Oh PLEAZZZE keep using that private phone Mr. Chumph!
Put a target on your back, why don’t you?
Better start listening to your security folks.
Tag Archives: Security
Another of Trump’s White’s Only House Cabal is a Nazi
The old adage about knowing someone by who they surround themselves with as friends certainly applies here. The racist, neo-Nazi Trump surround himself in the Whites Only House with fellow racists and neo-Nazis.
Another Trump sucker…Another Nazi
Top Trump adviser Sebastian Gorka is a ‘sworn member’ of Nazi-linked group: report
Controversial Trump counter-terrorism aide Sebastian Gorka is facing fresh scrutiny for his ties to far-right political organizations in Hungary.
Forward.com reports that Hungarian group Vitézi Rend, a far-right organization that the United States State Department claims was “under the direction of the Nazi Government of Germany” during World War II, is claiming that Gorka is one of its “sworn members” who took a “life-long oath of loyalty.”
What makes this particularly interesting, notes Forward, is that Gorka’s immigration status in the United States could be jeopardized if he failed to disclose his relationship with the group.
“The State Department’s Foreign Affairs Manual specifies that members of the Vitézi Rend ‘are presumed to be inadmissible’ to the country under the Immigration and Nationality Act,” the website writes.
Gorka’s ties to Vitézi Rend were first revealed earlier this year when a photograph emerged of him wearing one of the group’s medals.
Gorka, who is of Hungarian descent and was born in the United Kingdom, did not respond to Forward’s request for comment, although he has denied in the past that he has any ties to neo-Nazis or anti-Semitic organizations.
DeRay McKeeson Phone Hacked By Trumpazoid
Despite efforts by BLM members to up their security, hacking social media accounts by miscreants is still relatively easy, due to intrinsic faults in the platform software.
If you want to be secure on Social Media, you need to change passwords and PINs frequently, and for someone with a high media profile, probably daily. Utilizing some VPN technologies provide security, however those that use DES or WPK Encryption are basically useless against a sophisticated or professional level hacker.
It’s called pretexting and it’s easy to do, but it’s also easy to prevent.
By now you’ve probably heard that the Twitter account belonging to #BlackLivesMatter activist DeRay Mckesson was hijacked on Friday. The tweet sent from Mckesson’s account that endorsed Donald Trump for president was probably a giveaway.
It wasn’t a hacking attack in the strictest sense: Twitter’s systems apparently weren’t compromised, and Mckesson even had two-factor authentication turned on. Instead, the attackers hijacked his mobile phone, using a weakness in how account information is managed by wireless providers.
Having first obtained the last four digits of Mckesson’s Social Security number, the hackers called Verizon’s billing department and impersonated him. They then redirected his service to a phone they had handy so that calls and texts going to his number were directed instead to their phone.
From there they used Twitter’s password reset feature — which relies on authorization codes sent via text messages to a phone — and locked Mckesson out of his account.
The technique of pretending to be someone and tricking a wireless provider into handing over control of a customer account is an old one. It’s called pretexting: The attacker pretends to be a customer having a problem, and convinces a service rep that the request they’re making is legitimate.
It’s illegal. When the technique was used by a set of private investigators hired by the chairman of Hewlett-Packard a little more than a decade ago it caused a huge corporate scandal. One person charged served time in federal prison, while others received probation.
So how do you avoid experiencing the same headache Mckesson had on Friday? According to the Federal Trade Commission, it comes down to eliminating your Social Security number as a way to identify yourself to your carrier. Without that, hackers would have no way to access your phone and therefore no way to get ahold of your two-factor authentication code.
The details on how to set this up vary with your wireless carrier:
-
AT&T calls its feature “extra security.” It means that before you can talk to a service rep you have to provide a passcode. You can read more about it here.
-
Verizon allows customers to set their own personal identifying number to access their accounts. You can do this by calling Verizon or going to a Verizon store.
-
T-Mobile does the same thing Verizon does, but calls it a “customer care password.” Again, call in or visit a T-Mobile store.
-
Sprint asks customers to set a PIN number to access their accounts.
