Private Lock Network

CCTV in the sky: police plan to use military-style spy drones: Via UK news | The Guardian.

Police in the UK are planning to use unmanned spy drones, controversially deployed in Afghanistan, for the "routine" monitoring of antisocial motorists, protesters, agricultural thieves and fly-tippers, in a significant expansion of covert state surveillance.

The arms manufacturer BAE Systems, which produces a range of unmanned aerial vehicles (UAVs) for war zones, is adapting the military-style planes for a consortium of government agencies led by Kent police.

Documents from the South Coast Partnership, a Home Office-backed project in which Kent police and others are developing a national drone plan with BAE, have been obtained by the Guardian under the Freedom of Information Act.

They reveal the partnership intends to begin using the drones in time for the 2012 Olympics. They also indicate that police claims that the technology will be used for maritime surveillance fall well short of their intended use – which could span a range of police activity – and that officers have talked about selling the surveillance data to private companies. A prototype drone equipped with high-powered cameras and sensors is set to take to the skies for test flights later this year.

Advertisement: [ Read more ... ]

Pentagon Searches for ‘Digital DNA’ to Identify Hackers: Via Danger Room.

One of the trickiest problems in cyber security is trying to figure who’s really behind an attack. Darpa, the Pentagon agency that created the Internet, is trying to fix that, with a new effort to develop the “cyber equivalent of fingerprints or DNA” that can identify even the best-cloaked hackers.

The recent malware hit on Google and other U.S. tech firms showed once again just how hard it is to pin a network strike on a particular person or group. Engineers are pretty sure the attack came from China, and it sure was sophisticated enough to come from a state military like China’s. But it’s hard to say conclusively that the People’s Liberation Army launched the strike.

It’s the kind of problem Darpa will try to solve with its “Cyber Genome” project.

Advertisement: [ Read more ... ]

Pentagon Report Calls for Office of ‘Strategic Deception’: Via Danger Room.

The Defense Department needs to get better at lying and fooling people about its intentions. That’s the conclusion from an influential Pentagon panel, the Defense Science Board (DSB), which recommends that the military and intelligence communities join in a new agency devoted to “strategic surprise/deception.”

Tricking battlefield opponents has been a part of war since guys started beating each other with bones and sticks. But these days, such moves are harder to pull off, the DSB notes in a January report (.pdf) first unearthed by InsideDefense.com. “In an era of ubiquitous information access, anonymous leaks and public demands for transparency, deception operations are extraordinarily difficult. Nevertheless, successful strategic deception has in the past provided the United States with significant advantages that translated into operational and tactical success. Successful deception also minimizes U.S. vulnerabilities, while simultaneously setting conditions to surprise adversaries.”

The U.S. can’t wait until it’s at war with a particular country or group before engaging in this strategic trickery, however. “Deception cannot succeed in wartime without developing theory and doctrine in peacetime,” according to the DSB.

Advertisement: [ Read more ... ]

EU has doubts as ISP rolls out DPI for copyright enforcement: Via Law & Disorder Section - Ars Technica.

Back in November, UK ISP Virgin Media announced that it would start using deep packet inspection gear to start riffling through user traffic. The goal was to search some of the leading P2P networks in order to measure copyrighted material passing through them. Today, the European Commission indicated that the plan is problematic, and it will keep a close eye on the trial.

Advertisement: [ Read more ... ]

Guilty Plea in ‘Anonymous’ DDoS Scientology Attack: Via Threat Level.

A Nebraska man is pleading guilty in federal court to a computer-disruption charge for his role in the 2008 distributed denial-of-service attack that temporarily shuttered Church of Scientology websites, the authorities said Tuesday.

Los Angeles federal prosecutors said Brian Thomas Mettenbrink, 20, signed a plea agreement Friday admitting his role in the January 2008 attack (.pdf) –- bringing to two the number of defendants convicted in Anonymous’ attack on Scientology. Next week, Mettenbrink is expected to officially enter his plea, which carries a year sentence, prosecutors said.

“He took their websites down,” Assistant United States Attorney Erik M. Silber said in a brief telephone interview from Los Angeles.

Advertisement: [ Read more ... ]

Terms of (Ab)Use: US and UK Consumers Dance to Different iTunes: Via EFF.org Updates.

Too often, online services draft their "Terms of Service" (TOS) agreements in ways that are one-sided and overreaching. In Europe, however, regulators are beginning to step in to protect consumers. In late November, the U.K.'s Office of Fair Trading (or OFT) announced that Apple, Inc. agreed to change the terms and conditions for its popular iTunes online music store in the United Kingdom. In particular, according to the statement from the OFT, the changes make the iTunes terms "clear, fair and easy to understand," and, more importantly, give consumers "clear and accurate information about their [] rights in case things go wrong." The OFT took action following a similar intervention by the Norwegian Consumer Council.

In the U.S., by contrast, there has been little regulatory attention paid to protecting consumers from overreaching TOS agreements. Thanks to a history of deference to "freedom of contract" in the U.S., along with a dearth of consumer protection laws that apply to online services, U.S. consumers often lack adequate protections from unfair "terms and conditions."

Advertisement: [ Read more ... ]

Bank sues victim of $800,000 cybertheft: Via Computerworld Security News.

In twist, Texas bank sues business customer, claiming cybertheft not its fault

A Texas bank is suing a customer hit by an $800,000 cybertheft incident in a case that could test the extent to which customers should be held responsible for protecting their online accounts from compromises.

The incident, which was first reported by blogger Brian Krebs this week, involves Lubbock-based PlainsCapital bank and its customer Hillary Machinery Inc. of Plano.

In November, unknown attackers based in Romania and Italy initiated a series of unauthorized wire transfers from Hillary's bank accounts and depleted it by $801,495. About $600,000 of the amount was later recovered by PlainsCapital.

Hillary demanded that the bank repay it the rest of the stolen money. In a letter to the bank in December, Hillary claimed that the theft happened only because PlainsCapital had failed to implement adequate security measures.

PlainsCapital promptly filed a lawsuit in the U.S. District Court for the Eastern District of Texas asking the court to certify that its security procedures were "commercially reasonable."

Advertisement: [ Read more ... ]

Lawyers Challenge Lowered Amount of ‘Shocking’ File Sharing Award: Via Threat Level.

Lawyers for a music file sharer said Monday they would challenge a judge’s order reducing from $1.92 million to $54,000 the amount their client, Jammie Thomas-Rasset, must pay the recording industry for copyright infringement of 24 songs.

The appeal concerns Friday’s head-spinning order by U.S. District Judge Michael Davis. The Minnesota federal judge dramatically lowered the amount a jury in June ordered Thomas-Rasset to pay — after being found liable in what at the time was the nation’s first Recording Industry Association of America file sharing case to reach trial. Most of the RIAA’s 30,000 lawsuits were settled out of court for a few thousand dollars during the record companies’ six-year litigation campaign, which is winding down.

Joe Sibley, Thomas-Rasset’s attorney, said in a telephone interview that even the reduced amount of damages is unconstitutionally excessive. It’s a penalty of 2,250 times an assumed $1 cost of a music download.

Advertisement: [ Read more ... ]