The Tor Project, a digital privacy group, said July 27 that an internal probe found that Jacob Appelbaum, a former employee who has been held up across the Web as a champion of online privacy, engaged in sexual misconduct. "Many people inside and outside the Tor Project have reported incidents of being humiliated, intimidated, bullied and frightened by Jacob, and several experienced unwanted sexually aggressive behavior from him," Tor Project Executive Director Shari Steele wrote.
The allegations against Appelbaum shook the online privacy community when they surfaced in June because he had become a bit of a celebrity in the online world as the debate intensified over government surveillance and online privacy. The scandal caused a divide in the broader privacy community, with some rushing to his defense and others coming forward with even more troubling stories.
Wikileaks posted a massive trove of internal Democratic National Committee e-mails online July 22, in what the organization dubbed the first of a new "Hillary Leaks" series. The cache includes nearly 20,000 e-mails and more than 8,000 file attachments from the inboxes of seven key staffers of the DNC, including communications director Luis Miranda and national finance director Jordan Kaplan.
The e-mails span from January 2015 through late May and are presented in a searchable database. The cache appears to contain sensitive personal information about some donors, including Social Security numbers, passport numbers and credit card information. A hacker known as Guccifer 2.0 claimed credit for handing the documents over to Wikileaks on Twitter. However, some experts have expressed skepticism about his involvement, citing differences between the data Wikileaks released and Guccifer 2.0's previous leaks of hacked data.
There's a huge threat looming over the way people's data are protected right now — and Google is testing out a way to guard against it. The threat is a still-experimental technology called quantum computing, and Google announced that it was taking the first step toward protecting user's browsing data against it. The search giant is testing out a Web encryption method called "New Hope," which is designed to help fend off potential quantum attacks for a small number of Chrome browser users when they connect to Google's servers.
A Q&A with Facebook chief security officer Joe Sullivan.
While is hard to comment on the relationship between government agencies and the information security community, Sullivan said he is optimistic about the future of security, because the Snowden revelations and world events have made users more aware of data security issues.
In respect to the user outcry against Facebook’s messenger app, Sullivan stressed that over the years Facebook has tried to educate people on security and data protection, “whether it is not sharing your password, or being thoughtful about which applications you connect to through our platform, or using two-factor authentication.”
A Q&A with Dan Geer, a long-time researcher who is thought of as one of the computer and network security industry's thought leaders.
Geer is currently the Chief Information Security Officer at In-Q-Tel -- a non-profit venture capital firm that invests in technology to support the Central Intelligence Agency.
Geer spoke about his distrust of increasing data collection and how he tries to stay off the digital grid in his own life. “I don't carry a cellphone. Honestly, it's a nuisance -- it would be very helpful because as you know things aren't about planning these days, they're about coordination,” he said.
The House unanimously voted to make it easier for consumers to take their mobile phone with them when they switch carriers or travel overseas.
Because of a quirk in the Digital Millennium Copyright Act, "unlocking" cellphones so they can be used on other networks is illegal, as it involves circumventing the technological protections of copyrighted software on the phones.
President Barack Obama said, “I applaud Members of Congress for passing the Unlocking Consumer Choice and Wireless Competition Act. The bill Congress passed today is another step toward giving ordinary Americans more flexibility and choice, so that they can find a cell phone carrier that meets their needs and their budget.”
Middle East experts at major US think tanks were recently hacked by Chinese cyberspies as events in Iraq began to escalate, according to a cybersecurity firm that works with the institutions.
The group behind the breaches, called "DEEP PANDA" by security researchers, appears to be affiliated with the Chinese government, says Dmitri Alperovitch, chief technology officer of the firm CrowdStrike.
The company, which works with a number of think tanks on a pro bono basis, declined to name which ones have been breached. Alperovitch said the firm noticed a "radical" shift in DEEP PANDA's focus on June 18, the same day witnesses reported that Sunni extremists seized Iraq's largest oil refinery.
The Chinese group has typically focused on senior individuals at think tanks who follow Asia, said Alperovitch. But in June, it suddenly began targeting people with ties to Iraq and Middle East issues. This latest breach follows a pattern identified by experts of Chinese cyberspies targeting major Washington institutions, including think tanks and law firms.
It's rarely clear why Chinese cyberspies hack specific American targets, but experts say there are a few clues to why the DEEP PANDA group may have been interested in Middle East experts at think tanks.
With cellphone search ruling, Supreme Court draws a stark line between digital and physical searches
Privacy advocates scored a huge win as the Supreme Court ruled unanimously that searching the cellphone of an arrested individual requires a warrant in most circumstances.
“The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought," the court said. "Our answer to the question of what police must do before searching a cell phone seized incident to an arrest is accordingly simple -- get a warrant.”
While this may have been obvious to the average person, the Supreme Court ruling is an "incredibly important new development in the law," Kevin Bankston, policy director at the New America Foundation's Open Technology Institute, argues -- one that suggests "the Fourth Amendment of the 21st century may be much more protective than that of the last century."
Searching the vast amount of data on your cellphone is different from searching your backpack, just as tracking your car with a GPS device is different from having the police follow you, and the government seizing all of the e-mail you store in the cloud is different from seizing your file cabinet." The court drew a clear distinction between digital and physical searches in the opinion, at one point saying it was the difference between horseback riding and space travel.
By an overwhelming margin, the House passed a funding bill that among other things would significantly rein in intelligence agencies' ability to search through data they have collected and stop them from placing secret "back doors" into software and hardware products.
The bill includes an amendment, sponsored by Reps Thomas Massie (R-KY), Jim Sensenbrenner (R-WI) and Zoe Lofgren (D-CA), that adds the new restrictions.
The bill passed on a 340-to-73 vote. The amendment was passed in a 293-to-123 vote that surprised even those who have supported greater limits on the National Security Agency's powers.
The 2015 defense appropriations bill still needs to get worked out with the Senate, where the amendment's prospects are uncertain. If passed as-is by the Senate, the bill would block the government from doing two things: search government databases for information on a US citizen without a warrant, and force an organization to build into its product any technical "back door" that would assist the CIA or NSA with electronic surveillance. The amendment would bar the use of funds for searching an American's communications under this authority without a warrant.
Government officials contend that they are not required to obtain a warrant to search on data acquired lawfully. To do so would be a burden that would impair intelligence investigations, they say. The Foreign Intelligence Surveillance Court in 2011 reversed a previous ban on such warrantless searches.
The amendment would also block the NSA and the CIA from asking or requiring a person to "alter its product or service to permit the electronic surveillance" of users -- essentially a ban on back doors in software and hardware.
German magazine Der Spiegel posted a new cache of documents related to National Security Agency surveillance activities within Germany.
Among the trove is a report that sheds new light on how the US government may be using games to motivate analysts using XKeyscore, a tool for searching through online data that the agency collects that was revealed in 2013 by former NSA contractor Edward Snowden.
XKeyscore allows analysts to “search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals” around the world according to a Guardian story published in the summer of 2014.
A document published by Der Spiegel describes an XKeyscore training at the NSA's European Cryptologic Center, revealing that analysts may also be rewarded for their exploration within the system with something called "Skilz points."