Los Angeles to Screen Transit Passengers With Body Scanners

Los Angeles CA Aug 15 2018 Los Angeles’s transit agency said Tuesday that it would become the first in the nation to screen its passengers with body scanners as they enter the public transit system — a bold effort to keep riders safer from terrorism and other evolving threats.

But officials said that riders need not worry that their morning commute would turn into the sort of security nightmare often found at airports or even sporting events. In a statement released Tuesday, transit officials said the portable screening devices they plan to deploy later this year will “quickly and unobtrusively” screen riders without forcing them to line up or stop walking.

“We’re looking specifically for weapons that have the ability to cause a mass casualty event,” Alex Wiggins, the chief security and law enforcement officer for the Los Angeles County Metropolitan Transportation Authority, said Tuesday, according to The Associated Press. “We’re looking for explosive vests, we’re looking for assault rifles. We’re not necessarily looking for smaller weapons that don’t have the ability to inflict mass casualties.”

The devices themselves resemble the sort of black laminate cases that musicians lug around on tour — not upright metal detectors. Dave Sotero, a spokesman for Metro, said the machines, which are on wheels, can detect suspicious items from 30 feet away and can scan more than 2,000 passengers per hour. The units can be pointed in the direction of riders as they come down an escalator or into a station.

“Most people won’t even know they’re being scanned, so there’s no risk of them missing their train service on a daily basis,” he said.

Mr. Sotero said the agency had purchased several of the units for about $100,000 each, but he would not specify exactly how many. He said that the authorities still needed to be trained on how to use the technology.

The county’s metro system has one of the largest riderships in the country, with 93 rail stations alone — and it is set to expand. Mr. Sotero said the new scanning units would be mostly deployed at random stations, but would certainly be used at major transit hubs and in places were large crowds are expected for marches, races and other events.

“There won’t be a deployment pattern that will be predictable,” he said. “They will go where they’re needed.”

Read More

Smartphone Fingerprint Scanner Gets a Heat-Sensing Upgrade

Fingerprint sensors—once a rarity—are now fairly common on smartphones. South Korean researchers have now given the fingerprint scanner an upgrade.

This new scanner is a clear sensory array, meaning that it could be hidden underneath the display rather than accessed as a button. It can also check the temperature of the fingerprint pressing into it to add an extra layer of security, CNET reports.

So why would your phone need to detect your temperature? It’s not for your health. Instead, it helps ensure that someone else isn’t using a fake hand or some other form of artificial fingerprints to get access to your phone.

Researchers from the Samsung Display-UNIST Center at Ulsan National Institute of Science and Technology in South Korea published an article on Tuesday detailing how they developed the sensor.

“This fingerprint sensor array can be integrated with all transparent forms of tactile pressure sensors and skin temperature sensors, to enable the detection of a finger pressing on the display,” the researchers wrote.

The researchers also confirmed that the sensor does this at a resolution that satisfies the FBI’s criteria for extracting fingerprint patterns.

View Source

Congress votes to wipe out landmark internet privacy protections

Congress sent proposed legislation to President Donald Trump on Tuesday that wipes away landmark online privacy protections, the first salvo in what is likely to become a significant reworking of the rules governing internet access in an era of Republican dominance.

In a party-line vote, House Republicans freed internet service providers such as Verizon, AT&T and Comcast of protections approved just last year that had sought to limit what companies could do with information such as customer browsing habits, app usage history, location data and Social Security numbers. The rules had also required providers to strengthen safeguards for customer data against hackers and thieves.

The Senate has already voted to nullify those measures, which were set to take effect at the end of this year. If Trump signs the legislation, as expected, providers will be able to monitor their customers’ behavior online and, without their permission, use their personal and financial information to sell highly targeted ads — making them rivals to Google and Facebook in the $83 billion online advertising market.

The providers could also sell their users’ information directly to marketers, financial firms and other companies that mine personal data — all of whom could use the data without consumers’ consent. In addition, the Federal Communications Commission, which initially drafted the protections, will be forbidden from issuing similar rules in the future.

