Researchers Find Google Play Store Apps Were Actually Government Malware

‘Security researchers have found a new kind of government malware that was hiding in plain sight within apps on Android’s Play Store. And they appear to have uncovered a case of lawful intercept gone wrong.

The spyware apps were discovered and studied in a joint investigation by researchers from Security Without Borders, a non-profit that often investigates threats against dissidents and human rights defenders, and Motherboard. The researchers published a detailed, technical report of their findings on Friday…

“This, from the point of view of legal surveillance, is insane,” the agent told Motherboard. “Opening up security holes and leaving them available to anyone is crazy and senseless, even before being illegal”…’

Continued: Researchers Find Google Play Store Apps Were Actually Government Malware

Jeff Bezos Protests the Invasion of His Privacy, as Amazon Builds a Sprawling Surveillance State for Everyone Else

One of the world’s greatest privacy invaders just had his privacy invaded

Amazon, the company that has made Bezos the planet’s richest human being, is a critical partner for the U.S. Government in building an ever-more invasive, militarized and sprawling surveillance state. Indeed, one of the largest components of Amazon’s business, and thus one of the most important sources of Bezos’ vast wealth and power, is working with the Pentagon and the NSA to empower the U.S. Government with more potent and more sophisticated weapons, including surveillance weapons.

In December, 2017, Amazon boasted that it had perfected new face-recognition software for crowds, which it called Rekognition. It explained that the product is intended, in large part, for use by governments and police forces around the world. The ACLU quickly warned that the product is “dangerous” and that Amazon “is actively helping governments deploy it.”

“Powered by artificial intelligence,” wrote the ACLU, “Rekognition can identify, track, and analyze people in real time and recognize up to 100 people in a single image. It can quickly scan information it collects against databases featuring tens of millions of faces.” The group warned: “Amazon’s Rekognition raises profound civil liberties and civil rights concerns.” In a separate advisory, the ACLU said of this face-recognition software that Amazon’s “marketing materials read like a user manual for the type of authoritarian surveillance you can currently see in China…”

Continue reading: Jeff Bezos Protests the Invasion of His Privacy, as Amazon Builds a Sprawling Surveillance State for Everyone Else

Surveillance Cameras Can Identify Anyone by “Talking to Their Cellphones”

Surveillance cameras will soon be able to identify everyone by “talking” to their cell phones thanks to research by a university with ties to the federal surveillance state.

“This system basically allows surveillance cameras to talk to the public through their individual phones,” Purdue University doctoral student Siyuan Cao said.

As the video illustrates, soon nowhere will be safe from Big Brother’s prying eyes.

Purdue University’s SIMBA Labs has developed a camera-to-human surveillance program called PHADE otherwise known as Private Human Addressing … To call PHADE a privacy nightmare really does not do it justice…

Continue reading: Surveillance Cameras Can Identify Anyone by “Talking to Their Cellphones”

Tim Cook: Personal data collection is being “weaponized against us with military efficiency”

Apple CEO Tim Cook: Personal data collection is being 'weaponized against us with military efficiency'

“We shouldn’t sugarcoat the consequences. This is surveillance. And these stockpiles of personal data serve only to enrich the companies that collect them”, Cook said. “This should make us very uncomfortable. It should unsettle us.”

Apple CEO Tim Cook blasted Silicon Valley tech companies and their abuse of user privacy in a keynote address at a privacy conference in Brussels Wednesday, saying personal information is being “weaponized against us with military efficiency.”

  • Apple and its CEO have long touted personal privacy, distancing themselves from recent, growing scandals among tech companies — but the comments from Cook are some of the strongest to date.
  • CEO Tim Cook said the business of selling ads against personal data has become a “data industrial complex” and stopped just short of naming tech giants like Facebook and Google in his criticisms.

Source: Tim Cook: Personal data collection is being ‘weaponized against us with military efficiency’

TSA Announces Plans To Subject Domestic Travelers To Biometric Screening

TechDirt Logo

As promised/threatened, the DHS is moving forward with expanded use of biometric scanning at airports, including facial recognition and fingerprint matches. What was touted as a way to combat international terrorism and illegal immigration will now include those on the home front, as the tech spreads to include US citizens on domestic flights. But the TSA doesn’t see this as an unwanted incursion into the lives of innocent citizens. Instead, it pitches it as a useful tool to speed up security screening at TSA checkpoints.

