AT&T, Law & Disorder, NSA, surveillance

AT&T’s “Extreme Willingness to Help” is key to NSA Internet surveillance

A unique and unusually productive relationship with AT&T has helped the US National Security Agency trawl through vast quantities of Internet traffic, much of it transmitted through networks located in the US, according to a media article published Saturday.

The cooperation involved a variety of classified programs that span decades, in one case more than 15 years before the September 11 terrorist attacks. In addition to providing the NSA with access to billions of e-mails flowing across its domestic networks, AT&T helped wiretap all Internet communications at the United Nations headquarters, which is, or at least was, an AT&T customer, according to the article, which was jointly reported and written by reporters from The New York Times and ProPublica. The article, which relied on NSA documents leaked by former agency contractor Edward Snowden, said that AT&T competitor Verizon participated in some of the same activities, but on a much smaller scale. One NSA document reminded officials to be polite when visiting AT&T sites since the arrangement was a “partnership, not a contractual relationship.”

One of the oldest programs is dubbed Fairview and began in 1985. A separate program known as Stormbrew included Verizon and MCI, the former telecommunications provider that Verizon acquired in 2006. The NYT and ProPublica go on to paint AT&T as a particularly willing partner. The article stated:

Read 1 remaining paragraphs | Comments

Opposable Thumbs

Gallery: Japan’s gaming centers provide joy for the kid inside

While in Hiroshima, Japan for a week, I couldn’t let the time pass without visiting a game center or two (what we call “arcades” in the US). I visited Taito Station, a massive 6-floor game center on the central Hondori shopping arcade, which caused me to have bulging-eye syndrome. Because it was mid-day during the week, it was mostly empty, so I had time to snap a few photos and marvel in its grand weirdness.

Jennifer Hahn

First stop, Taito Station Gaming Center on Hondori shopping arcade. An “arcade” in Japan is a large shopping street/center.

57 more images in gallery

Taito Station is organized by gaming maturity level: starting from the first floor’s cute-and-easy crane games, upwards to casino games (it also gets smokier as you go up), then to physical/sport and “starter” video games, and as you reach floor 4 and 5, you’re pretty much in shooter game heaven. But be careful before stepping onto floor 6!

When I could tear myself away, I headed down Hondori to Animate, a massive Manga/anime shop, which also offered a large amount of card games. Card games seem to be very popular in Japan, and there were also a few smaller shops around the city catering to card gamers only.

Read 2 remaining paragraphs | Comments

Gear & Gadgets, Risk Assessment

Parrot drones easily taken down or hijacked, researchers demonstrate

In two separate presentations at Def Con in Las Vegas last weekend, security experts demonstrated vulnerabilities in two consumer drones from Parrot. The simplest of the attacks could make Parrot drones, including the company’s Bebop model, fall from the sky with a keystroke.

In a live demonstration at Def Con’s Internet of Things Village on August 8, Ryan Satterfield of the security consulting firm Planet Zuda demonstrated a takedown of a Parrot A.R.Drone by exploiting the drone’s built-in Wi-Fi and an open telnet port on the drone’s implementation of the  BusyBox real-time operating system. Connecting to the drone gave him root access to the controller, and he was able to kill the processes controlling flight—causing the drone to drop to the ground.

Ryan Satterfield reproduces the Parrot A.R.Drone 2.0 hack he demonstrated at DEF CON.

In a session at DEF CON on August 9, researcher Michael Robinson, a security analyst and adjunct professor at Stevenson University in Maryland and George Mason University in Northern Virginia, dove further into the vulnerabilities of Parrot’s drones, discussing his research on the Bebop drone in a session entitled, “Knocking My Neighbor’s Kid’s Cruddy Drone Offline.” Robinson noted that because of the Parrot’s open Wi-Fi connection, it would allow anyone with the free Parrot app on a mobile device to pair with the drone in-flight. Using a Wi-Fi “de-auth” attack, he was able to disconnect the control app on the operator’s device and take control with the app from another while the operator of the original controlling device attempted to re-establish a Wi-Fi connection. The new pilot could then simply fly the drone wherever he desired. Robinson warned anyone who planned to take over someone else’s Parrot drone that the mobile app left forensic artifacts on mobile devices—including the serial number of the drone.

Read 4 remaining paragraphs | Comments

Ministry of Innovation, torquing group, zano

Most-funded European Kickstarter project ever still hasn’t shipped yet

Torquing Group, the British drone startup that raked in £2.3 million ($3.4 million) in under two months earlier this year, becoming the most crowdfunded European project ever, has been beset by further inexplicable delays.

On Monday, CEO Ivan Reedman told Ars that the company would begin shipping to its United Kingdom-based backers, however as of Friday, none have actually been sent out.

The handheld drone was originally scheduled to ship in June 2015, a deadline that the company obviously missed. When Ars visited Torquing Group’s offices in Pembroke Dock, Wales in April 2015, Reedman said that the Zano, its handheld drone, would be shipping in early July.

