Archive for December 2011

Bradley Manning and the next Security Paradigm: Insider Threats

Bradley Manning Had Secrets from Animate Projects on Vimeo.

Bradley Manning is an Army intelligence analyst accused of leaking thousands of U.S. diplomatic cables to Wikileaks. Depending on your perspective, he’s become a symbol for high tech whistleblowing, or dangerous cyber-crime. Either way, you should be paying attention to his pre-trial hearing, which unfolded this week. Manning’s case represents a convergence of issues that shed light on the future of lawbreaking and punishment.

Manning’s case is about a novel, but increasingly normal, way that secrets will be leaked to the media. The datadump Manning’s alleged to have handed over to Wikileaks seemed to have been the result of simply running a script to snarf up every piece of classified information he had access to.

Leaks in the era of big data will probably look a lot more like what we see on Wikileaks. People who want to expose bad behavior in their companies or governments will grab what they can and post it. Just as online journalism of the future will be less edited than paper journalism of the twentieth century, online leaks will be unedited too.

Check out the video:

Story From IO9:

US Chamber of Commerce hackers went undetected for one year

The U.S. Chamber of Commerce, the largest business lobbying group in the world, was hacked and all of the information stored on its computer systems was accessible to the hackers, who are suspected to have operated out of China. This, according to a stunning report published Wednesday in The Wall Street Journal.

A Chamber spokesperson told TPM in a statement that the Chamber could “confirm that the quotes and background information provided by the Chamber to the Journal are accurate.”

Even more worrisome, the brazen hack might have remained undetected for up to a year, according to The Journal’s report, which notes that the Chamber only became aware of the intrusion when it was alerted by the FBI.

From the Wall Street Journal:

As expected: Police start to employ Predator drone spy planes in US

Armed with a search warrant, Nelson County Sheriff Kelly Janke went looking for six missing cows on the Brossart family farm in the early evening of June 23. Three men brandishing rifles chased him off, he said.

Janke knew the gunmen could be anywhere on the 3,000-acre spread in eastern North Dakota. Fearful of an armed standoff, he called in reinforcements from the state Highway Patrol, a regional SWAT team, a bomb squad, ambulances and deputy sheriffs from three other counties.

He also called in a Predator B drone.

As the unmanned aircraft circled 2 miles overhead the next morning, sophisticated sensors under the nose helped pinpoint the three suspects and showed they were unarmed. Police rushed in and made the first known arrests of U.S. citizens with help from a Predator, the spy drone that has helped revolutionize modern warfare.

But that was just the start. Local police say they have used two unarmed Predators based at Grand Forks Air Force Base to fly at least two dozen surveillance flights since June. The FBI and Drug Enforcement Administration have used Predators for other domestic investigations, officials said.

“We don’t use [drones] on every call out,” said Bill Macki, head of the police SWAT team in Grand Forks. “If we have something in town like an apartment complex, we don’t call them.”

The drones belong to U.S. Customs and Border Protection, which operates eight Predators on the country’s northern and southwestern borders to search for illegal immigrants and smugglers. The previously unreported use of its drones to assist local, state and federal law enforcement has occurred without any public acknowledgment or debate.

Congress first authorized Customs and Border Protection to buy unarmed Predators in 2005. Officials in charge of the fleet cite broad authority to work with police from budget requests to Congress that cite “interior law enforcement support” as part of their mission.

From the LA Times:,0,324348.story

Watch the software that may be watching you

Though the software is installed on most modern Android, BlackBerry and Nokia phones, Carrier IQ was virtually unknown until 25-year-old Trevor Eckhart of Connecticut analyzed its workings, revealing that the software secretly chronicles a user’s phone experience — ostensibly so carriers and phone manufacturers can do quality control.

But now he’s released a video actually showing the logging of text messages, encrypted web searches and, well, you name it.

Eckhart labeled the software a “rootkit,” and the Mountain View, California-based software maker threatened him with legal action and huge money damages. The Electronic Frontier Foundation came to his side last week, and the company backed off on its threats. The company told last week that Carrier IQ’s wares are for “gathering information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life.”

The company denies its software logs keystrokes. Eckhart’s 17-minute video here clearly undercuts that claim.

From Wired magazine: