June 18, 2008
Strange Bedfellows Fight FISA Deal
A “compromise” on warrantless wiretapping is about to emerge from Congress. Indications are it will let telecommunications companies that participated in illegal surveillance avoid any legal responsibility for what they did by granting amnesty for their activities. A group calling itself “Strange Bedfellows” is organizing a fundraising campaign designed to fight the compromise:
“The ACLU is joining with activists from the Ron Paul campaign, represented by Break the Matrix, Rick Williams and Trevor Lyman, and civil liberties writer Glenn Greenwald of Salon, and leading liberal bloggers including, Jane Hamsher of firedoglake, Matt Stoller of Open Left, John Amato of Crooks and Liars, Howie Klein of Down with Tyranny, Digby, Josh Nelson of The Seminal and activist Josh Koster to tell Congress that we will not let them ignore the Constitution or give immunity to telecoms which deliberately broke our laws for years.
“This group of Strange Bedfellows is mobilizing a broad-based left-right coalition of office holders and candidates, public interest groups and individuals who are devoted to preserving basic constitutional liberties to join in the fight. The goal is to work together to impede the corrupt FISA/telecom amnesty deal.”
(Link)
I got that link from Glenn Greenwald, who wrote up a detailed summary of the campaign’s goals, which include electoral punishment of pro-amnesty Democrats.
Nutshell:
“So Phase I, to begin immediately, will focus on ad campaigns against two Democratic pro-amnesty incumbents with no primary challenger (Hoyer and Carney), and one pro-amnesty Democratic incumbent with a credible primary challenge very shortly. Phase II will involve a massive money bomb, to be planned by the same people who were behind the money bombs that raised millions and millions of dollars for the Ron Paul presidential campaign. The dates and other details for that will be announced shortly.
“The plan there is to raise an extraordinary amount of money — dwarfing the $90,000 raised in the last 24 hours — by going to all of the various constituents of each member of this coalition in order to fuel a real campaign in defense of civil liberties, constitutional protections and the rule of law. The money raised will be used to oppose and punish those vulnerable members of Congress who continue to support the evisceration of our constitutional framework and core civil liberties, while supporting candidates and office-holders who meaningfully oppose that assault.
“The Beltway establishment needs to be trained to understand that there is a real constituency for defending our constitutional framework. Thus far, that constituency has been dormant and fragmented, and thus ignored. That, more than anything, is what needs to change, and this coalition and the initial two-phase strategy is intended to be merely a start towards changing that, and will continue regardless of the outcome of this FISA/amnesty vote.”
The entire entry is worth a read. Greenwald notes that Barack Obama has been mailing this response to people inquiring about his stance on telco immunity:
“Giving retroactive immunity to telecom companies is simply wrong. Thankfully, the most recent effort to pass this legislation at the end of the legislative year failed. I unequivocally oppose this grant of immunity and support the filibuster of it. I have cosponsored Senator Dodd’s proposal that would remove it from the current FISA bill and continue to follow this debate closely. In order to prevail, the proponents of retroactive immunity still have to convince 60 or more senators to vote to end a filibuster of this bill. I will not be one of them.”
The New York Times has called on Obama to consider expending some effort on the issue.
Posted by mhall at 7:19 PM | Add Comment
June 17, 2008
More on the Malware/Child Porn Case
The Boston Herald covered yesterday’s news that a Massachusetts state employee had child porn charges against him dropped after a forensic analyst found his laptop had been infected with malware.
Best quote:
“Nationally recognized computer forensic analyst Tami Loehrs told the Herald Michael Fiola’s ordeal was ‘one of the most horrific cases I’ve seen.’
“‘As soon as you mention child pornography, everybody’s senses go out the window,’ she said.”
(Link)
If you’re the type to enjoy this sort of thing, Robert McMillan posted a link to the 30-page-long forensic report. It’s chock full of log entries like “Pornographic images appear with no origin and continue for approximately one hour; sites include lolitas, urinelove and scat sites.”
It gets really good around page 25, when investigator Loehrs begins to bring the hammer down on the IT department responsible for the incident. Or rather, the IT department that should be held responsible for the incident, having utterly failed one of its users. Here’s a sample:
“On June 26, 2007, John Glennon testified at an administrative hearing regarding the investigation of the Laptop. He stated that he is responsible for all information technology resources for the company and he is in charge of tracking the computers and he was involved in the investigation of the misuse of the Laptop. Mr. Glennon testified that there is no evidence that anyone else other than the Administrator had ever accessed the Laptop. However, a review of the computer revealed several other accounts that had been created on the Laptop prior to Michael Fiola including diauser, user, test and test2. Unfortunately, all previous accounts had been deleted, thereby eliminating potentially relevant evidence. A review of the SMS and Symantec logs also revealed that the computer was previously setup for BOLLE04 and was actively used prior to the Laptop being issued to Michael Fiola.
