An anonymous reader writes "At a hearing today before the Senate Judiciary Committee, FBI director Robert Mueller confirmed the agency is using unmanned drones for surveillance within the U.S. Senator Chuck Grassley asked, 'Does the FBI own or currently use drones and for what purpose?' Mueller replied, 'Yes, for surveillance.' Grassley then asked, 'Does the FBI use drones for surveillance on U.S. soil?' Mueller said, 'Yes, in a very, very minimal way, and seldom.' With regard to restricting the use of drones to protect citizens' privacy, Mueller said, 'It is still in nascent stages but it is worthy of debate and legislation down the road.' According to article, 'Dianne Feinstein, who is also chair of the Senate intelligence committee, said the issue of drones worried her far more than telephone and internet surveillance, which she believes are subject to sufficient legal oversight.'"
Find out the latest on data centers with SlashDataCenter.
Rick Zeman writes "'Confidentiality is critical to national security.' So wrote the Justice Department in concealing the NSA's role in two wiretap cases. However, now that the NSA is under the gun, it's apparently not so critical, according to New York attorney Joshua Dratel: 'National security is about keeping illegal conduct concealed from the American public until you're forced to justify it because someone ratted you out.' The first he heard of the NSA's role in his client's case was 'when [FBI deputy director Sean] Joyce disclosed it on CSPAN to argue for the effectiveness of the NSA's spying.' Dratel challenged the legality of the spying in 2011, and asked a federal judge to order the government to produce the wiretap application the FBI gave the secretive Foreign Intelligence Surveillance Court to justify the surveillance. 'Disclosure of the FISA applications to defense counsel – who possess the requisite security clearance – is also necessary to an accurate determination of the legality of the FISA surveillance, as otherwise the defense will be completely in the dark with respect to the basis for the FISA surveillance,' wrote Dratel. According to Wired, 'The government fought the request in a 60-page reply brief (PDF), much of it redacted as classified in the public docket. The Justice Department argued that the defendants had no right to see any of the filings from the secret court, and instead the judge could review the filings alone in chambers."
The Washington Post reports that Google has filed a motion challenging the gag orders preventing it from disclosing information about the data requests it receives from government agencies. The motion cites the free speech protections of the First Amendment. "FISA court data requests typically are known only to small numbers of a company’s employees. Discussing the requests openly, either within or beyond the walls of an involved company, can violate federal law." From the filing (PDF): "On June 6, 2013, The Guardian newspaper published a story mischaracterizing the scope and nature of Google's receipt of and compliance with foreign intelligence surveillance requests. ... In light of the intense public interest generated by The Guardian's and Post's erroneous articles, and others that have followed them, Google seeks to increase its transparency with users and the public regarding its receipt of national security requests, if any. ... Google's reputation and business has been harmed by the false or misleading reports in the media, and Google's users are concerned by the allegation. Google must respond to such claims with more than generalities. ... In particular, Google seeks a declaratory judgment that Google as a right under the First Amendment to publish ... two aggregate unclassified numbers: (1) the total number of FISA requests it receives, if any; and (2) the total number of users or accounts encompassed within such requests."
Atticus Rex writes "The fact that our social networking services are so centralized is a big part of why they fall so easily to government surveillance. It only takes a handful of amoral Zuckerbergs to hand over hundreds of millions of people's data to PRISM. That's why this Slate article makes the case for a mass migration to decentralized, free software social networks, which are much more robust to spying and interference. On top of that, these systems respect your freedom as a software user (or developer), and they're less likely to pepper you with obnoxious advertisements." On a related note, identi.ca is ditching their Twitter clone platform for pump.io which promises an experience closer to the Facebook news feed. Unfortunately, adoption seems slow since Facebook, Google, et al have an interest in preventing interoperability and it can be lonely on the distributed social network.
Runefox writes "Cerulean Studios, the company behind the long-lived Trillian instant messaging client, has released preliminary specifications to their proprietary "Astra" protocol, now named IMPP (Instant Messaging and Presence Protocol), which provides continuous client functionality as well as mandatory TLS encryption for clients. According to their blog, Cerulean Studios' motivation for the release is to promote interoperability among the throngs of IM services and clients available by allowing others to also use the protocol. Future concepts include federation with XMPP. While the documentation is in an early state and the protocol is claimed to still be in development, it is hoped that it will help decentralize the very heavily fragmented messaging ecosystem. It's implied that, in turn, greater options for privacy may become available in the wake of the PRISM scandal via privately-run federated servers, unaffiliated with major networks, yet still able to communicate with them."
