LordLucless writes "Australia's Liberal Democratic Party, which describes itself as a classically liberal, free-market libertarian party, has had their candidate for New South Wales elected to the upper house, with roughly double the number of votes they were expecting. In part, this has been attributed to them being placed first on the ballot paper (which is determined by a random process) and similarities in name to one of the major parties, the Liberal Party of Australia."
New submitter santosh.k83 writes with this snippet: "TorrentFreak has learned that VPN provider iPredator is already blocked under the 'adult filter' of some, if not all, mobile providers. TorrentFreak has seen communication between the mobile provider GiffGaff and iPredator which makes it clear that the VPN's website is blocked because it allows kids to bypass the age restrictions. Based on the above it is safe to say that censorship is a slippery slope, especially without any oversight. VPNs are used for numerous purposes and bypassing age restrictions is certainly not the most popular one. If this holds up then proxy services and even Google's cache may soon be banned under the same guise."
New submitter deepdive writes "I have a basic question: What is the privacy/security health of the Linux kernel (and indeed other FOSS OSes) given all the recent stories about the NSA going in and deliberately subverting various parts of the privacy/security sub-systems? Basically, can one still sleep soundly thinking that the most recent latest/greatest Ubuntu/OpenSUSE/what-have-you distro she/he downloaded is still pretty safe?"
Freshly Exhumed writes "A security blogger, acknowledging that the NSA methodically ranks communications on the basis of their 'foreignness' factor to determine candidacy for prolonged retention proposes, is proposing '...an opportunity for us on the civilian front to aid the NSA by voluntarily indicating citizenship on all our networked communications. Here, we define the syntax and semantics of X-No-Wiretap, a HTTP header-based mechanism for indicating and proving citizenship to well-intentioned man-in-the-middle parties. It is inspired by the enormously successful RFC 3514 IPv4 Security Flag and HTTP DNT header.'"
An anonymous reader writes with a report from Spiegel Online that the U.S. government "has the capability of tapping user data from the iPhone, [and] devices using Android as well as BlackBerry, a system previously believed to be highly secure. The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. ... The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been." As a bonus, the same reader points out a Washington Post report according to which "The Obama administration secretly won permission from a surveillance court in 2011 to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases ... In addition, the court extended the length of time that the NSA is allowed to retain intercepted U.S. communications from five years to six years — and more under special circumstances, according to the documents, which include a recently released 2011 opinion by U.S. District Judge John D. Bates, then chief judge of the Foreign Intelligence Surveillance Court."
Yahoo has joined the ranks of large online businesses like Google and Facebook who have made it a practice to disclose the number and kind (if not all the details) of requests they've received from government agencies for user data. Its first report (you can read it here) lists "12,444 requests from U.S. authorities relating to a total of 40,322 user accounts." Those numbers are only part of the story, though: at the bottom of the linked report, note this disclaimer from Yahoo: "The numbers reported above include all types of government data requests such as criminal law enforcement requests and those under U.S. national security authorities, including the Foreign Intelligence Surveillance Act (FISA) and National Security Letters (NSLs), if any were received. The U.S. Government does not permit us to disclose additional details regarding the number of requests, if any, under national security authorities at this time, or even to separate them in aggregate from other requests. Additionally, the government would not authorize us to separate NSLs from other government data requests or to express the NSLs that we have received, if any, as a range from 0 to 1,000—even though the government allowed other providers to do so in the past."
A week ago, we posted news that federal prosecutors were seeking jail time for Chad Dixon, an Indiana man who made money teaching others how to pass polygraph examinations. Now, reader Frosty Piss writes that Dixon "was sentenced Friday to eight months in prison. Prosecutors described Chad Dixon as a 'master of deceit.' Prosecutors, who had asked for almost two years in prison, said Dixon crossed the line between free speech protected under the First Amendment and criminal conduct when he told some clients to conceal what he taught them while undergoing government polygraphs. Although Dixon appears to be the first charged publicly, others offering similar instruction say they fear they might be next. 'I've been worried about that, and the more this comes about, the more worried I am,' said Doug Williams, a former police polygraphist in Oklahoma who claims to be able to teach people to beat what he now considers a 'scam' test."
New submitter anwyn writes "In a recent article posted on the cryptography mailing list, long time civil libertarian and free software entrepreneur John Gilmore has analyzed possible NSA obstruction of cryptography in IPSEC. He suggests that packet processing in the Linux kernel had been obstructed by one kernel developer. Gilmore suggests that the NSA has been plotting against strong cryptography on mobile phones."
theodp writes "Back in the day, leprosy patients were stigmatized and shunned, quarantined from society in Leper Colonies. Those days may be long gone, but are our mapping, GPS, and social media technologies in effect helping to create modern-day 'Leper Colonies'? The recently-shuttered GhettoTracker.com (born again as Good Part of Town) generated cries of racism by inviting users to rate neighborhoods based on 'which parts of town are safe and which ones are ghetto, or unsafe'. Calling enough already with the avoid-the-ghetto apps, The Atlantic Cities' Emily Badger writes, "this idea toes a touchy line between a utilitarian application of open data and a sly wink toward people who just want to steer clear of 'those kinds of neighborhoods.'" The USPTO has already awarded avoid-crime-ridden-neighborhoods-like-the-plague patents to tech giants Microsoft, IBM, and Google. So, when it comes to navigational apps, where's the line between utility and racism? 'As mobile devices get smarter and more ubiquitous,' writes Svati Kirsten Narula, 'it is tempting to let technology make more and more decisions for us. But doing so will require us to sacrifice one of our favorite assumptions: that these tools are inherently logical and neutral...the motivations driving the algorithms may not match the motivations of those algorithms' users.' Indeed, the Google patent for Storing and Providing Routes proposes to 'remove streets from recommended directions if uploaded route information indicates that travelers seem to avoid the street.' Even faster routes that 'traverse one or more high crime areas,' Google reasons, 'may be less appealing to most travelers'."
