Category: Links

Categories
Links

NYPD can’t count cash they’ve seized because it would crash computers

From Ars Technica:

The New York City Police Department takes in millions of dollars in cash each year as evidence, often keeping the money through a procedure called civil forfeiture. But as New York City lawmakers pressed for greater transparency into how much was being seized and from whom, a department official claimed providing that information would be nearly impossible—because querying the 4-year old computer system that tracks evidence and property for the data would “lead to system crashes.”

Even with the system, however, the NYPD’s Assistant Deputy Commissioner Robert Messner told the New York City Council’s Public Safety Committee that the department had no idea how much money it took in as evidence, nor did it have a way of reporting how much was seized through civil forfeiture proceedings—where property and money is taken from people suspected of involvement in a crime through a civil filing, and the individuals whom it is seized from are put in the position of proving that the property was not involved in the crime of which they were accused.

So NYPD has spend millions on an expensive database that prevents them from conducting accountability queries on seized evidence? That’s an interesting design choice.

Categories
Links

Coffee & Power – The best coffee shops to work from when you travel.

This is one of the most amazing websites that I’ve come across: for those of us who routinely work from coffee shops, it lists whether or not there are plentiful power outlets as well as passwords for wifi.

Categories
Links

That sinking feeling: Why the bankruptcy of shipping giant Hanjin has so many companies worried

Salon:

Hanjin accounts for about 3 percent of shipping containers globally. It’s big enough that U.S. retailers are worried that delays will shorten the busy holiday shopping season as they wait for goods to arrive. And U.S. exporters now anticipate a 50 percent hike in shipping fees, according to Peter Friedmann, executive director of the U.S. Agricultural Transportation Coalition.

There are lots of reasons for the bankruptcy – including lots of extra ships being in the water right now and a slowdown in the global economy – but this should be cause for concern if only because it showcases the magitude of some of the world’s economic issues right now.

Categories
Links

IMSI Catcher Report Calls for Transparency, Proportionality, and Minimization Policies – The Citizen Lab

IMSI Catcher Report Calls for Transparency, Proportionality, and Minimization Policies:

The Citizen Lab and CIPPIC are releasing a report, Gone Opaque? An Analysis of Hypothetical IMSI Catcher Overuse in Canada, which examines the use of devices that are commonly referred to as ‘cell site simulators’, ‘IMSI Catchers’, ‘Digital Analyzers’, or ‘Mobile Device Identifiers’, and under brand names such as ‘Stingray’, DRTBOX, and ‘Hailstorm’. IMSI Catchers are a class of of surveillance devices used by Canadian state agencies. They enable state agencies to intercept communications from mobile devices and are principally used to identify otherwise anonymous individuals associated with a mobile device and track them.

Though these devices are not new, the ubiquity of contemporary mobile devices, coupled with the decreasing costs of IMSI Catchers themselves, has led to an increase in the frequency and scope of these devices’ use. Their intrusive nature, as combined with surreptitious and uncontrolled uses, pose an insidious threat to privacy.

This report investigates the surveillance capabilities of IMSI Catchers, efforts by states to prevent information relating to IMSI Catchers from entering the public record, and the legal and policy frameworks that govern the use of these devices. The report principally focuses on Canadian agencies but, to do so, draws comparative examples from other jurisdictions. The report concludes with a series of recommended transparency and control mechanisms that are designed to properly contain the use of the devices and temper their more intrusive features.

I’m not going to lie: after working on this with my colleague, Tamir Israel, for 12 months it was absolutely amazing to publicly release this report. What started as a 1,500 word blog post meant to put defense lawyers on notice of some new legislation transmogrified into a 130 page report that is the most comprehensive legal analysis of these devices that’s been done to date. It’s going to be interesting to see what the effects of it are for cases currently being litigated in Canada and around the world!

Categories
Links

National security review tries to tackle needs of law enforcement in digital world | Toronto Star

The Toronto Star:

Lawful access is “a real thorny issue,” said University of Ottawa law professor Craig Forcese, a national security law expert, in an interview with the Star.

“For years I’ve been saying we’ve got to deal with it, and you can’t deal with it without investing people in a discussion, because the best-organized civil liberties organizations in Canada right now are privacy groups,” said Forcese.

“And if you go ahead unilaterally and start tabling stuff in Parliament, you’re going to have a replay of the disaster of the last decade in Parliament where nothing ever got passed, except the cyberbullying bill which didn’t address all the issues.”

Parliament did a lot over the last decade. Including passing lawful access legislation following more than 10 years of public debate that included numerous public consultations (i.e. not just with civil liberties organizations).

