Connect with us

Information

Former CIA and NSA Director: “We Kill People Based on Metadata”

Published

on

cell phone metadataAt a recent panel debate at the Johns Hopkins University, the topic of metadata was discussed. The panel members were Georgetown University Law professor David Cole, former CIA and NSA director Michael Hayden, and White House correspondent extraordinaire Major Garrett. Metadata is “data about data;” for phones, metadata includes the who, what, when, and where of your cell phone call without caring about the why. The who and when metadata can then be combined to accurately track how often calls are made between any two parties.

// -- Discuss and ask questions in our community on Workplace.

Also read: Crypto Anarchists Flock to Berlin to Escape the NSA

Metadata “Kills”

David Cole has previously explained the usefulness of metadata to the NY Book Review:

Of course knowing the content of a call can be crucial to establishing a particular threat. But metadata alone can provide an extremely detailed picture of a person’s most intimate associations and interests. and it’s actually much easier as a technological matter to search huge amounts of metadata than to listen to millions of phone calls.

Elsewhere in the space-time continuum, former NSA General Counsel Stewart Baker has outlined the NSA’s currently practiced belief:

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Metadata absolutely tells you everything about somebody’s life. If you have enough metadata, you don’t really need content.

After both pieces were brought up in the debate, Former director of the NSA and CIA Michael Hayden stated:

David’s description of what we can do with metadata, according to our mutual friend Steward Baker, is absolutely correct. We kill people based on metadata… but that’s not what we do with this metadata.

The General quickly qualified his statement by suggesting that only non-US citizens’ metadata was used in this way. However, many in the constituency still feel that the mere potential unconstitutional abuse of the NSA’s domestic metadata database should obviously be under more scrutiny. Especially given the ways that the NSA has been shown to use metadata.

In a previous report leaked by an unnamed NSA drone operator which was also corroborated by Snowden’s leaks, it was revealed that cell phone metadata such as calls made and received and geographic location to determine targets. These moves are made without any human factor to confirm a suspect’s identity. The unnamed drone operator said:

People get hung up that there’s a targeted list of people. It’s really like we’re targeting a cell phone. We’re not going after people – we’re going after their phones, in the hopes that the person on the other end of that missile is the bad guy.

The USA Freedom Act has made it through the House of Representatives and does represent a push back to the NSA’s metadata collecting powers. However, the legislation, which was held up in Senate, only prevents the NSA from viewing US citizen metadata without a warrant that is granted by a secret court, and does not offer protections to foreigners abroad or within America. As the world’s understanding of metadata and its potential abuse grows, so should the public awareness of privacy and security. Unfortunately, your metadata is still fair game.

Images from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Cybersecurity

This Tool Lets you Scan the Dark Web for your (Stolen) Personal Data

Published

on

A recently revealed a dark web scanning service was launched in the UK. The service is called OwlDetect and is available for £3,5 a month. It allows users to scan the dark web in search for their own leaked information. This includes email addresses, credit card information and bank details.

// -- Discuss and ask questions in our community on Workplace.

The service reportedly uses online programs and a team of trained experts to scan hundreds of thousands of dark web websites in order to look for their customers’ data. If any personal data is found, the company helps its users act in order to keep themselves safe. It was launched in an attempt to remove reliance on big companies, as users usually only know they were hacked after these companies make it public.

In a few cases, however, the information is revealed a long time after users are hacked. Earlier this year, Yahoo confirmed that, at least 500 million user accounts were compromised by what they believed to be a “state-sponsored actor”. The breach reportedly occurred in 2014, so it took users two years to know they were hacked.

Chairman of the National Cyber Management Centre, and member of OwlDetect’s advisory team, Professor Richard Benham said:

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Today the risk of having your personal information compromised is greater than ever. From messaging apps to online shopping and dating websites, we trust a huge number of companies with our details, and there are endless opportunities for those details to fall into the wrong hands.

