Monday, June 06, 2016

DOJ pushes for more regulation during 2016 CCIPS-CSIS Cybercrime Symposium - The α and Ω of InfoSec Program

Posted By CotoBlogzz

Rancho Santa Margarita, CA - during today's 2016 Center for Strategic and International Studies (CSIS) and  the Department of Justice’s Computer Crime and Intellectual Property Section (CCIPS) Cybercrime Symposium, the DOJ continued to push for more regulation, giving the the government more power to intercept private communication, mostly due to advances in technology. Something we continue to oppose.

In prepared remarks, Assistant Attorney General Leslie R. Caldwell, stated that 
The focus of this year’s cybercrime symposium is “Cooperation and Electronic Evidence Gathering Across Borders.”  This focus encompasses two emerging challenges to public safety and national security – the challenge posed when criminals use new technologies to victimize innocent people and avoid accountability or even identification; and the challenge posed when criminal schemes cross international borders and legitimate law enforcement efforts to counter those schemes require international cooperation to be successful.  Addressing these twin challenges are among the Department of Justice’s top priorities.  

After a brief cost-benefit analysis,   Ms.  Caldwell concludes  that "it is now becoming all too apparent that these benefits sometimes come at a cost, which was not widely appreciated until recently: criminals have been able to turn the advantages of the internet against us."

The thing is that even the British Computing Society (BSC) Code of Ethics, foresaw the ethical challenges associated with technology in general when it included the assertion that if you are even thinking of creating a new system, it's security has been compromised.  Blaming the Internet, in other words, is not a good idea.

What Apple Computer promises and what it can actually deliver are two completely different animals:  Remember the BCS Code of Ethics

Ms. Caldwell also blames certain marketing efforts, such as Apple Computer's that sell warrant-proof devices: "In an attempt to market products and services as protective of personal privacy and data security, companies increasingly are offering products with built-in encryption technologies that preclude access to data without the consent of the user." However, what Apple Computer and other so-called warrant-proof device makers promise, and what they can actually deliver are completely different issues. 

Ms Caldwell clarifies the warrant proof buzzword as follows: "
For law enforcement, “Warrant-proof” is not a technical term, and it can encompass different types of technology, but we use it to describe a situation where a service provider has implemented encryption in a way that prevents them from producing usable, unencrypted information even if they are served with a valid court order."

Ms Caldwell spends about one half of her time of her time on cross-border regulations, and the other one making the argument that law enforcement requires more regulation to battle warrant-proof technology: "That is why when we discuss the larger questions posed by warrant-proof systems, we must ensure that we have a broad-based policy discussion.  We should not allow changing technologies or the economic interests of the private sector to overwhelm larger policy issues relating to the needs of public safety and national security."

While we agree that given the mission/vision/goals, the alpha and the omega- the beginning and the end,  of an effective security program is policy, in this case the policy Ms. Caldwell advocates goes against freedom and privacy and civil liberties.

Ms Caldwell's  conclusion on cross-border sues is that " despite ongoing investments in mutual legal assistance, many of our foreign partners remain in the difficult position of relying on access to electronic evidence located within the United States for their legitimate public safety and national security needs."


Does Encryption Make Phones 'Warrantproof?' Fact-Checking The FBI

FBI Chief Tells Congress Encryption Is Creating 'Warrantproof' Devices

Most encryption products far beyond reach of US law enforcement

Anyone seeking to keep their data hidden could use hundreds of encryption services offered by companies outside the US if Washington compels tech companies to decrypt communications.

Apple says iOS 8 will shield your data from police
Apple says its new mobile operating system puts text messages, e-mails, photos and other data out of the reach of police -- even if they show up with a search warrant.
In a blog post, Apple says that iOS 8, which began rolling out Wednesday, has new encryption that will no longer allow the company to bypass a customer's passcode to access the data.

Unlocking Encryption: Information Security and the Rule of Law

This report examines the debate over encryption and concludes governments should not limit encryption, because it would reduce overall security, make it more difficult for companies to compete abroad, and limit progress in information security

Posted by CotoBlogzz Rancho Santa Margarita, CA - –  Tomasz Chmielarz, 33, of Rutherford, New Jersey and Devin James McArthur, 28,...

