Tag Archives: internet

May 15 2013

What Are These Weird Street Signs Being Installed in Las Vegas?

Part of ‘Intellistreets’ rollout?

Source: Paul Joseph Watson

Strange new street signs being installed across Las Vegas are prompting suspicions from concerned readers, one of whom sent us the following images. Are these new signs part of the nationwide ‘Intellistreets’ rollout of so-called “smart” hubs that eavesdrop on conversations?

Image: Infowars.com

“My neighbor brought it to my attention that these very suspicious-looking road signs are being installed throughout Las Vegas on the major streets,” David wrote to us. “The enormous amount of road construction they are doing to install these must cost someone (the taxpayers, I’m sure) a fortune. My neighbor was quite alarmed when he saw these. He took photos and has been asking everyone if they know anything about them-no one will say anything; even the construction workers actually installing have no info about them. The signs are obviously electronic with large control boxes and antennae attached.”

Although it was reported last year that 41,000 new LED street lamps were being installed throughout Las Vegas, these devices don’t appear to be for lighting, they appear to be for displaying digital messages.

As we previously reported, the Intellistreets system which is currently being installed in cities across the US relies on “smart” street lamps connected by a ubiquitous wi-fi network that have numerous “homeland security applications,” including the ability to “engage captive audiences” via a loudspeaker system and give audible warnings to individuals.

The system is “also capable of recording conversations,” according to a report by ABC 7.

The lights can also be fitted with a digital display similar to the one seen in the photos below which can be used for both advertising and security announcements.

The company behind the street lights, Illuminating Concepts, responded to the controversy over ‘Intellistreets’ last year by ludicrously claiming the system did not represent a “big brother” intrusion. ABC 7 confirmed that the company was “working with Homeland Security” to implement the high tech network.

If any of our readers are aware of the purpose of these new street signs in Las Vegas, please let us know in the comments below.

Click for enlargements.

Mar 21 2013

‘HOMELAND’ TO SCAN EMAILS, MONITOR WEB TRAFFIC

The U.S. government is expanding a cyber security program that scans Internet traffic headed into and out of defense contractors to include far more of the country’s private, civilian-run infrastructure.

As a result, more private sector employees than ever before, including those at big banks, utilities and key transportation companies, will have their emails and Web surfing scanned as a precaution against cyber attacks.

Under last month’s White House executive order on cybersecurity, the scans will be driven by classified information provided by U.S. intelligence agencies — including data from the National Security Agency (NSA) — on new or especially serious espionage threats and other hacking attempts. U.S. spy chiefs said on March 12 that cyber attacks have supplanted terrorism as the top threat to the country.

The Department of Homeland Security will gather the secret data and pass it to a small group of telecommunication companies and cyber security providers that have employees holding security clearances, government and industry officials said. Those companies will then offer to process email and other Internet transmissions for critical infrastructure customers that choose to participate in the program.

DHS as the middleman
By using DHS as the middleman, the Obama administration hopes to bring the formidable overseas intelligence-gathering of the NSA closer to ordinary U.S. residents without triggering an outcry from privacy advocates who have long been leery of the spy agency’s eavesdropping.

The telecom companies will not report back to the government on what they see, except in aggregate statistics, a senior DHS official said in an interview granted on condition he not be identified.

“That allows us to provide more sensitive information,” the official said. “We will provide the information to the security service providers that they need to perform this function.” Procedures are to be established within six months of the order.

The administration is separately seeking legislation that would give incentives to private companies, including communications carriers, to disclose more to the government. NSA Director General Keith Alexander said last week that NSA did not want personal data but Internet service providers could inform the government about malicious software they find and the Internet Protocol addresses they were sent to and from.

“There is a way to do this that ensures civil liberties and privacy and does ensure the protection of the country,” Alexander told a congressional hearing.

Fears grow of destructive attack
In the past, Internet traffic-scanning efforts were mainly limited to government networks and Defense Department contractors, which have long been targets of foreign espionage.

But as fears grow of a destructive cyber attack on core, non-military assets, and more sweeping security legislation remained stalled, the Obama administration opted to widen the program.