Read 7 remaining paragraphs | Comments

Law & Disorder, Minnesota, reid sagehorn, Twitter

Lawsuit over two-word tweet—“actually yes”—can move ahead, judge finds

A federal judge in Minnesota has allowed a First Amendment and defamation lawsuit filed by a high school student who was suspended over a two-word tweet—“actually yes”—to move forward.

The suit was first filed in June 2014 by Reid Sagehorn, then a high school student at Rogers High School, in Rogers, Minnesota—he sued the Elk River School District, the principal of his former school, and two district officials for violating his constitutional rights. Sagehorn was the captain of the school’s football and basketball teams, and by all accounts had a spotless disciplinary record—save for one parking ticket at the school.

Sagehorn, who declined to comment for this story, is now a student at North Dakota State University.

Read 12 remaining paragraphs | Comments

epic, Freedom of information act, Law & Disorder, lawsuits, mobile phone service, national security

Will Supreme Court force DHS to divulge secret plan to cut cell service?

The Supreme Court was asked in a petition to force the government to disclose the US clandestine plan to disable cell service during emergencies.

The case concerns Standard Operating Procedure 303. A federal appeals court in May said the government did not have to release its full contents because the Freedom of Information Act (FOIA) allows the authorities to withhold records if they would “endanger” public safety.

The Electronic Privacy Information Center told the high court’s justices Tuesday that the US Court of Appeals for the District of Columbia Circuit’s decision created a new “catchall provision that can be used in any case involving records related to domestic and national security programs.” (PDF)

Read 3 remaining paragraphs | Comments

AT&T, Comcast, Ministry of Innovation, verizon, video, Watchable, Xfinity, YouTube

Comcast will launch short-form video platform in coming weeks

Comcast has long been rumored to be developing a short-form video platform, but now it appears the platform has a name and a time frame. Apparently, the platform could be called “Watchable”—although the name is not set in stone yet—and it will be launching in the next few weeks.

Business Insider reports that Comcast’s platform will host videos produced by Vox and Buzzfeed, which are backed by Comcast, in addition to videos made by “lifestyle and comedy sites like AwesomenessTV, Refinery29, and The Onion, news sites like Mic and Vice, as well as legacy brands like NBC Sports.” The video producers have agreed to let Watchable stream any unlicensed, original videos, which will be curated for Comcast customers that have an Xfinity X1 set top box, so the Web videos would appear alongside more traditional TV.

Video producers might be interested in distributing to Comcast’s new platform because of its advertising muscle. A source speaking to Business Insider said that the company wouldn’t pay its short-form video producers any licensing fees, but they would a portion of any advertising revenue. Also, the deals will be non-exclusive, so producers will be able to post the video in multiple places.

Read 1 remaining paragraphs | Comments

Etsy, irish, Law & Disorder, Ministry of Innovation, overseas, tax

Despite transparency claims, Etsy ups secrecy and shifts profits overseas

Turns out that messing around with legal (but questionable) Irish tax laws isn’t just for the big corporate types anymore: it even applies to hand-crafted, crunchy-granola online retailers like Etsy.

In a little-noticed change to the company’s Terms of Use that took effect last month, the online craft retailer has now restructured itself such that it now has an Irish subsidiary, Etsy Ireland, an unlimited liability corporation. The move allows Etsy to now take advantage of a tool that has become all-too-common among major tech companies, including Apple, Google, IBM, and others, as a way to both conceal financial disclosures and drastically reduce global tax obligations. (Bloomberg was the first to report on this change.)

Etsy’s move is particularly eyebrow-raising given that it has a “B Lab certification,” under which it agrees to use business “as a force for good,” and “be the change we seek in the world.” That designation means while Etsy remains a for-profit company as organized under Delaware state law, it is supposed to adhere to certain self-imposed ethical principles.

Read 22 remaining paragraphs | Comments

experience, Opposable Thumbs, PlayStation, Playstation 4, ps4, San Francisco, Sony

PlayStation Experience fan festival moves to San Francisco for 2015

Following a successful Las Vegas debut in 2014, Sony announced today that it is moving the PlayStation Experience fan convention to San Francisco’s Moscone Center on December 5 and 6.

Tickets are on sale now for $60 for a two-day pass, a price that will increase to $75 after September 20 (when one-day tickets will also be available). That’s a reduction from the $90 Sony charged for two-day passes last year, perhaps owing to the larger space for this year’s show.

Sony is recommending attendees register with their PSN IDs, perhaps suggesting that a downloadable surprise will be awaiting those who purchase tickets. Attendees will also get access to the finals of the Capcom Cup, where 32 finalists from the Capcom Pro Tour will compete on the company’s fighting games for a $250,000 prize pool.

Read 1 remaining paragraphs | Comments

exploits, Law & Disorder, malvertising, malware, Risk Assessment, Technology Lab, vulnerabilities

My browser visited Weather.com and all I got was this lousy malware (Updated)

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo’s ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Read 3 remaining paragraphs | Comments

Some stuff about things