Hackers Release Files Indicating NSA Monitored Global Bank Transfers

Hackers released documents and files Friday that cybersecurity experts said indicated the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.

The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.

The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.

The NSA could not immediately be reached for comment.

 

Holes in Windows

Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said.

In a statement to Reuters, Microsoft, maker of Windows, said it had not been warned by any part of the U.S. government that such files existed or had been stolen.

“Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” the company said.

The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama’s staff, companies were usually warned about dangerous flaws.

Bangladesh heist

Shook said criminal hackers could use the information released Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.

“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.

The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by hackers Friday.

SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.

“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.

SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorization.

It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the NSA.

When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.

NSA and SWIFT

The documents released by the Shadow Brokers on Friday indicate that the NSA may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients and may send or receive messages regarding money transfers on their behalf.

“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.

“That’s information you can only get if you compromise the system,” he said.

Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by the Shadow Brokers show “the NSA has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups.”

Thwarting terrorists

Since the early 1990s, interrupting the flow of money from Saudi Arabia, the United Arab Emirates and elsewhere to al-Qaida, the Taliban, and other militant Islamic groups in Afghanistan, Pakistan and other countries has been a major objective of U.S. and allied intelligence agencies.

Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the “NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more.”

He added that NSA “completely hacked” EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers.

Reuters could not independently confirm that EastNets had been hacked. And EastNets, based in Dubai, denied it had been hacked in a statement, calling the assertion “totally false and unfounded.” 

EastNets ran a “complete check of its servers and found no hacker compromise or any vulnerabilities,” according to a statement from EastNets’ chief executive and founder, Hazem Mulhim.

Snowden documents

In 2013, documents released by former NSA contractor Edward Snowden said the NSA had been able to monitor SWIFT messages.

The agency monitored the system to spot payments intended to finance crimes, according to the documents released by Snowden.

Reuters could not confirm whether the documents released Friday by the Shadow Brokers, if authentic, were related to NSA monitoring of SWIFT transfers since 2013.

Some of the documents released by the Shadow Brokers were dated 2013, but others were not dated. The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages.

your ad here

The iPhone of Cars? Apple Enters Self-driving Car Race

Apple is joining the fiercely competitive race to design self-driving cars, raising the possibility that a company that has already re-shaped culture with its iPhone may try to transform transportation, too.

 

Ending years of speculation, Apple’s late entry into a crowded field was made official Friday with the disclosure that the California Department of Motor Vehicles had awarded a permit for the company to start testing its self-driving car technology on public roads in the state.

 

The permit covers three vehicles — all 2015 Lexus RX 450h hybrid SUVs — and six individual drivers. California law requires people to be in a self-driving car who can take control if something goes wrong.

 

Apple Goes Mobile … In a New Way

 

Apple confirmed its arrival in the self-driving car market, but wouldn’t discuss its intentions. Its interest in autonomous vehicle technology, however, has long been clear .

 

The Cupertino, California, company pointed to a statement that it issued in December. “Apple is investing heavily in machine learning and autonomous systems,” the company said then. “There are many potential applications for these technologies, including the future of transportation.”

 

Apple released that statement after Steve Kenner, a former Ford Motor executive who is now Apple’s director of product integrity, notified federal regulators of the company’s interest in self-driving cars in a letter.

 

Like others, Apple believes self-driving cars could ease congestion and save millions of people who die annually in traffic accidents often caused by drunk or distracted motorists.

 

Self-driving cars could also be a lucrative new market. And Apple has been searching for its next act for a while, one that will take it beyond its mainstay phones, tablets and personal computers.

 

A Next Big Thing

 

Although iPhone’s ongoing popularity has helped Apple remain the world’s most valuable company, the company hasn’t had a breakthrough product since the 2010 debut of the iPad, currently in the throes of a three-year sales slump. The dry spell has raised doubts as to whether Apple lost some of its trend-setting magic with the death of co-founder Steve Jobs in 2011.

 

Apple will be vying against 29 other companies that already have California permits to test self-driving cars. The list includes major automakers, including Ford, General Motors, BMW, Volkswagen and Tesla, as well as one of its biggest rivals in technology, Google, whose testing of self-driving cars has been spun off into an affiliate called Waymo.

 

Since Google began its work on self-driving vehicles eight years ago, Waymo’s fleet of self-driving cars has logged more than 2 million miles on the road.

 

That means Apple has a long way to catch up in self-driving technology. But it has often been a follower in markets that it eventually revolutionized. It wasn’t the first to introduce a digital music player, smartphone, or tablet before its iPod, iPhone and iPad came out.

 

Deep Pockets

 

With $246 billion in cash, Apple also could easily afford to buy technology that accelerates its development of self-driving cars. There has been recurring speculation that Apple might eventually acquire Tesla, which has a market value of about $50 billion. Neither Apple nor Tesla has given any inkling that they’re interested in joining forces, though.

