Archive for June, 2014

GRAND RAPIDS, MI — Downtown businesses are giving area law enforcement agencies greater access to private video surveillance feeds under a new push to increase real-time monitoring capabilities in Grand Rapids.

Jack Stewart, Kent County emergency management coordinator, said the Grand Rapids Police and Kent County Sheriff’s departments are increasing access to the downtown surveillance apparatus under a new public-private partnership program.

The two agencies are tapping into private video feeds from existing cameras mounted on the exterior of private commercial buildings downtown, he said.

Previously, police would request video from private feeds during the course of a criminal investigation. Now, police will be able to monitor the feeds in real time from county and city dispatch centers.

“This is the same technology that helped catch the Boston Marathon bombers,” said Stewart. “This is not day-to-day monitoring. It’s just in the event of an emergency. There would have to be an event serious enough to trigger us to monitor the cameras.”

The program, which Stewart said is pursuing federal Dept. of Homeland Security grants to expand the surveillance capability downtown with new and upgraded equipment, has been in the works for several years.

“Some of the cameras are hooked-up already, but we’d like to offer to enhance and expand to other businesses and facilities that want to hook-up to the project,” said Stewart about uses for the possible grant money.

The program is a response to increasing activity in the downtown area, and disclosure of the project follows a pair of downtown shootings this month that have caused Grand Rapids police to step up their presence in the district.

Shots fired outside McFadden’s Saloon on June 15, and the shooting of a two teenagers downtown on June 18 after the Bruno Mars concert are “good examples” of when the technology would be used, said Stewart.

Large events like ArtPrize or the Fifth Third River Bank Run are also examples of when real time monitoring would be useful, he said.

Stewart said there are roughly 100 exterior video cameras right now that are or could be accessed under the program, many of them concentrated around government and critical infrastructure buildings.

Non-disclosure agreements precluded Stewart from naming specific businesses participating in the program, but some were willing to disclose that on their own.

Cameras mounted on Amway Hotel Corporation properties downtown are part of the program, according to Amway Corp. representatives.

Read More

A secret cellular tracking system used by the Chicago Police Department could run afoul of a new U.S. Supreme Court ruling prohibiting authorities from searching cellphones without a warrant, experts said Wednesday.

The department has for several years been using cell site simulators — commonly known as IMSI catchers or Stingray devices — to scan cellphones for call logs, which include text messages. They also track phones’ locations, which the court didn’t address in this case. Though sources confirm the simulators’ use, the city has never publicly acknowledged having the equipment.

After Chicago police ignored a Freedom of Information Act request seeking information about the equipment’s cost, local activist Freddy Martinez sued the department this month to force the release of documents related to the simulators’ purchase. State law dictates that all expenditures of public funds are subject to open record laws.

“The fact they won’t disclose whether they even have the Stingrays suggests that they could be using it improperly,” said Matthew Topic, a transparency lawyer who is representing Martinez in his lawsuit.

A Chicago police spokesman declined to discuss how the Supreme Court ruling would affect department procedures or its use of simulators.

“Obviously, the ruling just came down (Wednesday) and our lawyers and department personnel are still evaluating how it might impact police operations,” spokesman Martin Maloney said.

In addition to federal agencies, police departments in at least 15 states have cell site simulators, according to the American Civil Liberties Union. The ACLU has been involved in several lawsuits aimed at releasing public documents connected to Stingray use.

Topic said he expects the Supreme Court ruling will prompt the city to rethink how it uses the simulators, especially because the systems have the ability to mine data from people who are near suspects but not the target of any law enforcement investigation.

“I would like to believe the Chicago Police Department doesn’t want to engage in wholesale Fourth Amendment violations,” he said. “I hope they would read the ruling and take a hard look at their procedures.”

View Source

WASHINGTON —- Cellphones and smartphones generally cannot be searched by police without a warrant during arrests, the Supreme Court ruled unanimously Wednesday in a major victory for privacy rights.

Ruling on two cases from California and Massachusetts, the justices acknowledged both a right to privacy and a need to investigate crimes. But they came down squarely on the side of privacy rights.