Search engines and streaming video sites already collect usage data on consumers. But consumer activists claim that internet providers may know much more about a person’s activities because they can see all of the sites a customer visits.

And while consumers can easily abandon sites whose privacy practices they don’t agree with, it is far more difficult to choose a different internet provider, the activists said. Many Americans have a choice of only one or two broadband companies in their area, according to federal statistics.

Advocates for tough privacy protections online called Tuesday’s vote “a tremendous setback for America.”

“Today’s vote means that Americans will never be safe online from having their most personal details stealthily scrutinized and sold to the highest bidder,” said Jeffrey Chester, executive director of the Center for Digital Democracy.

Read More

Apple patent envisions tracking people in real time

Apple’s current Find My Friends feature could one day expand into more of a Track My Friends feature.

Granted to Apple on Tuesday by the US Patent and Trademark Office, a patent called “Sharing location information among devices” describes a procss that would let you view a visual representation of the path taken by another person using a mobile device as a way of following that person’s entire journey.

For example, someone is going for a hike or a trip and wants you to stay informed of his or her whereabouts. That person would enable a feature on a mobile device to allow you to see and track in real time the path being taken on your own mobile device or computer. On the flip side, you could also share your route so the two of you can stay abreast of each other’s ongoing location.

Apple already offers a feature called Find My Friends, which lets you find the specific location of another person via his or her iPhone or iPad. But Find My Friends is geared more toward pointing you to a specific spot, whereas Apple’s patented invention allows for path tracking, or following several points along a specific route.

As described in the patent, your respective devices could also share mapping directions so that you and your friend would be able to easily find each other via your mobile devices. Even further, your devices could tap into a “mirroring” mode that would replicate the view seen on each other’s respective devices.

The system would rely on GPS for navigation purposes but could enable communication between the devices via a cellular network, Wi-Fi or Bluetooth. Assuming both you and your friend had a sufficient signal, cellular would obviously be the most efficient technology as it would allow for the greatest distance between the two of you.

Read More

The Pentagon is looking to hire 3,000 infosec pros

The US Department of Defense has gotten permission and is aiming to hire 3,000 infosec professionals to work at the US Cyber Command by the end of this year, and is set to make the majority of the members of its Cyber Mission Force (CMF) achieve at least initial operational capability by the end of the 2016 Fiscal Year.

According to Aliya Sternstein, salaries start at $42,399 and can eventually rise to over triple that amount ($132,122).

The good news for potential employees is that the DoD doesn’t have to evaluate the applicants by traditional competitive criteria – to gain employment with the CMF, the applicants will have to demonstrate unique cybersecurity skills and knowledge.

The US Cyber Command was instituted in 2010, and was tasked with protecting the Department of Defense’s information networks and critical infrastructure, as well as to carry out cyber attacks against adversaries.

“USCYBERCOM confronted serious challenges from the outset. DoD networks had been planned and initially constructed decades earlier in an environment in which redundancy, resiliency, and defensibility were not always primary design characteristics,” Admiral Mike Rogers, the Head of the Cyber Command, shared with the members of the US House committee on Armed Service’s Subcommittee on Emerging Threats and Capabilities.

“Operators in USCYBERCOM, not surprisingly, could not even see all of our networks, let alone monitor all the traffic coming into and out of them from the Internet. Our people were and are professionals, so that issue was rapidly engaged, but nonetheless the sheer volume of work involved in starting a new, subunified command was substantial.”

“The bad news was that USCYBERCOM was built from the ground up by cutting manning to the bone, initially sacrificing vital support functions and institutional infrastructure to build mission capabilities as fast as possible,” he noted, and announced that things are slowly changing.

Read More

Protecting your privacy on the phone

Tapping phone lines and recording conversations is a classic spy technique, but it can be easy to protect yourself from these actions with a few simple gadgets and security practices. Make sure you are being proactive about your privacy and protecting your phone calls from unwarranted or illegal recording.

There are a few ways to protect your privacy on the phone. Whether the person on the other end is recording the call or you think your own line has been tampered with, make sure you’re taking the right steps toward eliminating these threats and having private conversations in peace.

