ReportWire

Tag: Surveillance

  • Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

    [ad_1]

    That suggests anyone could set up similar hardware somewhere else in the world and likely obtain their own collection of sensitive information. After all, the researchers restricted their experiment to only off-the-shelf satellite hardware: a $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card, totaling less than $800.

    “This was not NSA-level resources. This was DirecTV-user-level resources. The barrier to entry for this sort of attack is extremely low,” says Matt Blaze, a computer scientist and cryptographer at Georgetown University and law professor at Georgetown Law. “By the week after next, we will have hundreds or perhaps thousands of people, many of whom won’t tell us what they’re doing, replicating this work and seeing what they can find up there in the sky.”

    One of the only barriers to replicating their work, the researchers say, would likely be the hundreds of hours they spent on the roof adjusting their satellite. As for the in-depth, highly technical analysis of obscure data protocols they obtained, that may now be easier to replicate, too: The researchers are releasing their own open-source software tool for interpreting satellite data, also titled “Don’t Look Up,” on Github.

    The researchers’ work may, they acknowledge, enable others with less benevolent intentions to pull the same highly sensitive data from space. But they argue it will also push more of the owners of that satellite communications data to encrypt that data, to protect themselves and their customers. “As long as we’re on the side of finding things that are insecure and securing them, we feel very good about it,” says Schulman.

    There’s little doubt, they say, that intelligence agencies with vastly superior satellite receiver hardware have been analyzing the same unencrypted data for years. In fact, they point out that the US National Security Agency warned in a 2022 security advisory about the lack of encryption for satellite communications. At the same time, they assume that the NSA—and every other intelligence agency from Russia to China—has set up satellite dishes around the world to exploit that same lack of protection. (The NSA did not respond to WIRED’s request for comment).

    “If they aren’t already doing this,” jokes UCSD cryptography professor Nadia Heninger, who co-led the study, “then where are my tax dollars going?”

    Heninger compares their study’s revelation—the sheer scale of the unprotected satellite data available for the taking—to some of the revelations of Edward Snowden that showed how the NSA and Britain’s GCHQ were obtaining telecom and internet data on an enormous scale, often by secretly tapping directly into communications infrastructure.

    “The threat model that everybody had in mind was that we need to be encrypting everything, because there are governments that are tapping undersea fiber optic cables or coercing telecom companies into letting them have access to the data,” Heninger says. “And now what we’re seeing is, this same kind of data is just being broadcast to a large fraction of the planet.”

    [ad_2]

    Andy Greenberg, Matt Burgess

    Source link

  • Court of Appeals sides with ShotSpotter critics in Detroit, finding city ‘repeatedly’ violated transparency law – Detroit Metro Times

    [ad_1]

    A state appeals court handed a partial victory to critics of Detroit’s controversial ShotSpotter surveillance system, ruling that city officials violated a transparency ordinance when they approved contracts for the gunshot detection technology without properly notifying the public.

    In a published decision released Thursday, a divided Michigan Court of Appeals panel found that the Detroit Police Department failed to comply with the city’s Community Input Over Government Surveillance (CIOGS) ordinance, which requires the public release of a detailed report on surveillance technology at least 14 days before it is discussed by the City Council. The court reversed part of a lower court ruling that had dismissed the case and sent it back for further proceedings.

    “The City of Detroit uses surveillance technology to identify the location of gunshots in certain precincts,” Judge Brock Swartzle wrote for the majority. “Given the inherent invasiveness of surveillance technology, the City adopted specific procedural requirements that must be met when procuring such technology. These requirements were not met here.”

    Critics argue ShotSpotter, which relies on a network of sensors to detect gunshots, is unproven, invasive, and racially discriminatory. The city counters that it saves lives and helps police find suspects more quickly.

    The ruling means the Wayne County Circuit Court must revisit whether the city’s ShotSpotter contracts are valid and whether the plaintiffs — five Detroiters and the James and Grace Lee Boggs Center to Nurture Community Leadership — are entitled to any relief.

    The appeals court found that the Detroit Police Department did not post the legally required Surveillance Technology Specification Report (STSR) until September 28, 2022 after several key council committee meetings had already taken place and just one day after the council voted to renew an existing $1.5 million contract with ShotSpotter. The council later approved a $7 million expansion two weeks later.

    “Thus, the record confirms that defendants repeatedly violated the requirement under § 17-5-452(c) that the STSR ‘be made available on the City’s website at least 14 days prior to holding any of the hearings or meetings,’” the court wrote. “The trial court erred in concluding otherwise when it granted summary disposition in favor of defendants.”

    The panel also rejected the city’s argument that it was exempt from the ordinance because ShotSpotter had already been in use before the law took effect in 2021. The court ruled that the so-called “grandfather clause” only applies to surveillance technology that was previously approved under the ordinance, and the ShotSpotter system was not.

    The lawsuit was filed in 2022 by the Detroit Justice Center, Sugar Law Center for Economic and Social Justice, and attorney Jack Schulz. They argued that the city violated its own ordinance by failing to be transparent and involve the community in approving the technology.

    “Much congrats to each of our clients for standing up in this case on behalf of all residents of the city,” John Philo, executive and legal director for Sugar Law Center, said. “While more limited in scope than hoped for, the court’s decision is an important recognition that citizens’ oversight and input ordinances matter and cannot simply be ignored by government officials.”

    ShotSpotter operates through a network of microphones that detect loud noises and notify police of suspected gunfire. Detroit police have praised it as a tool that helps officers respond to shootings faster.

    “ShotSpotter has been an invaluable investigative tool that is helping to make our city safer,” Detroit Police Department Assistant Chief Franklin Hayes said in a statement to Metro Times. “In areas where ShotSpotter is deployed, we have seen significant reductions in gunfire. So far this year, we have recovered 244 firearms and made 131 arrests as a result of ShotSpotter cases.”

    Hayes said the technology also “helps save lives.”

    “Just this week, DPD responded to a ShotSpotter alert of multiple shots fired, for which no 911 calls were placed,” Hayes said. “When officers arrived, they found a critically injured victim who likely would have succumbed to his injuries at the scene had ShotSpotter technology not alerted DPD to the incident and to its location.” 

    Community advocates and civil rights groups argue that the system sends officers charging into predominantly Black neighborhoods on high alert, even though the majority of alerts turn out to be false alarms. An analysis by Chicago’s Office of Inspector General found that ShotSpotter alerts “rarely produce evidence of a gun-related crime” and led police to increase stop-and-frisk encounters in areas already over-policed. About 89% of ShotSpotter alerts in Chicago resulted in no evidence of gunfire or any crime.

    Opponents also note that several cities — including San Antonio, Charlotte, Trenton, Troy, and Grand Rapids — have canceled or rejected ShotSpotter contracts amid concerns about its reliability and cost.

    The appeals court remanded the Detroit case to Wayne County Circuit Court to determine potential remedies and address the city’s defenses, including claims that the lawsuit is moot because the contracts have already been implemented.

    “With surveillance and similar technology ever encroaching into every recess of modern life, procedural safeguards cannot be ignored or downplayed by government actors as mere technicalities,” the court wrote. “To ensure that technology serves the people, and not the other way around, strict compliance with procedural safeguards like the CIOGS Ordinance may well be needed. And, unfortunately, such compliance was lacking here.”

    In a statement, Detroit Corporation Counsel Conrad Mallett noted that the court’s opinion does not impact the use of ShotSpotter in the city.

    “The Court of Appeals opinion does not void the use of this technology, which is still in place,” Mallett said. “In its opinion the Court of Appeals recognized the City of Detroit’s defenses to the lawsuit that may result in another dismissal by the trial court.”


    [ad_2]

    Steve Neavling

    Source link

  • California Lets Residents Opt-Out of a Ton of Data Collection on the Web

    [ad_1]

    This week, California Governor Gavin Newsom signed into law new legislation that will give Californians the ability to easily opt out of digital data collection with a simple portal that should apply to all websites in their browser. The move promises to make the state’s digital privacy protections that much easier to take advantage of, and could set a new precedent for future privacy regulations.

    In a press release shared this week, Newsom’s office announced the passage of two new laws, SB 361 and AB 566, that will strengthen the state’s landmark California Consumer Privacy Act. The CCPA, created in 2018, notably gave state residents the ability to request that companies share with them—but also delete—information that had been collected about them as part of their business practices.

    The passage of the CCPA was a big deal, but, as is often the case with landmark legislation, its execution has left something to be desired. While the CCPA did, indeed, force companies—for the first time—to give web users a certain amount of control over their data, the mechanisms by which that control can be exerted have always been quite imperfect.