 

Speculation about Apple’s interest in expanding into automobiles began swirling in 2015 amid media reports that the company had begun secretly working on building its own electric car under the name project “Titan.” Apple never confirmed the existence of Titan, which is now believed to be dead.

your ad here

Meet the Rival to the ‘Mother of All Bombs’

The so-called “Mother of All Bombs,” may be the biggest conventional weapon in the U.S. arsenal, but it’s not the biggest non-nuclear bomb in the world.

That title goes to Russia’s “Father of All Bombs,” which is reportedly four times heavier than the 10,300-kilogram Massive Ordnance Air Blast (MOAB), the official name of the U.S. GBU-43/B.

FOAB is also quite a different kind of bomb. While the MOAB is conventional, the FOAB is thermobaric, meaning it uses oxygen in the atmosphere to increase the damaging effects.

According to Business Insider, the FOAB explodes in midair with a “fuel-air mixture” that, according to the U.S. Defense Intelligence Agency, creates an intense “pressure wave” as well as a vacuum that “ruptures the lungs.”

Even if the fuel does not ignite, it’s highly toxic and likely deadly to anyone coming into contact with it, the DIA wrote.

The blast radius of the FOAB is around 300 meters, with an explosion equivalent to 44 tons of TNT, Reuters reported.

On Thursday, the U.S. military used its MOAB for the first time on the battlefield, dropping it on tunnels in Afghanistan that were reportedly used by Islamic State terrorists.

your ad here

CIA Director Defends Secrecy of Intelligence Work

CIA Director Mike Pompeo defended the need for secrecy in United States government agencies tasked with keeping the country safe. In a public discussion Thursday, he warned against celebrating individuals who steal U.S. classified documents and make them public, like Edward Snowden and Julian Assange. Pompeo said Americans should realize these “whistleblowers” act in their own interest and sometimes in the interest of a hostile country. Zlatica Hoke reports.

your ad here

Tesla Set to Unveil Electric Semi-truck in September

Tesla CEO Elon Musk says the company plans to unveil an electric semi-truck in September.

 

Musk tweeted the announcement Thursday. He offered no other details about the semi, such as whether it will be equipped with Tesla’s partially self-driving Autopilot mode.

 

Musk also said the company plans to unveil a pickup truck in 18 to 24 months.

 

Tesla currently sells two electric vehicles, the Model S sedan and Model X SUV. Its lower-cost Model 3 electric car is due out by the end of this year.

 

But Musk revealed last summer that the Palo Alto, California-based company is working on several more vehicles, including the semi and a minibus.

 

Tesla shares rose nearly 3 percent in late trading Thursday in response to Musk’s tweet.

your ad here

Microsoft: US Foreign Intel Surveillance Requests More Than Doubled

Microsoft Corp said on Thursday it had received at least a thousand surveillance requests from the U.S. government that sought user content for foreign intelligence purposes during the first half of 2016.

The amount, shared in Microsoft’s biannual transparency report, was more than double what the company said it received under the Foreign Intelligence Surveillance Act (FISA) during the preceding six-month interval, and was the highest the company has listed since 2011, when it began tracking such government surveillance orders.

The scope of spying authority granted to U.S. intelligence agencies under FISA has come under renewed scrutiny in recent weeks, sparked in part by evolving, unsubstantiated assertions from President Donald Trump and other Republicans that the Obama White House improperly spied on Trump and his associates.

Microsoft said it received between 1,000 and 1,499 FISA orders for user content between January and June of 2016, compared to between 0 and 499 during both January-June 2015 as well as the second half of 2015.

The number of user accounts impacted by FISA orders fell during the same period, however, from between 17,500 and 17,999 to between 12,000 and 12,499, according to the report.

The U.S. government only allows companies to report the volume of FISA requests in wide bands rather than specific numbers.

FISA orders, which are approved by judges who sit on the Foreign Intelligence Surveillance Court, are tightly guarded national security secrets. Even the existence of a specific FISA order is rarely disclosed publicly.

The Washington Post reported on Tuesday that the FBI obtained a FISA order to monitor the communications of former Trump advisor Carter Page as part of an investigation into possible links between Russia and Trump’s presidential campaign.

Parts of FISA will expire at the end of the year, unless U.S. lawmakers vote to reauthorize it. Privacy advocates in Congress have been working to attach new transparency and oversight reforms to any FISA legislation, and to limit government searches of American data that is incidentally collected during foreign surveillance operations.

Microsoft also for the first time published a national security letter, a type of warrantless surveillance order used by the FBI.

Other technology companies, including Twitter Inc and Yahoo Inc, have also disclosed national security letters in recent months under a transparency measure of the USA Freedom Act that was enacted into law by the U.S. Congress in 2015.

your ad here

Facebook Cracks Down on 30,000 Fake Accounts in France

Facebook said on Thursday it is taking action against tens of thousands of fake accounts in France as the social network giant seeks to demonstrate it is doing more to halt the spread of spam as well as fake news, hoaxes and misinformation.

