Cisco Australia said the cuts would have a global impact. It’s understood the company employees around 1000 people in Australia.

Noting that the San Jose corporation needs to make changes to keep pace with rapidly changing technology, Baird Equity Research analyst Jayson Noland said “it’s probably frustrating to be an employee there when they are going to have major restructuring efforts like this every year or two.” But he added, “if your skills are stale as an engineer or as a sales and marketing guy, you’re running the risk of being replaced.”

Advertisement

Cisco is Silicon Valley’s fifth-biggest corporation by revenue, but its sales have been blunted by the sluggish global economy. It also faces competition from recent start-ups to more established corporations such as Juniper Networks of Sunnyvale and Brocade Communications Systems of San Jose.


Psst! Your phone is snooping on you. What you need to know and how to stop it – video | Technology | theguardian.com

Psst! Your phone is snooping on you. What you need to know and how to stop it – video | Technology | theguardian.com.


Los gigantes tecnológicos pagan el precio por el caso Snowden

Los gigantes tecnológicos pagan el precio por el caso Snowden.

Un año después de las revelaciones del extécnico de la NSA Edward Snowden, grandes empresas como Microsoft, IBM o Cisco sufren las consecuencias del ciberespionaje practicado por su Gobierno

 

 

Muchos recelan de los sistemas que provienen de Estados Unidos, incluido el mercado chino, esperanza de crecimiento para las tecnológicas.

Muchos recelan de los sistemas que provienen de Estados Unidos, incluido el mercado chino, esperanza de crecimiento para las tecnológicas.

 

El tradicional mimo con el que el Gobierno de Estados Unidos trata a sus empresas nacionales y las impulsa a hacer negocios en todo el mundo se ha visto malogrado en estos últimos 12 meses. Se acaba de cumplir un año desde que las primeras revelaciones de Edward Snowden estamparan las páginas de The Guardian y The Washington Post.

Tras el estupor inicial, el debate sobre la privacidad de los ciudadanos se desarrolla en diferentes países y aparece entre los usuarios la preocupación para evitar la dependencia de la tecnología estadounidense. Y entre los principales afectados se encuentran nombres como IBM, Cisco o Microsoft.

Las empresas de Estados Unidos son las que más tecnología exportan a todo el mundo y la amenaza de posibles puertas traseras en sus sistemas es también una amenaza para su negocio. Apenas un mes después del escándalo, más de 50 compañías pidieron en una carta a Barack Obama permiso para ser más transparentes sobre la información que tenían que pasar al gobierno. Fue el primer intento –tímido– por evitar que sus negocios salieran malparados.

A lo largo de este año transcurrido desde las revelaciones sobre la NSA se han podido comprobar los daños económicos más inmediatos para las compañías tecnológicas e incluso estimar los que podrían darse en el futuro. Aun así existen muchos contratos firmados por varios años, con lo que las verdaderas consecuencias se sabrán a medida que vayan expirando estos contratos.

Microsoft ya ha perdido algunos clientes, tanto es así que el pasado mes de enero anunció que permitirá a los usuarios elegir en qué país se almacenarán sus datos. El golpe más importante para la compañía de Redmond ha sido el plan de Brasil para abandonar el uso de Microsoft Outlook, sustituyéndolo por su propio sistema de correo electrónico, con centros de datos locales. De paso, también se ha cancelado un acuerdo de 4.000 millones de dólares por el que el país carioca iba a comprar aviones de combate a Estados Unidos.

La comunicación entre Brasil y Europa hasta ahora se producía mediante cables submarinos estadounidenses, pero la UE y el Gobierno brasileño han aprobado la construcción de nuevos cables, que correrá a cargo de empresas brasileñas y españolas. Mientras que otros países de Latinoamérica, bajo la bandera de UNASUR, están pensando en la posibilidad de crear su propio sistema de comunicaciones a prueba del espionaje de la NSA.


How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept

How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept.

By 
Featured photo - How Secret Partners Expand NSA’s Surveillance DragnetTop-secret documents reveal how the NSA has established secret partnerships to spy on huge flows of private data.

Huge volumes of private emails, phone calls, and internet chats are being intercepted by the National Security Agency with the secret cooperation of more foreign governments than previously known, according to newly disclosed documents from whistleblower Edward Snowden.