Why Black Folks Need Encryption
The battle between Apple Computer and the FBI is not just about the encrypted messages on one iPhone. What it is really about is expanding the legal ability of the Federal Government to spy on it’s citizens. This has been an ongoing battle largely behind the scenes between tech developers and Government agencies such as NIST and the NSA. Indeed in 1988 the Government forced standards groups to make TCP/IP the telecom standard upon which the Internet is based, and rejected the OSI standard in large part because the OSI Standard included encryption that was difficult to break, and features which allowed the development of advanced security technologies at the “transmission” level, whereas TCP had none, and was easily compromised by government spooks, who had been using and testing the vulnerabilities of the protocol stack for years. The Internet is not secure, and by design – can never be secured, which is why the Government defense and intelligence agencies use a custom variation of TCP/IP which incorporates capabilities to enhance secure communication.
There are roughly 7 major Commercial Off The Shelf encryption systems in use today. In order to sell those in the US, NSA requires that security “backdoors” be built in such that the systems may be easily compromised by the NSA, and we would assume law enforcement agencies. This requirement does not cover, and has not covered to this point encryption systems on devices which store information internally in flash memory or disk drives. As such manufacturers and equipment owners have been free to encrypt an secure their data by any means they deem appropriate.
There is no such thing as unbreakable encryption. Even that used by the most secret agencies in the Government isn’t unbreakable. What it is is a system which is difficult enough to break that only another government or massive corporation has access to the computer horsepower and scientists to do so – which costs lots and lots of money. So it is actually a race to develop new, more complex systems as the previous system is broken. And I can tell you from personal experience that two guys in a garage that against odds come up with something new and radical which might give those systems heartburn – are in for a visit by the guys in black suits shortly after letting the world know you’ve developed it.
Now – most of what you see on TV about the technology is bullshit. You are not breaking into a unknown secured local network just in time for the hero to do his thing with your trusty laptop. There is no such thing as a 100% secure network, if it has any connection at all to the Internet. The Internet of Things (IoT) which is a hot-button meme right now in the industry isn’t going to happen, because the security in wireless systems is so poor (on purpose and by design).
So…If you are using commercial off the shelf products like cell phones and computers – you can’t stop them from listening in. What you can do is make it difficult enough that unless somebody like the NSA comes after you, you have security. Which is exactly what Apple did.
Here’s why civil rights activists are siding with the tech giant.
Last night, the FBI, saying that it may be able to crack an iPhone without Apple’s help, convinced a federal judge to delay the trial over its encryption dispute with the tech company. In February, you may recall, US magistrate judge Sheri Pym ruledthat Apple had to help the FBI access data from a phone used by one of the San Bernadino shooters. Apple refused, arguing that it would have to invent software that amounts to a master key for iPhones—software that doesn’t exist for the explicit reason that it would put the privacy of millions of iPhone users at risk. The FBI now has two weeks to determine whether its new method is viable. If it is, the whole trial could be moot.
That would be a mixed blessing for racial justice activists, some of them affiliated with Black Lives Matter, who recently wrote to Judge Pym and laid out some reasons she should rule against the FBI. Theletter—one of dozens sent by Apple supporters—cited the FBI’s history of spying on civil rights organizers and shared some of the signatories’ personal experiences with government overreach.
“One need only look to the days of J. Edgar Hoover and wiretapping of Rev. Martin Luther King, Jr. to recognize the FBI has not always respected the right to privacy for groups it did not agree with,” they wrote. (Targeted surveillance of civil rights leaders was also a focus of a recent PBS documentary on the Black Panther Party.) Nor is this sort of thing ancient history, they argued: “Many of us, as civil rights advocates, have become targets of government surveillance for no reason beyond our advocacy or provision of social services for the underrepresented.”
Black Lives Matter organizers have good reason to be concerned. Last summer, I reported that a Baltimore cyber-security firm had identified prominent Ferguson organizer (and Baltimore mayoral candidate) Deray McKesson as a “threat actor” who needed “continuous monitoring” to ensure public safety. The firm—Zero Fox—briefed members of an FBI intelligence partnership program about the data it had collected on Freddie Gray protest organizers. It later passed the information along to Baltimore city officials.
Department of Homeland Security emails, meanwhile, have indicated that Homeland tracked the movements of protesters and attendees of a black cultural event in Washington, DC, last spring. Emails from New York City’s Metropolitan Transit Authority and the Metro-North Railroad showed that undercover police officers monitored the activities of known organizers at Grand Central Station police brutality protests. The monitoring was part of a joint surveillance effort by MTA counter-terrorism agents and NYPD intelligence officers. (There are also well-documentedinstances of authorities spying on Occupy Wall Street activists.)
