DepartmentOfHomelandSecurity
Latest
Data breaches compromised the info of US undercover investigators
Data theft is normally pretty bad all on its own, but a recent breach at US Investigations Services (a background check company) may have created some extra-strong headaches for the US government. Reuters understands that the intrusion exposed personal information of 25,000-plus Department of Homeland Security workers, including "some undercover investigators." There's no certainty that the attackers stole those agents' information, but there's a real chance that their identities are out in the wild -- a big problem if suspects can double-check identities and avoid getting caught. The concern is exacerbated by the nature of the attack, which USIS believes might have been "state-sponsored."
Daily Update for August 26, 2013
It's the TUAW Daily Update, your source for Apple news in a convenient audio format. You'll get all the top Apple stories of the day in three to five minutes for a quick review of what's happening in the Apple world. You can listen to today's Apple stories by clicking the inline player (requires Flash) or the non-Flash link below. To subscribe to the podcast for daily listening through iTunes, click here. No Flash? Click here to listen. Subscribe via RSS
FEMA and National Weather Service launch Wireless Emergency Alert System
While it's a little later than expected, the free SMS emergency notification system has now gone live. Wireless Emergency Alert (WEA) messages will be delivered to cell towers in affected areas, which will then broadcast them to all compatible devices in their range. While the system is looking to cover over 97 percent of the country, it's being gradually rolled out across carriers. Sprint and Verizon are both apparently ready for action and while we haven't heard about the status of T-Mobile or AT&T, the National Weather Service has stated that hundreds of smaller carriers haven't yet enabled the broadcasts. However, not all phones -- especially the more elderly bricks still in circulation -- will work with the system. To check whether your weighty cellular still passes muster, hit up the compatible device list at the CTIA link below.
Wireless Emergency Alert system goes live this month, delivers location-based SMS warnings
Last we heard of the federal government's Wireless Emergency Alert system, only Sprint had signed on to deliver the SMS warnings. Now, with the secured participation of all four major carriers and smaller regional operators, that gratis service is set to go live this month, covering nearly 97 percent of active mobile users. Using a "point-to-multipoint system" that targets at-risk subscribers, the National Weather Service, FEMA, FCC and Department of Homeland Security-backed initiative works by sending location-based messages of 90 characters or less to nearby handsets in the event of an imminent meteorological threat. The mostly opt-out service will also accommodate AMBER and Presidential alerts, although you won't have that flexibility for missives sent from our head of state. So, the next time your phone gives off a strange auditory tone, you'll know to head for shelter.
Snail turned into living battery, should have taken the blue pill
You know how those mad scientists at DARPA are obsessed with generating power from insects? A team from Clarkson University, New York and Ben-Gurion University, Israel has gone one better by turning a Snail into a cybernetic power generator. A pair of Buckypaper electrodes were charged by the electro-chemical reactions in the slow-moving invertebrates "hemolymph," its equivalent to blood. Its hoped the Snails will provide a sustainable way to power listening devices for the Department of Homeland Security, so if you suddenly find your crawlspace full of gastropods, be careful what you say. [Image credit: American Chemical Society]
US Department of Homeland Security developing system to predict criminal intent
We're not exactly lacking in opportunities for Minority Report references these days, but sometimes they're just unavoidable. According to a new report from CNET based on documents obtained by the Electronic Privacy Information Center, the US Department of Homeland security is now working on a system dubbed FAST (or Future Attribute Screening Technology) that's designed to identify individuals who are most likely to commit a crime. That's not done with something as simple as facial recognition and background checks, however, but rather algorithms and an array of sensors and cameras that can detect both physiological and behavioral cues that are said to be "indicative of mal-intent." What's more, while the DHS says that it has no plans to actually deploy the system in public just yet, it has apparently already conducted a limited trial using DHS employees -- though no word on the results of how well it actually works, of course. Hit the source link below for the complete (albeit somewhat redacted) documents.
US government to beat back botnets with a cybersecurity code of conduct
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary "code of conduct" for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June "Green Paper" on cybersecurity, in which the Department of Commerce's Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it's giving special consideration to two models adopted overseas. Australia's iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan's Cyber Clean Center, which has installed so-called "honeypot" devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers' personal information, while others are openly wondering whether OS-makers should be involved, as well. The code's public comment period will end on November 4th, but you can find more information at the source link, below.