First time accepted submitter SGT CAPSLOCK writes "It certainly seems like more and more Internet Service Providers are taking up arms to combat their customers when it comes to data usage policies. The latest member of the alliance is Mediacom here in my own part of Missouri, who has taken suit in applying a proverbial cork to their end of a tube in order to cap the bandwidth that their customers are able to use. My question: what do you do about it when every service provider in your area applies caps and other usage limitations? Do you shamefully abide, or do you fight it? And how?"
An anonymous reader writes "Using a Lego Mindstorms set, a Mac, and optical character recognition, Austrian professor Peter Purgathofer created a makeshift ebook copier. From the article: 'It's sort of a combination of high tech meets low. The scanning is done by way of the Mac's iSight camera. The Mindstorms set does two things: Hits the page-advance button on the Kindle (it appears to be an older model, like the one in the picture above), then mashes the space bar on the Mac, causing it to take a picture.' Purgathofer calls the creation a 'reflection on the loss of long established rights.' Check out the Vimeo video for a demonstration."
Do you worry that the widespread use of plate-scanning cameras might be used in ways that violate your privacy ? Now you can ratchet your worry level up a bit: Ars Technica reports that "This week, the California State Senate approved a bill that would create the nation’s first electronic license plate. Having already passed the state’s assembly, the bill now goes to Gov. Jerry Brown (D) for his signature." From the article: "The idea is that rather than have a static piece of printed metal adorned with stickers to display proper registration, the plate would be a screen that could wirelessly (likely over a mobile data network) receive updates from a central server to display that same information. In an example shown by a South Carolina vendor, messages such as 'STOLEN,' 'EXPIRED,' or something similar could also be displayed on a license plate. ... The state senator who introduced the bill, Sen. Ben Hueso, a Democrat who represents San Diego, did not respond to Ars' multiple requests for an interview or comment. It still remains unclear as to exactly why this bill was proposed and what its objectives are. The precise technical details of the program are similarly unclear, as is how long plate information would be retained and who would have access to it."
Frosty P writes "Congressman Rush D. Holt, a New Jersey Democrat, has proposed legislation (summary, full text) that would prohibit the agency from installing 'back doors' into encryption, the electronic scrambling that protects e-mail, online transactions and other communications. Representative Holt, a physicist, said Friday that he believed the NSA was overreaching and could hurt American interests, including the reputations of American companies whose products the agency may have altered or influenced. 'We pay them to spy,' Mr. Holt said. 'But if in the process they degrade the security of the encryption we all use, it's a net national disservice.'"
Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."
itwbennett writes "The federal judge presiding over the U.S. electronic books case against Apple has barred the company from striking deals that would ensure that it could undercut prices of other retailers in the e-book market and also prohibited Apple from letting any one publisher know what deals the company is striking up with other publishers. For its part, Apple said it plans to appeal the ruling (PDF), denying that it conspired to fix ebook pricing. Meanwhile, Amazon is alerting customers of their potential payout, which could be as much as $3.82 for every eligible Kindle book."
Rob @CmdrTaco Malda writes "I've been advising Epic Browser, a startup building a privacy-focused, Chrome-based browser that starts where incognito mode ends. Epic employs a host of tactics designed to make what happens inside your browser stay there, to the tune of a thousand blocks in a typical hour of browsing. They also provide a built-in proxy service. If the corporations and governments are going to watch us, there's no reason to make it any easier for them. Epic has Mac and Windows builds for now. Their site goes into far greater detail about how they block tracking methods most browsers don't."
wabrandsma writes "Quoting Bruce Schneier in the Guardian: 'The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it. Government and industry have betrayed the internet, and us. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do."
coolnumbr12 writes "The U.S. government has had enough of the Syrian Electronic Army's hacks of Western media and government outlets. A week after the SEA shut down the New York Times, the FBI Cyber Division unit has officially added the pro-Assad hacker collective to its wanted list. The FBI issued an advisory that included information about the SEA, its capabilities, and some of its more heinous attacks. The advisory also warns networks to be on the lookout for attacks, and that anyone found to be aiding the SEA will be seen as terrorists actively aiding attacks against the U.S. websites."
coondoggie writes "What might have started out a whimsical protest against government surveillance tactics has morphed into more as a small town in Colorado has found itself overwhelmed with requests and cash for a unmanned aircraft hunting license that doesn't exist."
Trailrunner7 writes "In response to a lawsuit by the Electronic Frontier Foundation, the Department of Justice is preparing to release a trove of documents related to the government's secret interpretation of Section 215 of the PATRIOT Act. The declassified documents will include previously secret opinions of the Foreign Intelligence Surveillance Court. The decision by the Justice Department to release the documents is the second legal victory in recent weeks for the EFF related to the National Security Agency's intelligence collection programs. In August, the group won the release of a 2011 FISC opinion that revealed that the court ruled that some of the NSA's collection programs were illegal and unconstitutional. The newest decision will result in the release of hundreds of pages of documents related to the way the government has been interpreting Section 215, which is the measure upon which some of the NSA's surveillance programs are based. In a status report released Wednesday regarding the EFF's suit against the Department of Justice, attorneys for the government said that they will release the documents by Sept. 10."