In December 2014, Chicago activists, citing a leaked police radio transmission—alleged that city police used a surveillance device called a Stingray to intercept their texts and phone calls during protests over the death of Eric Garner. The device, designed by military and space technology giant Harris Corporation, forces all cell phones within a given radius to connect to it, reroutes communications through the Stingray, and allows officers to read texts and listen to phone calls—as well as track a phone’s location. (According to theACLU, at least 63 law enforcement agencies in 21 states use Stingrays in police work—frequently without a warrant—and that’s probably an underestimate, since departments must signagreements saying they will not disclose their use of the device.)
In addition to the official reports, several prominent Black Lives organizers in Baltimore, New York City, and Ferguson, Missouri, shared anecdotes of being followed and/or harassed by law enforcement even when they weren’t protesting. One activist told me how a National Guard humvee had tailed her home one day in 2014 during the Ferguson unrest, matching her diversions turn for turn. Another organizer was greeted by dozens of officers during a benign trip to a Ferguson-area Wal-Mart, despite having never made public where she was going.
In light of the history and their own personal experiences, many activists have been taking extra precautions. “We know that lawful democratic activism is being monitored illegally without a warrant,” says Malkia Cyril, director of the Center for Media Justice in Oakland and a signatory on the Apple-FBI letter. “In response, we are using encrypted technologies so that we can exercise our democratic First and Fourth Amendment rights.” Asked whether she believes the FBI’s promises to use any software Apple creates to break into the San Bernadino phone only, Cyril responds: “Absolutely not.”
“I don’t think it’s any secret that activists are using encryption methods,” says Lawrence Grandpre, an organizer with Leaders of a Beautiful Struggle in Baltimore. Grandpre says he and others used an encrypted texting app to communicate during the Freddie Gray protests. He declined to name the app, but said it assigns a PIN to each phone that has been approved to access messages sent within a particular group of people. If an unapproved device tries to receive a message, the app notifies the sender and blocks the message from being sent. Grandpre says he received these notifications during the Freddie Gray protests: “Multiple times we couldn’t send text messages because the program said there’s a possibility of interception.”
Cyril says “all of the activists I know” use a texting and call-encryption app calledSignal to communicate, and that the implication of a court verdict in favor of the FBI would be increased surveillance of the civil rights community. “It’s unprecedented for a tech company—for any company—to be compelled in this way,” Cyril says….
Arline Security Incident in Flight to NYC
This one is strange. I am a frequent flyer, and I can’t imagine anyone wanting to spend a moment longer than necessary in one of those tiny on-board bathrooms on a commercial airliner. They aren’t designed to be comfortable intentionally – to encourage passengers to spend as little time as possible – instead of taking a magazine to read half the flight preventing other passengers from having access.
So if 3 passengers lock themselves in, and refuse to come out – there’s a problem. a BIG problem. And with airplane food being confined to a bag of chips and a stale cookie anymore…
It wasn’t something they ate.
Definitely no room for a Jacuzzi...
Military jets safely escort flight to NYC
Two fighter jets escorted a New York-bound American Airlines flight from Los Angeles after three passengers locked themselves in the bathroom Sunday, the 10th anniversary of the Sept. 11 attacks, officials said.
A law enforcement official said it wasn’t thought to be terrorism, and American Airlines spokesman Tim Smith said, “In our eyes, it’s a big nothing.”
The North American Aerospace Defense Command scrambled two F-16 jets to shadow Flight 34 until it landed safely at New York’s Kennedy Airport at 4:10 p.m. Sunday, the Transportation Security Administration said in a statement.
The nature of the incident was unclear, but the passengers locked themselves in the bathroom and were still inside when the plane landed, the law enforcement official said. The official was not authorized to speak publicly and spoke to The Associated Press on condition of anonymity.
Law enforcement met the flight and will interview passengers, the TSA statement said. The FBI responded to the airport.
The jets intercepted the flight about 100 miles west of New York and shadowed it until it landed, said John Cornelio, spokesman for the North American Aerospace Defense Command. He described the measure as precautionary.
Smith said a “security concern” was brought to the airline’s attention but the plane’s captain never declared any sort of security threat and never requested law enforcement help.
He said the crew used “normal procedures” to assess the circumstances and the plane landed as planned.
New York has been in a heightened state of security after federal officials received a credible but uncorroborated tip of a car bomb plot on the anniversary in either New York or Washington.
So What’s the Gas Mileage on this Bad Boy, Again?
The President Obama buses are causing quite a stir. Tricked out with special paint, and some serious high-tech gadgets the Secret Service will barely even allude to, these bad boys are apparently able to get on down the road if necessary.