Rick Zeman writes "Showing once again that once a privacy door is opened every law enforcement agency will run through it, The Washington Post details how state drivers license photo databases are being mined by various LEOs in their states--and out. From the article: '[L]aw enforcement use of such facial searches is blurring the traditional boundaries between criminal and non-criminal databases, putting images of people never arrested in what amount to perpetual digital lineups. The most advanced systems allow police to run searches from laptop computers in their patrol cars and offer access to the FBI and other federal authorities. Such open access has caused a backlash in some of the few states where there has been a public debate. As the databases grow larger and increasingly connected across jurisdictional boundaries, critics warn that authorities are developing what amounts to a national identification system — based on the distinct geography of each human face.'"
An anonymous reader writes "Not to be left out Apple has released details about government requests for customer data. The company said it received between 4,000-5,000 government requests, affecting as many as 10,000 accounts or devices. From the article: 'The iPad maker said that it received between 4,000 and 5,000 requests from U.S. law enforcement agencies for customer data from December 1, 2012 to May 31, 2013, and that 9,000 to 10,000 accounts or devices were specified in the requests. Apple did not state how many of the requests were from the National Security Agency or how many affected accounts or devices may have been tied to any NSA requests.' Facebook and Microsoft released their numbers this weekend."
cold fjord writes "Yet more details about the controversy engulfing the NSA. From CNET: 'Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee, explained how the program worked without violating individuals' civil rights. "We take the business records by a court order, and it's just phone numbers — no names, no addresses — put it in a lock box," Rogers told CBS News' "Face The Nation." "And if they get a foreign terrorist overseas that's dialing in to the United Sates, they take that phone number... they plug it into this big pile, if you will, of just phone numbers — it's like a phonebook without any names and any addresses with it — to see if there's a connection, a foreign terrorist connection to the United States." "When a number comes out of that lock box, it's just a phone number — no names, no addresses," he said. "If they think that's relevant to their counterterrorism investigation, they give that to the FBI. Then upon the FBI has to go out and meet all the legal standards to even get whose phone number that is."' From the AP: ' ... programs run by the National Security Agency thwarted potential terrorist plots in the U.S. and more than 20 other countries — and that gathered data is destroyed every five years. Last year, fewer than 300 phone numbers were checked against the database of millions of U.S. phone records ... the intelligence officials said in arguing that the programs are far less sweeping than their detractors allege.... both NSA programs are reviewed every 90 days by the secret court authorized by the Foreign Intelligence Surveillance Act. Under the program, the records, showing things like time and length of call, can only be examined for suspected connections to terrorism, they said. The ... program helped the NSA stop a 2009 al-Qaida plot to blow up New York City subways.'"
Writing "Wow, this is going to really set the cat amongst the pigeons once this gets around," an anonymous reader links to a story at The Guardian about some good old fashioned friendly interception, and the slide-show version of what went on at recent G20 summits in London: "Foreign politicians' calls and emails intercepted by UK intelligence; Delegates tricked into using fake internet cafes; GCHQ analysts sent logs of phone calls round the clock; Documents are latest revelations from whistleblower Edward Snowden."
First time accepted submitter TigerPlish writes "AT&T has rolled out Wireless Emergency Alerts for iPhones. The alerts are for huge catastrophes (a Presidential Alert), for weather / natural calamities, and for AMBER alerts. One can turn off the latter two, but the Presidential alert cannot be turned off. The article mentions only 4S and 5 get this update. That said, I have a 4 and it got the update this morning. This was enacted in 2006, for those keeping track of such things. I, for one, do not care for this any more than I like the idea of them reading my communications to begin with. Oh, I'm sorry, the "metadata" from my communications." As promised.