Researchers use children's toy to exploit security hole in feds' radios, eavesdrop on conversations
Researchers from the University of Pennsylvania have discovered a potentially major security flaw in the radios used by federal agents, as part of a new study that's sure to raise some eyebrows within the intelligence community. Computer science professor Matt Blaze and his team uncovered the vulnerability after examining a set of handheld and in-car radios used by law enforcement officials in two, undisclosed metropolitan areas. The devices, which operate on a wireless standard known as Project 25 (P25), suffer from a relatively simple design flaw, with indicators and switches that don't always make it clear whether transmissions are encrypted. And, because these missives are sent in segments, a hacker could jam an entire message by blocking just one of its pieces, without expending too much power. What's really shocking, however, is that the researchers were able to jam messages and track the location of agents using only a $30 IM Me texting device, designed for kids (pictured above). After listening in on sensitive conversations from officials at the Department of Justice and the Department of Homeland Security, Barnes and his team have called for a "substantial top-to-bottom redesign" of the P25 system and have notified the agencies in question. The FBI has yet to comment on the study, but you can read the whole thing for yourself, at the link below.
US Homeland Security Department planning to use Facebook, Twitter for terrorism alerts
It looks like we finally know what the US Department of Homeland Security plans to use instead of the now infamous color-coded terrorism alert system. According to a draft document obtained by the Associated Press, the department's new system will simply have two levels of alerts -- "elevated" and "imminent" -- and it seems those warnings will even be published online using Facebook and Twitter "when appropriate." There's no word as to exactly how those alerts will be published, however, or any indication that the two companies have actually committed to aiding the department in any way, for that matter. We should know more soon enough, though -- the new system is expected to be in place by April 27th.
The internet kill switch and other lies the internet told you
Last week, the Senate Committee on Homeland Security and Government Affairs, led by Senator Joe Lieberman (I-CT) became the subject of some debate when news spread that it was calling for a so-called "internet kill switch" which would give the President the power to shut down the whole darn thing in a state of emergency. Apparently, however, nobody bothered to do any research into the topic until very recently -- and of course, the truth is far more complicated than a horrifying phrase like "internet kill switch." Because as it turns out, according to the 1934 Communications Act (which is still in effect today), the President already has the power to shut down any and all telecommunications systems in situations he or she deems it necessary for national security, and Lieberman's call was for a reassessment of the Act. So what are Lieberman's evil plans for the 'net? His proposal, S. 3480, is a far more subtle document than the original act, which essentially says "hey, do whatever you have to do, man," and calls for the designation of cyberspace as a 'national asset.' It asks for the private owners of critical infrastructure to develop risk assessment plans, and plans to mitigate that risk, in conjunction with the Department of Homeland Security. There are also several recommended procedures called for in the event of an emergency, but none of them have anything to do with a mechanism to shut anything down, and the director would be expressly prohibited from requiring owners to use any specific mechanism. So... the exact opposite of a kill switch. Also, it's worthwhile to note that the entire proposition calls for these changes to be developed by the private sector itself, rather than imposed on it. Kind of makes the story a little less interesting, that's for sure. Hit up the source -- Talking Points Memo -- for a far more detailed, insightful account of what's actually going down.
Government killing off LORAN-C navigation system, deems GPS good enough
Spare a thought for the noble LORAN network. It helped bombers and ships across the Atlantic in WWII and, since then, has served as a reliable system for helping sailors, domestic and otherwise, to find their position. Of course, now that everybody and their kid cousin has a GPS receiver in their back pocket the need for limited, complex, radio-based geolocation is somewhat reduced. So, the US government is killing it off, shutting down most of the towers on February 8, with those that stay online over the summer going decidedly offline this fall. The savings? $190 million over five years. The cost? No backup for our GPS system, meaning we'll be totally blind when the first wave of EMPs hit -- and don't try to act like they're not comin', man.
Laptops can be confiscated and searched at US border without cause says report
In further evidence of our rapidly eroding civil liberties, the Department of Homeland Security disclosed today that US Customs and Border Protection and US Immigration and Customs Enforcement have the right to confiscate and search a traveler's laptop or other electronic device without any suspicion of wrongdoing. The rules -- which we reported on in February -- allow for searches of hard drives, flash drives, cellphones, iPods, pagers, and video or audio tapes, and specify that the agencies can "detain" belongings for a "reasonable period of time," (i.e., as long as they please). Additionally, the DHS can share the data found with other government agencies or private entities for translation, decryption, or (astoundingly vague) "other reasons." The DHS says the policies apply to anyone entering the country -- including US citizens -- and claim the measures are necessary to prevent terrorism. In other news, Big Brother issued a statement today guaranteeing a bonus for turning over family members suspected of crimethink to the Thought Police.[Via Switched]
Raytheon Controlled Impact Rescue Tool pulverizes concrete to save the day
Sure, we've got devices that can see through concrete walls, but why get all complicated when there's some good ol' fashioned bashing to be done? That's the poetic question posed by the Controlled Impact Rescue Tool, developed by Raytheon as part of a Department of Homeland Security program. The 100-pound rescue device uses specially-designed ammunition to create shock waves that can shatter through concrete walls in just 13 minutes, compared to nearly half an hour for conventional methods. Although the rig can create a hole big enough for a person to crawl out of, it's designed to be held up and operated by just two people, and as the video below shows, it doesn't look like it's too much of a bear to handle. Raytheon hasn't set a price for the CIRT yet, but it's aiming it at fire departments, rescue services and the military -- but we're always ready for a demo if anyone's interested.