    In other words, loopholes in the law have created a situation in which every single time a web user visits a website, they are forced to go through the annoying process of selecting their privacy preferences. In some cases, companies have capitalized on this process by making it confusing or difficult to navigate, thus tilting the scales in their favor.

    Now, however, due to the passage of AB 566, Californians should—theoretically—be able to opt out of all data collection via a simple portal made available through their web browser. The legislation “helps consumers exercise their opt-out rights” under the CCPA by “requiring browsers to include a setting to send websites an opt-out preference signal to enable Californians to opt out of third-party sales of their data at one time instead of on each individual website,” Newsom’s press release states.

    This is a great step towards giving web users more control over their data, although—given that the bill was just passed into law—it’s not yet clear how the regulation will manifest for consumers. Hopefully, it will be as easy as checking a box in your browser.

    The legislation puts California miles ahead of the rest of the country when it comes to digital privacy enforcement. In recent years, the state has also taken strides towards improving its ability to police and punish companies for infringing upon this law. Currently, enforcement is operated through the state Attorney General’s office. This year, a number of companies—including a tractor company and a health information publisher—were fined upwards of a million dollars for alleged CCPA violations. However, in 2020, the state also approved the creation of a new agency, the California Privacy Protection Agency (or CPPA—which has been dubbed the nation’s first “privacy police”), which is tasked with administering and implementing the CCPA.

    Also signed into law this week was SB 361, which is designed to strengthen California’s already existing data broker registry. The law will give consumers “more information about the personal information collected by data brokers and who may have access to consumers’ data,” Newsom’s office said.

    [ad_2]

    Lucas Ropek

    Source link

  • ICE Wants to Build Out a 24/7 Social Media Surveillance Team

    [ad_1]

    United States immigration authorities are moving to dramatically expand their social media surveillance, with plans to hire nearly 30 contractors to sift through posts, photos, and messages—raw material to be transformed into intelligence for deportation raids and arrests.

    Federal contracting records reviewed by WIRED show that the agency is seeking private vendors to run a multiyear surveillance program out of two of its little-known targeting centers. The program envisions stationing nearly 30 private analysts at Immigration and Customs Enforcement facilities in Vermont and Southern California. Their job: Scour Facebook, TikTok, Instagram, YouTube, and other platforms, converting posts and profiles into fresh leads for enforcement raids.

    The initiative is still at the request-for-information stage, a step agencies use to gauge interest from contractors before an official bidding process. But draft planning documents show the scheme is ambitious: ICE wants a contractor capable of staffing the centers around the clock, constantly processing cases on tight deadlines, and supplying the agency with the latest and greatest subscription-based surveillance software.

    The facilities at the heart of this plan are two of ICE’s three targeting centers, responsible for producing leads that feed directly into the agency’s enforcement operations. The National Criminal Analysis and Targeting Center sits in Williston, Vermont. It handles cases across much of the eastern US. The Pacific Enforcement Response Center, based in Santa Ana, California, oversees the western region and is designed to run 24 hours a day, seven days a week.

    Internal planning documents show that each site would be staffed with a mix of senior analysts, shift leads, and rank-and-file researchers. Vermont would see a team of a dozen contractors, including a program manager and 10 analysts. California would host a larger, nonstop watch floor with 16 staff. At all times, at least one senior analyst and three researchers would be on duty at the Santa Ana site.

    Together, these teams would operate as intelligence arms of ICE’s Enforcement and Removal Operations division. They will receive tips and incoming cases, research individuals online, and package the results into dossiers that could be used by field offices to plan arrests.

    [ad_2]

    Dell Cameron

    Source link

  • Microsoft blocks Israel’s use of its data centers for mass surveillance of Palestinians

    [ad_1]

    Microsoft has ended access to its data centers for a unit of the Israeli military that helped power a massive surveillance operation against Palestinian civilians, according to a report by The Guardian. The company says that the country’s spy agency has violated its terms of service.

    This surveillance system collected every day in Gaza and the West Bank. The massive trove of data has been stored via Microsoft’s Azure cloud platform, but the company just informed Israel’s spy agency that this practice will no longer be acceptable.

    Microsoft’s vice-chair and president, Brad Smith, alerted staff of the move in an email, writing that the company had “ceased and disabled a set of services to a unit within the Israel ministry of defense.” He went to suggest that this included cutting off access to cloud storage and some AI services.

    “We do not provide technology to facilitate mass surveillance of civilians,” he continued. “We have applied this principle in every country around the world, and we have insisted on it repeatedly for more than two decades.”

    Microsoft came to this decision after conducting an external inquiry to review the spy agency’s use of its Azure cloud platform. It also comes amid pressure from both employees and investors for the company to examine its relationship with Israel as it relates to the military offensive in Gaza.

    This reportedly started back in 2021, when Microsoft CEO Satya Nadella allegedly okayed the storage effort personally after meeting with a commander from Israel’s elite military surveillance corps, Unit 8200. Nadella reportedly gave the country a customized and segregated area within the Azure platform to store these phone calls, all without knowledge or consent from Palestinians.

    While conflict has existed between Israel and Palestinian groups for decades, these platforms were built out a full two years before the the most recent escalation in violence, beginning October 7, 2023. The mantra when building out the project was to record “a million calls an hour.”

    Leaked Microsoft files suggested that the lion’s share of this data was being stored in Azure facilities in the Netherlands, but Israel allegedly moved it after Microsoft started its initial investigation. The Guardian has reported that Unit 8200 planned on transferring the data to the Amazon Web Services cloud platform. We have contacted Amazon to ask if it has accepted this gigantic trove of personal data.

    [ad_2]

    Lawrence Bonk

    Source link

  • Predator drones shift from border patrol to protest surveillance

    [ad_1]

    FT. HUACHUCA, Ariz. — When MQ-9 Predator drones flew over anti-ICE protests in Los Angeles this summer, it was the first time they had been dispatched to monitor demonstrations on U.S. soil since 2020, and their use reflects a change in how the government is choosing to deploy the aircraft once reserved for surveilling the border and war zones.

    Previous news reports said the drones sent by the Department of Homeland Security conducted surveillance on the weekend of June 7 over thousands of protesters demonstrating against raids conducted by Immigration and Customs Enforcement. The Predators flew over Los Angeles for at least four more days, according to tracking experts who identified the flights through air traffic control tower communications and images of a Predator in flight.

    Those amateur sleuths, who monitor flight traffic and identified the first flight, which was confirmed by Customs and Border Protection, shared their findings on social media.

    Defenders of using drones to monitor protests say the aircraft, with their high-tech capabilities, can provide authorities useful and detailed information in real time. Human rights advocates fear the new policy will impinge on civil rights.

    The drones, which fly at around 20,000 feet to conduct surveillance, can beam a live video feed to various government agencies — ICE, the military and more . The MQ designation refers to the drone’s abilities and function. In military parlance, M means multi-use and Q indicates it’s an unmanned aerial vehicle.

    When asked about the additional days of flights over Los Angeles, Homeland Security did not directly address the questions but said the flights were meant to protect police and military.

    “CBP’s Air and Marine Operations (AMO) has provided both Manned and Unmanned aerial support to federal law enforcement partners conducting operations in the Greater Los Angeles area,” the department said in a statement.

    “Both platforms provide an unparalleled ability with Electro-optical/infrared sensors and video downlink capabilities that provide situational awareness and communications support that enhance officer safety,” the statement added.

    Protesters march against immigration crackdowns in Los Angeles on June 10, the same day the Department of Homeland Security on X posted video of protests taken by a drone.

    (Jason Armond/Los Angeles Times)

    Homeland Security touted information obtained through drones in a post on X, formerly Twitter, on June 10. The post included footage of vehicles on fire and protesters squaring off with law enforcement personnel, apparently to show why it was necessary for the Trump administration to deploy the National Guard in Los Angeles.

    “WATCH: DHS drone footage of LA rioters,” the post read. “This is not calm. This is not peaceful. California politicians must call off their rioting mob.”

    The post was dated June 10, but it was not clear if the video was from a Predator drone.

    Supporters of civil liberties are asking why this equipment, which has been used to drop laser-guided bombs on targets in countries like Afghanistan, is being used for domestic issues.

    The deployment of Predators over protesters is a significant departure from the U.S. government’s policy not to fly the drones over demonstrations, to avoid the perception they are spying on 1st Amendment rights activity, U.S. officials said.

    The last time Homeland Security sent a Predator to fly over protesters, according to U.S. government officials, was in Minneapolis during the 2020 protests against the killing of George Floyd by a police officer later convicted of his murder.

    Five Democrats on the House Oversight Committee called the deployment a “gross abuse of authority” and asked Homeland Security to explain what had occurred.