bill_mcgonigle writes with this news from from CNET: "Rep. Jerrold Nadler (D NY) disclosed that NSA analysts eavesdrop on Americans' domestic telephone calls without court orders during a House Judiciary hearing. After clearing with FBI director Robert Mueller that the information was not classified, Nadler revealed that during a closed-door briefing to Congress, the Legislature was informed that the spying organization had implemented and uses this capability. This appears to confirm Edward Snowden's claim that he could, in his position at the NSA, 'wiretap anyone from you or your accountant to a federal judge to even the president.' Declan McCullagh writes, 'Because the same legal standards that apply to phone calls also apply to e-mail messages, text messages, and instant messages, Nadler's disclosure indicates the NSA analysts could also access the contents of Internet communications without going before a court and seeking approval.' The executive branch has defended its general warrants, claiming that 'the president had the constitutional authority, no matter what the law actually says, to order domestic spying without [constitutional] warrants,' while Kurt Opsahl, senior staff attorney at EFF claims such government activity 'epitomizes the problem of secret laws.'" Note that "listening in" versus "collecting metadata" is a distinction that defenders of government phone spying have been emphasizing. Tracking whom you called and when, goes the story, doesn't impinge on expectations of privacy. Speaking of the metadata collection, though, reader Bruce66423 writes "According to the Washington Post, the Bush administration took 'bulk metadata' from the phone companies under voluntary agreements for more than four years after 9/11 until a court agreed they could have it compulsorily." Related: First time accepted submitter fsagx writes that Brewster Kahle of the Internet Archive has calculated the cost to store every phone call made in the U.S. over the course of a year: "It's surprisingly inexpensive. It puts the recent NSA stories (and reports from the Boston bombings about the FBI's ability to listen to past phone conversions) into perspective."
An anonymous reader writes "For a few years now, we've been hearing about TV-related devices that have built-in cameras and microphones. Their stated purpose is to monitor consumers and gather data — often to target advertising. (We'll set aside any unstated purposes — the uses they tell us about are bad enough.) Now, two members of the U.S. House of Representatives have submitted legislation to regulate this sort of technology. '[They] said they want to get out ahead of the release of this new technology and pass legislation that ensures it would include beefed up privacy protections for consumers. They added that this legislation is particularly relevant given the recent revelations about the National Security Agency's Internet surveillance programs. ... Additionally, the bill requires a cable box or set-top device to notify consumers when the monitoring technology is activated and in use by posting the phrase "We are watching you" across their TV screens.'"
coop0030 writes "Feel like someone is snooping on you? Browse anonymously anywhere you go with the Onion Pi Tor proxy. This is fun weekend project from Adafruit that uses a Raspberry Pi, a USB WiFi adapter and Ethernet cable to create a small, low-power and portable privacy Pi."
cold fjord writes "There are new developments in the ongoing controversy engulfing the NSA as a result of the Snowden leaks. From The Hill: 'Emerging from a hearing with NSA Director Gen. Keith Alexander, Reps. Mike Rogers (R-Mich.), chairman of the Intelligence Committee, and Dutch Ruppersberger (Md.), the senior Democrat on the panel, said Edward Snowden simply wasn't in the position to access the content of the communications gathered under National Security Agency programs, as he's claimed. "He was lying," Rogers said. "He clearly has over-inflated his position, he has over-inflated his access and he's even over-inflated what the actual technology of the programs would allow one to do. It's impossible for him to do what he was saying he could do." ... "He's done tremendous damage to the country where he was born and raised and educated," Ruppersberger said. ... "It was clear that he attempted to go places that he was not authorized to go, which should raise questions for everyone," Rogers added.'" U.S. Attorney General Eric Holder has also told the E.U. justice commissioner that media reports surrounding PRISM are wrong: "The contention it [PRISM] is not subject to any internal or external oversights is simply not correct. It's subject to an extensive oversight regime from executive, legislative and judicial branches and Congress is made aware of these activities. The courts are aware as we need to get a court order. ... We can't target anyone unless appropriate documented foreign intelligence purpose for the prevention of terrorism or hostile cyber activities." Meanwhile, Bloomberg has gone live with a report (based on unidentified sources, so take it with a grain of salt) saying that private sector cooperation with snooping government agencies extends far beyond the ones listed in the PRISM report. "Thousands of technology, finance and manufacturing companies are working closely with U.S. national security agencies, providing sensitive information and in return receiving benefits that include access to classified intelligence, four people familiar with the process said." Whatever PRISM turns out to be, the NY Times is reporting that at least Yahoo, and probably other tech companies as well, tried to fight participation in it. Other reports suggest Twitter refused to participate, though there's been no official confirmation.
c0lo writes "Kim Dotcom alleges, in an 20 min interview with the Australian public television, that Megaupload was offered up by the New Zealand's PM 'on a silver platter' as part of negotiations with Warner Brothers executives for shooting The Hobbit in New Zealand. He promises that he'll substantiate the claims in court. He also says that the extradition case the U.S. government is weak and the reason behind the latest delay in extradition hearing (postponed from August this year to March next year) is an attempt to bleed Dotcom dry of his money. Also interesting, Dotcom says that the latest debacle of the massive scale online online surveillance by U.S. spy agencies has triggered an 'explosion' of interest in mega.co.nz, the 'cloud storage' site with user generated encryption."
