Archive for the ‘Business’ Category
Amidst current attention on the Federal Court’s attempt to require Apple to install a backdoor allowing the FBI to access a criminal’s iPhone, may we remind ourselves of the NSA’s spectacular access to the same device using DROPOUT JEEP:
“DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.”
The flowchart of how the NSA makes your iPhone its iPhone is presented below:
- NSA ROC operator
- Load specified module
- Send data request
- iPhone accepts request
- Retrieves required SIGINT data
- Encrypt and send exfil data
- Rinse repeat
Big Victory: Judge Pushes Jewel v. NSA Forward
We won a groundbreaking legal victory late Friday in our Jewel v. NSA case, which challenges the NSA’s Internet and telephone surveillance. Judge Jeffrey White has authorized EFF, on behalf of the plaintiffs, to conduct discovery against the NSA. We had been barred from doing so since the case was filed in 2008, which meant that the government was able to prevent us from requesting important information about how these programs worked.
This marks the first time a party has been allowed to gather factual evidence from the NSA in a case involving the agency’s warrantless surveillance. The government had fought all our requests to proceed with this lawsuit, arguing that the state secrets privilege protects it against both discovery and liability. Judge White previously rejected that argument for our statutory claims under the Wiretap Act, the Foreign Intelligence Surveillance Act, the Electronic Communications Privacy Act, and the Stored Communications Act. This ruling affirms Judge White’s previous decision and opens the door for discovery.
This is an important step forward to lifting the cloak of secrecy that has thus far shielded the NSA from judicial scrutiny, and EFF looks forward to finally getting to the nuts and bolts of this extraordinarily important lawsuit.
In this, our fifth annual Who Has Your Back report, we took the main principles of the prior reports and rolled them into a single category: Industry-Accepted Best Practices. We’ve also refined our expectations around providing users notice and added new categories to highlight other important transparency and user rights issues.
We designed this report to take the basic principles of Who Has Your Back up a notch and see which companies were still leading the pack. Already, our newest report has had a similar effect on the industry as a whole, encouraging companies large and small to strive for more when it comes to standing by their users. In the months since we first told the companies what this year’s criteria would be, we’ve seen significant improvement in company practices. And we hope—and expect—that over the next year, we’ll see even more.
Download the complete Who Has Your Back? 2015: Protecting Your Data From Government Requests report as a PDF.
What is it about the financial sector that encourages bad behavior?
December 30, 2014 |By Francesca Gino
A paper recently published in Nature magazine found that the financial sector’s culture encourages dishonesty.
For the study published in Nature, Alain Cohn and his colleagues divided 128 employees of a large bank into two groups. In the first group, bankers were primed to think about their professional identity, with questions such as “what is your function at this bank?” Bankers in the second group, instead, completed a survey about their wellbeing and everyday life that did not include questions about to their professional life. Next they all tossed a virtual coin 10 times, in private, knowing each time which outcome would earn them $20 for the flip. They then had to report their results online to claim any winnings. The second group of bankers behaved honestly—reporting half heads, half tails—but there was cheating among those whose professional identity had been primed. In their case, in fact, the percentage of winning tosses came in at an incredibly fortunate 58.2 percent. Interestingly, the researchers also conducted the same experiment in other industries but did not find the same skewing when employees were primed to think about their work.
The authors conclude that the prevailing business culture in the banking industry weakens and undermines honesty.
Research in moral psychology and behavioral ethics, however, suggests that the dishonesty may be due something more basic: money and number crunching are an important part of the banking industry.
When people are focused on money, research shows, they behave in self-interested ways. Even thinking about money leads people to be less helpful and fair in their dealings with others, to be less sensitive to social rejection, and to work harder toward personal goals. In fact, money can make us so focused on our selfish motives that it can even lead to unethical behavior.
Automated Mass Surveillance is Unconstitutional, EFF Explains in Jewel v. NSA | Electronic Frontier Foundation
October 24, 2014
Today EFF filed our latest brief in Jewel v. NSA, our longstanding case on behalf of AT&T customers aimed at ending the NSA’s dragnet surveillance of millions of ordinary Americans’ communications. The brief specifically argues that the Fourth Amendment is violated when the government taps into the Internet backbone at places like the AT&T facility on Folsom Street in San Francisco.
Fourth Amendment to the Constitution of the United States of America:
The right of the people to be secure in their persons, houses, papers, and effects,
against unreasonable searches and seizures, shall not be violated,
and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation,
and particularly describing the place to be searched, and the persons or things to be seized
Businesses and governments around the world increasingly are turning to voice biometrics, or voiceprints, to pay pensions, collect taxes, track criminals and replace passwords.
"We sometimes call it the invisible biometric," said Mike Goldgof, an executive at Madrid-based AGNITiO, one of about 10 leading companies in the field.
Those companies have helped enter more than 65 million voiceprints into corporate and government databases, according to Associated Press interviews with dozens of industry representatives and records requests in the United States, Europe and elsewhere.
"There’s a misconception that the technology we have today is only in the domain of the intelligence services, or the domain of ‘Star Trek,’" said Paul Burmester, of London-based ValidSoft, a voice biometric vendor. "The technology is here today, well-proven and commonly available."
And in high demand.
Dan Miller, an analyst with Opus Research in San Francisco, estimates that the industry’s revenue will roughly double from just under $400 million last year to between $730 million and $900 million next year.