Bug sweep – Bugging a room or phone is a key way to record or spy on conversations. Getting a Multi-Functional All Purpose All-in-One Sweep Unit can help you find and disable audio recording devices in your phone, as well as hidden cameras and other spying devices.

Tap detection – For increased protection from phone tapping, you can install a Super Tap Buster on your phone line. This tool will constantly monitor line voltage and detect changes that indicate a phone tap. This will further protect you from taps installed outside your home, and can remotely disable bugs, while alerting you to secondary listening devices on a line – such as when a second line is picked up and muted during a call to listen in.

Voice changer – If you’re trying to keep your identify a secret during a phone call, a Telephone Voice Transformer is the best way to go. This device will alter the pitch and tone of your voice to mask it and keep your identify a secret – an excellent way to prevent a phone tap from gathering too much information.

View Source

FBI boss ‘concerned’ by smartphone encryption plans

Plans by Apple and Google to do more to protect customers’ privacy have made the FBI “very concerned”.

Speaking to reporters, FBI boss James Comey said the plans to enable encryption by default could thwart law enforcement investigations.

Lives could depend on police forces continuing to get access to the data on devices used by criminals and terrorists, he said.

The FBI was talking to both Apple and Google about its fears, said Mr Comey.

Protect privacy
The conversations with tech firms needed to be had before the day when police forces lost access to those devices, he said.

“I’d hate to have people look at me and say, ‘Well how come you can’t save this kid?’ ‘How come you can’t do this thing?’” said Mr Comey in a briefing.

His comments came in reaction to a decision by Apple to enable a file encryption system on its iOS 8 software for which it has no keys. This means it would not be able to comply with any official request to help police get at the data on those devices.

Google has said it too is planning to enable a similar encryption system by default on the next version of Android.

Mr Comey said he was “very concerned” about these plans because of what they would allow people to do.

“What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law,” he said.

“I am a huge believer in the rule of law, but I am also a believer that no-one in this country is beyond the law,” he added.

Apple and Google have yet to respond to Mr Comey’s comments.

Ten days prior to Mr Comey’s press statement, iOS data forensics expert Jonathan Zdziarski pointed out that Apple’s encryption system would not stop police getting at data on portable devices.

Specifically weakening security systems just to aid the police was a bad decision, he said.

“For the sake of privacy and overall security, the only logical solution is to make products as secure as possible, and let good detective work do the crime solving, rather than an easy button,” he wrote in a blogpost.

View Source

Google Just Bought a Company That Snoops on Your Chats

Google just bought another online communications channel it can fill with ads.

The tech giant confirms it has acquired Emu, a startup that offers a kind of instant messaging tool. The price was not disclosed, but Google’s interest in the company isn’t hard to divine: Emu has built a system that can monitor chats, infer what people are talking about, and insert relevant links—including ads.

Emu, which has been subsisting for two-and-a-half years on venture funding, doesn’t insert such ads today. Instead, it uses its monitoring tools to identify certain other information that might be helpful to you. For example, if you’re chatting on the Emu service and the other person types something about getting lunch, Emu might suggest nearby restaurants or show the mid-day schedule from your calendar. But it’s a very short leap from such information to commercial promotion. A nearby cafe might pay for ad to appear every time the word “coffee” comes up in your chat.

The Emu buy is part of a much larger trend to monitor and thus profit from new chunks of people’s lives. Foursquare just rolled out a new version that, by default, tracks your movements continuously, negating the need for a “check in” button. Google, meanwhile, isn’t just interested in chats; the company has said that it may eventually show ads on internet-connected home devices, such as thermostats.

A NEARBY CAFE MIGHT PAY FOR AD TO APPEAR EVERY TIME THE WORD “COFFEE” COMES UP IN YOUR CHAT.

Emu fills a growing hole in Google’s ad offerings. Google mines search terms and emails for advertising purposes, but not yet chats. As people shift their computing to smartphones and other mobile devices, chatting—short, immediate, and part of phone culture for decades—has become more popular.