The TSA expects paying customers to foot the bill for the expansion — the same citizens it’s been selling civil liberties back to for years. From the TSA’s “roadmap” for expanded biometric screening:

Yes, the paying members of the TSA’s Pre✓ program will be the first to “enhance” their “travel experience” by feeding their faces into a database the TSA controls, using tech prone to erroneous conclusions. Other travelers won’t be able to opt out of biometric screening, however. They’ll just be subject to the non-enhanced travel experience where TSA and CBP officers ask a long series of invasive questions and infer suspicious behavior on the part of travelers who bypass the biometric kiosks.

It’s true that traveling in the US has always been a “papers, please” experience. But prior to the 9/11 attacks, this simply meant presenting a ticket before boarding. Now, it’s everything about everybody, no matter how useless this information is 99.9% of the time. Rather than move towards smarter screening methods, the TSA has decided to subject everyone to the same level of screening with the same arbitrary rules stemming from airborne attacks the TSA failed to prevent.

The TSA pitches this as a paperless airport, but it’s really just another way for the government to compile a massive database of identifying info and of citizens’ movements. The DHS likes to talk about its 96% accuracy target, but has released no information about actual accuracy in test runs, so concerns about false positives/negatives aren’t going away anytime soon.

The government has responded in the worst way to terrorist attacks in the US. It has made freedom of movement a hassle — one that diminishes Constitutional protections and turns every traveler into a potential suspect.

Source: TSA Announces Plans To Subject Domestic Travelers To Biometric Screening

“Five Eyes” Wants Access to Every Electronic Device

According to an article in the National Post the Five Eyes intelligence network is demanding tech companies provide a back-door into all electronic devices.

“Canada joined its intelligence allies recently in demanding that technology companies co-operate with law enforcement agencies in allowing access to encrypted communications.”

Five Yyes (FVEY) is an intelligence alliance including Australia, Canada, New Zealand, the United Kingdom and the United States. These countries are parties to the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

Although similar requests for co-operation have been made in the past, that “is the most aggressive call we’ve seen,” said Tamir Israel, a lawyer at the Canadian Internet Policy and Public Interest Clinic.

The big change, according to Israel, is that governments are now saying “fix it for us or we will fix it for you.” That’s led to concerns among privacy experts that the government will try to legislate a requirement for tech companies to build backdoors for law enforcement.

Letting multi-national intelligence agencies have access to every electronic device can and will be abused.

Giving law enforcement access to electronic devices is a bad idea

That sign telling you how fast you’re driving may be spying on you

Road sign records a photograph of your license plate.
Road sign records a photograph of your license plate.

The next time you drive past one of those road signs with a digital readout showing how fast you’re going, don’t simply assume it’s there to remind you not to speed. It may actually be capturing your license plate data.

According to recently released US federal contracting data, the Drug Enforcement Administration will be expanding the footprint of its nationwide surveillance network with the purchase of “multiple” trailer-mounted speed displays “to be retrofitted as mobile LPR [License Plate Reader] platforms.” The DEA is buying them from RU2 Systems Inc., a private Mesa, Arizona company. How much it’s spending on the signs has been redacted…

Continued: That sign telling you how fast you’re driving may be spying on you

Man sues over Google’s “Location History” fiasco, case could affect millions

If “Location History” was off, Google said it didn’t keep data—but that’s not true.

Google is facing new scrutiny in the wake of revelations that it stores users’ location data even when “Location History” is turned off.

Last Friday, Google quietly edited its description of the practice on its own website—while continuing said practice—to clarify that “some location data may be saved as part of your activity on other services, like Search and Maps…”

Story: Man sues over Google’s “Location History” fiasco, case could affect millions

Google tracks users who turn off location

The study found that users had to turn off another setting in order to disable location being recorded
The study found that users had to turn off another setting in order to disable location being recorded

A study from Associated Press suggests that users are still tracked even if they turn off location history.

Google records users’ locations even when they have asked it not to, a report from the Associated Press has suggested.

The issue could affect up to two billion Android and Apple devices which use Google for maps or search.

The study, verified by researchers at Princeton University, has angered US law-makers…

The study found that users’ whereabouts are recorded even when location history has been disabled.

