How not to release leaked information
Dec 31st, 2009 by Ken Hagler

Brief: TSA sub­poe­nas blog­gers to find source of secu­ri­ty doc leak.

The Trans­porta­tion Secu­ri­ty Admin­is­tra­tion is attempt­ing to find the source of a leak of a sen­si­tive secu­ri­ty direc­tive that fol­lowed a failed air­line bomb­ing attempt on Christ­mas Day. Two trav­el blog­gers have revealed that they have been sub­poe­naed to pro­vide infor­ma­tion that may lead to the source of the leak.

Short­ly after an attempt­ed “under­wear” bomber was dis­cov­ered on North­west Air­lines Flight 253 from Ams­ter­dam to Detroit on Decem­ber 25, the Trans­porta­tion Secu­ri­ty Admin­is­tra­tion issued imme­di­ate, tem­po­rary changes to secu­ri­ty pro­ce­dures in an attempt to pre­vent sim­i­lar inci­dents. The par­tic­u­lar details of those changes were issued in an inter­nal secu­ri­ty direc­tive, intend­ed only for TSA employ­ees. How­ev­er, copies of the direc­tive were leaked to sev­er­al blog­gers and quick­ly spread around the ‘Net.

Writ­ers Chris Elliott and Steven Frischling both received copies of the secu­ri­ty direc­tive from anony­mous sources, and both pub­lished the text of the direc­tive after mass con­fu­sion set in among hol­i­day trav­el­ers affect­ed by the sud­den changes in secu­ri­ty pro­ce­dures. It appears that the TSA is not pun­ish­ing either for pub­lish­ing the doc­u­ment; rather, they are try­ing to find the source of the leak.

The DHS & TSA are tak­ing this mat­ter seri­ous­ly, and that tells me that they are pay­ing atten­tion to secu­ri­ty in detail,” Frischling wrote on his blog. So far, nei­ther has admit­ted to know­ing the iden­ti­ty of the source of the TSA direc­tive.

The leak is some­what embar­rass­ing for the TSA, though, in light of a recent leak of the entire con­tents of the TSA’s “Stan­dard Oper­at­ing Pro­ce­dures” man­u­al online. That dis­clo­sure was due to improp­er redact­ing of the doc­u­ment, which the TSA lat­er claimed to be out of date.

[Ars Tech­ni­ca]

The les­son to be learned here is that if you find your­self in pos­ses­sion of infor­ma­tion which would embar­rass the gov­ern­ment, don’t pin a giant tar­get on your­self by post­ing it to your blog. Instead, use Tor to upload it anony­mous­ly to Wik­ileaks.

My company’s Microsoft mail se…
Dec 3rd, 2009 by Ken Hagler

My company’s Microsoft mail serv­er has been flak­ing out all day, so I’m using the time to get acquaint­ed with Google Wave. Thanks, IT guys!

Cell phone spying
Dec 1st, 2009 by Ken Hagler

Sprint fed cus­tomer GPS data to cops over 8 mil­lion times.

Christo­pher Soghoian, a grad­u­ate stu­dent at Indi­ana University’s School of Infor­mat­ics and Com­put­ing, has made pub­lic an audio record­ing of Sprint/Nextel’s Elec­tron­ic Sur­veil­lance Man­ag­er describ­ing how his com­pa­ny has pro­vid­ed GPS loca­tion data about its wire­less cus­tomers to law enforce­ment over 8 mil­lion times. That’s poten­tial­ly mil­lions of Sprint/Nextel cus­tomers who not only were prob­a­bly unaware that their wire­less provider even had an Elec­tron­ic Sur­veil­lance Depart­ment, but who cer­tain­ly did not know that law enforce­ment offers could log into a spe­cial Sprint Web por­tal and, with­out ever hav­ing to demon­strate prob­a­ble cause to a judge, gain access to geolo­ca­tion logs detail­ing where they’ve been and where they are. 

Read the rest of this article...

[Ars Tech­ni­ca]

It’s well known by now (at least, to any­one who pays atten­tion) that cell phones are used to spy on the loca­tion and move­ment of their own­ers. This is the first sol­id infor­ma­tion I’ve seen on just how often the cops spy on people–and keep in mind that this is only one com­pa­ny. It’s pret­ty much guar­an­teed that oth­er com­pa­nies are equal­ly eager to col­lab­o­rate with Big Broth­er.

»  Substance:WordPress   »  Style:Ahren Ahimsa
© Ken Hagler. All rights reserved.