    At times the drones are requested by law enforcement or other authorities to fly over a region, say, to help monitor forest fires, or to provide surveillance for the Super Bowl, officials said.

    The Predators come equipped with cutting-edge infrared heat sensors and high-definition video cameras, and can track scores of individuals within a 15-nautical-mile radius.

    Two people in chairs look at screens and panels of buttons.

    In a file photo, an unmanned Predator drone is being guided from a flight operations center at Ft. Huachuca in Arizona in 2013.

    (John Moore / Getty Images)

    The drone uses an artificial intelligence program, called Vehicle and Dismount Exploitation Radar, or VaDER, to detect small objects — a human being, a rabbit, even a bird in flight. The infrared sensors can identify heat signatures even inside some buildings.

    In response to the drone flights over Los Angeles, Rep. Jimmy Gomez (D-Los Angeles) introduced a bill in July that would restrict Predator drones and other unmanned aircraft from being deployed by the U.S. government over demonstrators.

    “My bill to ban military surveillance drones over our cities puts Trump and his administration in check,” said Gomez. “This is not just about Los Angeles, this affects the entire country. I refuse to allow Trump to use these weapons of war, capable of carrying bombs, as tools for law enforcement against civilians.”

    On Sept. 16, the Los Angeles City Council unanimously approved a resolution endorsing Gomez’s Ban Military Drones Spying on Civilians Act.

    “Los Angeles will not stand by while the federal government turns weapons of war against our residents,” said Councilmember Eunisses Hernandez, who introduced the resolution. “Spying on people engaged in peaceful protest is unconstitutional, dangerous and a direct attack on democracy.”

    The drones were first brought to the U.S. southern border in 2005 and retrofitted for surveillance operations. Homeland Security deployed the drones to fly the length of the 2,000-mile, U.S.-Mexico border, searching for drug traffickers and groups of undocumented migrants.

    Just an hour south of Tucson lies Ft. Huachuca, one of four MQ-9 drone bases from which the drones deploy along the southern border and into the interior of the U.S.

    As with the MQ-9, military-grade technology often finds its way into the interior of the country, experts say.

    “It is tested in war zones, the border, tested in cities along the border and tested in the interior of the country,” said Dave Maass, director of investigations at the Electronic Frontier Foundation, a privacy rights organization. “That tends to be the trajectory we see.”

    With a drop in migrant crossings into the United States, experts anticipate drones will be deployed more often over demonstrations in the coming years.

    “If somebody in the Trump administration decides there’s a need to use drones in the interior over U.S. citizens, resources won’t be an issue,” said Adam Isaacson, who covers national security for the Washington Office of Latin America, a human rights research group. “Because there’s just not that much to monitor at the border.”

    Fisher is a special correspondent. This story was co-published with Puente News Collaborative, a bilingual nonprofit newsroom dedicated to high-quality news and information from the U.S.-Mexico border.

    [ad_2]

    Steve Fisher

    Source link

  • A Dangerous Worm Is Eating Its Way Through Software Packages

    [ad_1]

    New findings this week showed that a misconfigured platform used by the Department of Homeland Security left sensitive national security information—including data related to the surveillance of Americans—exposed and accessible to thousands of people. Meanwhile, 15 New York officials were arrested by Immigration and Customs Enforcement and the New York Police Department this week in or around 26 Federal Plaza—where ICE detains people in what courts have ruled are unsanitary conditions.

    Russia conducted conspicuous military exercises testing hypersonic missiles near NATO borders, stoking tensions in the region after the Kremlin had already recently flown drones into Polish and Romanian airspace. Scammers have a new tool for sending spam texts, known as “SMS blasters,” that can send up to 100,000 texts per hour while evading telecom company anti-spam measures. Scammers deploy rogue cell towers that trick people’s phones into connecting to the malicious devices so they can send the texts directly and bypass filters. And a pair of flaws in Microsoft’s Entra ID identity and access management system, which have been patched, could have been exploited to access virtually all Azure customer accounts—a potentially catastrophic disaster.

    WIRED published a detailed guide this week to acquiring and using a burner phone, as well as alternatives that are more private than a regular phone but not as labor-intensive as a true burner. And we updated our guide to the best VPNs

    But wait, there’s more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

    The cybersecurity world has seen, to its growing dismay, plenty of software supply-chain attacks, in which hackers hide their code in a legitimate piece of software so that it’s silently seeded out to every system that uses that code around the world. In recent years, hackers have even tried linking one software supply-chain attack to another, finding a second software developer target among their victims to compromise yet another piece of software and launch a new round of infections. This week saw a new and troubling evolution of those tactics: a full-blown self-replicating supply-chain attack worm.

    The malware, which has been dubbed Shai-Hulud after the Fremen name for the monstrous Sandworms in the sci-fi novel Dune (and the name of the Github page where the malware published stolen credentials of its victims), has compromised hundreds of open source software packages on the code repository Node Packet Management, or NPM, used by developers of Javascript. The Shai-Hulud worm is designed to infect a system that uses one of those software packages, then hunt for more NPM credentials on that system so that it can corrupt another software package and continue its spread.

    By one count, the worm has spread to more than 180 software packages, including 25 used by the cybersecurity firm CrowdStrike, though CrowdStrike has since had them removed from the NPM repository. Another count from cybersecurity firm ReversingLabs put the count far higher, at more than 700 affected code packages. That makes Shai-Hulud one of the biggest supply-chain attacks in history, though the intent of its mass credential-stealing remains far from clear.

    Western privacy advocates have long pointed to China’s surveillance systems as the potential dystopia awaiting countries like the United States if tech industry and government data collection goes unchecked. But a sprawling Associated Press investigation highlights how China’s surveillance systems have reportedly been largely built on US technologies. The AP’s reporters found evidence that China’s surveillance network—from the “Golden Shield” policing system that Beijing officials have used to censor the internet and crack down on alleged terrorists to the tools used to target, track, and often detain Uyghurs and the country’s Xinjiang region—appear to have been built with the help of American companies, including IBM, Dell, Cisco, Intel, Nvidia, Oracle, Microsoft, Thermo Fisher, Motorola, Amazon Web Services, Western Digital, and HP. In many cases, the AP found Chinese-language marketing materials in which the Western companies specifically offer surveillance applications and tools to Chinese police and domestic intelligence services.

    Scattered Spider, a rare hacking and extortion cybercriminal gang based largely in Western countries, has for years unleashed a trail of chaos across the internet, hitting targets from MGM Resorts and Caesar’s Palace to the Marks & Spencer grocery chain in the United Kingdom. Now two alleged members of that notorious group have been arrested in the UK: 19-year-old Thalha Jubair and 18-year-old Owen Flowers, both charged with hacking the Transport for London transit system—reportedly inflicting more than $50 million in damage—among many other targets. Jubair alone is accused of intrusions targeting 47 organizations. The arrests are just the latest in a string of busts targeting Scattered Spider, which has nonetheless continued a nearly uninterrupted string of breaches. Noah Urban, who was convicted on charges related to Scattered Spider activity, spoke from jail to Bloomberg Businessweek for a long profile of his cybercriminal career. Urban, 21, has been sentenced to a decade in prison.

    [ad_2]

    Lily Hay Newman, Andy Greenberg

    Source link

  • Here’s the tech powering ICE’s deportation crackdown  | TechCrunch

    [ad_1]

    President Donald Trump made countering immigration one of his flagship issues during last year’s presidential campaign, promising an unprecedented number of deportations. 

    In his first eight months in office, that promise turned into around 350,000 deportations, a figure that includes deportations by Immigration and Customs Enforcement, or ICE (around 200,000), Customs and Border Protection (more than 132,000), and almost 18,000 self-deportations, according to CNN.  

    ICE has taken center stage in Trump’s mass deportation campaign, raiding homes, workplaces, and public parks in search of undocumented immigrants. To aid its efforts, ICE has at its disposal several technologies capable of identifying and surveilling individuals and communities.

    Here is a recap of some of the technology that ICE has in its digital arsenal. 

    Clearview AI facial recognition

    Clearview AI is perhaps the most well-known facial-recognition company today. For years, the company promised to be able to identify any face by searching through a large database of photos it had scraped from the internet. 

    On Monday, 404 Media reported that ICE has signed a contract with the company to support its law enforcement arm Homeland Security Investigations (HSI), “with capabilities of identifying victims and offenders in child sexual exploitation cases and assaults against law enforcement officers.” 

    According to a government procurement database, the contract signed last week is worth $3.75 million. 

    ICE has had other contracts with Clearview AI in the last couple of years. In September 2024, the agency purchased “forensic software” from the company, a deal worth $1.1 million. The year before, ICE paid Clearview AI nearly $800,000 for “facial recognition enterprise licenses.”