Last month’s presidential order calls for commercial providers of “enhanced cybersecurity services” to extend their offerings to critical infrastructure companies. What constitutes critical infrastructure is still being refined, but it would include utilities, banks and transportation such as trains and highways.

Under the program, critical infrastructure companies will pay the providers, which will use the classified information to block attacks before they reach the customers. The classified information involves suspect Web addresses, strings of characters, email sender names and the like.

Not all the cybersecurity providers will be telecom companies, though AT&T is one. Raytheon said this month it had agreed with DHS to become a provider, and a spokesman said that customers could route their traffic to Raytheon after receiving it from their communications company.

As the new set-up takes shape, DHS officials and industry executives said some security equipment makers were working on hardware that could take classified rules about blocking traffic and act on them without the operator being able to reverse-engineer the codes. That way, people wouldn’t need a security clearance to use the equipment.

Civil liberties implications
The issue of scanning everything headed to a utility or a bank still has civil liberties implications, even if each company is a voluntary participant.

Lee Tien, a senior staff attorney with the nonprofit Electronic Frontier Foundation, said that the executive order did not weaken existing privacy laws, but any time a machine acting on classified information is processing private communications, it raises questions about the possibility of secret extra functions that are unlikely to be answered definitively.

“You have to wonder what else that box does,” Tien said.

One technique for examining email and other electronic packets en route, called deep packet inspection, has stirred controversy for years, and some cybersecurity providers said they would not be using that. In deep packet inspection, communication companies or others with network access can examine all the elements of a transmission, including the content of emails.

“The signatures provided by DHS do not require deep packet inspection,” said Steve Hawkins, vice president at Raytheon’s Intelligence and Information Systems division, referring further questions to DHS.

The DHS official said the government is still in conversations with the telecom operators on the issue.

The official said the government had no plans to roll out any such form of government-guided close examination of Internet traffic into the communications companies serving the general public.

Mar 11 2013

Facebook reveals secrets you haven’t shared

Facebook

The increasing amount of personal information that can been gleaned by computer programs that track how people use Facebook has been revealed by an extensive academic study.

Such programmes can discern undisclosed private information such as Facebook users’ sexuality, drug-use habits and even whether their parents separated when they were young, according to the study by Cambridge university academics. High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/09c8172c-8a45-11e2-bf79-00144feabdc0.html#ixzz2NHCo0vwj

In one of the biggest studies of its kind, scientists from the university’s psychometrics team and a Microsoft-funded research centre analysed data from 58,000 Facebook users to predict traits and other information that were not provided in their profiles.

The algorithms were 88 per cent accurate in predicting male sexual orientation, 95 per cent for race and 80 per cent for religion and political leanings. Personality types and emotional stability were also predicted with accuracy ranging from 62-75 per cent.

Facebook declined to comment.

The study highlights growing concerns about social networks and how data trails can be mined for sensitive information, even when people attempt to keep information about themselves private. Less than 5 per cent of users predicted to be gay, for example, were connected with explicitly gay groups.

Michal Kosinksi, one of the report’s authors, told the Financial Times that the university’s techniques could easily be replicated by companies to infer personal attributes a person did not wish to share, such as sexual orientation or political views: “We used very simple and generic methods. Marketing companies and internet companies could spend much more time and resources, and hence get much higher accuracy than we did.”

Last week , the EU agreed to water down proposals for a radical overhaul of data privacy regulation. The move reflects governments’ reluctance to impede internet businesses that might spur economic growth, and follows fierce lobbying from technology companies including Facebook and Google.

Personal data has become big business. Wonga, the UK online lendermakes credit judgments within seconds based on thousands of pieces of information, including an applicant’s Facebook profile. Tesco, the supermarket chain, this month started to use its customers’ shopping histories to sell targeted online advertising.

The report also revealed some unexpected correlations – such as people who liked ‘curly fries’ having higher IQs, while those who like Facebook’s “Sliding on Floors With Your Socks On” page were unlikely to use drugs.