“Modern cell phones, as a category, implicate privacy concerns far beyond those implicated by the search of a cigarette pack, a wallet or a purse,” Chief Justice John Roberts wrote for the court.

“We cannot deny that our decision today will have an impact on the ability of law enforcement to combat crime,” he said. “Privacy comes at a cost.”

Cellphone ruling may impact other privacy challenges

The justices struck down an extensive smartphone search in California that had been upheld by the state Court of Appeals, as well as a more limited probe of an old flip-top cellphone in Massachusetts that a federal judge had thrown out.

Currently, police can search a person under arrest and whatever physical items are within reach to find weapons and preserve evidence that might be destroyed. But the justices noted that vast amounts of sensitive data on modern smartphones raise privacy concerns that differentiate them from other items.

To liken physical objects to digital data, as federal and state government officials did in justifying cellphone searches, Roberts said, “is like saying a ride on horseback is materially indistinguishable from a flight to the moon. Both are ways of getting from point A to point B, but little else justifies lumping them together.”

Roberts said police still can examine “the physical aspects of a phone to ensure that it will not be used as a weapon.” But once secured, he said, “data on the phone can endanger no one” and the arrested person will not be able to “delete incriminating data.”

Justice Department spokeswoman Ellen Canale said prosecutors and police still will “make use of whatever technology is available to preserve evidence on cellphones while seeking a warrant…. Our commitment to vigorously enforcing the criminal laws and protecting the public while respecting the privacy interests protected by the Fourth Amendment is unwavering.”

In the past two years, the court has ruled that police can swab a suspect’s cheek for DNA to put into an unsolved crimes database, as well as conduct strip searches of prisoners without reasonable suspicion.

Read More

At some car washes, it wasn’t just the cars that were getting cleaned out: Members of a Boston street gang were allegedly logging into the computerized cash registers of car washes across the United States, stealing credit card data and using the cloned cards to transfer money to prepaid gift cards.

The dirt on this squeaky-clean case was unearthed last month, when a South Carolina sheriff’s department contacted police in Everett, Massachusetts, because a South Carolinian’s credit card had been fraudulently used several times at a Dollar Store in Everett.

Detective Michael Lavey of the Everett police department found that a few people were visiting Dollar Stores in and around Everett, always in pairs. They would routinely purchase $500 in prepaid gift cards, paying with several different credit cards until one of the credit cards was approved, Lavey told independent security expert Brian Krebs.

Lavey posted store security footage online, but the suspected bandits behind this money-laundering scheme weren’t caught until one ended up in a Boston hospital, having been stabbed in an unrelated robbery.

Police recognized the man, allegedly a member of a local Bloods gang, from the security tapes. When his bloody pants were confiscated as evidence, police found a large number of credit cards in the pockets.

Lavey found at least one card had been cloned from a card whose data had been stolen from a Splash Car Wash in Connecticut. This led Lavey to connect with Monroe, Connecticut police detective Michael Chaves.

Chaves had been investigating card-data thefts at 14 car washes in Connecticut. He discovered many of the car washes used an outdated version of a point-of-sale software system developed by Randolph, New Jersey-based Micrologic Associates — and which could be accessed via the aging pcAnywhere remote-desktop software, sold until last month by Symantec.

Micrologic had created default pcAnywhere login credentials for its products, but many clients never changed the defaults, which stayed the same for years, Chaves told Krebs.

Read More

Twenty-Six New Yorkers And Consumers Nationwide To Receive Restitution; Company Took Millions From Entrepreneurs Seeking Help Launching Small Internet-Based Businesses

NEW YORK – Attorney General Eric T. Schneiderman today announced that his office, along with the Federal Trade Commission and the Attorney General of Florida, have reached a $15.6 million settlement with The Tax Club, Inc., which operated out of the Empire State Building, related to deceptive business practices and false advertising seen in telemarketing schemes that targeted consumers operating internet-based businesses. The settlement agreement, entered in the U.S. District Court for the Southern District of New York earlier this month, prohibits future misconduct. The settlement money will be returned to consumers across the country as restitution, including to 26 New Yorkers.