“Mr. Glennon went on to testify that it is highly unlikely for Internet files to be on the computer without activity by the user and that there is no way for files to be in the Internet folder without browsing the Internet. A review of the Symantec logs by Mr. Glennon would have revealed the viruses and Trojans that were attacking the Laptop for four and a half months. A review of those viruses and Trojans by Mr. Glennon would have provided an explanation regarding how temporary Internet files can be created on the computer without the user’s knowledge. A review of the temporary Internet files themselves would have revealed suspicious patterns such as pornography appearing with no preceding event; pornography appearing immediately after viruses and Trojans appearing; and 40 website files all created at the same time, a scenario likely impossible for a user to create by browsing the Internet. If Mr. Glennon had discovered the suspicious JavaScript files on the Laptop, he would have learned of additional methods in which files can appear in one’s temporary Internet files folder without their action or knowledge. At the very minimum, Mr. Glennon, as the head of the IT department, must be aware of spam and Internet pop-ups that cause files to be placed in the temporary Internet files folder without any action or knowledge by the user.
“Mr. Glennon also testified that ‘our networks are very secure and they’re monitored’ so it is highly unlikely that the system was hacked. A review of the SMS logs by Mr. Glennon would have revealed that the SMS software was not functioning and as a result, there was no communication with the Laptop while it was in the field for four and a half months leaving the Laptop unmonitored. If, in fact, the networks are monitored, why were the SMS logs riddled with errors - highlighted in yellow and red by the software for easy detection – and unresolved for four and a half months? If the networks are monitored, why did the virus attacks on the Laptop recorded by Symantec go unnoticed and unresolved for four and a half months?”
“At the very minimum, Mr. Glennon, as the head of the IT department, must be aware of spam and Internet pop-ups that cause files to be placed in the temporary Internet files folder without any action or knowledge by the user.”
It doesn’t sound like Mr. Glennon is aware of much. If, by the way, that John Glennon of the Mass. Dept. of Industrial Accidents is the same as this John Glennon, formerly of the Mass. Dept. of Industrial Accidents, it appears he’s enjoying a recent promotion, having left behind a department that “stands by its handling” of the case. And Michael Fiola, the person who was wrongfully accused and fired, is still out of a job.
Shameful.
Posted by mhall at 6:48 PM | Add Comment
June 16, 2008
Mass. Man Avoids Malware-Induced Child Porn Trial
"What if you unknowingly harbored child pornography on your work laptop? A child pornography possession charge against a former Massachusetts state government employee has been dropped after forensic evidence showed that his machine was infected with various forms of malware that silently drove his browser to the unsavory sites and files.
"The case of Massachusetts Department of Industrial Accidents investigator Michael Fiola has some chilling ramifications for unwitting, innocent users whose machines may be hiding incriminating evidence that could be used against them.
"Fiola lost his job and friends, and suffered a major blow to his reputation during the investigation that began after he was fired in March 2007 after IT found traces of child pornography on his laptop. IT got suspicious after noting that his wireless usage was four times more than that of his co-workers. His case was dropped before making it to court, after forensic experts found that the child porn traffic and files were driven by malware on his agency-issued laptop."
The good part is that the charges were dropped. The bad part is that thus far that hasn't swayed Massachusetts to give him his job back.
Then there's this:
"Fiola, 53, who family and others say was no technophile, was in the worst-possible situation: His IT department issued him the machine in November 2006 after his previous laptop was stolen, but apparently it wasn't properly configured for the agency's server-based software and security maintenance. Plus, the Symantec Corporate Edition antivirus software on the laptop was never operating correctly while Fiola used the machine."
I wonder if the IT workers who "got suspicious" still have their jobs?
(Link)
Posted by mhall at 7:34 PM | Add Comment
June 12, 2008
A Contrarian Take on LifeLock
Bruce Schneier has an interesting and contrarian take on LifeLock, the identity theft protection service, which was recently the source of much schadenfreude when its CEO was reported to have had his identity stolen:
"In December 2003, as part of the Fair and Accurate Credit Transactions Act, or Facta (.pdf), credit bureaus were forced to allow you to put a fraud alert on their credit reports, requiring lenders to verify your identity before issuing a credit card in your name. This alert is temporary, and expires after 90 days. Several companies have sprung up -- LifeLock, Debix, LoudSiren, TrustedID -- that automatically renew these alerts and effectively make them permanent.