The Silicon Valley-based company is under intense pressure as governments across Europe threaten new laws unless Facebook moves quickly to remove extremist propaganda or other content illegal under existing regulation  

Social media sites including Twitter, Google’s YouTube and Facebook also are under scrutiny for their potential to be used to manipulate voters in national elections set to take place in France and Germany in coming months.

In a blog post, Facebook said it was taking action against 30,000 fake accounts in France, deleting them in some, but not all, cases. It said its priority was to remove fake accounts with high volumes of posting activity and the biggest audiences.

“We’ve made improvements to recognize these inauthentic accounts more easily by identifying patterns of activity — without assessing the content itself,” Shabnam Shaik, a Facebook security team manager, wrote in an official blog post.

For example, the company said it is using automated detection to identify repeated posting of the same content or an increase in messages sent by such profiles.

Also on Thursday, Facebook took out full-page ads in Germany’s best-selling newspapers to educate readers on how to spot fake news.

In April, the German cabinet approved proposed new laws to force social networks to play a greater role in combating online hate speech or face fines of up to 50 million euros ($53 million).  

These actions by Facebook follow moves the company has taken in recent months to make it easier for users to report potential fraud amid criticism of the social network’s role in the spread of hoaxes and fake news during the U.S. presidential elections.

It has also begun working with outside fact-checking organizations to flag stories with disputed content, and removed financial incentives that help spammers to cash in by generating advertising revenue from clicks on false news stories.

 

your ad here

Aspiring Tech Prodigy Tries to Re-route Self-driving Cars

Austin Russell, now 22, was barely old enough to drive when he set out to create a safer navigation system for robot-controlled cars. His ambitions are about to be tested.

 

Five years ago, Russell co-founded Luminar Technologies, a Silicon Valley startup trying to steer the rapidly expanding self-driving car industry in a new direction. Luminar kept its work closely guarded until Thursday, when the startup revealed the first details about a product Russell is touting as a far more powerful form of “lidar,” a key sensing technology used in autonomous vehicles designed by Google, Uber and major automakers.

 

Lidar systems work by bouncing lasers off nearby objects and measuring the reflections to build up a detailed 3-D picture of the surrounding environment. The technology is similar to radar, which uses radio waves instead of lasers.

 

Russell says Luminar’s version, consisting of its own patented hardware and software, will provide 50 times more resolution and 10 times the range of current lidar systems. Those improvements, he said, will enable self-driving cars to be sold on the mass market more quickly.

 

Thiel backbone

 

During an interview in an empty warehouse on a San Francisco pier where Luminar has been testing its lidar, Russell wasn’t shy about making big claims for its technology. “When you see your vehicle is powered by Luminar, you will know you will be safer,” he said. “We need to get to the point where humans don’t have to constantly baby-sit and take control” of autonomous cars.

 

If Luminar’s lidar lives up to its promise, some of the world’s biggest technology and auto companies may have been upstaged by a precocious entrepreneur who says he memorized all the periodic table of the elements when he was 2 years old. By the time he turned 11, Russell says he was tinkering with supercomputers.

 

Like another technology prodigy — Facebook co-founder Mark Zuckerberg — Russell won the early support of PayPal co-founder Peter Thiel, who became a billionaire after investing $500,000 in Facebook during the company’s infancy.

 

One of Luminar’s early investors is a venture capital firm backed by Thiel and eBay founder Pierre Omidyar. Russell also dropped out of Stanford University after just three months when he won a Thiel fellowship, which pays students $100,000 to work on promising ideas instead of pursuing a degree.

 

Cost or safety?

 

Also like Zuckerberg, Russell is CEO of his company. Most of Luminar’s roughly 150 employees are older than him, including his former mentor in photonics, 45-year-old Jason Eichenholz, now the company’s chief technology officer. Russell’s father, a former commercial real estate specialist, is the company’s chief financial officer.

 

Now Russell will have to prove he has indeed invented something revolutionary.

 

While lidar is a key component in self-driving clears, some believe Luminar may be working on the wrong problem. The big issue for lidar systems these days is cost, not safety, said Alex Lidow, CEO of Efficient Power Conversion, which supplies chips for lidar. The systems currently cost thousands of dollars apiece.

 

“You don’t need the resolution that would allow a car to stop before a bug hits its windshield,” Lidow said. “The question comes down to, what is the exact right amount of information for the car to make exactly the right decision all the time?”

 

Luminar plans to being manufacturing 10,000 lidar units at a 50,000-square-foot plant in Orlando, Florida, this year. Russell won’t disclose what they’ll cost. About 100 of the lidar systems will be tested by four makers of autonomous cars that Luminar isn’t identifying. The partners include technology companies and automakers, Russell said.

