Tag Archives: Security

Largest single personal data hack ever? 360mn stolen account credentials found online

Largest single personal data hack ever 360mn stolen account credentials found online Largest single personal data hack ever? 360mn stolen account credentials found online

A cyber security firm has reported a “mind boggling” cache of stolen credentials which has been put up for sale on online black markets. A total of 360 million accounts were affected in a series of hacks, one of which seems to be the biggest in history.
Continue reading «Largest single personal data hack ever? 360mn stolen account credentials found online»

Alex Holden, chief information security officer of Hold Security LLC, said that the firm had uncovered the data over the past three weeks.

He said that 360 million personal account records were obtained in separate attacks, but one single attack seems to have obtained some 105 million records which could make it the biggest single data breach to date, Reuters reports. “The sheer volume is overwhelming,” said Holden in a statement on Tuesday.

“These mind boggling figures are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action,” he added.

Hold Security said that as well as 360 million credentials, hackers were also selling 1.25 billion email addresses, which may be of interest to spammers.

The huge treasure trove of personal details includes user names, which are most often email addresses, and passwords, which in most cases are unencrypted.

Hold Security uncovered a similar breach in October last year, but the tens of millions of records had encrypted passwords, which made them much more difficult for hackers to use.

“In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems Inc. One month later we identified another large breach of 42 million credentials from Cupid Media,”
 Hold Security said in statement.

Largest single personal data hack ever 360mn stolen account credentials found online 2 Largest single personal data hack ever? 360mn stolen account credentials found online

 

Holden said he believes that in many cases the latest theft has yet to be publically reported and that the companies that have been attacked are unaware of it. He added that he will notify the companies concerned as soon as his staff has identified them.

“We have staff working around the clock to identify the victims,”
 he said.

However, he did say that the email addresses in question are from major providers such as AOL Inc, Google Inc, Yahoo Inc, and Microsoft Corp, as well as “almost all” Fortune 500 companies and nonprofit organizations.

Heather Bearfield, who runs cybersecurity for an accounting firm Marcum LLP, told Reuters that while she had no information about Hold Security’s findings, she believed that it was quite plausible as hackers can do more with stolen credentials than they can with stolen credit cards, as people often use the same login and password for many different accounts.

“They can get access to your actual bank account. That is huge. That is not necessarily recoverable funds,”she said.

The latest revelation by Hold Security comes just months after the US retailer Target announced that 110 million of their customers had their data stolen by hackers. Target and the credit and debit card companies concerned said that consumers do not bear much risk as funds are rapidly refunded in fraud losses.

Source: RT

New Mexico nuclear plant workers exposed to radiation

New Mexico nuclear plant workers exposed to radiation 2 New Mexico nuclear plant workers exposed to radiation

Positive results for radiation exposure were found in 13 workers following a leak at the United States’ first underground nuclear waste repository near Carlsbad, New Mexico, an Associated Press report stated.
Continue reading «New Mexico nuclear plant workers exposed to radiation»

Officials said that all employees were checked for external contamination before they left the Waste Isolation Pilot Project (WIPP) facility the day the leak occurred, but that biological samples were also taken to test for the possibility that they were breathing in radioactive particles.

The US Department of Energy and the Nuclear Waste Partnership, which manages the plant’s daily operations, are expected to hold a press conference on Thursday to discuss the test results.

“It is important to note that these are initial sample results,” the DOE and Nuclear Waste Partnership said in a joint statement. “These employees, both federal and contractor, will be asked to provide additional samples in order to fully determine the extent of any exposure.”

According to CNN, Nuclear Waste Partnership (NWP) spokesman Donavan Mager said the number of people exposed to radiation could not be confirmed due to the privacy rule under the Health Insurance Portability and Accountability Act. He did say the test results suggest exposure to the synthetic, radioactive metal americium.

The preliminary test results come just days after more airborne radiation was detected in the area surrounding the plant. Earlier this month, WIPP officials noticed a sharp rise in radiation levels, which they connected to a leak inside one of its underground tunnels. The plant is one of three deep nuclear repositories around the globe, storing nuclear waste 600 meters below the earth’s surface.

Since the WIPP’s creation in 1999, this is the first time it has been known to release any radioactive material. Officials told the AP that it may take weeks to learn what caused the leak. Even before this incident, a salt truck caught fire in a separate part of the facility, but that is believed to be unrelated.