Mr Kosinski said, however, that the study was not designed to discourage online sharing: “I would discourage people from abstaining from the technology – the milk is to some extent already spilt and there’s a lot of information about you online anyway. I would suggest raising privacy settings and exerting consumer pressure by trying to use the services that are protecting your privacy best.”

 

 

Mar 3 2013

Seattle Becomes Next City to Use Crime Prediction Software

Source: Mikael Thalen

Seattle has become the next city to start using crime prediction software. Mayor Mike McGinn and Police Chief John Diaz announced that two precincts in the Southwest and East will begin using the software known as PREDPOL, short for “predictive policing.”

“The predictive policing software is estimated to be twice as effective as a human data analyst working from the same information. It’s all part of our effort to build an agile, flexible and innovative police department that provides the best service possible to the public,” said Diaz.

The program consists of a mathematical algorithm similar to the one used in earthquake prediction. Sociological information about criminal behavior and five years’ worth of past crime data is compiled to predict when and where a future crime will likely take place, down to a 500-square-foot area.

“This technology will allow us to be proactive rather than reactive in responding to crime; this investment, along with our existing hot spot policing work, will help us to fulfill the commitments we made in the ’20/20′ plan to use data in deploying our officers to make our streets safer,” said McGinn during a recent news conference.

As soon as April, police plan to roll out the software to every precinct in the city. Civil liberties advocates have already questioned if the software has the ability to collect data on specific individuals.

“We have no plans to move anywhere close to the individual. You’ll – rightly – run into a variety of Constitutional problems almost immediately,” said PREDPOL’s Director of Government Relations and Strategy Ryan Coonerty.

In light of Seattle’s secret participation in a pilot program for TrapWire, a CCTV surveillance system that recognizes people from their walk and face, many residents don’t trust Seattle Police, who have recently been under federal investigation for questionable police tactics.

Other recent surveillance technologies in the city, such as the 30 Department of Homeland Security-funded surveillance cameras on Seattle’s popular waterfront area, which were caught pointing inward, not towards the coast line like intended, have caused a backlash from Seattle residents.

Just last month, police in Tacoma, Wash. received federal funding for the same crime prediction software. PREDPOL also says it is in talks with police in over 200 cities worldwide that want to use the software.

Feb 14 2013

Google ‘flaw’ puts users’ details on display

Source: News.com.au

 

EVERY time you purchase an app on Google Play, your name, address and email is passed on to the developer, it has been revealed today.

The “flaw” – which appears to be by design – was discovered this morning by Sydney app developer, Dan Nolan who told news.com.au that he was uncomfortable being the custodian of this information and that there was no reason for any developer to have this information at their finger tips.

You may remember Mr Nolan as the creator of the Paul Keating insult generator all that hit number one in the Aussie App Store last month.”

“Let me make this crystal clear, every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred,” Nolan wrote on his blog.

“With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase.”

Harrassment aside, the problems posed by malware – “virus” programs that infect your phone, or computer and steal your personal details – are far more serious.

With Google customers’ details just sitting in developers accounts, all it would take is a half decent piece of malware software for that information to be accessed. These personal details could then be used to access the users’ bank details. That’s also more than enough information to be able to access your other devices which could also be mined for more data – insurance information, other credit cards -  which could then be used to access your banking credentials.

Mr Nolan told News.com.au that tens of millions of Google customers could be affected.

“As far as I can tell this impacts every person who purchased an App on the Play Store,” he said.

“I can’t see any way to opt out of providing that information and it seems to be a feature of the Google checkout process. I don’t know whether it applies to free apps, but there are hundreds of thousands of apps that are available for pay on the play store and there are millions of people who buy Android apps out there, I’d say easily millions or tens of millions of people.

“It’s active in every market that Google accepts payment for apps. That’s a lot of people having their personal information handed over without them knowing.”

Mr Nolan told News.com.au that user information has always been provided to developers, “as far as he could tell and that the reason it hadn’t been discovered until now was because the people who would have paid attention to it were likely exploiting it and selling users’ personal information, it using it as an extra source of revenue on top of what they were making off their Google Play / Android app.

“In comparison to the information you get from Apple which is just a quantity of sales in a Country and then a cheque three months later, this is absolutely absurd,” he said.