Border virtual fence project delayed again until at least 2011
Remember Project 28? That Boeing / DHS system to put a 28 mile stretch of sensor-tower laden virtual fencing along the US / Mexico border in Arizona? Well, the government swiped the contract back from Boeing last week for lack of, well, working, and is apparently going at it alone with plans to delay it three or more years to get the job done right. Well, you know, right as total failures and wastes of taxpayer dollars get, ultimately.
Department of Homeland Security piggybacks on T-Mobile's SunCom buy
Here's an interesting little fact: because T-Mobile is foreign-owned (by Germany's Deutsche Telekom), several government agencies get all up in its business every time it makes an acquisition. Yes, of course, government agencies get their grubby paws in every acquisition here be it foreign or domestic, but the foreigners have it considerably worse. When DT completed the VoiceStream acquisition back in 2001 to form T-Mobile USA, the FBI and Department of Justice took their sweet time to make sure they'd have agreements in place that allowed them to monitor communications 24 hours a day at their leisure and discretion, and actually held up the FCC's approval until they had a signed deal with the company. Since then, the Department of Homeland Security has been thrust into prominence and wants in on the same luxuries its counterparts at the DOJ and FBI enjoy -- so yeah, you guessed it, they held up the SunCom deal until DT let them in on the action, too. Rumor has it T-Mobile wasn't too happy about the Department's demands, but when the rubber met the road, they chose wireless footprint over principles. Really, with the G Men already on board, what difference does it make? [Warning: PDF link][Via BetaNews, thanks oakie]
EFF, ALC sue Homeland Security over laptop, gadget searches
The EFF sure has set it sights high with its latest lawsuit, with it now teaming up with the Asian Law Caucus (ALC) to sue the Department of Homeland Security over laptop and gadget searches and other alleged infringements of civil liberties at U.S. borders. Specifically, the two groups are asking for the DHS to disclose its policies on questioning travelers on First Amendment-protected activities, including the photocopying of individuals' papers, and the searching of laptops and other electronic devices. According to the EFF, that rather drastic move was prompted by the DHS's failure to meet a 20-day time limit Congress had set for responding to public information requests. Needless to say, the DHS itself doesn't seem to have a whole lot to say on the matter at the moment, and we're guessing that situation won't be changing anytime soon.[Via The Register, image courtesy of WhiteHouse.gov]
Homeland Security's latest non-lethal weapon: the pukelight
Someone in Homeland Security's R&D department must have a sense of humor, because the agency is hoping to soon deploy an LED flashlight that causes uncontrollable vomiting. The light, which is being developed for DHS at Intelligent Optical Systems, first shines a high-intensity beam to stun the target and then begins flashing a series of pulses that change color and duration -- inducing "psychophysical" effects that that include nausea, vertigo, and vomiting. While the concept isn't that far-fetched -- similar symptoms have been seen in helicopter pilots affected by sunlight strobing through spinning blades -- you've got to wonder how many thousands of dollars have been spent developing a weapon that can be defeated by simply looking away.[Via ABC News]
DHS, Boeing in hot water over SBInet border security delays
A mere two months after hearing that Boeing's sensor towers passed initial tests with flying colors, the firm -- along with the Department of Homeland Security, no less -- is now facing severe criticism from lawmakers. The reason for the sudden turn of events stems from the duo's inability to "keep officials up to date on deployment slips for a virtual fence in Arizona," and moreover, they made no mention of the apparently substantial problems at a June 7th hearing. Dubbed Project 28, this $67 million SBInet first phase is now sliding even further beyond the scheduled June 13th launch day, and the DHS' credibility is reportedly "being questioned" after repeated mishaps along the way. Ah well, that's what the volunteers are for, right? [Via The Register, image courtesy of Musgrave]
DHS looking to satellites, mesh networks for emergency communications
Seeking to avoid the communication breakdowns that occurred as a result of the September 11th terrorist attacks and the Hurricane Katrina disaster, the Department of Homeland Security is developing an emergency network that would let officials email one another even in the absence of a cellular infrastructure. The DHS' Advanced Research Projects Agency, which is analogous to the Pentagon's DARPA, is looking at a number of options to keep the data flowing following an emergency, including widespread deployment of mobile mesh networking technology or re-purposing some of the government's legacy satellites to handle terrestrial communications. This latter option is particularly attractive because some sats could offer transfer rates in excess of 100Mbps, and in fact a trial program is scheduled for this summer that will employ modified BlackBerries and Treos to send secure, satellite-based email between Homeland Security officials and the Royal Canadian Mounted Police.[Via Smart Mobs]