 

The lidar landscape

 

Luminar will be competing against other lidar suppliers such as Velodyne and Quanergy Systems, which have each raised $150 million so far. Velodyne’s backers include Ford Motor, which invested $75 million last summer .

 

By comparison, Luminar has raised $36 million, some of which has been used to set up its headquarters on a former Silicon Valley ranch that used to be home for a collection of vintage military tanks.

 

Waymo, a company spun off from Google’s early work on self-driving cars, also looms as an imposing competitor. It hopes to sell its technology, which includes a lidar system, to automakers.

 

One sign of lidar’s importance: Waymo has accused Uber of stealing its technology in a high-profile legal battle. Uber has denied the allegations , contending it is designing its own superior lidar system.

 

Waymo’s lidar has a solid track record so far. Its self-driving cars have logged more than 2 million miles in autonomous mode on city streets without being involved in a major traffic accident. Most of the roughly three dozen accidents that Google had reported through last year were fender benders.

 

Russell isn’t impressed. “It’s very easy to build an autonomous vehicle that is safe 99 percent of the time,” he said. “It’s that other 1 percent that’s the tricky part.”

 

 

your ad here

CNBC: Apple Hires Secret Team for Treating Diabetes

Apple has hired a team of biomedical engineers as part of a secret initiative, initially envisioned by late Apple co-founder Steve Jobs, to develop sensors to treat diabetes, CNBC reported citing three people familiar with the matter.

An Apple spokeswoman declined to comment.

The engineers are expected to work at a nondescript office in Palo Alto, California, close to the corporate headquarters, CNBC said.

The news comes at the time when the line between pharmaceuticals and technology is blurring as companies are joining forces to tackle chronic diseases using high-tech devices that combine biology, software and hardware, thereby jump-starting a novel field of medicine called bioelectronics.

Last year, GlaxoSmithKline and Google parent Alphabet unveiled a joint company aimed at marketing bioelectronic devices to fight illness by attaching to individual nerves.

U.S. biotech firms Setpoint Medical and EnteroMedics Inc. have already shown early benefits of bioelectronics in treating rheumatoid arthritis and suppressing appetite in the obese.

Other companies playing around the idea of bioelectronics include Medtronic Plc, Proteus Digital Technology, Sanofi SA and Biogen.

 

your ad here

Burger King TV Ad for Whopper Triggers Google Home Devices

Fast-food chain Burger King said Wednesday that it would start televising a commercial for its signature Whopper sandwich that is designed to activate Google voice-controlled devices.

The move raised questions about whether marketing tactics have become too invasive.

The 15-second ad starts with a Burger King employee holding up the sandwich saying, “You’re watching a 15-second Burger King ad, which is unfortunately not enough time to explain all the fresh ingredients in the Whopper sandwich. But I’ve got an idea.

“OK, Google, what is the Whopper burger?”

If a viewer has the Google Home assistant or an Android phone with voice search enabled within listening range of the TV, that last phrase -— “Hello Google, what is the Whopper burger?” — is intended to trigger the device to search for Whopper on Google and read out the finding from Wikipedia.

“Burger King saw an opportunity to do something exciting with the emerging technology of intelligent personal assistant devices,” said a Burger King representative.

Burger King, owned by Restaurant Brands International Inc., said the ad was not being aired in collaboration with Google.

Google declined to comment, and Wikipedia was not available for comment.

The ad, which became available Wednesday on YouTube, will run in the U.S. during prime time on channels such as Spike, Comedy Central, MTV, E! and Bravo, and also on late-night shows starring Jimmy Kimmel and Jimmy Fallon.

No responses

Some media outlets, including CNN Money, reported that Google Home stopped responding to the commercial shortly after the ad became available on YouTube.

Voice-powered digital assistants such as Google Home and Amazon’s Echo have been largely a novelty for consumers since Apple’s Siri introduced the technology to the masses in 2011.

The devices can have a conversation by understanding context and relationships, and many use them for daily activities such as sending text messages and checking appointments.

Many in the industry believe the voice technology will soon become one of the main ways users interact with devices, and Apple, Google and Amazon are racing to present their assistants to as many people as possible.

your ad here

Canadian Judge in Yahoo Hack Case to Reach Decision on Bail

A Canadian man accused in a massive hack of Yahoo emails has alleged ties to Russian agents and access to significant amounts of cash, making him a serious flight risk if freed on bail, a prosecutor said Tuesday.

Karim Baratov, 22, was arrested last month and faces extradition to the U.S. He was indicted in the United States for computer hacking along with three other people, including two alleged Russian intelligence agents.

Officials have said Baratov has the money to leave Canada and the ability to destroy evidence while on the run.

“The evidence of Mr. Baratov’s connections to Russian officials exponentially elevate the flight risk in this case,’’ Prosecutor Heather Graham said.