The classified files, revealed today by the Danish newspaper Dagbladet Information in a reporting collaboration with The Intercept, shed light on how the NSA’s surveillance of global communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation of a growing network of intelligence agencies.

It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables.

The NSA documents state that under RAMPART-A, foreign partners “provide access to cables and host U.S. equipment.” This allows the agency to covertly tap into “congestion points around the world” where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.

The program, which the secret files show cost U.S. taxpayers about $170 million between 2011 and 2013, sweeps up a vast amount of communications at lightning speed. According to the intelligence community’s classified “Black Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data every second as the data flows across the compromised cables – the equivalent of being able to download about 5,400 uncompressed high-definition movies every minute.


US tech groups must adapt to life after Edward Snowden – FT.com

US tech groups must adapt to life after Edward Snowden – FT.com.

Many early tenets of the internet age no longer apply
Demonstrators hold placards featuring an image of former US intelligence contractor Edward Snowden as they take part in a protest against the US National Security Agency (NSA) collecting German emails, online chats and phone calls and sharing some of it with the country's intelligence services in Berlin©AFP

Demonstrators hold placards featuring former US intelligence contractor Edward Snowden in protest against intelligence services

On the anniversary of Edward Snowden’s revelations that lifted the lid on US internet surveillance, it is worth pondering how much things have changed for American tech companies – and, by extension, their investors.

Like the world before the terrorist attacks of 9/11, the pre-Snowden internet is starting to feel like a more innocent, far-off place. The ascendancy of American internet companies seemed unshakeable. With the exception of China and one or two other countries, there was little to disturb their dominance.

In retrospect, some of the received wisdom from that time is now starting to sound complacent. Its tenets included a borderless internet where information would always flow freely; a standard set of services delivered globally to an audience numbering in the billions; freedom from much of the regulation that encumbers companies trapped in the physical world; and the untrammelled ability to amass large amounts of data to feed evermore refined ad targeting. None of these things feels as assured as it once did.

In reality, the ground had already been shifting, as politicians and regulators took a keener interest in the expanding digital realm. Any hopes of retaining the light-touch regulation of the internet’s early days, when governments were grappling with its implications, already looked like wishful thinking. But the shock from the Snowden disclosures has greatly accelerated the shift.

However it plays out in detail, the direction is clear. Regulations will be tougher and courts more prone to set limits – as Google found last month, when it was ordered to extend a new “right to be forgotten” to people in Europe. Foreign customers will be more likely to consider buying from local suppliers, often with encouragement from their governments. In extreme cases, the Snowden leaks will provide an excuse to shut out US companies altogether on security grounds.

The reaction has been most obvious in countries such as China, which picked this week’s 25th anniversary of the Tiananmen Square crackdown to step up its rhetorical assault on US internet companies, and Russia, which is leading the way in pushing for data about its citizens to be held on local servers.

One result of all of this, inevitably, will be higher costs. Breaking up the big data holdings of cloud companies into national or regional pools would eat into the scale economies the digital world makes possible. Even without this, more onerous privacy rules are likely to raise the compliance stakes, while limiting the room to experiment with new ways of making money from customer data.

These may be costs worth paying. But in the wake of the Snowden disclosures, there is a danger of excessive reactions that cut into the potential benefits of digital services.

The internet companies, while struggling to reassure their users, are paying the penalty for having appeared in the past to have put their own commercial interests first. Moves like Facebook’s attempt last week to give its members more control over the privacy of their personal data, for instance, may have come too late to change the perception.

US cloud services companies that sell to governments or business customers, meanwhile, will face different pressures. For some, the response will be to rely more heavily on local partners to deliver their services and act as the front line in dealing with regulators. That could lead to more “white label” services from American companies that recede into the background.

Stronger competition in some foreign markets also looks likely as national governments promote their local champions. In China, IBM and Microsoft have been beset by recent reports of official encouragement for some big customers to stop buying their technology.

However, the lock that US companies have in many corners of the IT industry makes it hard to predict how quickly serious competition will emerge. It may be relatively easy to find alternative suppliers for the routers or switches made by a Cisco or the industry-standard servers from a Hewlett-Packard, but much US tech is not quickly replaceable. And when it comes to the type of cloud services that are starting to play a bigger role in IT provision, American companies have taken a definitive early lead.

