HomelandSecurity
Latest
Homeland Security will hack you if asked nicely
With how many data breaches companies have suffered as of late it makes sense that the Department of Homeland Security is starting to do its own whitehat hacking work. It's done at the request of "critical infrastructure" outfits, and based on a report from KrebsOnSecurity it all sounds pretty thorough too: operating systems, databases and web apps are all apparently targeted by the DHS' Risk and Vulnerability Assessment service. But that's not all.
Raytheon signs $1 billion contract to protect government websites
Homeland Security has signed a five-year contract with Raytheon, which could be worth a whopping $1 billion. While the defense contractor is more known for weapons development, DHS hasn't joined forces with it to create more missiles, lasers, warheads and UAVs. No, the agency has asked the company's help to secure government websites. According to Raytheon's announcement, it will aid the government in developing, deploying and supporting technologies that watch out for and mitigate cyberattacks. Reuters says the company will also help around 100 agencies manage their network security within the duration of the partnership as the prime contractor for DHS' National Cybersecurity Protection System and Network Security Deployment divisions.
Google, Microsoft join government's disaster response program
People hit by storms and other disasters need more than food, clothes or shelter in the days following the unfortunate event. They also need access to working internet or cellular networks to find family and friends who (heaven forbid) might be missing or to get in touch with people who might be worried sick about them. Homeland Security's Federal Emergency Management Agency (FEMA) hopes to supply the need for tech-savvy volunteers who can help out in those situations. That's why it has launched the Tech Corps program and enlisted the help of several big-name companies in the industry, including Cisco Systems, Google, Intel and Microsoft.
Google and Facebook come out against government spying
The Department of Homeland Security is setting up shop in Silicon Valley, with the agency's head Jeh Johnson pushing for easier access to our private data. Naturally, both Google and Facebook have started to openly resist this call to create backdoors for state surveillance. At the RSA security conference, Google's Keith Enright told MIT Technology Review that any attempt to breach his company's encryption would harm civil liberties.
Congress' new report tells you where Bitcoin is legal
Unfortunately, you can't assume that Bitcoin is legal everywhere you go -- it's safe to use the digital cash in some countries, but it's mostly verboten in others. However, you won't have to travel blind. The US' Law Library of Congress has just published a report (PDF) that outlines Bitcoin's legal status in 40 countries. In short, the currency mostly exists in a gray area. While countries like Germany and Finland have cleared Bitcoin for legal use in some conditions, most nations either haven't regulated it or see it as too risky. Don't leave your physical wallet at home on your next vacation, then.
Google Glass wearer removed from AMC theater under suspicion of recording
Despite the many uses for Google Glass, this new class of wearable devices is inevitably meeting some growing pains (pictured above is 7'3" Indiana Pacers center Roy Hibbert, a Glass wearer who has experienced some growing pains) as the world gets used to them. One wearer successfully fought a traffic ticket recently and now another early adopter suffered the "embarrassing" experience of being removed from a movie theater for bringing the accessory. In a story originally posted on The Gadgeteer, the unnamed individual stopped by the AMC Easton 30 in Columbus to watch Jack Ryan: Shadow Recruit, wearing Google Glass attached to his prescription lenses, something he says he'd done before without any trouble. Where the story takes a twist however, is when officers moved in an hour into the movie, yanked the Glass from his face, and brought the man and his wife to separate interrogation rooms for over three hours. Apparently unfamiliar with the device and already on alert for piracy at that theater -- most pirates using this technique bring camouflaged hand-held cameras -- it took quite some time before they eventually (with the owner's permission/at the owner's insistence) plugged Glass into a computer, reviewed the stored images and determined he had not been recording the movie. U.S. Immigration and Customs Enforcement Khaalid Wells confirmed the January 18th incident calling it a "brief interview." AMC released a statement to Engadget (available in full after the break) which says theater owners contact the MPAA when suspected recording takes place, in this case prompting an investigation and resulting in contact with Homeland Security. AMC feels like wearing devices with recording capabilities "is not appropriate at the movie theatre," a position that will be hard to hold as movie viewers arrive with their Glass, Gear and other camera-equipped wearable tech, and sticks out here because they were attached to prescription lenses. The initial rollout of camera-equipped phones led to similar awkward interactions, although being arrested certainly takes things to another level. The wearer reports his Glass was returned, undamaged, but at last update he'd received only a few free movie passes for his troubles.