“As a result of this settlement, former Tax Club executives will be giving up a substantial chunk of their personal assets,” said Attorney General Eric Schneiderman. “Before turning over your hard-earned money to telemarketers, it’s important to make sure they have a reputation for delivering what they promise.”

Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, said, “Before you put money into a work-at-home business opportunity, ask questions to determine if it is legitimate. We encourage consumers to read our consumer information to learn how to recognize schemes that promise more than they deliver.”

Information about telemarketing fraud and tips to avoid becoming a victim can be found here.

The investigation into The Tax Club, which also does business as Success Merchant Services, Corporate Tax Network, and Corporate Credit, adversely affected consumers nationwide, including senior citizens. New Yorkers targeted by the company filed complaints with Attorney General Schneiderman’s office beginning in 2010 and continue to come in. The victims lived across the state, including in Binghamton, New York City and on Long Island; and in Cattarangus, Erie, Monroe, Onondaga, Orange, Putnam, Renssealer, Rockland, St. Lawrence and Westchester counties.

The operators of The Tax Club’s telemarketing schemes took millions of dollars from consumers by allegedly misleading them into believing that its purported services would help consumers’ home-based businesses succeed. According to a complaint filed in Manhattan federal court in January 2013 by Attorney General Schneiderman, the FTC and the Florida Attorneys General, The Tax Club, which purchased lists of small business owners from companies that offered internet-based business opportunities, called consumers and falsely claimed to be affiliated with companies that they had already bought services or products from. The lawsuit alleged that the telemarketers pitched business development services, including business coaching services, corporate formation services, and credit development services.

The suit further charged that, after an initial hard-tactic sale, the telemarketing companies called consumers repeatedly to sell other services they claimed were “essential,” typically for several thousand dollars per service. The schemes charged a large initial fee, between approximately $1,000 to $3,000, with a restrictive refund policy and recurring monthly “membership” payments of at least $19.99 a month. Many of the services offered were actually unnecessary—and were never provided.

Under the settlement, the defendants are banned from selling business coaching services and work-at-home opportunities, subject to certain exemptions. They are permanently prohibited from misrepresenting material facts about any product or service, selling or otherwise benefitting from consumers’ personal information and violating the Telemarketing Sales Rule, which established the federal Do Not Call Registry and which prohibits abusive and deceptive telemarketing acts. They must also clearly disclose the seller’s identity, that the purpose of a call is to sell a good or service, and the nature of the good or service.

The settlement includes judgments against three of the former company’s executives. The order against Edward B. Johnson, the company founder, bans him from selling credit development, business planning, and merchant account processing services. He is personally required to pay $2.6 million. The assets to be turned over include bank and brokerage accounts, and proceeds from the sale of real and personal property. Brendon A. Pack, the former director of marketing at The Tax Club, and Michael M. Savage, the former president of The Tax Club, are required to jointly pay $13 million. They are banned from selling business coaching services, credit development services and work-at-home opportunities and are prohibited from calling consumers unless they have express written consent from a consumer to receive calls, or they are fulfilling or providing services previously purchased by the consumer.

In New York, Investigators Robin Womack and Mike Ward assisted with this investigation. The case was handled by Assistant Attorney General Judy S. Prosper, Guy H. Mitchell, Assistant Attorney General in Charge of the Harlem Regional Office, and Jane Azia, Bureau Chief of the Attorney General’s Consumer Frauds Bureau. Marty Mack is the Executive Deputy Attorney General for Regional Offices. Karla G. Sanchez is the Executive Deputy Attorney General for Economic Justice.

View Source

China has the world’s most powerful supercomputer for the third time in a row as the country once again ups its presence in the global top 500.

Tianhe-2 was top of the twice-yearly list that keeps tabs on supercomputer development and growth.

Since the last list, China had 20% more supercomputers in the top 500, while US representation went down 15%.

However, the US still dominates the chart with 233 computers making the latest tally.