None of this changes the new realities, though. As the expanding digital platforms of companies like Google and Facebook encroached deeper into everyday life, it was inevitable that they would attract greater scrutiny, envy and resistance. The test for US internet companies in the post-Snowden era will be how well they adapt to the changing times.

Richard Waters is the Financial Times’ West Coast Editor

 


Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian

Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian.

Thanks to Edward Snowden, we know the apparatus of repression has been covertly attached to the democratic state. However, our struggle to retain privacy is far from hopeless

US National Security Agency
The US National Security Agency threat operations centre in Fort Meade, Maryland, in 2006. Photograph: Paul Richards/AFP/Getty Images

In the third chapter of his History of the Decline and Fall of the Roman Empire, Edward Gibbon gave two reasons why the slavery into which the Romans had tumbled under Augustus and his successors left them more wretched than any previous human slavery. In the first place, Gibbon said, the Romans had carried with them into slavery the culture of a free people: their language and their conception of themselves as human beings presupposed freedom. And thus, says Gibbon, for a long time the Romans preserved the sentiments – or at least the ideas – of a freeborn people. In the second place, the empire of the Romans filled all the world, and when that empire fell into the hands of a single person, the world was a safe and dreary prison for his enemies. As Gibbon wrote, to resist was fatal, and it was impossible to fly.

The power of that Roman empire rested in its leaders’ control of communications. The Mediterranean was their lake. Across their European empire, from Scotland to Syria, they pushed roads that 15 centuries later were still primary arteries of European transportation. Down those roads the emperor marched his armies. Up those roads he gathered his intelligence. The emperors invented the posts to move couriers and messages at the fastest possible speed.

Using that infrastructure, with respect to everything that involved the administration of power, the emperor made himself the best-informed person in the history of the world.

That power eradicated human freedom. “Remember,” said Cicero to Marcellus in exile, “wherever you are, you are equally within the power of the conqueror.”

The empire of the United States after the second world war also depended upon control of communications. This was more evident when, a mere 20 years later, the United States was locked in a confrontation of nuclear annihilation with the Soviet Union. In a war of submarines hidden in the dark below the continents, capable of eradicating human civilisation in less than an hour, the rule of engagement was “launch on warning”. Thus the United States valued control of communications as highly as the Emperor Augustus. Its listeners too aspired to know everything.

We all know that the United States has for decades spent as much on its military might as all other powers in the world combined. Americans are now realising what it means that we applied to the stealing of signals and the breaking of codes a similar proportion of our resources in relation to the rest of the world.

The US system of listening comprises a military command controlling a large civilian workforce. That structure presupposes the foreign intelligence nature of listening activities. Military control was a symbol and guarantee of the nature of the activity being pursued. Wide-scale domestic surveillance under military command would have violated the fundamental principle of civilian control.

Instead what it had was a foreign intelligence service responsible to the president as military commander-in-chief. The chain of military command absolutely ensured respect for the fundamental principle “no listening here”. The boundary between home and away distinguished the permissible from the unconstitutional.

The distinction between home and away was at least technically credible, given the reality of 20th-century communications media, which were hierarchically organised and very often state-controlled.

When the US government chose to listen to other governments abroad – to their militaries, to their diplomatic communications, to their policymakers where possible – they were listening in a world of defined targets. The basic principle was: hack, tap, steal. We listened, we hacked in, we traded, we stole.

In the beginning we listened to militaries and their governments. Later we monitored the flow of international trade as far as it engaged American national security interests.


A Global Campaign to Monitor the "Digital Weapons" Trade | TechPresident

A Global Campaign to Monitor the “Digital Weapons” Trade | TechPresident.

BY Carola Frediani | Tuesday, April 8 2014

A map from the CAUSE website shows where surveillance technology has been sold to countries with spotty human rights records.

It might seem that there is little connection between Milan and the atrocities occurring in Syria under the regime of President Bashar al-Assad but we now know that a little known Italian tech company called Area SpA was providing Assad with technology that could virtually allow him to seize and search any e-mail that passed through the country. Unfortunately, such an example is now fairly commonplace: Vodafone in Egypt, as well as Siemens and Nokia in Iran, to name a few.