U.S. government finds 0.7% of all mobile malware affects iOS, while Android accounts for 79%
A cautionary memo put out by the US Department of Homeland Security and the US Department of Justice shows that, according to the government's findings, only 0.7 percent of all mobile malware is designed to take advantage of iOS. This figure is in stark contrast to the Android OS, which the memo reports accounts for 79 percent of mobile malware threats. The release was published by the website Public Intelligence. The memo, which reports its data as being from 2012, was targeted at police, fire and emergency personnel. It goes on at length with tips for Android users to avoid common malware scams such as seedy SMS messages and counterfeit apps. In addition to ranking both iOS and Android, the report shows that 19 percent of malware is designed to affect the Symbian OS, 0.3 percent for Windows Phone and 0.3 percent for BlackBerry. [via TNW]
FDA, ICS-CERT issue warnings for medical device, hospital network security
Reports that medical devices implanted in patients or used for their treatment may have dangerous vulnerabilities are not new, but a new "safety communication" is focusing more attention on the issue. Ars Technica points out that the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) group that works along with private industry to protect the nation's infrastructure issued its own alert alongside the FDA's, focusing on the many embedded devices that are protected only by hard-coded passwords. The ICS-CERT message recommends restricting physical access to sensitive hardware, improved designs that are more resistant to potential attacks and increased network security. The FDA lists various vulnerabilities it's become aware of like network connected devices being infected by malware, mobile devices being targeted to access patient data, the previously mentioned hard-coded passwords issue and more. Going forward, the FDA is collecting reports of "adverse events" to determine if security has been compromised, and will issue new guidelines on mobile health technology later this year. We've seen examples of potential security solutions for pacemakers in the past, and the more connected healthcare devices become we're sure patients expect any potential vulnerabilities to be addressed as well.
New DVD anti-piracy warning now packs double the nag
Starting this week, you'll find any newly-minted DVDs and Blu-ray discs will now include a similarly fresh anti-piracy message. Homeland Security's special agent badge now partners up with the FBI's own emblem on the new warning played before DVDs -- and it looks like it'll still be unskippable. If this dynamic duo isn't enough to scare into legitimate media consumption, how about another warning screen to really bring it on home? This one features the National Intellectual Property Center, which follows the same "piracy is bad" message, offering a helpful link as to why -- one we're sure you're going to investigate in the middle of movie night. Interestingly, these new screens themselves are still not in the public domain and only the major US movie studios are authorized to use them. No news yet on whether the authorities plan to include another screen explaining this, but you can check that second warning that you'll soon be yelling at right after the break.
US Department of Homeland Security developing system to predict criminal intent
We're not exactly lacking in opportunities for Minority Report references these days, but sometimes they're just unavoidable. According to a new report from CNET based on documents obtained by the Electronic Privacy Information Center, the US Department of Homeland security is now working on a system dubbed FAST (or Future Attribute Screening Technology) that's designed to identify individuals who are most likely to commit a crime. That's not done with something as simple as facial recognition and background checks, however, but rather algorithms and an array of sensors and cameras that can detect both physiological and behavioral cues that are said to be "indicative of mal-intent." What's more, while the DHS says that it has no plans to actually deploy the system in public just yet, it has apparently already conducted a limited trial using DHS employees -- though no word on the results of how well it actually works, of course. Hit the source link below for the complete (albeit somewhat redacted) documents.
