Homeland Security
Latest
Homeland Security doesn’t want Americans' airport face scans after all
Earlier this week, reports circulated that Homeland Security wanted to scan the faces of travelers, including US citizens, as they enter or leave the country. Naturally, critics raised concerns that the practice would violate citizens' privacy and that the "intrusive surveillance technology" could lead to abuses of power. Now, US Customs and Border Protection (CBP) says that it will allow US citizens to voluntarily participate in the program. In other words, US citizens can opt out.
Homeland Security wants airport face scans for US citizens
Homeland Security is joining the ranks of government agencies pushing for wider use of facial recognition for US travelers. The department has proposed that US citizens, not just visa holders and visitors, should go through a mandatory facial recognition check when they enter or leave the country. This would ostensibly help officials catch terrorists using stolen travel documents to move about. The existing rules specifically exempt citizens and permanent residents from face scans.
Federal judge rules suspicionless device searches at the border are illegal
Civil liberties advocates just scored an important victory in a bid to prevent arbitrary device searches at the US border. A federal court handling a 2017 lawsuit has ruled that US policies allowing device searches without valid suspicion or warrants violate Fourth Amendment protections against unreasonable searches and seizures. Judge Denise Casper noted that an exemption for searches at the border was "not limitless," and still needed to strike a balance between privacy and government interests. That usually means focusing on contraband, she said.
US investigates escort and massage sites over human trafficking
Backpage is no more, but US authorities are still determined to crack down on sites that enable human trafficking and other crimes. Wall Street Journal sources say Homeland Security, the Justice Department and others are reportedly investigating escort and massage sites Eros.com, EroticMonkey.ch and Rubmaps.ch to see if they've either participated in or knowingly facilitated trafficking, prostitution and money laundering. All three are dominating in the US in the wake of Backpage's closure, and both Eros and Rubmaps have turned up as evidence in multiple sex trafficking cases.
Homeland Security details social media collection from immigrants
The Department of Homeland Security has explained how it will demand social media info from asylum from newcomers to the US beyond visa applicants. A notice in the Federal Register makes clear that officials will ask for social network data in seven forms that asylum seekers, immigrants, refugees and "inadmissable aliens" must fill to be allowed into the country, whether temporarily or permanently. They'll have to provide five years' worth of usernames if they've used any of the same 19 sites that fall under the visa checks, including Facebook, Instagram, Twitter and Chinese sites like Douban and Weibo.
Facebook, Google meet intelligence agencies to talk 2020 election security
Both intelligence agencies and tech companies are gearing up to secure the 2020 US election, and that apparently includes some heart-to-heart conversations between the two. Bloomberg sources have learned that Facebook, Google, Microsoft and Twitter are meeting members of the FBI, Homeland Security and the Office of the Director of National Intelligence to discuss the industry's security strategy. This reportedly includes plans for tighter coordination between tech and government, as well as curbing disinformation campaigns.
US officials brace for ransomware attacks against election systems
It's no secret that many American officials are worried about hacks targeting the 2020 election, but there's one fear this time around that wasn't present in 2016: ransomware. Reuters has learned that Homeland Security's Cybersecurity Infrastructure Security Agency (CISA) is worried election databases could be targeted by the same kind of ransomware attacks that have plagued cities like Atlanta and Baltimore. Accordingly, it's teaming with election officials and relevant companies to both safeguard their databases and prepare responses for possible attacks.
House committee asks 8chan owner to testify over extremist content
Politicians are still determined to investigate 8chan's role in fueling extremism even though the site is effectively out of commission. The House's Homeland Security Chairman Bennie Thompson and Ranking Member Mike Rogers have sent a letter to 8chan owner Jim Watkins asking him to testify about the site's efforts to "investigate and mitigate" the appearance of extremist content, including white supremacist material. The politicians were concerned that 8chan has been linked to three mass shootings in 2019 (Christchurch, Poway and El Paso), with the attackers reportedly posting letters or manifestos on the site shortly before committing the murders.