“I doubt anyone expects to have their contact information, name and suburb sent to a developer purely because they decide to buy an app off the Play Store. “

Google’s terms of service state that it may store your personal information including your name, address and billing details, but nowhere in its privacy statement does the company explicitly state that it passes on your personal information to developers, every time you purchase their app.

The terms of service state that Google will share your address and personal information if you purchase a magazine subscription through Google Play, but it makes no mention of other apps.

“This is a massive oversight by Google,” Nolan wrote on his blog.

“Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information. This is a massive, massive privacy issue Google. Fix it. Immediately.”

Google has not responded to news.com.au’s request for comment.

 

Feb 11 2013

REPORT: Obama set to issue ‘cybersecurity’ order

The White House is poised to release a cybersecurity executive order on Wednesday, two people familiar with the matter told The Hill.

The highly anticipated directive from President Obama is expected to be released at a briefing Wednesday morning at the U.S. Department of Commerce, where senior administration officials will provide an update about cybersecurity policy.

The White House began crafting the executive order after Congress failed to pass cybersecurity legislation last year. Officials said the threat facing the United States was too great for the administration to ignore.

The executive order would establish a voluntary program where companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government. It has been revised several times over the past few months.

White House Cybersecurity Coordinator Michael Daniel, Commerce Department Deputy Secretary Rebecca Blank, Department of Homeland Security Deputy Secretary Jane Lute and National Security Director Gen. Keith Alexander will be among the officials participating in Wednesday’s briefing, according to details obtained by The Hill.

A White House spokeswoman declined to comment on the timing of the order.

Jan 25 2013

Holder begins gun-control push

The Justice Department is taking the first steps toward carrying out President Obama’s executive actions on gun control.

Attorney General Eric Holder on Friday released three proposals to strengthen the National Instant Criminal Background Check System (NICS), which was one of the 23 actions ordered by Obama last week to tackle gun violence.

The proposed regulations would give local law-enforcement agencies access to the gun-sale database that is maintained by the FBI. The rules would also preserve records of denied weapons sales indefinitely.

The Brady Handgun Violence Prevention Act already requires federal background checks for gun purchases, but not every firearm sale is covered under the law.

Currently, law enforcement agencies cannot perform a NICS check when transferring, returning or selling weapons that have been confiscated, seized or recovered. The new rules would change that, allowing officials to perform a background check on people who receive those weapons to ensure that they are permitted to own a gun.

Obama ordered the rule change in a Jan. 16 memo that called for “rulemaking to give law enforcement the ability to run a full background check on an individual before returning a seized gun.”

Holder is also proposing that the NICS hold on to records of denied weapon sales that are more than 10 years old. When the NICS was established, the Justice Department ordered that the records be moved to a storage facility after 10 years, which Holder says is no longer necessary.

“The FBI has therefore determined that for NICS’ own internal business operations, litigation and prosecution purposes, and proper administration of the system, NICS shall retain denied transaction records on site,” Holder wrote a notice to be published in Monday’s Federal Register. “The retention of denied transaction information … will enhance the efficiency and operational capability of the NICS.”

The proposed rules would also give Native American tribes access to NICS. Currently, only federal, state, or local agencies can perform the checks, which leaves out “domestic dependent nations” recognized by the United States.

Comments on the proposals are due by March 28.

Jan 21 2013

DHS Looks To Install Microphones In “Urban Areas” That Can Listen to Conversations

“Gunshot detectors” could be used to eavesdrop on street chatter

Source: Paul Joseph Watson

The Department of Homeland Security is looking to install “gunshot detector” microphones that are capable of listening to conversations throughout “urban areas” of Washington, DC.

According to a Request for Information (RFI) posted on the FedBizOpps website on January 18 (PDF), the DHS, in tandem with the Secret Service, “Is seeking information on commercially available gunshot detection technologies for fixed site surveillance applications. Typical coverage areas are expected to be from 10s to 100s of acres per site, located within urban areas. Due to the secure nature of these sites, a high gunshot detection rate (>95%) is strongly desired while daily, operational monitoring of the system by external parties is undesirable.”