    Clearview AI did not respond to a request for comment. 

    Paragon phone spyware

    Contact Us

    Do you have more information about ICE and the technology it uses? We would love to learn how this affects you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.

    In September 2024, ICE signed a contract worth $2 million with Israeli spyware maker Paragon Solutions. Almost immediately, the Biden administration issued a “stop work order,” putting the contract under review to make sure it complied with an executive order on the government’s use of commercial spyware. 

    Because of that order, for nearly a year, the contract remained in limbo. Then, last week, the Trump administration lifted the stop work order, effectively reactivating the contract

    At this point, the status of Paragon’s relationship with ICE in practice is unclear.  

    The records entry from last week said that the contract with Paragon is for “a fully configured proprietary solution including license, hardware, warranty, maintenance, and training.” Practically speaking, unless the hardware installation and training were done last year, it may take some time for ICE to have Paragon’s system up and running.

    It’s also unclear if the spyware will be used by ICE or HSI, an agency whose investigations are not limited to immigration, but also cover online child sexual exploitation, human trafficking, financial fraud, and more.

    Paragon has long tried to portray itself as an “ethical” and responsible spyware maker, and now has to decide if it’s ethical to work with Trump’s ICE. A lot has happened to Paragon in the last year. In December, American private equity giant AE Industrial purchased Paragon, with a plan to merge it with cybersecurity company RedLattice, according to Israeli tech news site Calcalist.

    In a sign that the merger may have taken place, when TechCrunch reached out to Paragon for comment on the reactivation of the ICE contract last week, we were referred to RedLattice’s new vice president of marketing and communications Jennifer Iras. 

    RedLattice’s Iras did not respond to a request for comment for this article, nor for last week’s article.

    In the last few months, Paragon has been ensnared in a spyware scandal in Italy, where the government has been accused of spying on journalists and immigration activists. In response, Paragon cut ties with Italy’s intelligence agencies. 

    Phone hacking and unlocking technology

    In mid-September, ICE’s law enforcement arm Homeland Security Investigations signed a contract with Magnet Forensics for $3 million.

    This contract is specifically for software licenses so that Homeland Security Investigations agents can “recover digital evidence, process multiple devices” and “generate forensic reports,” according to the contract description.

    Magnet is the current maker of the phone hacking and unlocking devices known as Graykey. These devices essentially give law enforcement agents the ability to connect a locked phone to them, and be able to unlock it and access the data inside of them. 

    Magnet Forensics, which merged with Graykey makers Grayshift in 2023, did not respond to a request for comment.

    For years, ICE has used the legal research and public records data broker LexisNexis to support its investigations. 

    In 2022, two non-profits obtained documents via Freedom of Information Act requests, which revealed that ICE performed more than 1.2 million searches over seven months using a tool called Accurint Virtual Crime Center. ICE used the tool to check the background information of migrants.   

    A year later, The Intercept revealed that ICE was using LexisNexis to detect suspicious activity and investigate migrants before they even committed a crime, a program that a critic said enabled “mass surveillance.”

    According to public records, LexisNexis currently provides ICE “with a law enforcement investigative database subscription (LEIDS) which allows access to public records and commercial data to support criminal investigations.” 

    This year, ICE has paid $4.7 million to subscribe to the service. 

    LexisNexis spokesperson Jennifer Richman told TechCrunch that ICE has used the company’s product “data and analytics solutions for decades, across several administrations.”

    “Our commitment is to support the responsible and ethical use of data, in full compliance with laws and regulations, and for the protection of all residents of the United States,” said Richman, who added that LexisNexis “partners with more than 7,500 federal, state, local, tribal, and territorial agencies across the United States to advance public safety and security.” 

    Surveillance giant Palantir

    Data analytics and surveillance technology giant Palantir has signed several contracts with ICE in the last year. The biggest contract, worth $18.5 million from September 2024, is for a database system called “Investigative Case Management,” or ICM.

    The contract for ICM goes back to 2022, when Palantir signed a $95.9 million deal with ICE. The Peter Thiel-founded company’s relationship with ICE dates back to the early 2010s. 

    Earlier this year, 404 Media, which has reported extensively on the technology powering Trump’s deportation efforts, and particularly Palantir’s relationship with ICE, revealed details of how the ICM database works. The tech news site reported that it saw a recent version of the database, which allows ICE to filter people based on their immigration status, physical characteristics, criminal affiliation, location data, and more. 

    According to 404 Media, “a source familiar with the database” said it is made up of ‘tables upon tables’ of data and that it can build reports that show, for example, people who are on a specific type of visa who came into the country at a specific port of entry, who came from a specific country, and who have a specific hair color (or any number of hundreds of data points).” 

    The tool, and Palantir’s relationship with ICE, was controversial enough that sources within the company leaked to 404 Media an internal wiki where Palantir justifies working with Trump’s ICE. 

    Palantir is also developing a tool called “ImmigrationOS,” according to a contract worth $30 million revealed by Business Insider

    ImmigrationOS is said to be designed to streamline the “selection and apprehension operations of illegal aliens,” give “near real-time visibility” into self-deportations, and track people overstaying their visa, according to a document first reported on by Wired.

    First published on September 13, and updated on September 18 to include Magnet Forensics’ new contract.

    [ad_2]

    Lorenzo Franceschi-Bicchierai

    Source link

  • A DHS Data Hub Exposed Sensitive Intel to Thousands of Unauthorized Users

    [ad_1]

    The Department of Homeland Security’s mandate to carry out domestic surveillance has been a concern for privacy advocates since the organization was first created in the wake of the September 11 attacks. Now a data leak affecting the DHS’s intelligence arm has shed light not just on how the department gathers and stores that sensitive information—including about its surveillance of Americans—but on how it once left that data exposed to thousands of government and private sector workers and even foreign nationals who were never authorized to see it.

    An internal DHS memo obtained by a Freedom of Information Act (FOIA) request and shared with WIRED reveals that from March to May of 2023, a DHS online platform used by the DHS Office of Intelligence and Analysis (I&A) to share sensitive but unclassified intelligence information and investigative leads among the DHS, the FBI, the National Counterterrorism Center, local law enforcement, and intelligence fusion centers across the US was misconfigured, accidentally exposing restricted intelligence information to all users of the platform.

    Access to the data, according to a DHS inquiry described in the memo, was meant to be limited to users of the Homeland Security Information Network’s intelligence section, known as HSIN-Intel. Instead it was set to grant access to “everyone,” exposing the information to HSIN’s tens of thousands of users. The unauthorized users who had access included US government workers focused on fields unrelated to intelligence or law enforcement such as disaster response, as well as private sector contractors and foreign government staff with access to HSIN.

    “DHS advertises HSIN as secure and says the information it holds is sensitive, critical national security information,” says Spencer Reynolds, an attorney for the Brennan Center for Justice who obtained the memo via FOIA and shared it with WIRED. “But this incident raises questions about how seriously they take information security. Thousands and thousands of users gained access to information they were never supposed to have.”

    HSIN-Intel’s data includes everything from law enforcement leads and tips to reports on foreign hacking and disinformation campaigns, to analysis of domestic protest movements. The memo about the HSIN-Intel breach specifically mentions, for instance, a report discussing “protests relating to a police training facility in Atlanta”—likely the Stop Cop City protests opposing the creation of the Atlanta Public Safety Training Center—noting that it focused on “media praising actions like throwing stones, fireworks and Molotov cocktails at police.”

    In total, according to the memo about the DHS internal inquiry, 439 I&A “products” on the HSIN-Intel portion of the platform were improperly accessed 1,525 times. Of those unauthorized access instances, the report found that 518 were private sector users and another 46 were non-US citizens. The instances of foreign user accesses were “almost entirely” focused on cybersecurity information, the report notes, and 39 percent of all the improperly accessed intelligence products involved cybersecurity, such as foreign state-sponsored hacker groups and foreign targeting of government IT systems. The memo also noted that some of the unauthorized US users who viewed the information would have been eligible to have accessed the restricted information if they’d asked to be considered for authorization.

    “When this coding error was discovered, I&A immediately fixed the problem and investigated any potential harm,” a DHS spokesperson told WIRED in a statement. “Following an extensive review, multiple oversight bodies determined there was no impactful or serious security breach. DHS takes all security and privacy measures seriously and is committed to ensuring its intelligence is shared with federal, state, local, tribal, territorial, and private sector partners to protect our homeland from the numerous adversarial threats we face.”

