Andy Greenberg
A Likely Chinese Hacker Crew Targeted 10 Phone Carriers to Steal Metadata
On June 24, researchers at Boston-based cybersecurity firm Cybereason revealed the results of tracking a years-long cyberespionage campaign they've called Operation Soft Cell, which they say targeted the networks of at least 10 cellular providers around the world. And while researchers' visibility into that hacking campaign is incomplete, they say it appears to be a prolific but highly targeted espionage campaign likely based in China.
Edward Snowden's New Job: Protecting Reporters from Spies
Nearly four years after his leaks, Edward Snowden has focused the next phase of his career on solving that very specific instance of the panopticon problem: how to protect reporters and the people who feed them information in an era of eroding privacy—without requiring them to have an National Security Agency analyst’s expertise in encryption or to exile themselves to Moscow.
“Watch the journalists and you’ll find their sources,” Snowden says. “So how do we preserve that confidentiality in this new world, when it’s more important than ever?” Since early in 2016, Snowden has quietly served as president of a small San Francisco–based nonprofit called the Freedom of the Press Foundation. Its mission: to equip the media to do its job at a time when state-sponsored hackers and government surveillance threaten investigative reporting in ways Woodward and Bernstein never imagined. “Newsrooms don’t have the budget, the sophistication, or the skills to defend themselves in the current environment,” says Snowden. “We’re trying to provide a few niche tools to make the game a little more fair.”
President Obama Has a Plan to Fix Cybersecurity, But Its Success Depends on President-elect Trump
In the waning days of Barack Obama’s presidency, his team has a new plan to shore up America’s protections from digital threats. Whether any of it happens, though, is up to President-elect Donald Trump.
Recently, the White House’s Commission on Enhancing National Cybersecurity released the results of a nine-month study of America’s cybersecurity problems. But as President Obama acknowledged in a statement accompanying those recommendations, actualizing them is largely out of his hands. He asked the cybersecurity commission to brief President-elect Trump’s transition team on its work as soon as possible. Whether the Trump team will in fact accept the commission’s advice—or even its briefing request—remains a mystery. “No one in Washington knows what he’s going to do,” says Alan Paller, the director of research at the security-focused SANS Institute and a former cybersecurity advisor to the Department of Homeland Security under George W. Bush. Paller says that even Trump’s potential appointments for cybersecurity policy positions remain an unknown. “It’s very challenging to know who will be picked, and whether this [report] will have anything to do with their priorities.”
Edward Snowden Designs a Device to Warn If Your iPhone’s Radios Are Snitching
When Edward Snowden met with reporters in a Hong Kong hotel room to spill the National Security Agency’s secrets, he famously asked them put their phones in the fridge to block any radio signals that might be used to silently activate the devices’ microphones or cameras. So it’s fitting that three years later, he’s returned to that smartphone radio surveillance problem. Now Snowden’s attempting to build a solution that’s far more compact than a hotel mini-bar.
On July 21 at the MIT Media Lab, Snowden and well-known hardware hacker Andrew “Bunnie” Huang plan to present designs for a case-like device that wires into your iPhone’s guts to monitor the electrical signals sent to its internal antennas. The aim of that add-on, Huang and Snowden say, is to offer a constant check on whether your phone’s radios are transmitting. They say it’s an infinitely more trustworthy method of knowing your phone’s radios are off than “airplane mode,” which people have shown can be hacked and spoofed. Snowden and Huang are hoping to offer strong privacy guarantees to smartphone owners who need to shield their phones from government-funded adversaries with advanced hacking and surveillance capabilities—particularly reporters trying to carry their devices into hostile foreign countries without constantly revealing their locations.
Why the Supreme Court May Finally Protect Your Privacy in the Cloud
[Commentary] When the Supreme Court ruled in the case of Riley v. California, it definitively told the government to keep its warrantless fingers off your cell phone. But as the full impact of that opinion has rippled through the privacy community, some SCOTUS-watchers say it could also signal a shift in how the Court sees the privacy of data in general -- not just when it’s stored on your physical handset, but also when it’s kept somewhere far more vulnerable: in the servers of faraway Internet and phone companies.
In the Riley decision, which dealt with the post-arrest searches of an accused drug dealer in Boston and an alleged gang member in California, the court unanimously ruled that police need a warrant to search a suspect’s phone. The 28-page opinion penned by Chief Justice John Roberts explicitly avoids addressing a larger question about what’s known as the “third-party doctrine,” the notion that any data kept by a third party such as Verizon, AT&T, Google or Microsoft is fair game for a warrantless search.
But even so, legal analysts reading between the opinion’s lines say they see evidence that the court is shifting its view on that long-stewing issue for online privacy. The results, if they’re right, could be future rulings from America’s highest court that seriously restrict both law enforcement’s and even the NSA’s abilities to siphons Americans’ data from the cloud.
Feds Beg Supreme Court to Let Them Search Phones Without a Warrant
American law enforcement has long advocated for universal “kill switches” in cellphones to cut down on mobile device thefts. Now the Department of Justice argues that the same remote locking and data-wiping technology represents a threat to police investigations -- one that means they should be free to search phones without a warrant.
In a brief filed to the US Supreme Court in the case of alleged Boston drug dealer Brima Wurie, the Justice Department argues that police should be free to warrantlessly search cellphones taken from suspects immediately at the time of arrest, rather than risk letting the suspect or his associates lock or remotely wipe the phone before it can be searched.
The statement responds to briefs made to the court by the Center for Democracy and Technology and the Electronic Frontier Foundation arguing that warrantless searches of cellphones for evidence represents a serious violation of the suspect’s privacy beyond that of a usual warrantless search of a suspect’s pockets, backpack, or car interior.