New submitter cpitman writes “In a house hearing Wednesday the NSA admitted that it could query not only a suspect’s records, but also perform up to a ‘three hop query’. Considering that most people in the world are separated by under 6 degrees of separation, the NSA essentially claims that any single suspect gives them rights to investigate a large chunk of the world’s population. With the terror watch list having over 700, 000 names, just how many times has Kevin Bacon been investigated?” Read more of this story at Slashdot.
View article:
NSA Admits Searching "3 Hops" From Suspects
In the world of self-driving cars and autonomous vehicle technology, Google gets most of the attention, but it’s far from being the only player in the field. Earlier this month, Mobileye , the Israeli and Dutch maker of advanced driver assistance technologies, claimed that self-driving cars “could be on the road by 2016.” Rather than Google cars’ array of radar, cameras, sensors and laser-based range finders, Mobileye wants to offer autonomous driving capability at a more affordable price point by using mainstream cameras that cost only a few hundred dollars. While cars using Mobileye’s systems, like the Audi A7 , aren’t quite as “autonomous” as Google vehicles, they could help advanced driver assistance technology make it onto the road long before 2025 — the date industry experts expect driverless cars to go mainstream. With its intelligent, camera-based “traffic assist” technology expected to begin arriving this summer thanks to partnerships with five major automakers, the automotive A.I. company is looking to take advantage while its stock is still high, so to speak. Mobileye announced today that it is selling $400 million in equity to “five unaffiliated” financial investors, which include “some of the largest U.S.-based global institutional asset managers and a leading Chinese government-affiliated financial investor, ” according to a statement released this morning . The transaction, which values the company at $1.5 billion (pre-money) and was overseen by Goldman Sachs and Morgan Stanley, is expected to close in August. The company attributes the timing, in part, to the current regulatory support and progression of global safety standards, which have helped encourage automakers to accelerate integration of intelligent driver assistance technologies. Mobileye has been around since the 1990s, and like Google, is more interested in being an artificial intelligence company and, specifically, improving the intelligence of cameras to assist with autonomous driving, than being an automaker itself. The company’s technology has been tested in a number of capacities, but mostly it’s focused on helping drivers avoid collisions. According to The New York Times , in the past, its tech has been used by companies like Volvo to detect pedestrians or vehicles up ahead or crossing in your blind-spots, alerting drivers when they get too close to those objects, for example. The newer version of Mobileye’s system that arrives this summer aims to help steer the car in stop-start situations, though drivers are still required to keep their hands on the wheel. Coming up next, and expected to be street-ready by 2013, is a more advanced system that will allow for hands-free driving. The company plans to begin experimenting with and adding to the number of onboard cameras in vehicles to improve the efficacy of its technology in autonomous driving cases and presumably push it closer to the kind of hands-free, full autonomy promised by Sergey Brin and Google in the years to come. 