    [ad_2]

    Andy Greenberg

    Source link

  • Here’s the tech powering ICE’s deportation crackdown  | TechCrunch

    [ad_1]

    President Donald Trump made countering immigration one of his flagship issues during last year’s presidential campaign, promising an unprecedented number of deportations. 

    In his first eight months in office, that promise turned into around 350,000 deportations, a figure that includes deportations by Immigration and Customs Enforcement (around 200,000), Customs and Border Protection (more than 132,000), and almost 18,000 self-deportations, according to CNN.  

    ICE has taken center stage in Trump’s mass deportation campaign, raiding homes, workplaces, and public parks in search of undocumented immigrants. To aid its efforts, the ICE has at its disposal several technologies capable of identifying and surveilling individuals and communities.

    Here is a recap of some of the technology that ICE has in its digital arsenal. 

    Clearview AI facial recognition

    Clearview AI is perhaps the most well-known facial recognition company today. For years, the company promised to be able to identify any face by searching through a large database of photos it had scraped from the internet. 

    On Monday, 404 Media reported that ICE has signed a contract with the company to support its law enforcement arm Homeland Security Investigations (HSI), “with capabilities of identifying victims and offenders in child sexual exploitation cases and assaults against law enforcement officers.” 

    According to a government procurement database, the contract signed last week is worth $3.75 million. 

    ICE has had other contracts with Clearview AI in the last couple of years. In September 2024, the agency purchased “forensic software” from the company, a deal worth $1.1 million. The year before, ICE paid Clearview AI nearly $800,000 for “facial recognition enterprise licenses.”

    Clearview AI did not respond to a request for comment. 

    Contact Us

    Do you have more information about ICE and the technology it uses? We would love to learn how this affects you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.

    Paragon phone spyware

    In September 2024, ICE signed a contract worth $2 million with Israeli spyware maker Paragon Solutions. Almost immediately, the Biden administration issued a “stop work order,” putting the contract under review to make sure it complied with an executive order on the government’s use of commercial spyware. 

    Because of that order, for nearly a year, the contract remained in limbo. Then, last week, the Trump administration lifted the stop work order, effectively reactivating the contract

    At this point, it’s unclear what’s the status of Paragon’s relationship with ICE in practice. 

    The records entry from last week said that the contract with Parago is for “a fully configured proprietary solution including license, hardware, warranty, maintenance, and training.” Practically speaking, unless the hardware installation and training were done last year, it may take some time for ICE to have Paragon’s system up and running.

    It’s also unclear if the spyware will be used by ICE or HSI, an agency whose investigations are not limited to immigration, but also cover online child sexual exploitation, human trafficking, financial fraud, and more.

    Paragon has long tried to portray itself as an “ethical” and responsible spyware maker, and now has to decide if it’s ethical to work with Trump’s ICE. A lot has happened to Paragon in the last year. In December, American private equity giant AE Industrial purchased Paragon, with a plan to merge it with cybersecurity company Red Lattice, according to Israeli tech news site Calcalist.

    In a sign that the merger may have taken place, when TechCrunch reached out to Paragon for comment on the reactivation of the ICE contract last week, we were referred to RedLattice’s new vice president of marketing and communications Jennifer Iras. 

    RedLattice’s Iras did not respond to a request for comment for this article, nor for last week’s article.

    In the last few months, Paragon has been ensnared in a spyware scandal in Italy, where the government has been accused of spying on journalists and immigration activists. In response, Paragon cut ties with Italy’s intelligence agencies. 

    For years, ICE has used the legal research and public records data broker LexisNexis to support its investigations. 

    In 2022, two non-profits obtained documents via Freedom of Information Act requests, which revealed that ICE performed more than 1.2 million searches over seven months using a tool called Accurint Virtual Crime Center. ICE used the tool to check the background information of migrants.   

    A year later, The Intercept revealed that ICE was using LexisNexis to detect suspicious activity and investigate migrants before they even committed a crime, a program that a critic said enabled “mass surveillance.”

    According to public records, LexisNexis currently provides ICE “with a law enforcement investigative database subscription (LEIDS) which allows access to public records and commercial data to support criminal investigations.” 

    This year, ICE has paid $4.7 million to subscribe to the service. 

    LexisNexis spokesperson Jennifer Richman told TechCrunch that ICE has used the company’s product “data and analytics solutions for decades, across several administrations.”

    “Our commitment is to support the responsible and ethical use of data, in full compliance with laws and regulations, and for the protection of all residents of the United States,” said Richman, who added that LexisNexis “partners with more than 7,500 federal, state, local, tribal, and territorial agencies across the United States to advance public safety and security.” 

    Surveillance giant Palantir

    Data analytics and surveillance technology giant Palantir has signed several contracts with ICE in the last year. The biggest contract, worth $18.5 million from September 2024, is for a database system called “Investigative Case Management,” or ICM.

    The contract for ICM goes back to 2022, when Palantir signed a $95.9 million deal with Palantir. The Peter Thiel-founded company’s relationship with ICE dates back to the early 2010s. 

    Earlier this year, 404 Media, which has reported extensively on the technology powering Trump’s deportation efforts, and particularly Palantir’s relationship with ICE, revealed details of how the ICM database works. The tech news site reported that it saw a recent version of the database, which allows ICE to filter people based on their immigration status, physical characteristics, criminal affiliation, location data, and more. 

    404 Media cited “a source familiar with the database,” who said it is made up of ‘tables upon tables’ of data and that it can build reports that show, for example, people who are on a specific type of visa who came into the country at a specific port of entry, who came from a specific country, and who have a specific hair color (or any number of hundreds of data points).” 

    The tool, and Palantir’s relationship with ICE, was controversial enough that sources within the company leaked to 404 Media an internal wiki where Palantir justifies working with Trump’s ICE. 

    Palantir is also developing a tool called “ImmigrationOS,” according to a contract worth $30 million revealed by Business Insider
    ImmigrationOS is said to be designed to streamline the “selection and apprehension operations of illegal aliens,” give “near real-time visibility” into self-deportations, and track people overstaying their visa, according to a document first reported on by Wired.

    [ad_2]

    Lorenzo Franceschi-Bicchierai

    Source link

  • FBI blunders and internet panic: How the search for Charlie Kirk’s killer went off the rails

    [ad_1]

    Authorities announced on Friday morning that they made progress in solving a mystery that has gripped the nation for two days: who murdered conservative activist Charlie Kirk with a rifle during a crowded event at Utah Valley University.

    Utah Republican Gov. Spencer Cox told reporters that 22-year-old Tyler Robinson had been turned in by his family after he “confessed to them or implied” his guilt in the assassination. A roommate also showed police Discord chat messages from Robinson about hiding a rifle, according to Cox, who said that Robinson acted alone.

    Without those tips, it’s hard to know how long the manhunt would have gone on for. The night before, authorities had signaled that they were completely stumped. Officials pleaded with the public for information based on a few grainy surveillance stills on Thursday night, and Utah Public Safety Commissioner Beau Mason told NBC News that authorities had “no idea” where the shooter was.

    Progressive critics—as well as conservative consigliere Chris Rufo—have accused FBI Director Kash Patel of bungling the investigation. Patel had caused major confusion by implying on social media that the FBI had caught the shooter, only to announce that the “subject” had been released after interrogation. That man, who was completely innocent, suffered a flood of threats after his name and photo were publicized.

    Adding to the confusion, police were also filmed escorting a local elderly gadfly out of the event while the crowd blamed him for the shooting. And to make matters worse, internet sleuths misidentified him as yet another innocent person who was nowhere near Utah at the time.

    Of course, chaos and mistakes are an unavoidable part of crises. Thankfully, none of these mistakes led to anyone’s death, as they have in the past. It will take a while for the full story behind the Kirk investigation to come out, to understand which errors were understandable and which were inexcusable.

    At the very least, the manner of Robinson’s arrest throws cold water on the idea that mass spying and heavy-handed police powers are the solution to dramatic crimes. In his post lambasting Patel’s leadership, Rufo also called for “a campaign to disrupt domestic terror networks” and “to investigate, infiltrate, and disrupt the violent movements—of whatever ideology—that threaten the peace in the United States.”

    But it’s not clear that more aggressive political surveillance would have stopped or caught the suspected assassin. The photos that identified him came from old-fashioned security cameras in a hallway, which captured him walking up a stairway and then jumping off the roof after the assassination. Robinson’s father, a longtime sheriff’s deputy, reportedly recognized his son from the photos and told him to turn himself in.

    Meanwhile, the release of the surveillance photos had led to a flood of tips that wasted the authorities’ time. At the Thursday night press conference, Cox said that authorities were sifting through 7,000 tips from the public.