Senate finds US agencies left security holes untouched for a decade
It's almost a truism to state that government IT security is frequently lacking, but a new Senate subcommittee report has underscored just how severe the problem is. Investigators found that several federal agencies (including the State Department, Homeland Security and the Social Security Administration) didn't adequately protect personal data, and that six of them hadn't installed security patches in a "timely" fashion to close vulnerabilities. In some cases, these flaws had lasted for roughly a decade or more.
US recommends Windows users patch against worm vulnerability
Microsoft Windows users who haven't patched their OS (or are using an unsupported version) are at risk of attackers exploiting a vulnerability known as BlueKeep. The Cybersecurity and Infrastructure Security Agency (CISA), Homeland Security's lead cybersecurity agency, said it successfully tested a working exploit for the BlueKeep vulnerability. Specifically, the agency was able to remotely run code on a Windows 2000 computer using BlueKeep, it stated in an advisory. The bug effects computers that are running Windows 7 or earlier (as well as Windows Server 2003 and 2008), and gives potential attackers access through Microsoft's Remote Desktop Services.
ACLU: border agents regularly perform 'warrantless' device searches
Privacy advocates have long been concerned that US border agents may be overstepping their boundaries when searching devices, and the ACLU just obtained evidence appearing to support that theory. The civil rights group has motioned for summary judgment in its lawsuit against the Department of Homeland Security after its discovery process revealed far-reaching policies for "warrantless and suspicionless" searches. Reportedly, both Customs and Border Protection as well as Immigration and Customs Enforcement have claimed "near-unfettered authority" to search phones, PCs and other devices, even though the requests fall well outside their purview.
Obama renews push for comprehensive cybersecurity legislation
Barack Obama's last effort to get some cybersecurity legislation through Congress stalled in 2011, when it successfully cleared the Republican-held House, but withered in the Senate. After some high-profile attacks on government social networking accounts, Sony and others, he's resurrecting those plans. It will be one of the many things the president discusses during his upcoming State of the Union address, but he is delivering a preview of those plans today in a speech at the Department of Homeland Security. Obviously many of the details will need to be worked out by Congress, but Obama is pushing for some liability protection for companies that quickly respond and share information about attacks. The White House says there will also be strict requirements for the protection of personal data.
U.S. government finds 0.7% of all mobile malware affects iOS, while Android accounts for 79%
A cautionary memo put out by the US Department of Homeland Security and the US Department of Justice shows that, according to the government's findings, only 0.7 percent of all mobile malware is designed to take advantage of iOS. This figure is in stark contrast to the Android OS, which the memo reports accounts for 79 percent of mobile malware threats. The release was published by the website Public Intelligence. The memo, which reports its data as being from 2012, was targeted at police, fire and emergency personnel. It goes on at length with tips for Android users to avoid common malware scams such as seedy SMS messages and counterfeit apps. In addition to ranking both iOS and Android, the report shows that 19 percent of malware is designed to affect the Symbian OS, 0.3 percent for Windows Phone and 0.3 percent for BlackBerry. [via TNW]
New DVD anti-piracy warning now packs double the nag
Starting this week, you'll find any newly-minted DVDs and Blu-ray discs will now include a similarly fresh anti-piracy message. Homeland Security's special agent badge now partners up with the FBI's own emblem on the new warning played before DVDs -- and it looks like it'll still be unskippable. If this dynamic duo isn't enough to scare into legitimate media consumption, how about another warning screen to really bring it on home? This one features the National Intellectual Property Center, which follows the same "piracy is bad" message, offering a helpful link as to why -- one we're sure you're going to investigate in the middle of movie night. Interestingly, these new screens themselves are still not in the public domain and only the major US movie studios are authorized to use them. No news yet on whether the authorities plan to include another screen explaining this, but you can check that second warning that you'll soon be yelling at right after the break.
US Department of Homeland Security developing system to predict criminal intent
We're not exactly lacking in opportunities for Minority Report references these days, but sometimes they're just unavoidable. According to a new report from CNET based on documents obtained by the Electronic Privacy Information Center, the US Department of Homeland security is now working on a system dubbed FAST (or Future Attribute Screening Technology) that's designed to identify individuals who are most likely to commit a crime. That's not done with something as simple as facial recognition and background checks, however, but rather algorithms and an array of sensors and cameras that can detect both physiological and behavioral cues that are said to be "indicative of mal-intent." What's more, while the DHS says that it has no plans to actually deploy the system in public just yet, it has apparently already conducted a limited trial using DHS employees -- though no word on the results of how well it actually works, of course. Hit the source link below for the complete (albeit somewhat redacted) documents.