In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. This has already been a huge security problem — through much of the 1990s, AT&T’s CALEA controls went through a Solaris machine that was thoroughly compromised by hackers, meaning that criminals could listen in on any call; during the 2005/6 Olympic bid, spies used the CALEA backdoors on the Greek phone company’s switches to listen in on the highest levels of government. But now, thanks to the widespread adoption of cryptographically secured messaging services, law enforcement is finding that its CALEA backdoors are of declining utility — it doesn’t matter if you can intercept someone else’s phone calls or network traffic if the data you’re captured is unbreakably scrambled. In response, the FBI has floated the idea of “CALEA II”: a mandate to put wiretapping capabilities in computers, phones, and software. As Felten points out, this is a terrible idea. If your phone is designed to secretly record you or stream video, location data, and messages to an adverse party, and to stop you from discovering that it’s doing this, it puts you at huge risk when that facility is hijacked by criminals. It doesn’t matter if you trust the government not to abuse this power (though, for the record, I don’t — especially since anything mandated by the US government would also be present in devices used in China, Belarus and Iran) — deliberately weakening device security makes you vulnerable to everyone, including the worst criminals: Our report argues that mandating a virtual wiretap port in endpoint systems is harmful. The port makes it easier for attackers to capture the very same data that law enforcement wants. Intruders want to capture everything that happens on a compromised computer. They will be happy to see a built-in tool for capturing and extracting large amounts of audio, video, and text traffic. Better yet (for the intruder), the capability will be stealthy by design, making it difficult for the user to tell that anything is amiss. Beyond this, the mandate would make it harder for users to understand, monitor, and fix their own systems—which is bad for security. If a system’s design is too simple or its operation too transparent or too easy to monitor, then wiretaps will be evident. So a wiretappability mandate will push providers toward complex, obfuscated designs that are harder to secure and raise the total cost of building and operating the system. Finally, our report argues that it will not be possible to block non-compliant implementations. Many of today’s communication tools are open source, and there is no way to hide a capability within an open source code base, nor to prevent people from simply removing or disabling an undesired feature. Even closed source systems are routinely modified by users—as with jailbreaking of phones—and users will find ways to disable features they don’t want. Criminals will want to disable these features. Ordinary users will also want to disable them, to mitigate their security risks. Felten’s remarks summarize a report [PDF] signed by 20 distinguished computer scientists criticizing the FBI’s proposal. It’s an important read — maybe the most important thing you’ll read all month. If you can’t trust your devices, you face enormous danger. CALEA II: Risks of wiretap modifications to endpoints 
saibot834 writes “The French domestic intelligence agency DCRI has forced a Wikipedia administrator to delete an article about a local military base. The administrator, who is also the president of Wikimédia France, has been threatened by the agency with immediate reprisals after his initial refusal to comply. Following a discussion on the administrator’s noticeboard, the article (which is said to violate a law on the secrecy of the national defense) has been reinstated by a foreign user. Prior to pressuring the admin, DCRI contacted the Wikimedia Foundation (WMF), which refused to remove the article. WMF claimed the article only contained publicly available information, in accordance with Wikipedia’s verifiability policy. While the consequences for Wikimedia’s community remain unclear, one thing is certain: The military base article – now available in English – will get more public awareness than ever before.” Read more of this story at Slashdot. 
New submitter rHBa sends this article about another high-profile email account breach: “The apparent hack of several e-mail accounts has exposed personal photos and sensitive correspondence from members of the Bush family, including both former U.S. presidents. The posted photos and e-mails contain a watermark with the hacker’s online alias, ‘Guccifer.’ … Included in the hacked material is a confidential October 2012 list of home addresses, cell phone numbers, and e-mails for dozens of Bush family members, including both former presidents, their siblings, and their children. … Correspondence obtained by the hacker indicates that at least six separate e-mail accounts have been compromised, including the AOL account of Dorothy Bush Koch, daughter of George H.W. Bush and sister of George W. Bush. Other breached accounts belong to Willard Heminway, 79, an old friend of the 41st president who lives in Greenwich, Connecticut; CBS sportscaster Jim Nantz, a longtime Bush family friend; former first lady Barbara Bush’s brother; and George H.W. Bush’s sister-in-law. ” Read more of this story at Slashdot. 
maijc writes “Computer activist Aaron Swartz committed suicide yesterday in New York City. He was 26 years old. Swartz was ‘indicted in July 2011 by a federal grand jury for allegedly mass downloading documents from the JSTOR online journal archive with the intent to distribute them.’ He is best known for co-authoring the widely-used RSS 1.0 specification when he was 14, and as one of the early co-owners of Reddit.” Read more of this story at Slashdot. 
An anonymous reader writes with a story about the possibility of genetically engineered salmon showing up on your table. “A controversial genetically engineered salmon has moved a step closer to the consumer’s dining table after the U.S. Food and Drug Administration said Friday the fish didn’t appear likely to pose a threat to the environment or to humans who eat it. AquAdvantage salmon eggs would produce fish with the potential to grow to market size in half the time of conventional salmon. If it gets a final go-ahead, it would be the first food from a transgenic animal – one whose genome has been altered – to be approved by the FDA.” Read more of this story at Slashdot. 