    “It is clear they do not know the name of the suspect, that they don’t have a cellphone track, they don’t have fingerprints, DNA, or digital footprint,” journalist John Solomon, who is close to Patel, told Fox News after the press conference. “And that’s why they’re putting so much personally identifying information up, to try to help get the public to find something that’s there.”

    And the assassination did not come out of an organized political network that could be infiltrated. Although there are signs pointing to a left-wing motive—Cox said that a family member told police that Robinson was angry about Kirk coming to Utah because of his political beliefs—Robinson seems to be, like many other shooting suspects, a lone wolf who spent too much time on the internet.

    An internal law enforcement bulletin, leaked to the press, initially reported that the shooter had written messages about “transgender and anti-fascist ideology” on bullet casings. Those turned out to be a mix of references to the video game Helldivers 2 (which features killing fascists) and lewd jokes. “If you read this you are gay LMAO,” one of the casings read. Another mocked the “furry” fetish subculture.

    An eccentric personality with no criminal record who plays lots of video games and dislikes conservatives is a pretty broad profile, one that covers potentially millions of people. Most of them are neither violent nor members of organized political “networks” that could be disrupted. If the past few days are any indication, encouraging mass online reporting of anyone suspicious can actually make the police’s job harder.

    Using Kirk’s murder to tighten government restrictions would not only be ineffective at preventing more incidents like it. It would also be an unfortunate rebuke to Kirk, who often preached freedom over control.

    [ad_2]

    Matthew Petti

    Source link

  • How China’s Propaganda and Surveillance Systems Really Operate

    [ad_1]

    A trove of internal documents leaked from a little-known Chinese company has pulled back the curtain on how digital censorship tools are being marketed and exported globally. Geedge Networks sells what amounts to a commercialized “Great Firewall” to at least four countries, including Kazakhstan, Pakistan, Ethiopia, and Myanmar. The groundbreaking leak shows in granular detail the capabilities this company has to monitor, intercept, and hack internet traffic. Researchers who examined the files described it as “digital authoritarianism as a service.”

    But I want to focus on another thing the documents demonstrate: While people often look at China’s Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with academic institutions on research and development, adapts its business strategy to fit different clients’ needs, and even repurposes leftover infrastructure from its competitors. In Pakistan, for example, Geedge landed a contract to work with and later replace gear made by the Canadian company Sandvine, the leaked files show.

    Coincidentally, another leak from a different Chinese company published this week reinforces the same point. On Monday, researchers at Vanderbilt University made public a 399-page document from GoLaxy, a Chinese company that uses AI to analyze social media and generate propaganda materials. The leaked documents, which include internal pitch decks, business goals, and meeting notes, may have come from a disgruntled former employee—the last two pages accuse GoLaxy of mistreating workers by underpaying them and mandating long hours. The document had been sitting on the open internet for months before another researcher flagged it to Brett Goldstein, a research professor in the School of Engineering at Vanderbilt.

    GoLaxy’s main business is different from Geedge’s: It collects open source information from social media, maps relationships among political figures and news organizations, and pushes targeted narratives online through synthetic social media profiles. In the leaked document, GoLaxy claims to be the “number one brand in intelligence big data analysis” in China, servicing three main customers: the Chinese Communist Party, the Chinese government, and the Chinese military. The included technology demos focus heavily on geopolitical issues like Taiwan, Hong Kong, and US elections. And unlike Geedge, GoLaxy seems to be targeting only domestic government entities as clients.

    But there are also quite a few things that make the two companies comparable, particularly in terms of how their businesses function. Both Geedge and GoLaxy maintain close relationships with the Chinese Academy of Sciences (CAS), the top government-affiliated research institution in the world, according to the Nature Index. And they both market their services to Chinese provincial-level government agencies, who have localized issues they want to monitor and budgets to spend on surveillance and propaganda tools.

    GoLaxy didn’t immediately respond to a request for comment from WIRED. In a previous response to The New York Times, the company denied collecting data targeting US officials and called the outlet’s reporting misinformation. Vanderbilt researchers say they witnessed the company remove pages from its website after the initial reporting.

    Closer Than They Seem

    In the West, when academic scholars see opportunities to commercialize their cutting-edge research, they often become startup founders or start side businesses. GoLaxy seems to be no exception. Many key researchers at the company, according to the leaked document, still occupy spots at CAS.

    But there’s no guarantee that CAS researchers will get government grants—just like a public university professor in the US can’t bet on their startup winning federal contracts. Instead, they need to go after government agencies like any private company would go after clients. One document in the leak shows that GoLaxy assigned sales targets to five employees and was aiming to secure 42 million RMB (about $5.9 million) in contracts with Chinese government agencies in 2020. Another spreadsheet from around 2021 lists the company’s current clients, which include branches of the Chinese military, state security, and provincial police departments, as well as other potential customers it was targeting.

    [ad_2]

    Zeyi Yang, Louise Matsakis

    Source link

  • Cindy Cohn Is Leaving the EFF, but Not the Fight for Digital Rights

    [ad_1]

    After a quarter century defending digital rights, Cindy Cohn announced on Tuesday that she is stepping down as executive director of the Electronic Frontier Foundation. Cohn, who has led the San Francisco–based nonprofit since 2015, says she will leave the role later this year, concluding a chapter that helped define the modern fight over online freedom.

    Cohn first rose to prominence as lead counsel in Bernstein v. Department of Justice, the 1990s case that overturned federal restrictions on publishing encryption code. As EFF’s legal director and later executive director, she guided the group through legal challenges to government surveillance, reforms to computer crime laws, and efforts to hold corporations accountable for data collection. Over the past decade, EFF has expanded its influence, becoming a central force in shaping the debate over privacy, security, and digital freedom.

    In an interview with WIRED, Cohn reflected on EFF’s foundational encryption victories, its unfinished battles against National Security Agency (NSA) surveillance, and the organization’s work protecting independent security researchers. She spoke about the shifting balance of power between corporations and governments, the push for stronger state-level privacy laws, and the growing risks posed by artificial intelligence.

    Though stepping down from leadership, Cohn tells WIRED she plans to remain active in the fight against mass surveillance and government secrecy. Describing herself as “more of a warrior than a manager,” she says her intent is to return to frontline advocacy. She is also at work on a forthcoming book, Privacy’s Defender, due out next spring, which she hopes will inspire a new generation of digital rights advocates.

    This interview has been edited for length and clarity.

    WIRED: Tell us about the fights you won, and the ones that still feel unfinished after 25 years.

    CINDY COHN: The early fight that we made to free up encryption from government regulation still stands out as setting the stage for a potentially secure internet. We’re still working on turning that promise into a reality, but we’re in such a different place than we would’ve been in had we lost that fight. Encryption protects anybody who buys anything online, anyone who uses Signal to be a whistleblower or journalists, or just regular people who want privacy and use WhatsApp or Signal. Even the backend-certificate authorities provided by Let’s Encrypt—that make sure that when you think you’re going to your bank, you’re actually going to your bank website—are all made possible because of encryption. These are all things that would’ve been at risk if we hadn’t won that fight. I think that win was foundational, even though the fights aren’t over.

    The fights that we’ve had around the NSA and national security, those are still works in progress. We were not successful with our big challenge to the NSA spying in Jewel v. NSA, although over the long arc of that case and the accompanying legislative fights, we managed to claw back quite a bit of what the NSA started doing after 9/11.

    [ad_2]

    Dell Cameron

    Source link

  • Massive Leak Shows How a Chinese Company Is Exporting the Great Firewall to the World

    [ad_1]

    A leak of more than 100,000 documents shows that a little-known Chinese company has been quietly selling censorship systems seemingly modeled on the Great Firewall to governments around the world.

    Geedge Networks, a company founded in 2018 that counts the “father” of China’s massive censorship infrastructure as one of its investors, styles itself as a network-monitoring provider, offering business-grade cybersecurity tools to “gain comprehensive visibility and minimize security risks” for its customers, the documents show. In fact, researchers found that it has been operating a sophisticated system that allows users to monitor online information, block certain websites and VPN tools, and spy on specific individuals.

    Researchers who reviewed the leaked material found that the company is able to package advanced surveillance capabilities into what amounts to a commercialized version of the Great Firewall—a wholesale solution with both hardware that can be installed in any telecom data center and software operated by local government officers. The documents also discuss desired functions that the company is working on, such as cyberattack-for-hire and geofencing certain users.

    According to the leaked documents, Geedge has already entered operation in Kazakhstan, Ethiopia, Pakistan, and Myanmar, as well as another unidentified country. A public job posting shows that Geedge is also looking for engineers who can travel to other countries for engineering work, including to several countries not named in the leaked documents, WIRED has found.