Despite the record levels of radiation detected around the area, the DOE stated the readings fall “well below” the standards outlined by the Environmental Protection Agency, and that they do not pose a public or environmental threat.

New Mexico nuclear plant workers exposed to radiation New Mexico nuclear plant workers exposed to radiation

On Monday, the DOE’s Joe Franco and the NWP’s Farok Sharif held a community meeting to ease public fear over the situation. In response to a question from a local resident, Franco said, “there is no risk from this event that would be a hazard to you or your children.”

Regardless, the AP noted that Senator Tom Udall (D-N.M.) will ask the EPA to send portable air monitors to Carlsbad as a precaution.

“The health and safety of the Carlsbad community and WIPP personnel are my top priority,” he said.

Source: RT

Michigan man kills himself while demonstrating gun safety

Michigan man kills himself while demonstrating gun safety Michigan man kills himself while demonstrating gun safety

A Michigan man from Independence Township accidentally killed himself after reportedly firing a gun into his head while attempting to demonstrate how safe the weapon was.
Continue reading «Michigan man kills himself while demonstrating gun safety»

The 36-year-old man’s girlfriend told law enforcement that he’d been drinking throughout the day when the incident occurred Sunday evening. Police told the Oakland Press that when they arrived at the home, the girlfriend was performing CPR on the man. He was declared dead at the scene.

Authorities have declined to release the names of those involved until the family has been notified. The girlfriend had been living with the man at the time with her three children, aged seven, 10, and 12.

According to the Oakland Press, the man was explaining to his girlfriend that his three guns were safe when not loaded. Police said he put two guns to his head and pulled the trigger, but when he did the same with the third gun, it discharged and a bullet went into his head.

“(The situation) is pretty unique, as I have never heard of anyone testing out the safety of a gun by pointing at their head and pulling the trigger,” Undersheriff Michael McCabe told the newspaper.

The man’s death has been ruled a suicide by the Oakland County Medical Examiner.

There have been numerous incidents related to accidental gun discharges over the last few years. Last week, a Florida man accidentally shot himself in the leg after leaving a gun safety class and manipulating his weapon in the parking lot. He was taken to a hospital and treated.

Just two months ago in Michigan, the vice president of the United Automobile Workers union, General Holiefield, mistakenly shot his wife in the stomach while cleaning a loaded gun. Fortunately, she survived the incident, and Holiefield pleaded no contest to misdemeanor charges.

In August 2013, meanwhile, the instructor of a gun safety class in Ohio accidentally shot one of his students while he was demonstrating the firearm to the class. He apparently did not realize the gun was loaded, and the boy survived after being struck in his arm.

Source: RT

Apple security flaw could be a backdoor for the NSA

Apple security flaw could be a backdoor for the NSA Apple security flaw could be a backdoor for the NSA

Was the National Security Agency exploiting two just-discovered security flaws to hack into the iPhones and Apple computers of certain targets? Some skeptics are saying there is cause to be concerned about recent coincidences regarding the NSA and Apple.
Continue reading «Apple security flaw could be a backdoor for the NSA»

Within hours of one another over the weekend, Apple acknowledged that it had discovered critical vulnerabilities in both its iOS and OSX operating systems that, if exploited correctly, would put thought-to-be-secure communications into the hands of skilled hackers.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” the company announced.

Apple has since taken steps to supposedly patch up the flaw that affected mobile devices running its iOS operating system, such as iPhones, but has yet to unveil any fix for the OSX used by desktop and laptop computers. As experts investigated the issue through the weekend, though, many couldn’t help but consider the likelihood — no matter how modicum — that the United States’ secretive spy agency exploited those security flaws to conduct surveillance on targets.

On Saturday, Apple enthusiast and blogger John Gruber noted on his personal website that information contained within internal NSA documents leaked by former intelligence contractor Edward Snowden last year coincide closely with the release of the affected mobile operating system, iOS 6.

According to a NSA slideshow leaked by Mr. Snowden last June, the US government has since 2007 relied on a program named PRISM that enables the agency to collect data “directly from the servers” of Microsoft, Yahoo, Google, Facebook and others. The most recent addition to that list, however, was Apple, which the NSA said it was only able to exploit using PRISM since October 2012.