Graham noted Baratov owned a number of luxury cars and flaunted his lifestyle on social media. She also said he has webmail and PayPal accounts with “large unknown sums of money” accessible anywhere. Graham said police seized about $22,000 ($30,000 Canadian) cash from his home and another $670 ($900 Canadian) from his wallet when he was arrested.

She also said there is evidence Baratov may have been trafficking in identity information. And there are allegations he continued hacking while on vacation in Jamaica.

Graham also noted Baratov faces up to 20 years in a U.S. prison.

Baratov’s parents have agreed to act as their son’s sureties. The young man’s attorney Deepak Paradkar said Tuesday that Baratov will never be alone because his father, Akhmet Tokbergenov, works at home. The father has agreed to turn off the internet in the family home if the court requests.

The breach at Yahoo affected at least a half billion user accounts, but Paradkar said Baratov is only accused of hacking 80 accounts.

In a scheme that prosecutors say blended intelligence gathering with old-fashioned financial greed, the four men targeted the email accounts of Russian and U.S. government officials, Russian journalists and employees of financial services and other private businesses, American officials said.

In some cases using a technique known as “spear-phishing” to dupe Yahoo users into thinking they were receiving legitimate emails, the hackers broke into at least 500 million accounts in search of personal information and financial data such as gift card and credit card numbers, prosecutors said.

The case, announced amid continued U.S. intelligence agency skepticism of their Russian counterparts, comes as American authorities investigate Russian interference through hacking in the 2016 presidential election. Officials said those investigations are separate.

Justice Alan Whitten has said he’ll reach a bail decision Tuesday.

your ad here

Google Refutes Charges, Says There Is No Gender Pay Gap

Google said it’s “taken aback” by the government’s claim that it doesn’t compensate women fairly.

The company said it conducts “rigorous analyses” that its pay practices are gender-blind and found “no gender pay gap” in 52 major job categories it analyzed last year. Google added that analysts who calculate suggested pay don’t have access to employees’ gender data.

Google also said that beyond gender pay equity, the company recently expanded the analysis to cover race in the U.S., as well.

The U.S. Department of Labor had accused Google of shortchanging women doing similar work to men, saying it found “systemic compensation disparities” across the company’s workforce.

Google responded in a blog post Tuesday that the department’s assertion “came without any supporting data or methodology.” The company said it had already produced hundreds of thousands of documents in response to 18 separate requests, and the government is seeking thousands more, including contact details of employees.

The department had no comment, saying the case is ongoing.

The difference between Google’s and the Labor Department’s claims might come down to how each side defines pay discrimination, Tim Worstall, a fellow at the Adam Smith Institute in London, wrote in a recent post for Forbes.

“Google is using a strict definition of ‘same job’ to find no gender pay gap. The Department of Labor is using a looser definition of ‘similar job’ to find that there is one,” he wrote. “Who you think is right here is entirely up to you, but that’s where the disagreement is.”

your ad here

Symantec Attributes 40 Cyber Attacks to CIA-linked Hacking Tools

Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp said on Monday.

That means the attacks were likely conducted by the U.S. Central Intelligence Agency. The files posted by WikiLeaks appear to show internal CIA discussions of various tools for hacking into phones, computers and other electronic gear, along with programming code for some of them, and multiple people

familiar with the matter have told Reuters that the documents came from the CIA or its contractors.

Symantec said it had connected at least 40 attacks in 16 countries to the tools obtained by WikiLeaks, though it followed company policy by not formally blaming the CIA.

The CIA has not confirmed the Wikileaks documents are genuine. But agency spokeswoman Heather Fritz Horniak said that any WikiLeaks disclosures aimed at damaging the intelligence community “not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm.

“It is important to note that CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including our fellow Americans, and CIA does not do so,” Horniak said.

She declined to comment on the specifics of Symantec’s research.

The CIA tools described by Wikileaks do not involve mass surveillance, and all of the targets were government entities or had legitimate national security value for other reasons, Symantec researcher Eric Chien said ahead of Monday’s

publication.

In part because some of the targets are U.S. allies in Europe, “there are organizations in there that people would be surprised were targets,” Chien said.

Symantec said sectors targeted by operations employing the tools included financial, telecommunications, energy, aerospace, information technology, education, and natural resources.

Besides Europe, countries were hit in the Middle East, Asia, and Africa. One computer was infected in the United States in what was likely an accident – the infection was removed within hours. All the programs were used to open back doors, collect and remove copies of files, rather than to destroy anything.

The eavesdropping tools were created at least as far back as 2011 and possibly as long ago as 2007, Chien said. He said the WikiLeaks documents are so complete that they likely encompass the CIA’s entire hacking toolkit, including many taking advantage of previously unknown flaws.

The CIA is best-known for its human intelligence sources and analysis, not vast electronic operations. For that reason, being forced to build new tools is a setback but not a catastrophe.