    The files, including Jira and Confluence entries, source code, and correspondence with a Chinese academic institution, mostly involve internal technical documentation, operation logs, and communications to solve issues and add functionalities. Provided through an anonymous leak, the files were studied by a consortium of human rights and media organizations including Amnesty International, InterSecLab, Justice For Myanmar, Paper Trail Media, The Globe and Mail, the Tor Project, the Austrian newspaper Der Standard, and Follow The Money.

    “This is not like lawful interception that every country does, including Western democracies,” says Marla Rivera, a technical researcher at InterSecLab, a global digital forensics research institution. In addition to mass censorship, the system allows governments to target specific individuals based on their website activities, like having visited a certain domain.

    The surveillance system that Geedge is selling “gives so much power to the government that really nobody should have,” Rivera says. “This is very frightening.”

    Digital Authoritarianism as a Service

    At the core of Geedge’s offering is a gateway tool called Tiangou Secure Gateway (TSG), designed to sit inside data centers and could be scaled to process the internet traffic of an entire country, documents reveal. According to researchers, every packet of internet traffic runs through it, where it can be scanned, filtered, or stopped outright. Besides monitoring the entire traffic, documents show that the system also allows setting up additional rules for specific users that it deems suspicious and collecting their network activities.

    For unencrypted internet traffic, the system is able to intercept sensitive information such as website content, passwords, and email attachments, according to the leaked documents. If the content is properly encrypted through the Transport Layer Security protocol, the system uses deep packet inspection and machine learning techniques to extract metadata from the encrypted traffic and predict whether it’s going through a censorship circumvention tool like a VPN. If it can’t distinguish the content of the encrypted traffic, the system can also opt to flag it as suspicious and block it for a period of time.

    [ad_2]

    Zeyi Yang

    Source link

  • Parenting 101: 5 Lessons to keep kids safe online for the new school year

    [ad_1]

    The back-to-school season is exciting – new knowledge, new digital tools, and new discoveries. But it also brings higher cybersecurity risks for both schools and children. Cybersecurity experts are urging children, parents, and school communities to stay extra alert during this period.

    “The back-to-school period requires additional efforts to keep children and school communities safe online. A new beginning means new digital tools, online searches, and registrations for learning platforms. All of that increases cyber risks that must be taken seriously,” said Karolis Arbačiauskas, head of product at NordPass, in a media release

    A new study by NordPass, in collaboration with NordStellar, reveals a worrying truth: many educational institutions are still using shockingly weak passwords to protect sensitive data. Entries like “123456”, “Edifygroup@1”, and “principal@2021” appeared frequently, showing a widespread reliance on predictable or outdated credentials that are easy for hackers to guess.

    This is why the back-to-school season is the perfect moment to talk to children about cyber hygiene – the dos and don’ts in digital environments – and to help them build strong habits for digital security and privacy. “Learning about cybersecurity can be fun. Many families of cybersecurity professionals make it a game – they host a small party with snacks and guide their children through five simple but essential exercises,” said Arbačiauskas.

    Cybersecurity experts advise to take these steps to preserve your own cybersecurity and that of your family members (it can also be used as inspiration for your family’s Cyber Party):

    • Create strong and unique passwords. Make sure every account in your family – whether it’s yours, your parents’, your significant other’s, or your children’s – uses a strong and unique password. The easiest way to do it? Use a trusted password manager to generate, store, and share them securely.
    • Turn on multi-factor authentication (MFA). Add an extra layer of security wherever you can, especially to access school portals, email accounts, and social apps. MFA helps keep hackers out even if a password gets breached – and they get breached more often than you think. A recent study by NordPass revealed that many educational institutions still use shockingly weak passwords.
    • Update devices and apps. Keep phones, tablets, and laptops up to date with the latest software. Outdated apps can contain vulnerabilities that hackers take advantage of to get backdoor access into your device. Updates patch these security holes so that cybercriminals can no longer exploit them.
    • Talk about phishing. Discuss cybersecurity with your family and why it matters. Teach them to never click suspicious links or open unknown attachments – especially in emails or messages claiming to be from the school. When in doubt, verify with the sender by using a website checker.
    • Adjust privacy settings. Review and tighten privacy settings on social media, online games, and school platforms. Limit what personal info is publicly visible and who can contact your kids online.

    – JC

    [ad_2]

    Source link

  • Man charged with beating woman, 74, in home invasion

    [ad_1]

    ANDOVER — A Maine man is accused of carrying out a violent home invasion along with an assault in a downtown restaurant in incidents that occurred less than 12 hours apart over the weekend.

    Roger Bolens, 25, of Augusta was arraigned in Lawrence District Court on charges of assault to murder, home invasion and assault and battery on a person over 60 resulting in serious injury. Separately, he faces an assault and battery charge from an alleged choking incident at Karma restaurant hours earlier.


    This page requires Javascript.

    Javascript is required for you to be able to read premium content. Please enable it in your browser settings.

    kAmq@=6?D 2=D@ FD6D E96 2=:2D #@86C tF86?6 {2G@:6 xxx] w6 C6>2:?D 😕 4FDE@5J @? 42D9 32:= @7 Sad_[___ 2?5 😀 D4965F=65 E@ 2AA62C 282:? 😕 {2HC6?46 s:DEC:4E r@FCE 7@C 2 52?86C@FD?6DD 962C:?8 uC:52J]k^Am

    kAmpE z2C>2 C6DE2FC2?E 2E ai_d A]>] $2EFC52J[ 2 `hJ62C@=5 H@>2? E@=5 A@=:46 D96 H2D 2DD2F=E65 3J 2? F?@H? >2=6 😕 E96 C6DEC@@>] $96 D2:5 E96 >2? 8C23365 96C 2?5 EC:65 E@ 49@<6 96C[ 3FE D96 H2D 23=6 E@ 3C62< 2H2J]k^Am

    kAm%96 >2? 7=65 E96 C6DE2FC2?E @? 7@@E 😕 2? F?@H? 5:C64E:@?] x? C6G:6H:?8 G:56@ 7@@E286 7C@> E96 2C62[ 2FE9@C:E:6D H6C6 23=6 E@ :56?E:7J 2? :?5:G:5F2= @7 :?E6C6DE[ 244@C5:?8 E@ E96 :?4:56?E C6A@CE]k^Am

    [ad_2]

    By Angelina Berube | aberube@eagletribune.com

    Source link

  • ICE’s $2 Million Contract With a Spyware Vendor Is Under White House Review

    ICE’s $2 Million Contract With a Spyware Vendor Is Under White House Review

    [ad_1]

    A $2 million contract that United States Immigration and Customs Enforcement signed with Israeli commercial spyware vendor Paragon Solutions has been paused and placed under compliance review, WIRED has learned.

    The White House’s scrutiny of the contract marks the first test of the Biden administration’s executive order restricting the government’s use of spyware.

    The one-year contract between Paragon’s US subsidiary in Chantilly, Virginia, and ICE’s Homeland Security Investigations (HSI) Division 3 was signed on September 27 and first reported by WIRED on October 1. A few days later, on October 8, HSI issued a stop-work order for the award “to review and verify compliance with Executive Order 14093,” a Department of Homeland Security spokesperson tells WIRED.

    The executive order signed by President Joe Biden in March 2023 aims to restrict the US government’s use of commercial spyware technology while promoting its “responsible use” that aligns with the protection of human rights.

    DHS did not confirm whether the contract, which says it covers a “fully configured proprietary solution including license, hardware, warranty, maintenance, and training,” includes the deployment of Paragon’s flagship product, Graphite, a powerful spyware tool that reportedly extracts data primarily from cloud backups.

    “We immediately engaged the leadership at DHS and worked very collaboratively together to understand exactly what was put in place, what the scope of this contract was, and whether or not it adhered to the procedures and requirements of the executive order,” a senior US administration official with first-hand knowledge of the workings of the executive order tells WIRED. The official requested anonymity to speak candidly about the White House’s review of the ICE contract.

    Paragon Solutions did not respond to WIRED’s request to comment on the contract’s review.

    The process laid out in the executive order requires a robust review of the due diligence regarding both the vendor and the tool, to see whether any concerns, such as counterintelligence, security, and improper use risks, arise. It also stipulates that an agency may not make operational use of the commercial spyware until at least seven days after providing this information to the White House or until the president’s national security adviser consents.

    “Ultimately, there will have to be a determination made by the leadership of the department. The outcome may be—based on the information and the facts that we have—that this particular vendor and tool does not spur a violation of the requirements in the executive order,” the senior official says.