The affected operating system — iOS 6.0 — was released days earlier on September 24, 2012.

These facts, Gruber blogged, “prove nothing” and are “purely circumstantial.” Nevertheless, he wrote, “the shoe fits.”

With the iOS vulnerability being blamed on a single line of erroneous code, Gruber considered a number of possibilities to explain how that happened.

Conspiratorially, one could suppose the NSA planted the bug, through an employee mole, perhaps. Innocuously, the Occam’s Razor explanation would be that this was an inadvertent error on the part of an Apple engineer,” he wrote.

Once the bug was in place, the NSA wouldn’t even have needed to find it by manually reading the source code. All they would need are automated tests using spoofed certificates that they run against each new release of every OS. Apple releases iOS, the NSA’s automated spoofed certificate testing finds the vulnerability, and boom, Apple gets ‘added’ to PRISM.

Gruber said he sees five possible scenarios, or “levels of paranoia,” as he put it:

Nothing. The NSA was not aware of this vulnerability.
The NSA knew about it, but never exploited it.
The NSA knew about it, and exploited it.
NSA itself planted it surreptitiously.
Apple, complicit with the NSA, added it.

Of course, Guber added, there is always the possibility that “this is all a coincidence.” He certainly wasn’t the only one to consider it, though.

Again, all of this is circumstantial and speculative, and Apple has come out numerous times vehemently denying its involvement in any NSA program,” iDownloadblog’s Cody Lee wrote on Monday. “But the timing is rather odd, and it makes you wonder how such a serious bug went undiscovered for over a year.”

Indeed, Apple has since the start of the Snowden leaks adamantly fended off allegations concerning a possible collusion with the NSA. On December 31, 2013, the company even issued a statement insisting “Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone.”

We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them,” Apple said then — nearly two months after acknowledging the major security vulnerability discovered last week.

At the time, though, Apple was responding to another serious allegation that, if correct, gives much more credence to the latest accusations. The Dec. 31 statement was sent hours after security researcher Jacob Appelbaum presented previously unpublished NSA slides at a hacking conference in Germany, including some where the spy agency boasted about being able to infiltrate any iPhone owned by a targeted person.

The NSA, Appelbaum said, “literally claim that any time they target an iOS device, that it will succeed for implantation.”

“Either they have a huge collection of exploits that work against Apple products — meaning they are hoarding information about critical systems American companies product and sabotaging them — or Apple sabotages it themselves.”

Last year, RT reported that the NSA entered into a contract in 2012 with VUPEN, a French security company that sells so-called 0-day exploits to governments and agencies so that vulnerabilities and flaws can be abused before the affected product’s owner is even made aware. It’s likely just another major coincidence that fits the time frame eerily well, but that contract was signed only days before iOS 6 was released — and, coincidentally, days before the NSA boasted about being able to access Apple communications through its PRISM program.

Source: RT

Bush cyberczar: NSA created ‘the potential for a police state’

richard clarke Bush cyberczar: NSA created ‘the potential for a police state’

The former cyber advisor under President George W. Bush had some harsh words for the United States National Security Agency during an address in California on Monday: “get out of the business of fucking with encryption standards.”
Continue reading «Bush cyberczar: NSA created ‘the potential for a police state’»

That was the recommendation that famed cyberczar Richard Clarke made while speaking earlier this week at the at the Cloud Security Alliance summit in San Francisco.

Clarke, 63, served as a counterterrorism advisor for President Bill Clinton in the 1990s and later assisted his successor, Mr. Bush, as the special advisor on cybersecurity for that administration through 2003. Most recently, though, Clarke was assigned to a five-person panel assembled by Pres. Obama late last year that was tasked with assessing the NSA’s operations in the midst of ongoing and ever-damaging leaks disclosed by former intelligence contractor Edward Snowden. In December, that group suggested 46 changes for the Obama administration to consider in order rein in the secretive spy agency.

Speaking during Monday’s conference, however, Clarke opened up about some of the more personal suggestions he has for the NSA, and even some insight about what the future may have in store for the agency if they continue to collect intelligence from seemingly all corners of the Earth.

“In terms of collecting intelligence, they are very good. Far better than you could imagine,” Clarke said.“But they have created, with the growth of technologies, the potential for a police state.”