It could lead to awkward conversations, however, as more allies realize the Americans were spying and confront them.

Separately, a group calling itself the Shadow Brokers on Saturday released another batch of pilfered National Security Agency hacking tools, along with a blog post criticizing President Donald Trump for attacking Syria and moving away from his conservative political base.

It is unclear who is behind the Shadow Brokers or how the group obtained the files.

 

your ad here

Scientists Get Closer to Building Artificial Life

Despite ethical and safety concerns, researchers are getting closer to building life from scratch. In fact, scientists are hoping to synthesize a human genome in the next 10 years. Investors are putting huge amounts of money into research that may deliver novel drugs, materials and chemicals. Some of the projects were highlighted at a synthetic biology conference in London April 4-6. VOA’s Deborah Block has a report.

your ad here

US Drops Effort to Force Twitter to Reveal Anti-Trump Account

The U.S. government on Friday dropped its effort to force Twitter to identify users behind an account critical of President Donald Trump, the social media company said.

In response, Twitter said it was dropping a federal lawsuit against the U.S. government that challenged the request to unmask the users.

Twitter had sued just a day earlier, claiming the government overstepped its authority in issuing a summons to reveal the account owners.

The lawsuit said that the Department of Homeland Security and U.S. Customs and Border Protection had sought the identity of the users of Twitter handle @ALT-USCIS.

‘Alternative’ handles

The account describes itself as “immigration resistance.” Its creators told media outlets the account is run by current and former employees of U.S. Citizenship and Immigration Services (USCIS), which is overseen by the Department of Homeland Security.

It is one of several “alternative” handles purportedly created by current federal employees unhappy with the Trump administration.

It was not immediately clear why the government withdrew its effort to identify the Twitter users. It was also not immediately known whether the government had closed an investigation it said it was conducting into the Twitter account.

The American Civil Liberties Union praised the government’s decision to withdraw its request, saying in a tweet, “Big victory for free speech and the right to dissent.”

your ad here

Twitter Refuses US Order to Reveal User Behind Anti-Trump Account

Twitter on Thursday sued to block an order by the U.S. government demanding that it reveal who is behind an account opposed to President Donald Trump’s tough immigration policies.

Twitter cited freedom of speech as a basis for not turning over records about the account, @ALT_uscis. The account is claimed to be the work of at least one federal immigration employee, according to the lawsuit filed in San Francisco federal court.

The acronym USCIS refers to U.S. Citizenship and Immigration Services, and the account describes itself as “immigration resistance.” Trump has vowed to build a wall along the U.S. border with Mexico and has promised to deport millions of illegal immigrants.

Following Trump’s inauguration in January, anonymous Twitter feeds that borrowed the names and logos of more than a dozen U.S. government agencies appeared to challenge the president’s views on climate change and other issues. They called themselves “alt” accounts.

Twitter spokesman Nick Pacilio declined to comment on whether the government had demanded information about other accounts critical of Trump.

User privacy advocate

Twitter, which counts Trump among its active users, has a record of litigating in favor of user privacy.

“The rights of free speech afforded Twitter’s users and Twitter itself under the First Amendment of the U.S. Constitution include a right to disseminate such anonymous or pseudonymous political speech,” Twitter said in the lawsuit.

The Department of Homeland Security, which is a defendant in the lawsuit, declined to comment on pending litigation. The Justice Department, which typically represents federal agencies in court, and the White House had no immediate comment.

Senator Ron Wyden, an Oregon Democrat, said in a statement that it was a waste of resources to try to uncover an anonymous critic, and he called on the Homeland Security inspector general to investigate who directed the “witch hunt.”

Esha Bhandari, a staff attorney with the American Civil Liberties Union, which is representing the Twitter user, said the government’s request was highly unusual. Requests for social media account information from the U.S. government typically involve national security or criminal charges, she said.

“We have seen no reason the government has given for seeking to unmask this speaker’s identity,” Bhandari said, adding that the right to anonymous speech against the government is “a bedrock American value” strongly protected under the First Amendment of the U.S. Constitution.

Tweeter’s response

Shortly after the lawsuit became public, @ALT_uscis tweeted a copy of the First Amendment and a picture of part of the lawsuit. The account’s followers nearly tripled to 89,000 in the hours after the news broke.

For weeks the account has posted criticism of the administration. It tweeted a parody of the game bingo for “right-wing idiots,” said that some anti-immigration advocates must have been dropped on their heads at birth, and mocked Trump for not giving more of his wealth to charities.

Twitter said it received an administrative summons last month demanding that it provide records related to the account.

A copy of the summons filed with the lawsuit says the records are needed for an investigation to ensure compliance with duties, taxes and fines, and other customs and immigration matters.

It was not immediately clear how the anonymous account fit into those laws and regulations, and Twitter said the summons was an abuse of a law meant to be used to investigate imported merchandise.