Drawing from what is known about “the Beast” – the Presidential Limousine, we can deduce that the Bus has some pretty serious armament, possibly including 8″ thick armor plate, to go along with the “bulletproof glass” windows. The interesting thing is that it is designed not to show much on the outside.
One of the interesting things about the two vehicles (there is a red one and a black one) is that no markings or stickers are allowed on the vehicles.
They are now saying they are going to let the Republican Presidential candidate ride in one of these?
I hope the interior is designed to be hosed out.
$1.1 million bus used by Obama has high-tech defenses – but what are they?
The Secret Service refuses to give away many details on the design, but has said it has similar features to Obama’s regular ride, The Beast. The tricked-out Cadillac known as The Beast looks like a regular limousine, but is built more like a tank.
If the Obama Bus is similar to The Beast, it will have tank-like armor and cutting edge technology. For example, The Beast has 8-inch thick armor-plated sides, special bulletproof glass, and Kevlar-reinforced tires. The tires are mounted on specially designed rims that can continue to drive even if the tires are missing.
Like The Beast, the bus is probably airtight, and likely has an advanced fire suppression system, oxygen tanks, and is built to withstand a chemical attack.
In case of a medical emergency, bags of Obama’s blood are likely carried onboard just as they are in The Beast.
With more room than The Beast, the bus will probably have more defensive tricks up its sleeves than The Beast’s night vision cameras, shotguns, and tear-gas cannons.
The electronics and communications are no doubt state of the art, and are sure to replicate The Beast’s direct satellite phone line to the Vice President and the Pentagon.
The Secret Service used a fund for transportation and armored vehicles to buy two of these buses from the Hemphill Brothers Coach Company for a total of $2,191,960. No word on whether the company will make more, but Cadillac said they would not make The Beast for any private customers or foreign country saying the design is “very private and secretive.” Chances are these buses are two of a kind and will remain so.
While $2.2 million may sound expensive, it is expected to be cheaper than the normal leased buses over a ten year span, and a Secret Service official implied leased buses aren’t safe enough, saying, “we have not been satisfied with the level of protection offered by leased buses.”
And they aren’t just for the President. The second bus is expected to be used by the Republican presidential candidate and both will eventually be used for visiting dignitaries and future officeholders and candidates.
But until the Secret Service releases more details, the real technology inside the Obama bus will remain a mystery.
Don’t Touch My Internet “Junk”, Either!
“Don’t touch my junk, Bro!”
Seems even a former Playboy Bunny, now confined to a wheelchair, can’t wear little enough to get through airport security without a patdown!
The woman who wore only her bra and panties while going through security at Will Rogers World Airport is speaking out about why she did it.
Video of Tammy Banovac sitting in a wheelchair in just her underwear has made international news. She said after a bad experience with a Transportation Security Administration pat-down, she decided to strip down to her lingerie so security screeners could clearly see she was not a threat.
“The less of me that they had to pat down and check, the less invasive a search would be. And wearing a bra and panties was just about as minimal as I could get,” Banovac said.
Banovac said because of injuries she suffered, she must use a wheelchair. She said she’s been subjected to uncomfortable pat-downs because she cannot go through metal detectors.
In other news – similar to “Do Not Call” registries, Do Not Cookie may soon become a reality on the Internet…
FTC pitches do-not-track system to let consumers opt out of Web data collection
The Federal Trade Commission on Wednesday recommended creating a do-not-track system that would prevent Web sites from collecting unauthorized consumer data, part of a widely anticipated agency report on improving Internet privacy.
The FTC report, aimed at helping policymakers and lawmakers craft privacy rules, also calls for Web sites to disclose more about the information they gather on users, including what has been collected, how it is used and how long it is stored. It also recommended that companies offer users more choices for opting out of data collection schemes.
Regulators and lawmakers are focusing more closely on online privacy after a spate of high-profile data breaches, including Google’s recent admission that it collected personal data from Wi-Fi networks in several countries.
FTC Chairman Jon Leibowitz said in a news conference Wednesday that the current, largely unregulated approach to Internet privacy has fallen short. That approach is favored by advertisers, social-network operators and Web search companies.
The agency’s recommendations – passed unanimously by the five-member commission – seek to balance the concerns of Web advertisers, media companies and retailers that have devised business models around tailored advertisements based on profiles of users. The agency is taking comments on its report until Jan. 31.
“The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice,” Leibowitz said. “We believe that’s what most Americans want as well.”