“If you’re not specific, an agency that bugs phones is going to bug phones,” he added, according to the Tech Target blog, Search Security“The NSA is an organization that’s like a hammer, and everything looks like a nail.”

Even if the NSA scales back such hacking operations in the future as Pres. Obama suggested and limits who the US targets and how, Clarke said during Monday’s address that another type of interference favored by the agency — influencing and intentionally degrading encryption standards — need to be scraped.

Since June, those Snowden leaks have exposed an array of previously covert NSA operations, including programs that put the emails of foreign leaders and phone data pertaining to millions of Americans into the hands of the US government. According to Clarke, though, the NSA’s handling of encryption standards — as exposed by Snowden — has serious repercussions.

In September, leaked documents courtesy of Mr. Snowden showed the NSA has invested millions of dollars to be able to decrypt “large amounts” of supposedly secure data, an operation that spies at Britain’s GCHQ called “an aggressive, multipronged effort to break widely used Internet encryption technologies.” Then in December, further Snowden documents showed that RSA, a private company considered a staple of the computer security industry, had secretly entered into a $10 million contract with the NSA to create a government-friendly “backdoor” in its products.

Because of the NSA’s efforts, Clarke said during Monday’s event, “the trust in encryption has been greatly eroded.”

“The encryption standards need to be trusted,” he said, according to Infosecurity Magazine“The US government has to get out of the business of fucking around with encryption standards.”

“We need to rebuild the trust in encryption; we need to have the US government forced some way into ensuring this happens,” he said.

When Clarke and four other Obama-appointed experts weighed in on the NSA’s programs for the report released in December, the group said they were “unaware of any vulnerability created by the US government in generally available commercial software that puts users at risk of criminal hackers or foreign governments decrypting their data. Moreover, it appears that in the vast majority of generally used, commercially available encryption software, there is no vulnerability, or ‘backdoor,’ that makes it possible for the US government or anyone else to achieve unauthorized access.”

As part of the group’s recommendations, they advised that the NSA “not engineer vulnerabilities into the encryption algorithms that guard global commerce” and “not demand changes in any product by any vendor for the purpose of undermining the security or integrity of the product, or to ease NSA’s clandestine collection of information by users of the product.”

Source: RT

Gun production in US sets new record with 30 percent increase

Gun production in US sets new record with 30 percent increase Gun production in US sets new record with 30 percent increase

Gun makers in the United States produced a record number of weapons in 2012, as new government data suggests Democratic presidents may actually be a boon to firearms manufacturers.
Continue reading «Gun production in US sets new record with 30 percent increase»

According to numbers released by US Bureau of Alcohol, Tobacco, Firearms, and Explosives, more than 8.5 million guns were produced in 2012, compared to about 6.5 million in 2011. That’s a 31 percent increase, and the highest number recorded since the agency began tracking gun production in 1986.

Interestingly, a 2013 study by the National Opinion Research Center found that gun ownership per household has actually declined to its lowest level in more than 30 years, so what accounts for the high sales? According to one gun advocate, it’s President Barack Obama.

“Barack Obama is the stimulus package for the firearms industry,” Dave Workman, senior editor of Gun Mag, a print and online publication of the 2nd Amendment Foundation, told Bloomberg News. “The greatest irony of the Obama administration is that the one industry that he may not have really liked to see healthy has become the healthiest industry in the United States.”

As noted by Bloomberg, more than 26 million were produced during Obama’s first term alone. Former President George W. Bush, a Republican, was in office for eight years before 28 million guns were manufactured.

Bill Clinton’s Democratic presidency, which saw the government mandate background checks for gun purchases, also boosted firearms makers, who produced 33 million firearms over eight years. During George H.W. Bush’s one term, 16 million guns were made.

Even gun control advocates find some truth to the idea that Democratic presidents help cause a surge in gun sales. According to Brian Malte of the Brady Campaign to Prevent Gun Violence, gun advocates have “demonized” Obama in order to sell more firearms to a smaller consumer base.

“We see the percentage of households owning guns declining,” he said to Bloomberg, “and that indicates that those who already own guns are buying more of them.”

Obama generally avoided the gun control debate during his first term, but he came out in favor of reforms after the Sandy Hook Elementary School massacre that saw 20 children killed by a gunman.