An anonymous reader writes "Simply put, the US government has failed in its role as the 'caretaker' of the internet. Although this was never an official designation, America controls much of the infrastructure, and many of the most popular services online are provided by a handful of American companies. The world is starting to sober up to the fact that much of what they've done online in the last decade is now cataloged in a top-secret facility somewhere in the United States. The goal has been to promote internet freedom around the world, but we may have also potentially created a blueprint for how authoritarian governments can store, track, and mine their citizens' digital lives."
An anonymous reader writes "Some journalists ran into Steve Wozniak at the airport and asked him about iOS 7 and PRISM, where he made an interesting comparison about how the US is becoming what it once feared most. In communist Russia 'you couldn't own anything, and now in the digital world you hardly own anything anymore (YouTube video). You've got subscritpions and you already said ok, ok, agree and you agree that every right in the world belongs to them and you got no rights and anything you put in the cloud, you don't even know,' says Woz. 'Ownership was what made America different than Russia.'"
First time accepted submitter jarle.aase writes "It's doable today to use a mix of virtual machines, VPN, TOR, encryption (and staying away from certain places; like Google Plus, Facebook, and friends), in order to retain a reasonable degree of privacy. In recent days, even major mainstream on-line magazines have published such information. (Aftenposten, one of the largest newspapers in Norway, had an article yesterday about VPN, Tor and Freenet!) But what about the cell-phone? Technically it's not hard to design a phone that can switch off the GSM transmitter, and use VoIP for calls. VoIP could then go from the device through Wi-Fi and VPN. Some calls may be routed trough PSTN gateways — allowing the agencies to track the other party. But they will not track your location. And they will not track pure, encrypted VoIP calls that traverse trough VPN and use anonymous SIP or XMPP accounts. Android may not be the best software for such a device, as it very eagerly phones home. The same is true for iOS and Windows 8. Actually, I would prefer a non cloud-based mobile OS from a vendor that is not in the PRISM gallery. Does such a device exist yet? Something that runs a relatively safe OS, where GSM can be switched totally off? Something that will only make an outgoing network connection when I ask it to do so?" And in the absence of a perfect solution, what do you do instead? (It's still Android and using the cell network, but Red Phone — open sourced last year — seems like a good start.)
Trailrunner7 writes "A group of eight senators from both parties have introduced a new bill that would require the attorney general to declassify as many of the rulings of the secret Foreign Intelligence Surveillance Court as possible as a way of bringing into the sunlight much of the law and opinion that guides the government's surveillance efforts. Under the terms of the proposed law, the Justice Department would be required to declassify major FISC opinions as a way to give Americans a view into how the federal government is using the Foreign Intelligence Surveillance Act and Patriot Act. If the attorney general determines that a specific ruling can't be declassified without endangering national security, he can declassify a summary of it. If even that isn't possible, then the AG would need to explain specifically why the opinion needs to be kept secret."
chicksdaddy writes "In the days since stories based on classified information leaked by former NSA contractor Edward Snowden hit the headlines, a string of reports and editorials claim that he had his facts wrong, accuse him of treason – or both. Others have accused journalists like Glen Greenwald of The Guardian of rushing to print before they had all the facts. All of these criticisms could be valid. Technology firms may not have given intelligence agencies unfettered and unchecked access to their users' data. Edward Snowden may be, as the New York Times's David Brooks suggests, one of those 20-something-men leading a 'life unshaped by the mediating institutions of civil society.' All those critiques may be true without undermining the larger truth of Snowden's revelation: in an age of global, networked communications and interactions, we are all a lot less free than we thought we were. I say this because nobody has seriously challenged the basic truth of Snowden's leak: that many of the world's leading telecommunications and technology firms are regularly divulging information about their users' activities and communications to law enforcement and intelligence agencies based on warrantless requests and court reviews that are hidden from public scrutiny. It hasn't always been so." Bruce Schneier has published an opinion piece saying that while Snowden did break the law, we need to investigate the government before any prosecution occurs. (Schneier's piece is one in a series on the subject.) Snowden himself said in an interview today that the U.S. government has been pursuing hacking operations against China for years.