Read More

Phone texts don’t die: they hide

The computer forensics expert who recovered the text messages that brought down parliamentary Speaker Peter Slipper has warned that any messages or files you think you have deleted from your smartphone are still there if someone really wants to find them.

The national head of the IT forensics practice at corporate advisory firm PPB Advisory, Rod McKemmish, was brought in by the legal team of Mr Slipper’s former staffer James Ashby, as some of the messages he had received from the former speaker had been deleted.

He was able to use an automated forensic process to bring the messages back from the dead.

“The delete button on the phone should really be called the ‘hide’ button, because the data is still there, you just can’t see it,” Mr McKemmish said. “In the forensic process we can bring it all back.”

While most politicians and business people are unlikely to be communicating about the sort of topics that brought down Mr Slipper, many might rethink the privacy of their communications.

With soaring levels of smartphone penetration in Australia, it is fair to assume that a significant amount of sensitive discussions take place via SMS.

Mr McKemmish said his skills were increasingly being called upon to investigate corporate cases, where firms were concerned about confidential information residing on the phones of staff leaving. Most phones have a “factory reset feature”, which is supposed to revert the phone to the state when it was first used, but it’s insufficient.

IBRS technology analyst James Turner said businesses needed to be more alert to the permanent nature of digital communication, as more important conversations were handled by SMS and email.

“This can be share price-impacting information, because deals can be made via an SMS that are worth a lot of money,” he said. “The audit trail is all important when it comes to being able to report that due process has been followed, so i f people are using electronic communications, then they must expect that there is a record.”

Not all communication via SMS or email is related to big deals of course. Much could be slotted into the files marked “harmless banter” or “office gossiping”. Common stuff, but not necessarily words that people want to be accessible once the messages have been deleted.

Unfortunately for regular texters,cA computer forensics expert and adjunct professor at Queensland University of Technology, Bradley Schatz, says smartphones were designed to hold on to data as a guard against accidental loss.

He says there are a number of factors that will govern how long a message exists on a phone after it has supposedly been deleted, but a basic guide is that it will remain somewhere on the phone until all available space for new data has been exhausted.

“The memory inside many of these small-scale digital devices is called flash memory, which is the same kind of memory that you would find in a USB key,” Schatz said.

Read More

Comcast is turning your home router into a public Wi-Fi hotspot

If you’re a Comcast cable customer, your home’s private Wi-Fi router is being turned into a public hotspot.

It’s been one year since Comcast (CMCSA) started its monster project to blanket residential and commercial areas with continuous Wi-Fi coverage. Imagine waves of wireless Internet emitting from every home, business and public waiting area.

Comcast has been swapping out customers’ old routers with new ones capable of doubling as public hotspots. So far, the company has turned 3 million home devices into public ones. By year’s end it plans to activate that feature on the other 5 million already installed.

Anyone with an Xfinity account can register their devices (laptop, tablet, phone) and the public network will always keep them registered — at a friend’s home, coffee shop or bus stop. No more asking for your cousin’s Wi-Fi network password.

But what about privacy? It seems like Comcast did this the right way.t’s potentially creepy and annoying. But the upside is Internet everywhere.

Outsiders never get access to your private, password-protected home network. Each box has two separate antennae, Comcast explained. That means criminals can’t jump from the public channel into your network and spy on you.

And don’t expect every passing stranger to get access. The Wi-Fi signal is no stronger than it is now, so anyone camped in your front yard will have a difficult time tapping into the public network. This system was meant for guests at home, not on the street.

As for strangers tapping your router for illegal activity: Comcast said you’ll be guilt-free if the FBI comes knocking. Anyone hooking up to the “Xfinity Wi-Fi” public network must sign in with their own traceable, Comcast customer credentials.

Still, no system is foolproof, and this could be unnecessary exposure to potential harm. Craig Young, a computer security researcher at Tripwire, has tested the top 50 routers on the market right now. He found that two-thirds of them have serious weaknesses. If a hacker finds one in this Comcast box, all bets are off.

“If you’re opening up another access point, it increases the likelihood that someone can tamper with your router,” he said.

Read More