Although Congress has failed to pass legislation on the federal level, some states have forged ahead with their own gun control initiatives. California, for example, recently signaled its intention to implement its “microstamping” gun law, which requires manufacturers to imprint gun data on bullet casings when they’re fired. This has caused some gun makers to pull various models from the market.

Regardless, the latest government data seems to dovetail with the financial results of gun makers like Smith & Wesson, which experienced record sales during its 2013 fiscal year. As RT reported last year, the manufacturer said its sales of $588 million were a 43 percent increase over the previous fiscal year.

Whether or not such high-level sales can continue remains to be seen, but background check data seems to suggest 2013 it’s possible. The FBI conducted more than 21 million background checks related to gun sales in 2013, a seven percent increase over 2012.

Source: RT

NSA plans to expand collection of American phone metadata

NSA plans to expand collection of American phone metadata1 NSA plans to expand collection of American phone metadata

Lawsuits waged at the United States government over the National Security Agency’s controversial phone data collection program may actually cause the NSA to hold onto information even longer, a new report reveals.
Continue reading «NSA plans to expand collection of American phone metadata»

A handful of lawsuits have been filed against the US government and the administration of President Barack Obama since last June when former intelligence contractor Edward Snowden revealed that the NSA has been routinely compelling the nation’s telecommunications companies for the metadatapertaining to millions of Americans. Pres. Obama has since submitted to calls for reforming that program, and even instructed Congress recently to find an alternative approach to storing metadata. According to the Wall Street Journal, however, the NSA may have to hold onto that data for a little bit longer.

On Wednesday this week, WSJ journalists Devlin Barrett and Siobhan Gorman wrote that that the lawsuits filed against the Obama administration over the NSA program may cause some rather unintended consequences to occur. Because the NSA may have to argue those cases in court, they wrote, any intelligence it collected that pertains to the plaintiffs may have to be retained indefinitely pending trial.

Currently, the NSA is obligated to purge metadata from its systems after about five years. Speaking to the Journal, one official said on condition of anonymity that those records are removed from the database about twice a year.

But because those records may become evidence in the lawsuits, the paper alleged, the NSA may be forced to postpone a data purge until after the federal courts consider the cases against the bulk metadata collection program.

“A particular concern, according to one official, is that the older records may give certain parties legal standing to pursue their cases, and that deleting the data could erase evidence that the phone records of those individuals or groups were swept up in the data dragnet,” Barrett and Gorman wrote.

An attorney with one of those plaintiffs that have sued the administration over the NSA program — Patrick Tommey of the American Civil Liberties Union — told the Journal that “It’s difficult to understand why the government would consider taking this position, when the relief we’ve requested in the lawsuit is a purge of our data.”

But Cindy Cohn, a lawyer and legal director for co-plaintiffs at the Electronic Frontier Foundation, acknowledged to the paper, “If they’re destroying evidence, that would be a crime.”

Both the ACLU and EFF filed lawsuits against the administration within days of Mr. Snowden’s first major NSA revelation last June. The EFF has been fighting against the NSA’s alleged spy programs since 2008 when it challenged the government’s “illegal and unconstitutional program of dragnet communications surveillance” on behalf of a former AT&T customer. When Snowden’s early June leak showed that telephone lines administered by competitor Verizon were being sent to the NSA, though, the ACLU again filed suit.

“As an organization that advocates for and litigates to defend the civil liberties of society’s most vulnerable, the staff at the ACLU naturally use the phone — a lot — to talk about sensitive and confidential topics with clients, legislators, whistleblowers and ACLU members,”ACLU legal fellow Brett Kaufman wrote when the suit was filed. “And since the ACLU is a VBNS [Verizon Business Network Services] customer, we were immediately confronted with the harmful impact that such broad surveillance would have on our legal and advocacy work.”

After the Verizon revelation, the EFF’s Cohn told the Washington Post that the NSA leaks had been a“tremendous boon” to previously filed legal challenges. Speaking to the Journal this week, though, she said the issue should have been brought before the courts long ago.

“I think they’re looking for any way to throw rocks at the litigation,” she said. “To the extent this is a serious concern, we should have had this discussion in 2008.”

