Skip navigation
Help

U.S. government

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

Nerval's Lobster writes "For most businesses, data analytics presents an opportunity. But for DARPA, the military agency responsible for developing new technology, so-called 'Big Data' could represent a big threat. DARPA is apparently looking to fund researchers who can 'investigate the national security threat posed by public data available either for purchase or through open sources.' That means developing tools that can evaluate whether a particular public dataset will have a significant impact on national security, as well as blunt the force of that impact if necessary. 'The threat of active data spills and breaches of corporate and government information systems are being addressed by many private, commercial, and government organizations,' reads DARPA's posting on the matter. 'The purpose of this research is to investigate data sources that are readily available for any individual to purchase, mine, and exploit.' As Foreign Policy points out, there's a certain amount of irony in the government soliciting ways to reduce its vulnerability to data exploitation. 'At the time government officials are assuring Americans they have nothing to fear from the National Security Agency poring through their personal records,' the publication wrote, 'the military is worried that Russia or al Qaeda is going to wreak nationwide havoc after combing through people's personal records.'"

0
Your rating: None

An anonymous reader writes "Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework. Langner's Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government's framework."

0
Your rating: None

Fnord666 writes with this excerpt from Tech Crunch "Twitter has enabled Perfect Forward Secrecy across its mobile site, website and API feeds in order to protect against future cracking of the service's encryption. The PFS method ensures that, if the encryption key Twitter uses is cracked in the future, all of the past data transported through the network does not become an open book right away. 'If an adversary is currently recording all Twitter users' encrypted traffic, and they later crack or steal Twitter's private keys, they should not be able to use those keys to decrypt the recorded traffic,' says Twitter's Jacob Hoffman-Andrews. 'As the Electronic Frontier Foundation points out, this type of protection is increasingly important on today's Internet.'"

Of course, they are also using Elliptic Curve ciphers.

0
Your rating: None
Original author: 
Megan Geuss

The Guardian

The Guardian released an interview today with the man who has been the paper's source for a few now-infamous leaked documents that revealed a vast dragnet maintained by the NSA for gathering information on communications in America. That source is Edward Snowden, 29, an employee of American defense contractor Booz Allen Hamilton and a former technical assistant for the CIA.

When The Guardian published a leaked document on Wednesday of last week that showed a FISA court granting the NSA power to collect the metadata pertaining to phone calls from all of Verizon's customers over a period of three months, it became one of the biggest exposures of privacy invading actions taken by the government without the public's knowledge.

That is, until the next day, when The Guardian and The Washington Post revealed slides pertaining to another NSA project called PRISM, which apparently gathered vast swaths of information on users of Google services, Facebook, Apple, and more. While the companies named in the PRISM slides have all denied participation in such a program, President Obama and a number of senators confirmed the collection of phone call metadata on Friday.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Dan Goodin

Josh Chin

The Chinese hackers who breached Google's corporate servers 41 months ago gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government, according to a published report.

The revelation came in an article published Monday by The Washington Post, and it heightens concerns about the December, 2009 hack. When Google disclosed it a few weeks later, the company said only that the operatives accessed Google "intellectual property"—which most people took to mean software source code—and Gmail accounts of human rights activists.

Citing officials who agreed to speak on the condition that they not be named, Washington Post reporter Ellen Nakashima said the assets compromised in the attack also included a database storing years' worth of information about US surveillance targets. The goal, according to Monday's report, appears to be unearthing the identities of Chinese intelligence operatives in the US who were being tracked by American law enforcement agencies.

Read 7 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Joshua Kopstein

Dsc_3747_large

The US government is waging electronic warfare on a vast scale — so large that it's causing a seismic shift in the unregulated grey markets where hackers and criminals buy and sell security exploits, Reuters reports.

Former White House cybersecurity advisors Howard Schmidt and Richard Clarke say this move to "offensive" cybersecurity has left US companies and average citizens vulnerable, because it relies on the government collecting and exploiting critical vulnerabilities that have not been revealed to software vendors or the public.

"If the US government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell US users," Clarke told Reuters. "There is supposed to be some mechanism...

Continue reading…

0
Your rating: None
Original author: 
boesing

sha

The real capabilities and behavior of the US surveillance state are almost entirely unknown to the American public because, like most things of significance done by the US government, it operates behind an impenetrable wall of secrecy. But a seemingly spontaneous admission this week by a former FBI counterterrorism agent provides a rather startling acknowledgment of just how vast and invasive these surveillance activities are.

http://www.guardian.co.uk/commentisfree/2013/may/04/telephone-calls-reco...

0
Your rating: None
Original author: 
Ars Staff

This story was co-produced with NPR.

Imagine filing your income taxes in five minutes—and for free. You'd open up a prefilled return, see what the government thinks you owe, make any needed changes and be done. The miserable annual IRS shuffle, gone.

It's already a reality in Denmark, Sweden, and Spain. The government-prepared return would estimate your taxes using information your employer and bank already send it. Advocates say tens of millions of taxpayers could use such a system each year, saving them a collective $2 billion and 225 million hours in prep costs and time, according to one estimate.

Read 49 remaining paragraphs | Comments

0
Your rating: None

An anonymous reader writes "Last night before the State of the Union speech, President Obama signed an executive order for improving cybersecurity of critical infrastructure (PDF). The highlights of the order are: 'information sharing programs' for the government to provide threat reports to industry; an overarching cybersecurity framework developed by NIST to figure out best practices for securing critical infrastructure; and reviews of existing regulations to make sure they're effective. The ACLU supports the Order, as does the EFF. '"A lot of what this shows is that the president can do a lot without cybersecurity legislation," said Mark Jaycox, policy analyst and legislative assistant for the Electronic Frontier Foundation, who points out that the executive order satisfies the need for information sharing without the privacy problems that existed under legislative proposals where loopholes would have allowed companies to dump large amounts of data on the government in an effort to obtain legal immunities. Without those immunities, companies will by nature be more circumspect about what they provide the government, thus limiting what they hand over, Jaycox said.'"

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None

After disasters (or to minimize expensive data use generally, and take advantage of available Wi-Fi), bypassing the cell network is useful. But it's not something that handset makers bake into their phones. colinneagle writes with information on a project that tries to sidestep a dependence on the cellular carriers, if there is Wi-Fi near enough for at least some users: "The Smart Phone Ad-Hoc Networks (SPAN) project reconfigures the onboard Wi-Fi chip of a smartphone to act as a Wi-Fi router with other nearby similarly configured smartphones, creating an ad-hoc mesh network. These smartphones can then communicate with one another without an operational carrier network. SPAN intercepts all communications at the Global Handset Proxy so applications such as VoIP, Twitter, email etc., work normally."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None