Though Area SpA later announced it was curtailing its surveillance project in Syria, in an alarming trend, surveillance technology companies, many of them in western countries with decent human rights records are selling such technology to countries with fairly sinister ones. This problem, which some activists have called the “digital arms trade” is global and complex in nature and is at the heart of a new global campaign launched on April 4 by an international group of leading NGOs. They banded together to create the Coalition Against Unlawful Surveillance Exports (CAUSE), calling for governments to take action on the international trade in communication surveillance technologies.

The group — which includes Amnesty International, Digitale Gesellschaft, the International Federation for Human Rights (FIDH), Human Rights Watch, the New America Foundation’s Open Technology Institute, Privacy International, and Reporters without Borders — wants governments and private companies to tackle the proliferation and abuse of these technologies across the world, since they are more often than not used to violate their citizens’ right to privacy, free speech and a host of other human rights. World leaders are responsible for keeping such invasive surveillance systems and technologies out of the hands of dictators and oppressive regimes, said the coalition’s organizers.

“What is unique about the CAUSE coalition are the groups that are part of it,” Mike Rispoli, Communication Manager of UK-based Privacy International, says to techPresident. “You have organizations like Privacy International, as well as Open Technology Institute or Digitale Gesellschaft, that focus on technology, digital rights, etc., but you also have more traditional human rights groups like Amnesty International, Human Rights Watch, and Reporters without Borders. The reason why this is so important is that there’s a broad recognition that surveillance technologies pose significant threat to the enjoyment of rights around the world, not just the right to privacy but also freedom of expression.”

What exactly do these technologies do? There is malware that allows surreptitious data extraction from personal devices such as phone and PCs; tools that can intercept telecommunications traffic; spygear that geolocates mobile phones and can therefore track their owners; monitoring systems that allow authorities to track entire populations; and devices used to tap undersea fiber optic cables to enable NSA-style internet monitoring and filtering.


Antivirus software is dead, says security expert at Symantec | Technology | theguardian.com

Antivirus software is dead, says security expert at Symantec | Technology | theguardian.com.

Information chief at Norton developer says software in general misses 55% of attacks and its future lies in responding to hacks

Blue creepy-crawly bug crawls over green electronic circuit
Hackers are said increasingly to use novel methods and bugs in the software of computers to perform attacks. Photograph: Dale O’Dell/Alamy

Antivirus software only catches 45% of malware attacks and is “dead”, according to a senior manager at Symantec.

Remarks by Brian Dye, senior vice-president for information security at the company, which invented commercial antivirus software in the 1980s and now develops and sells Norton Antivirus, suggest that such software leaves users vulnerable.

Dye told the Wall Street Journal that hackers increasingly use novel methods and bugs in the software of computers to perform attacks, resulting in about 55% cyberattacks going unnoticed by commercial antivirus software.

Malware has become increasingly complex in a post-Stuxnet world. Computer viruses range from relatively simple criminal attacks, where credit card information is targeted, to espionage programs that spy on users and data but can easily be upgraded into cyberweapons at the touch of a button, according to security expert Eugene Kaspersky, founder of Kaspersky Lab, which also sells antivirus software.


Apple niega haber cooperado con el espionaje de EE.UU. en sus iPhone – El Mostrador

Apple niega haber cooperado con el espionaje de EE.UU. en sus iPhone – El Mostrador.

Según la publicación Der Spiegel, existen programas que prueban que la NSA tuvo ‘puertas traseras’ para el ingreso en los artefactos de computación que emplean muchos consumidores.

iphone

La empresa Apple afirmó hoy que “nunca ha trabajado con la Agencia de Seguridad Nacional de EE.UU. para crear una ‘puerta trasera’” que permitiera el espionaje en algunos de sus productos, incluido el iPhone.

El comunicado de la firma respondió a un artículo publicado el lunes en la revista alemana Der Spiegel acerca de una unidad dentro de la agencia NSA, denominada Operaciones de Acceso Específico, cuya función es penetrar los sistemas de computación extranjeros para obtener datos de interés para la seguridad nacional de Estados Unidos.

El artículo menciona decenas de artefactos y métodos, incluidos los precios por su uso, en un catálogo que la NSA podía usar para elegir las herramientas necesarias para su espionaje.

El catálogo, siempre según Der Spiegel, incluía una variedad de herramientas de intrusión en sistemas digitales que permitían el espionaje en computadoras portátiles, teléfonos móviles y otros artefactos de consumo.