For example:

  • Google stores a snapshot of where you are when you open the Maps app
  • Automatic weather updates on Android phones pinpoint roughly where a user is
  • Searches that have nothing to do with location pinpoint precise longitude and latitude of users

Technology firms are under fire for not being clear about privacy settings and how to use them. In June, a report from the Norwegian Consumer Council found evidence that privacy-friendly options are hidden away or obscured.

Continue reading: Google tracks users who turn off location

TSA surveilling travelers’ behavior through secretive program

© Getty Images
© Getty Images

The Transportation Security Administration (TSA) has begun collecting information on travelers through a program that monitors citizens not on a terror watch list or suspected of a crime, The Boston Globe reported.

The Globe reported Saturday that the program, titled “Quiet Skies,” aims to eliminate threats posed by “unknown or partially known terrorists.”

Undercover air marshals reportedly document passengers’ behavior, including whether they use technology when traveling, whether they change clothes at the airport, how closely they stand to the boarding area and other patterns…

Continued: TSA surveilling travelers’ behavior through secretive program: report | TheHill

Spy agency NSA triples collection of U.S. phone records


FILE PHOTO: The National Security Agency (NSA) headquarters is seen in Fort Meade, Maryland, U.S. February 14, 2018. REUTERS/Sait Serkan Gurbuz

The U.S. National Security Agency collected 534 million records of phone calls and text messages of Americans last year, more than triple gathered in 2016, a U.S. intelligence agency report released on Friday said.

The sharp increase from 151 million occurred during the second full year of a new surveillance system established at the spy agency after U.S. lawmakers passed a law in 2015 that sought to limit its ability to collect such records in bulk.

The spike in collection of call records coincided with an increase reported on Friday across other surveillance methods, raising questions from some privacy advocates who are concerned about potential government overreach and intrusion into the lives of U.S. citizens.

The 2017 call records tally remained far less than an estimated billions of records collected per day under the NSA’s old bulk surveillance system, which was exposed by former U.S. intelligence contractor Edward Snowden in 2013.

The records collected by the NSA include the numbers and time of a call or text message, but not their content.

Overall increases in surveillance hauls were both mystifying and alarming coming years after Snowden’s leaks, privacy advocates said.

“The intelligence community’s transparency has yet to extend to explaining dramatic increases in their collection,” said Robyn Greene, policy counsel at the Washington-based Open Technology Institute that focuses on digital issues …

 

Friday’s report also showed a rise in the number of foreigners living outside the United States who were targeted under a warrantless internet surveillance program, known as Section 702 of the Foreign Intelligence Surveillance Act, that Congress renewed earlier this year.

That figure increased to 129,080 in 2017 from 106,469 in 2016, the report said, and is up from 89,138 targets in 2013, or a cumulative rise over five years of about 45 percent.

U.S. intelligence agencies consider Section 702 a vital tool to protect national security, but privacy advocates say the program incidentally collects an unknown number of communications belonging to Americans.

Source: Spy agency NSA triples collection of U.S. phone records: official report | Reuters

Department Of Homeland Security Compiling Database Of Journalists And “Media Influencers”

Homeland Security Secretary Kirstjen Nielsen speaks during the press briefing at the White House in Washington, DC, on April 4, 2018. (NICHOLAS KAMM/AFP/Getty Images)
Homeland Security Secretary Kirstjen Nielsen speaks during the press briefing at the White House in Washington, DC, on April 4, 2018. (NICHOLAS KAMM/AFP/Getty Images)

The details of the attached Request for Information outline a plan to gather and monitor the public activities of media professionals and influencers and are enough to cause nightmares of constitutional proportions, particularly as the freedom of the press is under attack worldwide.

And “attack” is not hyperbolic.

Every day, journalists face serious consequences including physical violenceimprisonment and death. A few days ago, the Committee to Protect Journalists launched its annual Free The Press campaign to raise awareness about imprisoned journalists throughout the world. On May 3, UNESCO will once again mark World Press Freedom Day “to inform citizens of violations of press freedom — a reminder that in dozens of countries around the world, publications are censored, fined, suspended and closed down, while journalists, editors and publishers are harassed, attacked, detained and even murdered.”