Source: RT

Deadly US drone strike violated civilian protections promised by Obama

deadly us drone strike yemen Deadly US drone strike violated civilian protections promised by Obama

The United States may have killed up to 12 civilians during a drone strike in Yemen last year, possibly violating both international law and the Obama administration’s own targeted killing policy, according to a report by Human Rights Watch.
Continue reading «Deadly US drone strike violated civilian protections promised by Obama»

While US officials have claimed the December 2013 strike only killed members of Al-Qaeda, witnesses of the incident told HRW that the US actually ended up targeting a wedding procession. The witnesses said everyone killed and injured was a civilian.

For its part, the report found that the group targeted was indeed a wedding convoy, though it also allowed for the possibility that militants – whose identities are still unknown – were part of the group. Regardless, the report suggests that at least some civilian casualties were involved.

At least 12 men were killed as a result of the four Hellfire missiles launched at 11 vehicles, while another 15 were injured. Both US and Yemeni officials have also stated that the primary target of the strike, an Al-Qaeda leader named Shawqi Ali Ahmad al-Badani, was not killed and managed to escape.

“We asked both the Yemeni and the U.S. authorities to tell us which of the dead and wounded were members of militant groups and which if any were civilians,” report author Letta Tayler, a senior terrorism and counterterrorism researcher at HRW, said to the Associated Press. “They did not reply to this question.”

“While we do not rule out the possibility that [Al-Qaeda] fighters were killed and wounded in this strike, we also do not rule out the possibility that all of those killed and wounded were civilians.”

Either way, the report stated that if the United States failed to differentiate between noncombatants and militants before carrying out the strike, it may have violated international law “by causing civilian loss disproportionate to the expected military advantage.”

Additionally, the attack may have violated the targeted killing policy detailed by President Barack Obama in May 2013, in which he stated the need for “near certainty” that civilians would not be harmed by a strike. The US “has also failed to demonstrate that the alleged target was present, could not feasibly have been arrested, or posed a ‘continuing and imminent threat’—three other US policy requirements,” the report stated.

Three unnamed US officials told the AP the government has conducted two investigations of its own into the incident, both of which confirmed its initial claim: that only militants were killed in the strike. These reports have not been released to the public.

“When we believe that civilians may have been killed, we investigate thoroughly,” Caitlin Hayden, a National Security Council spokeswoman, told the AP. “In situations where we have concluded that civilians have been killed, the U.S. has made condolence payments where appropriate and possible.”

Still, Hayden wouldn’t confirm or deny whether any of those affected by this particular strike have received compensation.

In its report, HRW urges the US to conduct a transparent investigation into the incident, hold individuals accountable for any wrongdoing, and properly compensate the affected parties.

“The US refusal to explain a deadly attack on a marriage procession raises critical questions about the administration’s compliance with its own targeted killing policy,” Tayler said in a statement. “All Yemenis, especially the families of the dead and wounded, deserve to know why this wedding procession became a funeral.”

Meanwhile, updated figures by the New America Foundation have also shed light on American drone activity in Yemen. Since 2002, drone strikes in the country have killed between 78 and 84 civilians, with another 30-50 deaths that cannot be classified. With more than 900 total strikes carried out, somewhere between 600 and 800 enemy combatants have been killed. With the singular exception of one 2002 strike, all have been carried out by the Obama administration.

Source: RT

Seattle considering $1.6 million facial recognition surveillance system

Seattle considering 1.6 million facial recognition surveillance system Seattle considering $1.6 million facial recognition surveillance system

Privacy advocates in the Pacific Northwest are squaring off with local police over plans to install a system that would link surveillance camera video with databases containing photographs of hundreds of thousands of area residents.
Continue reading «Seattle considering http://esearchspot.com/WP/seattle-considering-1-6-million-facial-recognition-surveillance-system/.6 million facial recognition surveillance system»

In Seattle, Washington, the City Council will soon decide on whether or not they should approve an ordinance that green-lights a $1.6 million federal grant, a large chunk of which will be used to purchase sophisticated facial recognition software that supporters of the measure say would help stop crime.

Those Department of Homeland Security dollars would let the Seattle police pay for software that digitally scans surveillance camera footage and then tries to match images of the individuals caught on tape with any one of the 350,000-or-so people who have been photographed previously by King County, Washington law enforcement.