Bomb-sniffing crystals may save us from nuclear Armageddon, tea leaves agree
Worried that a nuclear attack might wipe out all of American civilization? You needn't be, because the scientific community's crystal ball says crystal balls may save humanity. Last week, the Department of Energy awarded a $900,000 grant to Fisk University and Wake Forest, where researchers have been busy exploring the counter-terrorist capabilities of strontium iodide crystals. Once laced with europium, these crystals can do a remarkably good job of picking up on and analyzing radiation, as the team from Fisk and other national laboratories recently discovered. Cost remains the most imposing barrier to deploying the materials at airports or national borders, though soothsaying scientists claim it's only a matter of time before they develop a way to produce greater crystalline quantities at an affordable price. The only thing Miss Cleo sees is a glistening press release, in your very near, post-break future.
US Homeland Security Department planning to use Facebook, Twitter for terrorism alerts
It looks like we finally know what the US Department of Homeland Security plans to use instead of the now infamous color-coded terrorism alert system. According to a draft document obtained by the Associated Press, the department's new system will simply have two levels of alerts -- "elevated" and "imminent" -- and it seems those warnings will even be published online using Facebook and Twitter "when appropriate." There's no word as to exactly how those alerts will be published, however, or any indication that the two companies have actually committed to aiding the department in any way, for that matter. We should know more soon enough, though -- the new system is expected to be in place by April 27th.
US opts to derez virtual fence along Mexico border, replacing it with more affordable measures
Remember that hugely ambitious "virtual fence" that the US Homeland Security department was so keen on blowing a few billion dollars on? Well, following a bunch of setbacks and delays in its development, it's now been determined to be too darn expensive and is being scrapped. That's not without splashing some cash, however, as it's estimated that a billion dollars has already been spent on installing sensor towers along a 53-mile stretch of the Arizona border with Mexico. The plan now is to redirect funds to more conventional (and commercially available) surveillance measures, such as thermal imaging and unmanned aerial drones, which is estimated to cost $750 million to cover the remaining 323 miles of Arizona's border. Whatever happens, keeping illegal immigration and contraband smuggling to a minimum isn't going to be a cheap task. Almost makes you wonder if this isn't a problem better solved by non-technological means.
Operation Cyber Storm III underway, makes digital certificates cool again
Fans of cyberwarfare (which we are, if only because we like to imagine that it looks like Battlezone) take note: following hot on the heels previous Cyber Storm I and II and Cyber ShockWave wargames, the Department of Homeland Security is sponsoring a little something called Cyber Storm III. Starting yesterday, the three-day exercise simulates more than 1,500 different types of attack, with a special emphasis on identities, trust relationships, and digital certificates. As Brett Lambo, director of Homeland Security's Cyber Exercise Program, told AFP, "we're kind of using the Internet to attack itself. At a certain point the operation of the Internet is reliant on trust -- knowing where you're going is where you're supposed to be." The exercise will test the National Cyber Incident Response Plan as well as the new National Cybersecurity and Communications Integration Center. But you can breathe easily: the operation is focusing on defense, not offense (for now).
Adafruit's DIY 'less lethal' weapon looks cool, doesn't really work
As you're no doubt well aware, the government is always looking for new ways to make dissidents feel uncomfortable. In this space alone we've seen devices meant to cook folks with microwaves, zap 'em with electricity, and make 'em nauseous using light. Taking inspiration from the last one, the open source pranksters at Adafruit Industries have built a contraption of their own called the Bedazzler. It's powered by an Arduino and, unlike the original, Adafruit's version doesn't seem to work for the purpose incapacitating no-goodniks -- but that's probably a good thing. For some background on this extremely less than lethal device, peep the the video after the break. And then hit the read link to build one yourself.
