November 13, 2009
It turns out that the standard sets aside very little bandwidth — 64K bits per second — for keeping track of information about phone calls being made on the tapped line. When a wire tap is on, the switch is supposed to set up a 64Kbps Call Data Channel to send this information between the telco and the law enforcement agency doing the wiretap. Normally this channel has more than enough bandwidth for the whole system to work, but if someone tries to flood it with information by making dozens of SMS messages or VoIP (voice over Internet protocol) phone calls simultaneously, the channel could be overwhelmed and simply drop network traffic.
That means that law enforcement could lose records of who was called and when, and possibly miss entire call recordings as well, Sherr said.
Of course, criminals have plenty of easier ways to dodge police surveillance. They can use cash to buy prepaid mobile phones anonymously, or reach out to their accomplices with encrypted Skype calls, said Robert Graham, CEO with Errata Security. Luckily for the cops, criminals usually don’t take their communications security that seriously. “Most criminals are stupid,” he said. “They just use their same cell phone.”
The police-only forensics tool made by Microsoft to capture forensics data from a live system has been leaked online. The tool, Coffee, has been the subject of much speculation by the tech media who now finally has a chance to see it. According to reports, it grabs process information, network data, user passwords, and all sorts of information. Could the methods needed to gather that data be exploited by others? Given Microsoft’s security history the answer is most likely.
October 28, 2009
This new book from AK Press, Mythmakers and Lawbreakers: Anarchist Writers On Fiction combines two of our favorite topics. I’ll definitely have to check that one out. I may even check out Red Planets: Marxism and Science Fiction while I’m at it.
Speaking of @ and sci-fi, Bruce Sterling’s recent post on sci-fi and anarchism brought these two resources to our attention:
July 23, 2009
This Vanish program/service for limiting data persistence on things you post online has some interesting implications:
Computing and communicating through the Web makes it virtually impossible to leave the past behind. College Facebook posts or pictures can resurface during a job interview; a lost or stolen laptop can expose personal photos or messages; or a legal investigation can subpoena the entire contents of a home or work computer, uncovering incriminating or just embarrassing details from the past.
Vanish is a research system designed to give users control over the lifetime of personal data stored on the web or in the cloud. Specifically, all copies of Vanish encrypted data — even archived or cached copies — will become permanently unreadable at a specific time, without any action on the part of the user or any third party or centralized service.
For example, using the Firefox Vanish plugin, a user can create an email, a Google Doc document, a Facebook message, or a blog comment — specifying that the document or message should “vanish” in 8 hours. Before that 8-hour timeout expires, anyone who has access to the data can read it; however after that timer expires, nobody can read that web content — not the user, not Google, not Facebook, not a hacker who breaks into the cloud service, and not even someone who obtains a warrant for that data. That data — regardless of where stored or archived prior to the timeout — simply self-destructs and becomes permanently unreadable.
Though this is a research prototype, it’s available as a downloadable program (with a firefox plugin) or an online service. It will be interesting to see how projects like this develop and what legal ramifications they will have.
July 15, 2009
A new FAQ is being put together for DIY Bio questions. Check it out and/or add to it (it’s a wiki).
July 13, 2009
Given the increasing number of countries and corporations that are seeking to censor or control the internet, it is fantastic to see an initiative to establish a community-based wireless mesh network as a free alternative. Introducing the autonomous internet, or auto-net:
How? Advances in wireless technology such as ubiquitous wireless routers, community mesh networks which are easily expandable and self-healing as well as long range wireless efforts such as HPWREN indicate a possible future for a community based internet free of the centralized control of telephone corporations and governments. While this is definitely a fork, more forks are to come and we can only hope that a few networks will emerge which can be broad enough to span most of the globe.
Imagine if all of the hacker spaces around the globe started contributing to this?