“An officer has to reasonably believe that a person has been involved in a crime or committed a crime”before they begin to use the program, Assistant Seattle Police Chief Carmen Best told KIRO-TV this week

Once the facial recognition software is initiated, though, it scours a collection containing close to a half-a-million area residents — including many who may never have been convicted of a crime.

That database, members of the local Seattle Privacy anti-surveillance collective say, is composed of more than just the mug shots of convicted criminals. Images of anyone ever arrested and booked are included in that system, regardless of whether or not they were ever ultimately convicted of a crime. And according to a recent post on the Seattle Privacy website attributed to founding member Jan Bultmann, there has already been mention of perhaps someday including the driver’s license photos of the millions of adults across Washington state into that same system.

As currently proposed, though, “It would be a great way to expedite some searching we’re already doing,”Assistant Chief Best said of the plans during a City Council committee meeting earlier this month, the Seattle CrossCut reported“This only allows us to do it much more quickly and much more efficiently, with a little bit more efficacy.”

On Wednesday this week, the City Council’s Public Safety, Civil Rights and Technology Committee met to discuss whether or not it should approve that DHS Urban Area Security Initiative (UASI) grant in the amount of $1,645,955, and in turn purchase that “booking photo comparison software” and also amend the Seattle Police Department manual to include a section on properly using the product. The full council is now expected to vote on the measure early next month, but in the meantime privacy advocates are asking the city to consider the possible implications of moving forward.

pscrt20140219_3a

Of particular concern, Seattle Privacy says, is the city’s rather sordid past with regards to not just surveillance, but police misconduct. The Seattle PD has previously used DHS money to fund spy projects later canned over public outcry, and a federal investigation concluded by the United States Department of Justice in 2012 found that local officers acted in an “unconstitutional and excessive manner” during nearly 20 percent of all instances involving the use of force.

“Anytime you’ve got the officers, you know, routinely — 20 percent of the time — violating our constitutional rights, that’s a huge problem,” Chris Stearns, a lawyer on the city’s Human Rights Commission, told NPR after the DOJ report was released.

But nearly two years later, the city is again being blasted by civil rights advocates for allegedly being in violation of another constitutional guarantee — the Fourth Amendment’s right to be free from unlawful searches. Although the Seattle PD has promised it won’t use its booking photo comparison software to track suspects on-the-fly if the project has moved forward, opponents fear residents will be worried over the possibility of 24/7 monitoring to enough of a degree that will impact how people associate and assemble in public.

The Booking Photo Comparison Software, Seattle resident Phil Mocek argued at Wednesday’s meeting,“may be used to target activists and do real-time ID of people on the street,” according to a tweet by Seattle Privacy founding member Lee Colleton. And while the Seattle PD’s draft manual for using that system currently includes provisions preventing a link-up with live camera feeds, it does not include any measures saying how long police might wait to watch a recording, be it five seconds, five minutes or five hours.

Once that data is recorded, Public Safety Committee Chair Bruce Harrell told KIRO-TV this week, Seattle law enforcement may elect to share it elsewhere.

“There may be times when the federal government may want to look at that database that may be very appropriate if we have an international terrorist here that might have committed a misdemeanor,” he said.

With the Seattle PD draft rules currently mandating a 42 month retention period, any activity captured if and when the system is approved — even a misdemeanor — can be used by city and federal authorities alike to look for persons of interest three-and-a-half-years down the road.

Despite the possible Orwellian outcome, though, opponents of the measure fear city officials aren’t adequately considering the potential consequences. One witness to Wednesday’s meeting remarked that none of the four testifying experts were privacy advocates, but rather came from either the Seattle PD or DHS, with the exception of a lone Seattle Human Rights Commission representative.

“We need to get some independent technical expertise outside of SPD chain of command to audit this equipment,” Seattle Privacy’s Bultmann opined. Her group has since stated on their website that they will be marking up the draft document themselves “to give councilmembers an example of what a through independent technical review with an eye toward privacy and security would look like, and how useful it would be.”

Should Bultmann succeed, then the surveillance program may in fact meet its maker before ever getting off the ground. Strangely enough, it wouldn’t be the first spy program to be stopped in its tracks lately in Seattle. In November the city was forced to deactivate a wireless mesh network system installed in secret across Seattle after privacy advocates exposed how it could be used to track the locations of anyone with a mobile phone in real-time. And among similar outcry, the Seattle PD last February said they wouldn’t proceed with plans to start using surveillance drones across the city.