That civil liberties groups – which by definition argue hard against infringements of constitutional rights – did their jobs is to be congratulated not smeared.

Categories
Links

Ants are destroying your plants by nurturing perfect aphid colonies

Ars Technica:

The results were stark. All but one of the aphid colonies that were not tended by ants went extinct. Of the surviving aphid colony, only one aphid remained. Without ants to protect them, the aphids were eaten by predators like ladybug larvae and parasitoid wasps. Apparently, ants remove these predators from their herds when they come to milk the aphids for honeydew. The ants win, the aphids win, but the mugwort suffers. A version of this scenario plays out all over the world, where ant invasions often mean aphid invasions, too.

Ants: the protectors of the aphid world, apparently.

This also explains a lot about the challenges I’ve experienced dealing with aphid infestations in the past!

Categories
Links

Two critical bugs and more malicious apps make for a bad week for Android

Ars Technica:

It was a bad week for millions of Android phone users. Two critical vulnerabilities were disclosed but remain unpatched in a large percentage of devices, while, separately, malicious apps were downloaded as many as 2.5 million times from Google’s official Play Marketplace.

The vulnerabilities, which are similar in severity to the Stagefright family of bugs disclosed last year, have been fixed in updates Google began distributing Tuesday. A large percentage of Android phones, however, aren’t eligible to receive the fixes. Even those that do qualify don’t receive them immediately (the September updates are currently not available as over-the-air downloads for either of the Nexus 5X devices in my household). That gives attackers crude blueprints for exploiting vulnerabilities that remain unpatched on millions of devices.

The bag of hurt continues unabated.

Categories
Links

Location Privacy: The Purview of the Rich and Indigent

Krebs on Security:

In Texas, the EFF highlights how state and local law enforcement agencies have free access to ALPR equipment and license plate data maintained by a private company called Vigilant Solutions. In exchange, police cruisers are retrofitted with credit-card machines so that law enforcement officers can take payments for delinquent fines and other charges on the spot — with a 25 percent processing fee tacked on that goes straight to Vigilant. In essence, the driver is paying Vigilant to provide the local cops with the technology used to identify and detain the driver.

“The ‘warrant redemption’ program works like this,” the EFF wrote. “The agency is given no-cost license plate readers as well as free access to LEARN-NVLS, the ALPR data system Vigilant says contains more than 2.8-billion plate scans and is growing by more than 70-million scans a month. This also includes a wide variety of analytical and predictive software tools. Also, the agency is merely licensing the technology; Vigilant can take it back at any time.”

That’s right: Even if the contract between the state and Vigilant ends, the latter gets to keep all of the license plate data collected by the agency, and potentially sell or license the information to other governments or use it for other purposes.

Another case of the private surveillance sector overcoming state institutions, and to the detriment of citizens’ rights to privacy.

Categories
Links

For some safety experts, Uber’s self-driving taxi test isn’t something to hail

Washington Post:

Even so, the effort is raising concern from safety experts who say the technology has major limitations that can be very dangerous. Self-driving cars have trouble seeing in bad weather. Sudden downpours, snow and especially puddles make it difficult for autonomous vehicles to detect lines on pavement and thereby stay in one lane.

Walker Smith added that self-driving cars have sometimes confused bridges for other obstacles. “People need to understand both the potential and the limitations of these systems, and inviting them inside is part of that education,” he said.

The vehicles also have difficulty understanding human gestures — for example, a crosswalk guard in front of a local elementary school may not be understood, said Mary Cummings, director of Duke University’s Humans and Autonomy Lab, at a Senate hearing in March. She recommended that the vehicles not be allowed to operate near schools.

Then there’s a the human factor: Researchers have shown that people like to test and prank robots. Today, a GPS jammer, which some people keep in their trunks to block police from tracking them, will easily throw off a self-driving car’s ability to sense where it is, Cummings said.

Current self-driving cars often cannot see which lane they’re in, if it’s raining. They don’t understand what a bridge is versus other road-terrain. They don’t understand what a cross-walk guard is. And they are reliant on a notoriously brittle location technology.

What can go wrong with testing them in urban centres then, exactly?

Categories
Links

Russian Hackers Now Targeting U.S. Think Tanks That Specialize in Russia

Russian Hackers Now Targeting U.S. Think Tanks That Specialize in Russia:

“Any respectable think tank has been hacked,” Lewis told Defense One on Monday. “The Russians just don’t get the idea of independent institutions, so they are looking for secret instructions from Obama. Another benefit is they can go to their bosses and show what they took to prove their worth as spies.”

Any respectable think tank is proud to have such garbage security that the intellectual property it hopes to profit from, to say nothing of political advocacy, is available to unauthorized third parties.

Right….