How not to release leaked information
Dec 31st, 2009 by Ken Hagler

Brief: TSA subpoenas bloggers to find source of security doc leak.

The Transportation Security Administration is attempting to find the source of a leak of a sensitive security directive that followed a failed airline bombing attempt on Christmas Day. Two travel bloggers have revealed that they have been subpoenaed to provide information that may lead to the source of the leak.

Shortly after an attempted “underwear” bomber was discovered on Northwest Airlines Flight 253 from Amsterdam to Detroit on December 25, the Transportation Security Administration issued immediate, temporary changes to security procedures in an attempt to prevent similar incidents. The particular details of those changes were issued in an internal security directive, intended only for TSA employees. However, copies of the directive were leaked to several bloggers and quickly spread around the ‘Net.

Writers Chris Elliott and Steven Frischling both received copies of the security directive from anonymous sources, and both published the text of the directive after mass confusion set in among holiday travelers affected by the sudden changes in security procedures. It appears that the TSA is not punishing either for publishing the document; rather, they are trying to find the source of the leak.

"The DHS & TSA are taking this matter seriously, and that tells me that they are paying attention to security in detail," Frischling wrote on his blog. So far, neither has admitted to knowing the identity of the source of the TSA directive.

The leak is somewhat embarrassing for the TSA, though, in light of a recent leak of the entire contents of the TSA’s “Standard Operating Procedures” manual online. That disclosure was due to improper redacting of the document, which the TSA later claimed to be out of date.

[Ars Technica]

The lesson to be learned here is that if you find yourself in possession of information which would embarrass the government, don’t pin a giant target on yourself by posting it to your blog. Instead, use Tor to upload it anonymously to Wikileaks.

My company’s Microsoft mail se…
Dec 3rd, 2009 by Ken Hagler

My company’s Microsoft mail server has been flaking out all day, so I’m using the time to get acquainted with Google Wave. Thanks, IT guys!

Cell phone spying
Dec 1st, 2009 by Ken Hagler

Sprint fed customer GPS data to cops over 8 million times.

Christopher Soghoian, a graduate student at Indiana University’s School of Informatics and Computing, has made public an audio recording of Sprint/Nextel’s Electronic Surveillance Manager describing how his company has provided GPS location data about its wireless customers to law enforcement over 8 million times. That’s potentially millions of Sprint/Nextel customers who not only were probably unaware that their wireless provider even had an Electronic Surveillance Department, but who certainly did not know that law enforcement offers could log into a special Sprint Web portal and, without ever having to demonstrate probable cause to a judge, gain access to geolocation logs detailing where they’ve been and where they are.

Read the rest of this article...

[Ars Technica]

It’s well known by now (at least, to anyone who pays attention) that cell phones are used to spy on the location and movement of their owners. This is the first solid information I’ve seen on just how often the cops spy on people–and keep in mind that this is only one company. It’s pretty much guaranteed that other companies are equally eager to collaborate with Big Brother.

»  Substance:WordPress   »  Style:Ahren Ahimsa
© Ken Hagler. All rights reserved.