“DHS has spent billions in black surveillance budgets that brought us drones and cameras we’re not even using,” Bultmann said during Wednesday’s meeting.

“Drones give law enforcement agencies unprecedented abilities to engage in surveillance and intrude on people’s privacy,” Doug Honig, a spokesman for the American Civil Liberties Union of Washington, said in an email to Reuters when the police pulled the plug on the plan earlier in February.

According to the ACLU, however, the facial recognition system being requested by the Seattle PD doesn’t raise any red flags as of right now. ACLU of Washington privacy counsel Doug Klunder told CrossCut recently that the police actually approached his civil rights group while drafting procedures for the surveillance system, and he thinks “This policy does a good job of limiting [the software] to proper uses.”

Two states away, however, the ACLU of California is asking city officials in Oakland, CA to reconsider an eerily similar surveillance system being planned there with federal funds. The City Council there voted on Tuesday to postpone a vote pertaining to the future of that major surveillance hub under construction — the Domain Awareness Center, or DAC — after 79 speakers signed up to rally against the project during the hearing.

Tuesday’s meeting in Oakland ended after more than four hours with the council agreeing to wait another two weeks before deciding if they should proceed with plans to use $1.6 million they’ve been offered by the DHS to proceed with the next stage, phase 2. The city installed 137 security cameras on the Port of Oakland, 50 traffic cameras across town and a system of gunshot-detecting microphones as part of the recently completed phase 1.

Source: RT

Homeland Security cancels national license plate tracking plan

Homeland Security cancels national license plate tracking plan Homeland Security cancels national license plate tracking plan

Only days after the US Department of Homeland Security began seeking a company to help it track license plates nationwide, the agency has reportedly canceled the initiative over civil liberties concerns.
Continue reading «Homeland Security cancels national license plate tracking plan»

According to the Washington Post, Homeland Security Secretary Jeh Johnson canceled the plan on Wednesday, after media outlets noticed a proposal by the Immigration and Customs Enforcement agency looking for partners to help develop the tracking system.

As RT reported this week, the plan would allow DHS and other law enforcement officials to sift through a nationwide database of license plates once they are photographed, collected, and stored on a system owned by a private company. Government officials stated the database would be used to help locate illegal immigrants who are on the run from authorities, but civil liberties advocates became worried about the possibility that it would also be used to track the movement of American citizens.

ICE spokeswoman Gillian Christensen tried to downplay these concerns, saying the database “could only be accessed in conjunction with ongoing criminal investigations or to locate wanted individuals.”

These words didn’t do much to calm groups concerned with potential abuse, especially in light of ongoing leaks regarding the National Security Agency’s wide-ranging surveillance program.

“Ultimately, you’re creating a national database of location information,” Jennifer Lynch, a staff attorney with the Electronic Frontier Foundation said on Tuesday. “When all that data is compiled and aggregated you can track somebody as they go through their life.”

On Thursday, Christensen confirmed that DHS and ICE have nixed the project.

“The solicitation, which was posted without the awareness of ICE leadership, has been cancelled,” she said in a statement. “While we continue to support a range of technologies to help meet our law enforcement mission, this solicitation will be reviewed to ensure the path forward appropriately meets our operational needs.”

The decision was greeted with open arms by opponents, some of which found cause for concern even in Christensen’s statement. Speaking with the Post, Rep. Bennie Thompson (D-Miss.) – the ranking Democrat on the House Homeland Security Committee – said the idea ICE leadership was unaware of the proposal “highlights a serious management problem within this DHS component that currently does not have a director nominated by the president.”

Others, meanwhile, were relieved to see the listing taken down, especially since the ICE’s promise to comply with the Privacy Act of 1974 did not necessarily mean the system wouldn’t be abused.

“The Privacy Act protections are quite weak, especially because they have loads of exemptions for law enforcement,” said Harley Geiger of the nonprofit Center for Democracy & Technology.

The cancellation of this nationwide initiative doesn’t mean that local law enforcement agencies don’t currently use similar methods. Private companies have already set up smaller license plate databases with local agencies in order to track traffic violations as well as suspected criminal meetings.

Source: RT