China had 76, up from 63 in the last count. This is almost as many as the UK (30), France (27) and Germany (23) combined.

The full list will be published on Monday at a conference in Leipzig, Germany.

Power

The top500 list is a widely-recognised barometer of the state of worldwide supercomputing. It has been published twice yearly since 1993.

All the computers are measured against the same criteria – a benchmark first devised in 1979 but since improved as computing has become ever more sophisticated.

Such is the immense power of the supercomputers, their computational ability is measured in petaflop/s – quadrillions of calculations per second.

The top performing computer, Tianhe-2, had its power measured at 33.86 petaflop/s (quadrillions of calculations per second). It has been just five years since IBM’s Roadrunner became the first computer to break the 1 petaflop/s mark. That machine was shut down in 2013 due to excessive power consumption.

The entire top 500 list of supercomputers combined offered 274 petaflop/s.

Tianhe-2 is owned by the Chinese government and operated by the National University of Defence Technology. It is used as a “research and educational” tool.


View Source

Google and Microsoft will add a “kill-switch” feature to their Android and Windows phone operating systems.

The feature is a method of making a handset completely useless if it is stolen, rendering a theft pointless.

Authorities have been urging tech firms to take steps to help curb phone theft and argued that a kill-switch feature can help resolve the problem.

Apple and Samsung, two of the biggest phone makers, offer a similar feature on some of their devices.

The move by Google and Microsoft means that kill switches will now be a part of the three most popular phone operating systems in the world.

Growing problem

Smartphone theft has become a big problem across the world. According to a report by US authorities:

Some 3.1 million mobile devices were stolen in the US in 2013, nearly double the number of devices stolen in 2012

One in three Europeans experienced the theft or loss of a mobile device in 2013

In South Korea mobile device theft increased five-fold between 2009 and 2012

In Colombia criminals stole over one million devices in 2013

In an attempt to tackle the issue, policymakers have launched an initiative called Secure our Smartphones.

As part of it, they have urged technology firms to take steps to make it less attractive for robbers to steal mobile devices.

“An activated kill switch converts an easy-to-sell, high-value multimedia device into a jumble of plastic and glass, drastically reducing its street value,” the report by New York Attorney General said.

Explainer: How a kill switch works

A “hard” kill switch would render a stolen device permanently unusable and is favoured by legislators who want to give stolen devices the “value of a paperweight”

A “soft” kill switch only make a phone unusable to “an unauthorised user”

Some argue that the only way to permanently disable a phone is to physically damage it

Experts worry that hackers could find a way to hijack a kill signal and turn off phones

If a phone is turned off or put into aeroplane mode, it might not receive the kill signal at all, warn experts

Read More

Computerworld – A Missouri escrow firm that lost $440,000 in a 2010 cyberheist cannot hold its bank responsible, an appeals court ruled this week.

The Court of Appeals for the Eighth Circuit’s decision this month affirmed a lower court ruling in the case.

The appeals court also held that the escrow firm can be held responsible for the bank’s attorney fees in the case.

In a 25-page ruling, the appeals courts agreed with a Missouri district court ruling in March 2013 that blamed Choice Escrow and Title LLC for the loss because it failed to follow the bank’s recommended security precautions.

Choice Escrow filed the lawsuit against BancorpSouth Bank in November 2010 after unknown attackers stole the username and password to the company’s online bank account and used the credentials to transfer $440,000 to an account in Cyprus.

Choice Escrow claimed that the theft occurred because the bank failed to implement commercially reasonable security measures as defined in the Funds Transfer Act provisions of the Uniform Commercial Code (UCC). Choice Escrow maintained that BancorpSouth should have known the wire transfer request was fraudulent because it was initiated from outside the U.S — something that had never happened before with its account.

BancorpSouth countered by saying that the loss resulted from Choice Escrow’s failure to implement the bank’s recommended security precautions for wire transfers.

The bank pointed to several controls it had in place for wire transfers. The bank said it had urged Choice Escrow to use the controls. For instance, the bank said it requested that Choice Escrow adopt a dual-control process that would rquire two people to sign all wire transfer requests. BancorpSouth also asked officials at Choice Escrow to put an upper limit on wire transfers.

