Schneier on Security's Journal
 
 [Most Recent Entries] [Calendar View]

Friday, August 2nd, 2013

    Time Event
    8:03a
    False Positives and Ubiquitous Surveillance

    Searching on Google for a pressure cooker and backpacks got one family investigated by the police. More stories and comments.

    This seems not to be the NSA eavesdropping on everyone's Internet traffic, as was first assumed. It was one of those "see something, say something" amateur tips:

    Suffolk County Criminal Intelligence Detectives received a tip from a Bay Shore based computer company regarding suspicious computer searches conducted by a recently released employee. The former employee’s computer searches took place on this employee’s workplace computer. On that computer, the employee searched the terms "pressure cooker bombs" and "backpacks."

    Scary, nonetheless.

    EDITED TO ADD (8/2): Another article.

    EDITED TO ADD (8/3): As more of the facts come out, this seems like less of an overreaction than I first thought. The person was an ex-employee of the company -- not an employee -- and was searching "pressure cooker bomb." It's not unreasonable for the company to call the police in that case, and for the police to investigate the searcher. Whether or not the employer should be monitoring Internet use is another matter.

    2:28p
    Cryptography Engineering Book Review

    Good review of the strengths and weaknesses of Cryptography Engineering and Applied Cryptography.

    Best -- at least to me -- is the list of things missing, which we'll have to address if we do another edition.

    3:20p
    XKeyscore

    The Guardian discusses a new secret NSA program: XKeyscore. It's the desktop system that allows NSA agents to spy on anyone over the Internet in real time. It searches existing NSA databases -- presumably including PRISM -- and can create fingerprints to search for all future data collections from systems like TRAFFIC THIEF. This seems to be what Edward Snowden meant when he said that he had the ability to spy on any American, in real time, from his deck.

    In related news, this essay explains how "three-hop" analysis of the communications of suspected terrorists means that everyone in the US is spied on.

    EDITED TO ADD (8/3): The math is wrong in that three-hop analysis essay. Apologies.

    5:59p
    Friday Squid Blogging: Squid Watch

    I like watches with no numbers.

    As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

    << Previous Day 2013/08/02
    [Calendar]     		Next Day >>

Schneier on Security   About LJ.Rossia.org