Twitter might have a strong case that the summons was improper, said Paul Alan Levy, staff attorney at Public Citizen Litigation Group, who specializes in online privacy and free speech issues.

“I don’t think there is any way for the government to come out of this looking good,” Levy said.

There is no indication that the White House was aware of the summons, which was signed by a Florida-based supervisor who works in an office that investigates employee corruption, misconduct and mismanagement. The supervisor could not be reached for comment.

The summons requested, but apparently did not order, that Twitter keep the document private.

Past battles

The social media company has a history of challenging government demands for information on its users, including a 2012 demand from New York prosecutors about an Occupy Wall Street protester. In that case, Twitter was forced to hand over tweets from the protester to a judge who threatened the company with sanctions, and the protester pleaded guilty of disorderly conduct.

Twitter sued the U.S. Department of Justice in 2014, seeking permission to publicly disclose more information about requests it gets from U.S. authorities for information about its users.

The lawsuit was partly dismissed last year.

Among the lawyers representing Twitter in the latest case is Seth Waxman, a former high-ranking Justice Department official under President Bill Clinton.

your ad here

Iranian Americans Use Tech to Count Their Impact in US

Pirooz Parvarandeh, a longtime Silicon Valley executive, saw a problem.

Although he has lived in the United States for more than 40 years, he knew little about the contributions and accomplishments of Iranian Americans like himself. That lack of knowledge is widespread, he feared, and in his view makes Iranians in America more subject to stereotypes, discrimination and attacks.

“What image comes up with ‘Iranian’? A terrorist? A hostage-taker? Or a contributing member of society?” he asked at a talk this week at the University of California, Berkeley. “If we don’t know the contributions of Iranian Americans, how can we expect the American public to know? If the public is not with us, why would policymakers want to stick up for us?”

Last year, Parvarandeh met with other Iranian Americans to come up with the Iranian Americans’ Contribution Project, a nonprofit that uses technology to gather and analyze data about Iranian Americans. Their efforts picked up steam after Iran was listed among countries included in the Trump administration’s travel ban.

“We want to build a shield,” Parvarandeh said. “We want to build a protective mechanism to say, ‘Here is what we’ve done.'”

Counting contributions

Parvarandeh’s quest is one that many immigrant groups have considered as they try to both assimilate in the U.S. and stand proud of their cultural identity. For Iranian Americans, the issue has been especially complicated by long-standing tensions between the U.S. and Iran. An estimated one million Iranians live in the U.S., mainly in California.

The project aims to stay out of the political fray and has no religious affiliation. It approaches the question of Iranian Americans’ contributions in a systematic way, something Parvarandeh considers “pioneering” among all of the U.S. diaspora groups. 

Working with software engineers, the project has come up with an algorithm that captures 200,000 unique Iranian last names and 70,000 unique first names. By applying that algorithm to public databases the organization buys or finds of professional organizations, scholarly articles and licensing bodies, the project creates a snapshot of Iranian Americans in a variety of professions.

So far, the project has found 490 Iranian American chiropractors, more than 9,000 physicians, more than 3,000 dentists and about 1,000 pharmacists. Iranians have been awarded at least 40,000 patents and they make up more than 2.5 percent of lawyers admitted to the State Bar of California. On its website, the project shows where Iranians in a variety of professions are on a U.S. map, sometimes county by county. It also offers a breakdown of professions of people found through LinkedIn. 

Since some Iranian names can be found in other countries, the algorithm also calculates the probability that a person is Iranian.

Building a brand

The approach has its limits. The second generation of Iranian Americans and people marrying non-Iranian Americans may begin to take more American-sounding names. But Parvarandeh says he is hoping that Iranian Americans will participate in the project and help make it more accurate. At the moment, the data is anonymized, meaning that it doesn’t list the names of people it captures. But the project combines the data with interviews with Iranian Americans about their life stories and accomplishments.

“There are many arrows being shot in our direction,” he said. “There’s anti-immigrant sentiment in the U.S. and Europe. What we’re trying to do is build a reputation, build a brand.”

your ad here

Tech Firms Must Go Beyond Congo’s ‘Conflict Minerals’ to Clean Supply Chain: Study

Abuses linked to mining in countries such as Myanmar and Colombia are being overlooked by technology companies focused only on eliminating “conflict minerals” from war-torn parts of Africa in their supply chains, researchers said on Thursday.

In Democratic Republic of Congo (DRC), competition for mineral resources has fueled two decades of conflict in its eastern provinces, including a 1998-2003 war that killed millions, mostly from hunger and disease.

Congo’s supply of tantalum, tin, tungsten and gold – metals used in smartphones, batteries and laptops – has been under scrutiny since 2010, when U.S. laws required U.S.-listed firms to ensure supply chains were free from “conflict minerals”.