Choice Escrow chose not to follow either recommendation, the bank said.

BankcorpSouth noted that the fraudulent wire transfer was initiated by someone using Choice Escrow’s legitimate banking credentials and a computer that appeared to belong to the company. The bank claimed it had acted in good faith when it executed the wire transfer request because there was nothing to indicate it was fraudulent.

The Missouri district court agreed that BankcorpSouth had taken reasonable measures to protect against illegal wire transfers, and faulted Choice Escrow for not following the bank’s recommendations. The court ruled the fraud may not have occurred if the company had followed the instructions.

The appeals court’s ruling went one step further by holding that BancorpSouth can seek to recover it’s attorney’s fees from Choice Escrow.

Choice Escrow is one of numerous companies, municipal governments and school districts that have been victimized by similar online heists in recent years.

Read More

BodyGuard stun-glove leaps out of comic books

What’s better than a seasoned crime fighter? How about a seasoned crime fighter packing a 300,000-volt punch? A new prototype stun-glove is poised to make such Robocop-inspired dreams a reality, integrating a non-lethal taser, LED flashlight, and laser guided video camera into a fetching piece of futuristic armor. Activated by pulling out a grenade-like pin and palming an embedded finger pad, the Armstar BodyGuard 9XI-HD01 sparks a loud and visible arc of electricity between its wrist-mounted taser spikes, a sight that inventor David Brown hopes will encourage would-be crooks to surrender.

The gauntlet’s hard plastic shell is even roomy enough to add GPS equipment, biometrics, chemical sensors, or other embedded additions, as needed. The first batch of pre-production superhero gloves will hit the streets of LA later this year for testing and evaluation. Need more? Check out the via to see Kevin Costner (what field of dreams did he walk out of?) take the edge off this shocker in a surprisingly dull video.

View Source

The decoy waited behind closed doors for a crowd to emerge from Tampa International Airport’s airside shuttle. Taking up a backpack and carrying a water bottle, he melded with the crowd heading toward security screening.

In the long, winding maze leading toward the checkpoint, John Forbes, a Transportation Security Administration employee, made his way toward the X-ray machines.

Up ahead, Explosives Detection K-9 Handler Brandy Smith walked Guiness down the rows, against the crowd.

The demure 40-pound Labrador mix eyeballed passengers lugging carry-­on bags and purses, occasionally sniffing.

The moment Forbes walked past, Guiness alerted, lunging toward the training decoy, then sitting next to his suspect. No aggression, no panic, no barking. His immediate paycheck: a few moments tugging at a squeaky toy.

Guiness is one of four explosives-detection dogs at Tampa International to screen passengers as they make their way toward the security checkpoint. About 100 screening dogs work for TSA throughout the country.

Passengers who get a casual sniff are sometimes fast-tracked through security using the TSA’s new precheck line, skipping the removal of jackets, shoes and laptops.

“That sniff deems them low risk” and allows security personnel to keep the line moving faster, said TSA spokesman Mark Howell.

Charles Cloyd, TSA K-9 supervisor and a onetime handler, said: “Right now, we are using them at the larger, busier airports. They are deployed based on risk.

“These dogs are excellent,” Cloyd said. “Their capabilities exceed electronic detection, and their mobility is another advantage.”

The dogs are carefully vetted before going through training, which takes place at Lackland Air Force Base in San Antonio.

If a dog shows signs of aggression or a lack of drive, it’s out.

The dogs are medium-sized so passengers don’t perceive them as intimidating, Cloyd said.

“People like them and tend to feel safer knowing they are sniffing their fellow passengers,” he said.

“These dogs can detect parts per trillion of explosives,” Cloyd said.

And it’s not just actual explosives, but also components of explosives, Cloyd said.

The dogs are trained specifically for this task, not for subduing other criminals or tracking down drugs. But they may detect someone with marijuana if it carries the scent of fertilizer, a potential bomb-making compound.

Read More