Crawling the Deep Web

The deep web is, as we all know, beyond the reach of regular search engines. That may be about to change in the future, as more and more tools keep on claiming to be able to crawl it in search for specific information.

According to their website, this new service has a database of stolen data. This database was created over the past 10 years, presumably with the help of their software and team. A real deep web search engine does exist, however.

A few days ago, Hacked.com reported how the Department of Defense’s deep web search engine was to be enhanced by a recent acquisition. This search engine, named Memex, is reportedly able to crawl 90 to 95% of the deep web, presenting its search results in sophisticated infographics.

Image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Companies

Facebook Looking into “Disrupting Economics” of Fake News Sites

Published

on

Facebook

In a Facebook post Friday night, founder of the popular social network Mark Zuckerberg took time to outline the steps the company will take to tackle its “fake news” problem, which has been a hot topic in the wake of the election. One way the social media behemoth plans on doing that is by making sure fake news sites can’t profit. 

// -- Discuss and ask questions in our community on Workplace.

Mr. Zuckerberg calls it “disrupting fake news economics.”

“A lot of misinformation is driven by financially motivated spam,” he posted. “We’re looking into disrupting the economics with ads policies like the one we announced earlier this week, and better ad farm detection.”

Mr. Zuckerberg underscored that Facebook takes “misinformation serious” and reinforced the company’s goal “to connect people with the stories they find most meaningful.”

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The social media tycoon admits “We’ve been working on this problem for a long time.” There’s more work to be done, he says.

“Historically, we have relied on our community to help us understand what is fake and what is not,” he wrote in the long post. “…The problems here are complex, both technically and philosophically. We believe in giving people a voice, which means erring on the side of letting people share what they want whenever possible. We need to be careful not to discourage sharing of opinions or mistakenly restricting accurate content. We do not want to be arbiters of truth ourselves, but instead rely on our community and trusted third parties.”

Mr. Zuckerberg claims the percentage of misinformation is small, then outlines what Facebook will do, including stronger detection, easy reporting by users, third party verification via fact checking organization, warnings for stories flagged as false by other users, and raising bar for articles which appear in related articles suggestions.

“Some of these ideas will work well, and some will not,” he admits. “But I want you to know that we have always taken this seriously, we understand how important the issue is for our community and we are committed to getting this right.”

Image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Cybersecurity

LastPass Password Manager Goes Free Cross-Platform

Published

on

LastPass, arguably the most widely used password manager around is passing on some welcome news to its users. Starting Wednesday, LastPass users will be able to sync their passwords across multiple devices and platforms, for free.

// -- Discuss and ask questions in our community on Workplace.

The cross-platform sync for users’ credentials, previously a perk enjoyed by paying members, will now be enabled for all users and members on the free tier can start using the feature immediately across on multiple devices beyond their desktops or laptops.

Launched in 2008, LastPass has come a long way in becoming a ubiquitous name in password management. Joe Siegrist, founder and general manager of LastPass who made the announcement , sees the move enabling good password habits into becoming the norm. Using a password manager that works everywhere across devices and platforms, he notes, will help users with a strong foundation for securing their identities.

LastPass protects users’ credentials (usernames and passwords) and other data in a vault that’s secured by a master password. The data is encrypted with AES-256 bit encryption with Sha-256 salted hashes, which enables encryption and decryption to take place offline.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The announcement makes for a significant move for LastPass, the second in as many years. In August 2015, LastPass announced that it would enable users to manage their passwords, for free, on any one device. The popular choice was, of course, between desktops or smartphones. Now, users will merely have to put up with ads to use LastPass on their mobile devices once they’re out and about, away from their desktops or laptops.

Just under a year ago, LastPass was acquired by remote-access management provider LogMeIn, in a deal worth $110 million. This year, LastPass was proven to be vulnerable through a phishing attack. Since the revelation, the company has revamped and strengthened its security framework, before eventually launching its own two-factor authentication app, comparable to the likes of Google Authenticator and Authy.

 Image from LastPass.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Trending