Según Der Spiegel, esos programas prueban que la NSA tuvo ‘puertas traseras’ para el ingreso en los artefactos de computación que emplean muchos consumidores.


Cisco cites emerging markets backlash on NSA leaks for sales slump – FT.com

Cisco cites emerging markets backlash on NSA leaks for sales slump – FT.com.

Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/445c67ce-4cb1-11e3-958f-00144feabdc0.html#ixzz2kemu7dUX

 

Cisco Systems warned its revenues could fall as much as 10 per cent in the current quarter, sparking fears that the US networking equipment company is losing ground amid big technology transitions in some of its markets.

 

Recent revelations about internet surveillance by the US National Security Agency had prompted a “level of uncertainty or concern” among customers internationally that had contributed to sliding demand, Frank Calderone, chief financial officer, said.

New orders fell 12 per cent in the developing world, with Brazil down 25 per cent and Russia off 30 per cent, a sharp reversal from the 8 per cent jump experienced in the preceding three months.

 

The collapse coincided with the international furore over disclosures that the NSA had taken advantage of the strong position of US technology companies to extend its surveillance of the global internet, raising concerns about a backlash against American companies such as Cisco.

 

The forecast came as a shock to Wall Street analysts who had been expecting growth of 6 per cent, leading to a 10 per cent fall in Cisco’s shares in after-market trading on Wednesday.

 

Chief executive John Chambers blamed the decline on a slump in demand from customers in emerging markets and suggested a range of technology companies were likely to be similarly affected.

 

He said the decision to cut back Cisco’s TV set-top box operations to focus on more profitable parts of the business had also played a role.

 

But Mr Chambers acknowledged that the company was facing weaker sales in its core switching and routing markets as it went through important product transitions, raising fears that it was losing ground in its most profitable products.

 

“There is no doubt the pace of change we all see and feel is accelerating,” Mr Chambers said. “This is the new market reality.”


NSA files: latest reaction and developments – live | World news | theguardian.com

NSA files: latest reaction and developments – live | World news | theguardian.com.

Stella Rimington urges ‘proper supervision and scrutiny’ of surveillance

Security services: too secretive for their own good?

Snowden: ‘Economies are built on creativity, curiosity- and privacy’

NSA keeps public web data for one year

What you’re saying below the line…

NSA analysing social networking data

Microsoft’s former privacy adviser: ‘I don’t trust Microsoft’

 

Congress of Privacy and Surveillance
Congress of Privacy and Surveillance poster

Who offers ‘the Cayman Islands of digital privacy’?

Cayman Islands aerial view
Businesses are looking at the demand for private and secure data services – the “Cayman Islands of digital privacy”, according to one analyst. Photograph: David Doubilet/National Geographic/Getty Images

Three German email providers – including the part state-owned Deutsche Telekom – have set up a joint venture offering an encrypted email service to German citizens, the Wall Street Journal reports.

Germany is famous for its rigid laws on privacy, and Email Made in Germany relies on German servers under the jurisdiction of German law; that should mean no visibility for US security services.

The service launched in August and has 100,000 users. There’s a new business around “being the Cayman Islands of data privacy”, according to one analyst.

 

 


Privacy and surveillance: Jacob Applebaum, Caspar Bowden and more | World news | theguardian.com

Privacy and surveillance: Jacob Applebaum, Caspar Bowden and more | World news | theguardian.com.

All-day conference in Lausanne, Switzerland will discuss topic of privacy and surveillance in the light of the Snowden disclosures highlighted by the Guardian – and we’re on the spot to liveblog it

Protests in Berlin against surveillance
Protests in Berlin against US surveillance, after the Edward Snowden case. Photograph: Lars Dickhoff/Corbis

Sort by:

  • Latest first
  • Oldest first

Auto update:

  • On
  • Off

Congress on Privacy and Surveillance: welcome

The University of Lausanne is the venue for this all-day conference, and we’re here – with an audience of a few hundred people. The speakers include Caspar Bowden, formerly of Microsoft, and Jacob Applebaum. The conference starts at 9am Swiss time (8am UK).

Updated 

Today’s programme is online

The schedule for today’s event is available online – note that the times are all CET (Central European Time), so subtract an hour if you’re on UK BST (and subtract six if you’re on the US East Coast).

First is Caspar Bowden, ex-Microsoft; then Nikolas Forgo; and then Axel Arnbak. Then we have the break for lunch, so we’ll look at the other speakers after that.