"This service pisses off the credit bureaus and their financial customers. The reason lenders don't routinely verify your identity before issuing you credit is that it takes time, costs money and is one more hurdle between you and another credit card. (Buy, buy, buy -- it's the American way.) So in the eyes of credit bureaus, LifeLock's customers are inferior goods; selling their data isn't as valuable. LifeLock also opts its customers out of pre-approved credit card offers, further making them less valuable in the eyes of credit bureaus.
"And, so began a smear campaign on the part of the credit bureaus. You can read their points of view in this New York Times article, written by a reporter who didn't do much more than regurgitate their talking points. And the class action lawsuits have piled on, accusing LifeLock of deceptive business practices, fraudulent advertising and so on. The biggest smear is that LifeLock didn't even protect Todd Davis, and that his identity was allegedly stolen.
"It wasn't."
Posted by mhall at 8:05 PM | Add Comment
June 11, 2008
Speaking of Gnus ...
It's good to know "spook" is still banging around in Emacs:
M-x spook:
Exon Shell SAPO Cocaine corporate security Leuken-Baden Dick Cheney
Merlin Kosovo Panama Uzbekistan EuroFed event security warfare Saudi
Arabia colonel
From 1995: "Coat-trailing the cyberspooks"
Now that all the mystery about ECHELON is cleared up, how do geek parents scare their children?
Posted by mhall at 7:22 PM | Add Comment
We Had to Destroy alt.* to Save It
CNET's Declan McCullagh says an anti-child-porn deal between ISPs and the New York Attorney General will involve a curtailment of Usenet access, with Time Warner Cable eliminating all access and Sprint going after the entire alt hierarchy:
"Time Warner Cable said it will cease to offer customers access to any Usenet newsgroups, a decision that will affect customers nationwide. Sprint said it would no longer offer any of the tens of thousands of alt.* Usenet newsgroups. Verizon's plan is to eliminate some 'fairly broad newsgroup areas.'
"It's not quite the death of Usenet (which has been predicted, incorrectly, countless times). But if a politician can pressure three of the largest Internet providers into censorial acquiescence, it may only be a matter of time before smaller ones like Supernews, Giganews, and Usenet.com feel the squeeze.
"Cuomo's office said it had 'reviewed millions of pictures over several months' and found only '88 different newsgroups' containing child pornography."
So naturally it's best to just eliminate Usenet.
I recently started using Gnus again and that meant it was as easy as not to subscribe to a few newsgroups (I tried to love Unison, but it just wasn't happening). Usenet does not feel to me like it did when I was first reading groups in 1991, but it's a nice thing to have around. news.answers alone provides plenty of entertainment.
The thought of alt.folklore.urban being tossed along with a handful of bad actors has me hoping my own ISP keeps its head on this.
Posted by mhall at 6:59 PM | Add Comment
June 10, 2008
Google Supports "Comprehensive Federal Privacy Law." Should You?
Google responded to a letter from Texas Rep. Joe Barton, the senior Republican on the House Energy and Commerce Committee, asking for details about the company’s privacy practices:
“Google told Barton in a letter dated June 6 that it would support creation of a federal Internet privacy law. A copy of the letter was obtained by Reuters on Tuesday.
“‘Google supports the adoption of a comprehensive federal privacy law that would accomplish several goals such as building consumer trust and protections; creating a uniform framework for privacy, which would create consistent levels of privacy from one jurisdiction to another; and putting penalties in place to punish and dissuade bad actors,’ the letter said. It was signed by Alan Davidson, Google’s chief lobbyist.
[…]
“Marc Rotenberg, executive director of the Electronic Privacy Information Center, was skeptical of Google’s endorsement of a federal privacy law. Rotenberg said that when companies push for a ‘comprehensive’ law, they often want something that would preempt more stringent state laws.
“‘We do not want the states to have their hands tied,’ he said Rotenberg, citing California and New York as examples of states with tough privacy laws.”
(Link)
Posted by mhall at 7:56 PM | Add Comment
June 9, 2008
IM Survey: Half of Major Providers Encrypt Entire Session
A CNET survey found that half of the instant messaging services covered provide encryption from the first login to signout:
“We found that only half of the services provide complete encryption: AOL Instant Messenger, Google Talk, IBM’s Lotus Sametime, and Skype do. To their credit, not one service says it keeps logs of the content of users’ communications (a certain lure for federal investigators or snoopy divorce attorneys). For connection logs, Microsoft alone said it keeps none at all—though Google and Skype said their logs were deleted after a short time.”
Not to pick too many nits, but …
Though Google may not store something called “joesmithschats.log” on its servers, if you don’t take care to toggle a conversation held over Talk as “off the record,” a copy is kept in both participants’ Gmail accounts, accessible under “Chats” within Gmail. Google says as much in its response to this survey, as well as its help page on the subject.
As a general rule, whether a chat service keeps a log around or not is hardly a deterrent to the hypothetical federale or divorce attorney: Most IM software keeps some sort of conversation log, as Congressman Foley learned (and as I got to explain to the nation on the Kojo Nnamdi show at the time.) Therein lies the value of OTR:
“OTR is designed to make past communications unencryptable (even if a key is eventually compromised) as well as provide the ability to authenticate that a message is coming from the right person without being able to prove such in the future. OTR’s authors liken the privacy it offers to a conversation held between two people in a secure room: Free from prying outsiders, authenticated in a way only face-to-face communications can offer, and without any proof other than the other participant’s word about the specifics of the conversation.”
(Link)
Posted by mhall at 8:03 PM | Add Comment
June 5, 2008
ACLU Keeps FiSA Story Alive
“As news continues to trickle down from Capitol Hill regarding a deal on surveillance legislation, the American Civil Liberties Union once again voiced its fervent opposition to any attempt to undercut the Fourth Amendment or allow the telecommunications companies to gain blanket immunity for illegal spying. Before the Memorial Day recess the ranking member of the Senate Select Committee on Intelligence, Senator Christopher Bond (R-MO) floated what he claims is a compromise on surveillance legislation that will allow for sham court proceedings, virtually guaranteeing immunity to telecommunications companies. The ACLU strongly opposes this unconstitutional proposal.
“‘Congress should remember that the majority of Americans are against unwarranted and warrantless surveillance,’ said Caroline Fredrickson, director of the ACLU Washington Legislative Office. ‘They are against slamming the courthouse doors and letting the phone companies off the hook for selling out their privacy. If that’s where most Americans stand, who exactly is Congress representing?’
“In a troubling recent report, House Intelligence Committee Chairman Silvestre Reyes (D-TX) was quoted as saying he was ‘fine’ with Senator Bond’s surveillance proposal and immunity provision, and wanted to ‘get on with’ FISA legislation. If true, it is a disappointing turn from someone who once said, ‘As someone who has been briefed on our most sensitive intelligence programs, I can see no argument why the future security of our country depends on whether past actions of telecommunications companies are immunized.’
“‘Bond’s immunity provision, at its heart, is saying it’s okay to break the law if the president tells you it’s okay,’ said Michelle Richardson, ACLU Legislative Counsel. ‘It would allow telecom companies to walk into a secret court, present a piece of paper – legally binding or not – and walk out without consequences. What kind of justice takes place entirely behind closed doors, is hinged entirely on a note from the president and revolves around the interpretation of the law and not the law itself? Where is our system of checks and balances in this scenario?’”
(Link)
Posted by mhall at 7:33 PM | Add Comment
June 4, 2008
Hey, Good News, Tokelau!
“In its report, Mapping the Mal Web Revisited, the company found that the top-level domains with the largest proportion of malicious sites belonged to Hong Kong (.hk) and China (.cn) with the Philippines (.ph) and Romania (.ro) tied for fourth. The company surveyed nearly 10 million heavily-trafficked Web sites around the world and found that 19.2 percent of all Web sites ending in the .hk posed a danger to visitors. Approximately 11 percent of Web sites in mainland China’s top-level domain were rated as risky by SiteAdvisor.
“In 2007, the domain for the tiny South-Pacific island of Tokelau accounted for the greatest proportion of risky Web sites, McAfee stated.
“‘For administrators of top-level domains this study should act as a wake-up call,’ Jeff Green, senior vice president of product development at McAfee, said in a statement. ‘Last year’s report spurred Tokelau’s domain manager to reexamine its policies. Not all domain managers are as accommodating so our mission is to educate consumers of the dangers and protect them in every way they enjoy the Web whether through their PC, the Web itself, or mobile phone.’”
(Link)
Not exactly related, but interesting enough to mention: “The Billion-Dollar Shack,” or its radiofied version from “This American Life”:
“Nauru is a tiny island, population 12,000, a third of the size of Manhattan and far from anywhere: yet at the center of several of the decade’s biggest global events. Contributing editor Jack Hitt tells the untold story of this dot in the middle of the Pacific and its involvement in the bankrupting of the Russian economy, global terrorism, North Korean defectors, the end of the world, and the late 1980s theatrical flop of a London musical based on the life of Leonardo da Vinci called Leonardo, A Portrait of Love.”
That’s an older episode, but it was rerun late last year.
Posted by mhall at 7:08 PM | Add Comment