Note that the location of the surveillance system will be in “urban areas,” and will cover hundreds of acres per each unit, meaning the detection technologies are not merely being prepared for sensitive areas around the White House or the Capitol building.

The RFI lists a number of questions potential contractors are required to answer, including whether sensors could be placed to “aesthetically match their surroundings,” and whether the system can be, “integrated to communicate with other detection systems.”

The DHS asks potential contractors to respond to the request for information by February 18. A five-year contract is on offer to the company which demonstrates, “the best overall value to the Government.”

While the systems are touted as “gunshot detectors,” as the New York Times reported in May 2012, similar technology is already installed in over 70 cities around the country, and in some cases it is being used to listen to conversations.

“In at least one city, New Bedford, Mass., where sensors recorded a loud street argument that accompanied a fatal shooting in December, the system has raised questions about privacy and the reach of police surveillance, even in the service of reducing gun violence,” states the report

Frank Camera, the lawyer for Jonathan Flores, a man charged with murder, complained that the technology is “opening up a whole can of worms.”

“If the police are utilizing these conversations, then the issue is, where does it stop?” he said.

This led the ACLU to warn that the technology could represent a clear violation of the Fourth Amendment if misused.

The ACLU’s Jay Stanley asked, “whether microphones can be remotely activated by police who want to listen to nearby conversations,” noting that it was illegal for police “to make audio recordings of conversations in which they are not a participant without a warrant.”

“If the courts start allowing recordings of conversations picked up by these devices to be admitted as evidence, then it will provide an additional incentive to the police to install microphones in our public spaces, over and above what is justified by the level of effectiveness the technology proves to have in pinpointing gun shots,” wrote Stanley.

Given the fact that the system costs, “$200,000 to $250,000 per square mile of coverage to install,” according to a separate NY Times report, the DHS’ plan to cover hundreds of acres with each system is likely to run up huge costs.

As we have previously highlighted, numerous major cities are currently being fitted with Intellistreets ‘smart’ street lighting systems that also have the capability of recording conversations and sending them directly to authorities via wi-fi.

Jan 17 2013

Malicious virus shuttered U.S. power plant -DHS

Source: Jim Finkle

(Reuters) - A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.

The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.

It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.

DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.

In addition to not identifying the plants, a DHS spokesman declined to say where they are located.

Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran’s nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.

Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are “air gapped,” or cut off from the public Internet.

“This is yet another stark reminder that even if a true ‘air gap’ is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,” he said.

 

AGING SYSTEMS

Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have “auto run” features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.

The Department of Homeland Security’s Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.

The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as “sophisticated” viruses on workstations that were critical to the operations of a power generation facility.

The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term “sophisticated” to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.

A DHS spokesman could not immediately be reached to comment on the report.

The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.

It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.

Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign – when emails with malicious content are specifically targeted at their employees.

The water sector had the second highest number of incidents, representing 15 percent.

Jan 7 2013

REPORT: BANK OF AMERICA Freezes Gun Manufacturer’s Account

Bank of America has reportedly frozen the account of gun manufacturer American Spirit Arms, according to its owner, Joe Sirochman.

In a Facebook post dated December 29, Sirochman wrote the following:

“My name is Joe Sirochman owner of American Spirit Arms…our Web site orders have jumped 500 percent causing our Web site e-commerce processing larger deposits to Bank of America. So they decided to hold the deposits for further review.

“After countless hours on the phone with Bank of America, I finally got a manager in the right department that told me the reason that the deposits were on hold for further review — her exact words were — ‘We believe you should not be selling guns and parts on the Internet.’”(emphasis added)

Sirochman also wrote that he told the bank manager that “they have no right to make up their own new rules and regs” and that “[American Spirit is a] firearms manufacturer with all the proper licensing.”

He also noted that he has been doing business with Bank of America for over 10 years, but will now be looking for a new bank.

According to Unlawful News, this isn’t the first time Bank of America has targeted a customer involved in the firearms industry.

McMillan Group International was reportedly told that its business was no longer welcome after the company started manufacturing firearms – even after 12 years of doing business with the bank.