Bomb-sniffing crystals may save us from nuclear Armageddon, tea leaves agree
Worried that a nuclear attack might wipe out all of American civilization? You needn't be, because the scientific community's crystal ball says crystal balls may save humanity. Last week, the Department of Energy awarded a $900,000 grant to Fisk University and Wake Forest, where researchers have been busy exploring the counter-terrorist capabilities of strontium iodide crystals. Once laced with europium, these crystals can do a remarkably good job of picking up on and analyzing radiation, as the team from Fisk and other national laboratories recently discovered. Cost remains the most imposing barrier to deploying the materials at airports or national borders, though soothsaying scientists claim it's only a matter of time before they develop a way to produce greater crystalline quantities at an affordable price. The only thing Miss Cleo sees is a glistening press release, in your very near, post-break future.
US Homeland Security Department planning to use Facebook, Twitter for terrorism alerts
It looks like we finally know what the US Department of Homeland Security plans to use instead of the now infamous color-coded terrorism alert system. According to a draft document obtained by the Associated Press, the department's new system will simply have two levels of alerts -- "elevated" and "imminent" -- and it seems those warnings will even be published online using Facebook and Twitter "when appropriate." There's no word as to exactly how those alerts will be published, however, or any indication that the two companies have actually committed to aiding the department in any way, for that matter. We should know more soon enough, though -- the new system is expected to be in place by April 27th.
US opts to derez virtual fence along Mexico border, replacing it with more affordable measures
Remember that hugely ambitious "virtual fence" that the US Homeland Security department was so keen on blowing a few billion dollars on? Well, following a bunch of setbacks and delays in its development, it's now been determined to be too darn expensive and is being scrapped. That's not without splashing some cash, however, as it's estimated that a billion dollars has already been spent on installing sensor towers along a 53-mile stretch of the Arizona border with Mexico. The plan now is to redirect funds to more conventional (and commercially available) surveillance measures, such as thermal imaging and unmanned aerial drones, which is estimated to cost $750 million to cover the remaining 323 miles of Arizona's border. Whatever happens, keeping illegal immigration and contraband smuggling to a minimum isn't going to be a cheap task. Almost makes you wonder if this isn't a problem better solved by non-technological means.
Operation Cyber Storm III underway, makes digital certificates cool again
Fans of cyberwarfare (which we are, if only because we like to imagine that it looks like Battlezone) take note: following hot on the heels previous Cyber Storm I and II and Cyber ShockWave wargames, the Department of Homeland Security is sponsoring a little something called Cyber Storm III. Starting yesterday, the three-day exercise simulates more than 1,500 different types of attack, with a special emphasis on identities, trust relationships, and digital certificates. As Brett Lambo, director of Homeland Security's Cyber Exercise Program, told AFP, "we're kind of using the Internet to attack itself. At a certain point the operation of the Internet is reliant on trust -- knowing where you're going is where you're supposed to be." The exercise will test the National Cyber Incident Response Plan as well as the new National Cybersecurity and Communications Integration Center. But you can breathe easily: the operation is focusing on defense, not offense (for now).
Adafruit's DIY 'less lethal' weapon looks cool, doesn't really work
As you're no doubt well aware, the government is always looking for new ways to make dissidents feel uncomfortable. In this space alone we've seen devices meant to cook folks with microwaves, zap 'em with electricity, and make 'em nauseous using light. Taking inspiration from the last one, the open source pranksters at Adafruit Industries have built a contraption of their own called the Bedazzler. It's powered by an Arduino and, unlike the original, Adafruit's version doesn't seem to work for the purpose incapacitating no-goodniks -- but that's probably a good thing. For some background on this extremely less than lethal device, peep the the video after the break. And then hit the read link to build one yourself.