Hacker Robert Sanders, San Jose, CA Sentenced to a year plus restitution

Saunders Ordered to Pay Over $100,000 Restitution For Costs Incurred By Corporation When Responding To Computer Network Attack
Posted by CotoBlogzz
Rancho Santa Margarita, CA  – Robert Saunders, 30, San Jose, CA.,  was sentenced to twelve months in prison and ordered to pay $124,003.79 in restitution for attacking a corporate computer network, according to announcement by  United States Attorney Brian J. Stretch and FBI Special Agent in Charge John F. Bennett.


Vanyo Minkov, Bulgarian Hacker Gets 46 Months for stealing over 1,000 Accounting Firms Client’s Info

Rancho Santa margarita, – In late 2012, Vanyo Minkov, a  citizen of the Republic of Bulgaria  and his conspirators hacked into the networks of at least four accounting firms and stole the 2011 tax filings for over 1,000 of the firms’ clients. Minkov and others then used the stolen information to file fraudulent tax returns in the clients’ names for the 2012 tax year or sold the information to others for the same purpose. To date, the IRS has identified over $6 million in fraudulent claims made in connection with the scheme.

Organizations continue to celebrate 50th FOIA Anniversary - Not the CotoBuzz Journal

Posted By CotoBlogzz Journal

Rancho Santa Margarita, CA - According to announcement by the Department of Justice, (DOJ)
"organizations around the country continue to celebrate the upcoming 50th anniversary of the FOIA. This week, Director Melanie Ann Pustay will provide a keynote address on Friday, June 3rd at the Columbia Journalism School’s “FOIA @ 50” celebration."

Hacker Guccifer pleads guilty to computer hacking charges

Hacker 'Guccifer': I Got Inside Hillary Clinton's Server

Posted by CotoBlogzz

Rancho Santa Margarita, CA -  Marcel Lehel Lazar, 44, of Arad, Romania, a hacker who used the online moniker “Guccifer,” pleaded guilty today to unauthorized access to a protected computer and aggravated identity theft, according to announcement of federal agents, including, Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney Dana J. Boente of the Eastern District of Virginia and Assistant Director in Charge Paul M. Abbate of the FBI’s Washington Field Office

Hacker 'Guccifer': I Got Inside Hillary Clinton's Server

The Romanian hacker who first exposed Hillary Clinton's private email address is making a bombshell new claim — that he also gained access to the former Secretary of State's "completely unsecured" server.
Read More:

Hacker Responsible for Phishing Targeting Global Distribution System (GDS) Customers Extradited from France

GDS companies provide travel booking services to travel agencies and travel-related websites.  Airline tickets that are issued from sources other than air carriers themselves are generally processed through a GDS company. 

Ransomware and what to do about it – Digital Hygiene

Deputy Assistant Attorney General Richard Downing Testifies before Senate Judiciary Committee at Hearing Entitled “Ransomware: Understanding the Threat and Exploring Solutions”

Ten Charged in Laundering & Identity Theft Scheme: Fake Armenian and Georgian Passports Used To Open Bank Accounts in SOCAL

Hundreds of Fake Identities and Fraudulent Armenian and Georgian Passports Used To Open Bank Accounts and Mail Drops across Southern California

Posted by CotoBlogzz

            Rancho Santa Margarita, California – Federal authorities late yesterday arrested five out of 10 defendants who have been charged in identity thefts cases related to an international money laundering scheme that laundered millions of dollars in fraudulently obtained federal income tax refunds, according to statement by United States Attorney Eileen M. Decker

FBI’s Testimony to House Committee is less deciphering encryption and more of a false choice.

Rancho Santa Margarita, CA - Amy Hess , FBI's Executive Assistant Director, Science and Technology Branch , Statement today, Before the House Committee on Energy and Commerce, Subcommittee on Oversight and Investigation is titled Deciphering the Debate Over Encryption, is less of the deciphering  and more a false choice

No comments: