Why the FBI Apple hack is a good thing for security

March 29, 2016 by lance in Personal Privacy

The FBI's hack of Syed Farook’s iPhone appears to be a lot of work. This makes the security implications much less disturbing.

Microsoft successfully challenges national security letter against enterprise customer

May 22, 2014 by lance in FBI, legal

Tape on mouth

Microsoft challenged an FBI National Security Letter, and won | ZDNet

Recently unsealed documents show that Microsoft was able to beat back a National Security Letter (NSL) from the FBI.

NSL are like subpoenas but go through a different, and secret, process that bypasses the courts. NSL also include a gag order forbidding the recipient from revealing the existence of the letter to anyone.

Microsoft fought the NSL in question because it violated their policy of notifying all enterprise customers when they receive any "legal order related to data”. The FBI withdrew it without any rulings on the legality or appropriateness of the NSL.

This may indicate a move towards some limitations of the gag order attached to NSLs, which would be very valuable for transparency in the whole process.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

The real FBI facial recognition project

September 11, 2012 by lance in Biometrics, FBI, News, Surveillance

The New Scientist has an article on the FBI's Next Generation Identification (NGI) program.

It started out as a project to replace the old fingerprint database, but will now include biometrics, DNA, voice prints, and facial recognition.

The idea is to database all the mugshots so people can be quickly identified after arrest, or possibly so surveillance video could be compared to the database to identify possible suspects.

Obviously lots of civil liberties issues here, but still a very long way from the paranoid hollywood inspired rantings about real time global surveillance with integrated biometrics.

Excellent EFF post on failures of Cryptography regulation

October 21, 2010 by lance in Computer Security, Cryptography, First Amendment, Innovation, Internet, legal, Legislation, National Security, Online Privacy, Personal Privacy, Security Breaches, Surveillance

The EFF has an excellent article on eight reasons why government regulation of cryptography is a bad idea. The short answer is: the bad guys can easily get it and use it anyway, and it will make security for the rest of us much worse (not including the big brother surveillance and constitutional issues).