Microsoft Surface being used to coordinate Super Bowl security
If you've been watching the news this week, you might have caught NFL security VP Milton Ahlerich saying that Raymond James Stadium in Tampa will be "one the safest locations you can possibly be" during the Super Bowl on Sunday, and it looks like Microsoft Surface will be a big reason why: it's being used to coordinate security forces around the site. It's seriously slick -- maps are integrated with planning and voice communications software so the field commanders can immediately assess incident responses and personnel deployments, with the ability to initiate radio contact directly from the interface. Definitely much cooler than zooming in and out of photos and ordering drinks, we'd say -- video after the break.
iPhone on the Road: a substitute for paper boarding passes
Some things sound really cool -- until you actually have to step up and do them in real time. TUAW reader Gerald Buckley's story about traveling with his iPhone strikes me as belonging to this class. When he approached the American Airlines counter to use his iPhone as a boarding pass, the coolness quotient for his entire trip got bumped up several notches. It seems that he navigated over to AA.com using Mobile Safari, signed in and displayed a PDF of his boarding pass on-screen. The American Airlines counter agent in San Antonio "humored" him and scanned the barcode as displayed on his iPhone. The scan worked, and Buckley proceeded with his travels (much to the envy and amazement of his fellow passengers, no doubt). Here's the thing though. If it were me, this would have totally gone another way. First, while waiting on line, I would have had bad WiFi. It would have taken me about 20 minutes to type in my information and the people behind me on line would have been coughing *significantly* to get me to keep moving along with the line as I tried to type, move all my luggage and possibly keep three extremely rambunctious children in order. Finally, I would get to the gate agent and I would have gotten the snarky impatient version -- somehow I always do. Assuming that I could even get all the typing and navigation done, I know in my heart that the response would have been "you need a printed boarding pass, ma'am." Of course, this is entirely academic because I have not been granted a boarding pass for the last 5 or 6 years due entirely, I'm sure, to my last name. It's always "You must check in at the counter" -- which is way easier than even a boarding pass because I just swipe my credit card. All that having been said, TUAW congratulates Mr. Buckley's ingenuity and offers the example of his experience to speed you your travels in a uniquely geek fashion. If you've got the travel bug (with or without your iPhone), be sure to visit our sister site Gadling for all things flight-related.
Homeland Security gets radiation-hunting SUV
While we're likely still quite a ways away from having nuke detectors in every cellphone, the Department of Homeland Security is apparently at least making some progress in other somewhat portable options, with it now showing off a radiation-hunting Chevy Suburban XL built with a little help from Raytheon. Intended specifically for the DHS's Domestic Nuclear Detection Office, the SUV boasts two sliding panels that can swing out for maintenance but remain neatly concealed when on duty, as opposed to current systems that are mounted in the back of pick-up trucks. That, of course, gets paired with a laptop, which provides a full spectroscopic analysis, and the entire system can be configured to trigger a number of different alarms, including a simple vibration alert to a dedicated PDA, or a scare-the-wits-out-of-everyone approach that involves setting off the car alarm, lights, horn and siren.
Passenger planes at JFK to be outfitted with anti-missile systems
Hey, we try our best to be as paranoid as the next guy, but we confess we were caught a little off guard by this one. US Department of Homeland Security folks announced yesterday that three American Airline passenger planes that frequent JFK airport are going to be set up with anti-missile systems in a test run to see if they'd be effective in helping to prevent a terrorist shooting down a jet with a shoulder-fired missile. It's step three in a government-mandated program to determine the suitability of such systems, which involve radar jammers to throw ground-fired missiles off course. The tests are to determine if the jamming system works in real-time conditions, and what sort of sustained costs of maintenance will be required, but all actual tests of the technology have already been performed on non-passenger jets, so it appears no actual missile-firing will be required. Oh come on, you know you were thinking it.[Thanks, Brett]
Homeland Security's latest non-lethal weapon: the pukelight
Someone in Homeland Security's R&D department must have a sense of humor, because the agency is hoping to soon deploy an LED flashlight that causes uncontrollable vomiting. The light, which is being developed for DHS at Intelligent Optical Systems, first shines a high-intensity beam to stun the target and then begins flashing a series of pulses that change color and duration -- inducing "psychophysical" effects that that include nausea, vertigo, and vomiting. While the concept isn't that far-fetched -- similar symptoms have been seen in helicopter pilots affected by sunlight strobing through spinning blades -- you've got to wonder how many thousands of dollars have been spent developing a weapon that can be defeated by simply looking away.[Via ABC News]