    [ad_2]

    Vas Panagiotopoulos

    Source link

  • It Seemed Like an AI Crime-Fighting Super Tool. Then Defense Attorneys Started Asking Questions

    It Seemed Like an AI Crime-Fighting Super Tool. Then Defense Attorneys Started Asking Questions

    [ad_1]

    In 2017, then 9-year-old Kayla Unbehaun was abducted. For years, the South Elgin, Illinois police department searched for Unbehaun and her noncustodial mother, Heather Unbehaun, who was accused of the abduction, following her trail to Georgia, where they hit a dead end. During that time, the department signed a contract with Global Intelligence, and sergeant Dan Eichholz received a Cybercheck report that placed Unbehaun and her mother in Oregon, he tells WIRED. It was a new lead, but because Cybercheck didn’t provide any evidence to support its findings, Eichholz couldn’t use the report to obtain a search warrant.

    Unbehaun was finally reunited with her father in 2023, after an employee at a consignment shop in Asheville, North Carolina, recognized her mother from a picture shown on the Netflix show Unsolved Mysteries. After Unbehaun was located, Eichholz learned during the follow-up investigation that, until several months earlier, the pair had indeed been living in Oregon.

    “I don’t want to say it wasn’t actionable, but I couldn’t just take their information and go with it,” Eichholz says. “That was always the hang-up for us. ‘OK, you got me this information, but I still have to check and verify and do my thing with search warrants.’” The child abduction case against Heather Unbehaun is ongoing.

    Any Help They Can Get

    Cybercheck has spread to law enforcement agencies across the country thanks to generous marketing offers and word-of-mouth recommendations. But in interviews with WIRED and the email exchanges we examined, there was little evidence that law enforcement agencies sought or received evidence to support Global Intelligence’s claims about what its technology could do.

    Prosecutors who spoke to WIRED, such as Borden from Midland County, say they learned about Cybercheck because law enforcement in their jurisdiction had been using it. And when it came up in a case, they let the adversarial court system decide whether or not it was legitimate.

    “It was new technology and I was curious, so I was like, ‘Let’s give it a try and see how far we can get,’” Borden says. “I’m thankful that it didn’t come into evidence in my case, that I didn’t need it to get my conviction.”

    Emails show Global Intelligence sales representatives regularly offered to run police departments’ cases through Cybercheck for free in order to demonstrate the technology. They also referenced cases that Global Intelligence characterized as high profile and that Cybercheck supposedly helped solve, without naming the cases outright or providing evidence that Cybercheck had made any difference in the investigations.

    Emails obtained by WIRED from the Ohio Bureau of Criminal Investigation show that investigators were initially excited to see what information Cybercheck could provide about their cold cases. They even introduced Global Intelligence sales representatives to other law enforcement agencies in Ohio. That enthusiasm seems to have helped convince other agencies to trust the company.

    Gessner, from the Summit County Prosecutor’s office, says that when his agency was deciding whether to use Cybercheck evidence, it asked the Ohio BCI’s cybercrimes unit for an opinion. “They said, yes, it makes sense … we don’t have the technology to do this, but we’d love to have it.” County prosecutors also reached out to the SANS Institute, he says, and were told the institute didn’t “do this type of stuff.”

    But even as it has withdrawn evidence that Cybercheck provided, Gessner says the Summit County Prosecutor’s Office is asking other companies whether they can do the same kind of open source locating that Global Intelligence marketed.

    “We don’t want to shut doors that can help point to the truth in our cases,” he says.

    [ad_2]

    Todd Feathers

    Source link

  • ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions

    ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions

    [ad_1]

    Paragon was founded in 2019 by veterans from the Israel Defense Forces’ powerful intelligence Unit 8200 with the active involvement of former Israeli prime minister Ehud Barak as an investor who is estimated to own a sizable slice of the company.

    The company has received investment from the Boston-headquartered Battery Ventures, “considered to be one of the world’s top venture capital firms,” and two of its founders formerly worked for Blumberg Capital, another large US venture capital firm.

    Israeli media reported in June that a US private equity fund with a portfolio of security companies has been in talks to acquire control of Paragon, estimating its valuation at $1 billion.

    To secure its unique US-approved, “ethical” positioning, Paragon has made “deliberate efforts” since its establishment to break into the US market, notes the Atlantic Council.

    In 2019, as Paragon was developing Graphite, the company enlisted WestExec Advisors, a prominent Washington, DC, consulting firm cofounded by former Obama administration officials, including current US secretary of state Antony Blinken, to advise on its “strategic approach to the US and European markets,” a company executive told the Financial Times. Avril Haines, a former WestExec staffer, is now the US director of national intelligence.

    To remain in the US government’s “good graces,” Paragon in February 2023 hired another DC-based lobbying firm, Holland & Knight, “with a good track record in avoiding sanctions,” as some reports point out. Lobbying expenditure disclosure reveals a spend of a minimum $280,000 in 2023 and 2024 for this campaign.

    The fact that the spyware vendor has neither been placed on an entity list nor have any of its executives been sanctioned by the Biden administration suggests that Paragon’s lobbying efforts have been successful.

    In addition, Biden’s executive order leaves enough margin for the deployment of tools like Graphite. When a senior US administration official was asked specifically about potential abuses of Paragon’s flagship product, they said that the executive order “requires the heads of agencies to review any activity that might be relevant,” without excluding the possibility of lawful use.

    Meanwhile, the company continues to grow and is advertising several roles in Israel. In the US, Paragon boosted its presence in the wake of the signing of the executive order and started hiring intelligence veterans, including former CIA and FBI officers at its subsidiary, “hoping it would pick up new business.” Fresh reports from February 2024 confirmed the steady growth.

    Paragon’s $2 million contract with ICE is tangible proof that the company’s approach is paying off. It remains to be seen whether Graphite’s deployment will align with the protection of human rights, privacy, and democracy.

    [ad_2]

    Vas Panagiotopoulos

    Source link

  • 2 million license plates scanned monthly by Denver’s new police cameras Denver’s new Flock cameras scan 2 million license plates a month

    2 million license plates scanned monthly by Denver’s new police cameras Denver’s new Flock cameras scan 2 million license plates a month

    [ad_1]

    West Colfax Avenue at Irving Street, July 12, 2023.

    Kevin J. Beaty/Denverite

    Denver Police Department’s new network of license plate readers scanned vehicles more than 2 million times in the last month, according to new data from the department.

    DPD launched the system of 95 surveillance cameras throughout the city in May 2024. Today, the department published a dashboard with basic data on the system for the public.

    Among the 2,072,000 vehicles detected in the last 30 days, the system reported about 86,000 hits to a “hotlist,” often because the plate was for a stolen car. The system looks for vehicles tagged in national and state-level crime databases, as well as the Amber Alert system for missing and exploited children.

    Law enforcement officers ran about 1,400 searches on the Denver system in the last month.

    The system used by DPD is made by Flock Safety, a technology company that has become one of the most popular in the niche for both police departments and private homeowners associations. The company describes its technology as a “holistic solution to crime.” It has drawn criticism from civil rights and anti-surveillance advocates.

    DPD says that the system has been effective. Officers have used the system in the arrests of 142 crime suspects and the recovery of about 100 stolen vehicles, as well as some weapons.

    This year has seen a significant decrease of motor vehicle thefts, which police attributed in part to the system — but that trend also began before the system was installed in May.

    Eventually, the number of cameras could grow to 111 around Denver. The system photographs license plates but doesn’t produce any information about drivers, passengers, or other people, according to Flock. The data is “never sold to 3rd parties” and is “used for law enforcement purposes only,” according to Flock.

    The cameras were planned for some of the city’s busiest roads, like  Federal Boulevard, Alameda Avenue and Speer Boulevard — and especially Colfax Avenue, 9News reported.

    DPD didn’t immediately respond to questions about the cost of the system.

    Cities including Arvada, Aurora, Brighton, Castle Rock, Commerce City, Edgewater, Erie, Glendale, Lakewood, Northglenn, Thornton and Wheat Ridge have installed (or plan to install) similar systems, according to Denver7. 

    The American Civil Liberties Union has raised concerns about the scanners, saying that they were contributing to a “giant surveillance network” that centralizes data and could enable “abuse by government,” including tracking political dissidents.

    “We have long had concerns about the dangers posed by hybrid public-private surveillance practices — but Flock threatens to take that to a new level,” the ACLU wrote in 2022.

    Those kinds of surveillance concerns led Elbert County to cancel its contract with Flock, the Elbert County News reported.

    Numerous other law-enforcement agencies around Colorado have access to the Denver system’s data. But the system is prohibited for use in immigrant enforcement, traffic enforcement, personal use, and more, according to Flock.

    Questions or comments? Let us know at [email protected].

    [ad_2]

    Source link