 


No, Apple hasn't said it will share an iPhone 5s 'fingerprint database' with the NSA | Technology | theguardian.com

No, Apple hasn’t said it will share an iPhone 5s ‘fingerprint database’ with the NSA | Technology | theguardian.com.

Just because a right-wing ‘satire’ site writes something about the iPhone 5s, that doesn’t make it true: and the characters in quotes saying Apple will share data are made up

 

 

John Lennon fingerprint card

The FBI already keeps a fingerprint database; these were John Lennon’s on his application for permanent US residence. Photograph: Henry S Dziekan III/Getty Images

 

The latest “oh, this must be true because we read it somewhere” is that “Apple is going to share its fingerprint database collected by the iPhone 5s with the National Security Agency”. Reality check: the article claiming this comes from a right-wing “satire” site. Why are people confused? Because the satire’s badly executed.

A lot of people read it but didn’t realise that the satire site was a satire site. (I’ve had at least one email pointing excitedly to it, and not ironically.) This isn’t surprising, because the thing about satire is that you either have to lay it on with a trowel, or get so close to the bone (eg The Thick Of It) that it’s indistinguishable from painful reality. It’s easy to do badly. And the site in question, National Report, does it really badly. It’s like Fox News, but with the jokes and facts taken out.

Even so, you’d hope people who read such “stories” might think a bit. Or that they might even look at other headlines on the site, and wonder if a site which has a story headlined “Apple iPhone 5s Fingerprint Data To Be Shared With NSA” but also has one headlined “Packers Embarrassing Loss to Bengals Linked To Green Bay Bridge Collapse” and “Taurus Firearms Company Introduces The New Trayvon PK-10 or ‘Perp-Killer’” is entirely serious. (It isn’t actually funny, especially the latter headline; if you’re easily offended, don’t read the story that goes with it. But that’s another matter.)

Let’s recap what we do know about the iPhone 5s‘s fingerprint system.


Internet security: 10 ways to keep your personal data safe from online snoopers | Technology | The Observer

Internet security: 10 ways to keep your personal data safe from online snoopers | Technology | The Observer.

The internet has changed our lives in countless positive ways, but it has a dark side. Personal privacy has been lost, leaving you at risk from shady individuals, companies and security agencies. But there are steps you can take to limit your exposurel

Protests in Berlin against surveillance

Protests in Berlin against US surveillance, after the Edward Snowden case. Photograph: Lars Dickhoff/Corbis

When Tim Berners-Lee was designing the technology that has transformed our world, he looked for a noun that would describe what he had in mind. The one he eventually settled on was “web”, which is how the world wide web got its name.

To its inventor, the noun must have seemed perfectly apposite: it described the intricate, organic linking of sites and pages that he had in mind. But “web” has other, metaphorical, connotations. Webs are things that spiders weave with the aim of capturing prey. And if you want a metaphor for thinking about where we are now with networked technology, here’s one to ponder.

Imagine a gigantic, global web in which are trapped upwards of two billion flies. Most of those unfortunate creatures don’t know – yet – that they are trapped. After all, they wandered cheerfully, willingly, into the web. Some of them even imagine that they could escape if they wanted to.

We are those insects. The only way of escaping our predicament is to renounce the world in the way that Trappist monks once did. Since we’re not going to do that, we have to face the reality: we’re trapped in a system in which everything we do is monitored and logged and in which privacy is a thing of the past. Everything that you do with modern communications equipment leaves a digital trail. And this trail is followed assiduously not just by giant corporations, but also by governments and their security services – as vividly illustrated by the revelations of Edward Snowden.


The US government has betrayed the internet. We need to take it back | Bruce Schneier | Comment is free | The Guardian

The US government has betrayed the internet. We need to take it back | Bruce Schneier | Comment is free | The Guardian.

The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it

• Explaining the latest NSA revelations – Q&A

Internet business cables in California.

‘Dismantling the surveillance state won’t be easy. But whatever happens, we’re going to be breaking new ground.’ Photograph: Bob Sacha/Corbis

Government and industry have betrayed the internet, and us.

By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.

This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.

And by we, I mean the engineering community.

Yes, this is primarily a political problem, a policy matter that requires political intervention.

But this is also an engineering problem, and there are several things engineers can – and should – do.