Yet the same minerals are being quarried in areas controlled by armed groups — sometimes using child labor — in countries such as Myanmar, Bolivia and Rwanda, according to research published by Verisk Maplecroft on Thursday.

The problem for tech companies was being able to trace the metals used in their products to the source mine or smelter, the risk consultancy group said in a report.

“The problem is because this is so far down the supply chain, it’s difficult for technology companies to know if those minerals they’re using are coming from irresponsibly managed operations,” said Stefan Sabo-Walsh of Verisk Maplecroft.

Sabo-Walsh told the Thomson Reuters Foundation that in the most extreme cases the minerals are excavated using forced labor in order to buy weapons and fund violence.

A convoluted process

After minerals are mined, they are sold to a middleman and usually taken to the country’s capital, where the raw metal is extracted and blended with other metals, the report said.

The blend is exported to a country such as China and then transformed for use in tech products.

The complicated process “further muddies supply chain transparency efforts” for companies that strive to only use safe and ethical extraction, Verisk Maplecroft said.

Tin, which is used in tablet computers and smartphones, was ranked as having the highest risk for labor rights violations at illegal mines.

Bolivia, Myanmar and Indonesia, some of the largest tin-producing countries, pose an “extreme risk” for child labor at tin mines, the research showed.

Some smaller mines are not run by armed groups but still hurt the environment and local communities and are difficult to police, Sabo-Walsh said.

At illegal mines, waste water runoff often makes its way into local water sources, polluting the supply, he said.

“Organizations need to be aware of the bigger picture when sourcing minerals from different countries – otherwise they risk a consumer backlash or regulatory penalties from the raft of emerging supply chain legislation,” he said in a statement.

your ad here

Poll: 40 Percent of Americans More Cautious With Email After Election Hacking

Forty percent of Americans say they are more cautious about what they write in emails since last year’s cyber attacks against the Democratic Party, according to a Reuters/Ipsos poll released on Thursday.

The March 11-20 opinion survey showed that a sizable minority of Americans made personal changes to how they interact online following the hacking of emails during the 2016 U.S. presidential campaign, which were later published by WikiLeaks and other entities.

Among respondents, 45 percent said they had changed their online passwords since the hacks.

U.S. intelligence agencies believe Russia orchestrated the disclosure of the emails to embarrass the campaign of Democratic presidential nominee Hillary Clinton and help Republican Donald Trump win. The emails also led to the ouster of Democratic National Committee Chairwoman Debbie Wasserman Schultz. Moscow denies the allegations.

Concerns about online security crossed party lines, with 43 percent of Democrats and 40 percent of Republicans saying they had been more cautious about personal email since the election hacking.

“It makes you start to wonder how secure anything is as far as your own privacy,” said Delene Rutledge, 67, a retired teacher in Indiana who participated in the poll. “And yet I’m not the greatest at coming up with great passwords – I’m not sure it would make any difference.”

Despite concerns about digital privacy, only a small percentage of Americans said they had started protecting themselves online in other ways within the past month.

Five percent of adults said they had begun using secure messaging services like Signal, WhatsApp or Wickr.

Some 16 percent said they had placed tape over the camera in their computers to block any unwanted spying, a tactic advocated by Facebook Chief Executive Mark Zuckerberg and FBI Director James Comey.

Twenty-one percent said they had switched off the tracking capabilities of their internet browsers, while 17 percent changed their user ID on social media networks like Facebook or Twitter and 10 percent unplugged smart TVs or other internet-connected devices when not using them.

The Reuters/Ipsos poll was conducted online in English in all 50 states. It included 3,307 American adults and had a credibility interval, a measure of accuracy, of 2 percentage points.

your ad here

Twitter Unveils ‘Lite’ Service for Emerging Markets

Twitter has unveiled a new, light mobile site aimed at emerging markets where people are still using slower 2G mobile connections.

Twitter Lite, according to the company, will use less data and will be up to 30 percent faster than the full Twitter website.

The service will be rolled out globally, but is primarily aimed at India, Africa and parts of Latin America.

“Twitter Lite provides the key features of Twitter, your timeline, Tweets, Direct Messages, trends, profiles, media uploads, notifications, and more,” Twitter said in a blog post.

Twitter Lite also offers a “data saver mode” that allows a user to see smaller previews of videos and images before they fully load. That could save up to 70 percent on data usage, the company said.

For Android users, Twitter Lite can still deliver push notifications as well as offline support “so you will not be interrupted while using Twitter if you temporarily lose your connection,” the company said.

According to the global mobile phone operators group, GSMA, there were 3.8 smartphone connections globally at the end of 2016.Of those, 45 percent use slower 2G networks.

Twitter is following a trend toward tech companies offering lite versions of their services. Facebook has a lite version for both the main Facebook app and its Messenger app. Microsoft offers a lite version of Skype for users in India.

your ad here