welcome

This website uses cookies to ensure you get the best experience on our website.
Please scroll to the bottom of page to read the notice if you are coming from the European Union...

Saturday, August 30, 2014

Saturday Wrapup

 Seems like Microsoft is saying, "Enough is enough! This has gone too far..."

Despite a federal court order directing Microsoft to turn overseas-held email data to federal authorities, the software giant said Friday it will continue to withhold that information as it waits for the case to wind through the appeals process.

 The judge has now ordered both Microsoft and federal prosecutors to advise her how to proceed by next Friday, September 5.

Let there be no doubt that Microsoft's actions in this controversial case are customer-centric. The firm isn't just standing up to the US government on moral principles.


 It's now defying a federal court order. "Microsoft will not be turning over the email and plans to appeal," a Microsoft statement notes.

 "Everyone agrees this case can and will proceed to the appeals court. This is simply about finding the appropriate procedure for that to happen."

***

Today's Greek Lesson...
 New research shows that wireless routers are still quite vulnerable to attack if they don't use a good implementation of Wi-Fi Protected Setup

Bad implementations do a poor job of randomizing the key used to authenticate hardware PINs. Because of this, the new attack only requires a single guess at the hardware PIN to collect data necessary to break it.

 After a few hours to process the data, an attacker can access the router's WPS functionality. Two major router manufacturers are affected: Broadcom, and a manufacturer to be named once they get around to fixing it. 

"Because many router manufacturers use the reference software implementation as the basis for their customized router software, the problems affected the final products, Bongard said. Broadcom's reference implementation had poor randomization, while the second vendor used a special seed, or nonce, of zero, essentially eliminating any randomness."

***
Coffee Napage

 Caffeine is a staple of most workplaces — it's rare to find an office without a coffee pot or a fridge full of soda.

 It's necessary (or at least feels like it's necessary) because many workers have a hard time staying awake while sitting at a desk for hours at a time, and the alternative — naps — aren't usually allowed.

 But new research shows it might be more efficient for employers to encourage brief "coffee naps," which are more effective at returning people to an alert state than either caffeine or naps alone. 

A "coffee nap" is when you drink a cup of coffee, and then take a sub-20-minute nap immediately afterward. 

This works because caffeine takes about 20 minutes to get into your bloodstream, and a 20-minute nap clears adenosine from your brain without putting you into deeper stages of sleep.

 In multiple studies, tired participants who took coffee naps made fewer mistakes in a driving simulator after they awoke than the people who drank coffee without a nap or slept without ingesting caffeine.

***

On August 6, U.S. District Judge Anthony Trenga ordered the federal government to "explain why the government places U.S. citizens who haven't been convicted of any violent crimes on its no-fly database." 

Unsurprisingly, the federal government objected to the order, once more claiming that to divulge their no-fly list criteria would expose state secrets and thus pose a national security threat.

 When the judge said he would read the material privately, the government insisted that reading the material "would not assist the Court in deciding the pending Motion to Dismiss (PDF) because it is not an appropriate means to test the scope of the assertion of the State Secrets privilege."

 The federal government has until September 7 to comply with the judge's order unless the judge is swayed by the government's objection.

***
 Ars piece about the executive order that is the legal basis for the U.S. government's mass spying on citizens.

 One thing sits at the heart of what many consider a surveillance state within the US today. The problem does not begin with political systems that discourage transparency or technologies that can intercept everyday communications without notice.

 Like everything else in Washington, there's a legal basis for what many believe is extreme government overreach—in this case, it's Executive Order 12333, issued in 1981. “12333 is used to target foreigners abroad, and collection happens outside the US," whistleblower John Tye, a former State Department official, told Ars recently.

 "My complaint is not that they’re using it to target Americans, my complaint is that the volume of incidental collection on US persons is unconstitutional.” 

The document, known in government circles as "twelve triple three," gives incredible leeway to intelligence agencies sweeping up vast quantities of Americans' data. 

That data ranges from e-mail content to Facebook messages, from Skype chats to practically anything that passes over the Internet on an incidental basis.

 In other words, EO 12333 protects the tangential collection of Americans' data even when Americans aren't specifically targeted—otherwise it would be forbidden under the Foreign Intelligence Surveillance Act (FISA) of 1978.

***

Amazing what a new pair of shoes can do for you...
 

No comments:

Post a Comment