Meanwhile, the United States government, traditionally one of the bastions of press freedom, is about to compile a list of professional journalists and “top media influencers”, which would seem to include bloggers and podcasters, and monitor what they’re putting out to the public.

What could possibly go wrong? A lot.

DHS’ “Media Monitoring” Plan

As part of its “media monitoring”, the DHS seeks to track more than 290,000 global news sources as well as social media in over 100 languages, including Arabic, Chinese and Russian, for instant translation into English. The successful contracting company will have “24/7 access to a password protected, media influencer database, including journalists, editors, correspondents, social media influencers, bloggers etc.” in order to “identify any and all media coverage related to the Department of Homeland Security or a particular event.”

“Any and all media coverage”, as you might imagine, is quite broad and includes “online, print, broadcast, cable, radio, trade and industry publications, local sources, national/international outlets, traditional news sources, and social media.”

The database will be browseable by “location, beat and type of influencer”, and for each influencer, the chosen contractor should “present contact details and any other information that could be relevant, including publications this influencer writes for, and an overview of the previous coverage published by the media influencer.”

One aspect of the media coverage to be gathered is its “sentiment.”

Why “Media Monitoring” and Why Now?

DHS says the “NPPD/OUS [National Protection and Programs Directorate/Office of the Under Secretary] has a critical need to incorporate these functions into their programs in order to better reach Federal, state, local, tribal and private partners.” Who knows what that means, but the document also states the NPPD’s mission is “to protect and enhance the resilience of the nation’s physical and cyberinfrastructure.”

That line makes it sound as if the creation of this database could be a direct response to the rampant allegations of Russian interference in the 2016 U.S. presidential election — though President Donald Trump, who has normalized the term “fake news”, can’t seem to decide whether that’s even an issue or not.

Facebook CEO Mark Zuckerberg thinks it is. Earlier this week, he announced the social networking site would remove “more than 270 pages and accounts operated by a Russian organization called the Internet Research Agency” in an effort “to protect the integrity of elections around the world”.

Within the context of increasing concerns over “fake news” and foreign interference in elections, an action such as the DHS’ database might seem, at first glance, to be a sensible approach.

Not exactly.

Unfortunately, increasing government encroachment on the freedom of the press is the sinister backdrop to all of this. Freedom House, which has monitored the status of the press for nearly 40 years, recently concluded that global media freedom has reached its lowest level in the past 13 years. The independent watchdog organization blames “new threats to journalists and media outlets in major democracies” as well as “further crackdowns on independent media in authoritarian countries like Russia and China.” And then it goes one step further.

“But it is the far-reaching attacks on the news media and their place in a democratic society by Donald Trump, first as a candidate and now as president of the United States, that fuel predictions of further setbacks in the years to come”, the report said.

Could the DHS media database be such a setback?

Possibly, and it’s not even the first time potential regulation of journalists has drifted across the American political scene.

Last October, an Indiana lawmaker proposed that journalists be licensed. Representative Jim Lucas’ bill was mostly a publicity stunt, but could this DHS action be a way for the government to keep track of American and foreign journalists as well as “citizen journalists”, threatening not only the freedom of the press but also individual freedom of speech?

The real question, of course, is what the government plans to do with the information it compiles, and there’s been no comment on that beyond what is in the posting, which, by the way, has interest from at least seven companies. Will those on the DHS media database be questioned more harshly coming in and out of the country? Will they have trouble getting visas to go to certain countries for their own reporting or personal vacations? Worse?

Speaking of visas — and showing that social media activity is squarely on the radar of this Administration — earlier this week, the State Department placed two notices in the Federal Register seeking comments on its proposal to require that all visa applicants to the U.S. turn over their social media information for the previous five years.

Regarding the DHS media database, we are entering potentially dangerous territory with the government keeping track of the “sentiment” of citizens and foreign nationals. If not legal challenges from organizations that defend press freedom and freedom of speech interests, the government should expect, at the very least, backlash from the public.

And that means you. If you think the idea of the U.S. government’s compiling and monitoring a list of media professionals and “top media influencers” is a potential threat to democracy, now would be the perfect time to call your local and congressional representatives to let them know how much you value a free press and the freedom of speech, just in case they’ve forgotten.

Source: Department Of Homeland Security Compiling Database Of Journalists And “Media Influencers” (Forbes)