Tag: snooping

UK pledges to increase snooping with US

spyThe UK and the US are using the massacres in Paris as a pretext for “increasing co-operation” on snooping on internet users.

Prime Minister David “one is an ordinary bloke” Cameron said the two countries will set up “cyber cells” to share intelligence and conduct simulated attacks to test the defences of organisations such as banks.

Cameron is visiting Washington to tell them how to sort out their economy and security, and is due to have a second meeting with President Barack Obama today.

Cameron said that the two countries had  hugely capable cyber defences and the expertise and that is why they  should set up cyber cells on both sides of the Atlantic to share information, Cameron said.

The cooperation between Britain’s GCHQ eavesdropping agency and the US National Security Agency will include joint war games, with the UK providing the Games Workshop figures and the US providing the rules, the polyhedral dice and the joints.

The first exercise later this year to involve the Bank of England and commercial banks in both the City of London and Wall Street. It is not clear who will be exercising but if you ask any bankers we have seen to do a push up the body bag count will be high.

“This is a real signal it is time to step up the efforts and to do more,” said Cameron.

The British leader said he also planned to discuss with Obama how the two countries could work more closely with big Internet companies such as Facebook and Google to monitor communications between terror suspects. This is of course something that Facebook and Google want nothing to do with, so chances are he will be talking about bringing in laws to force them.

One thing Cameron has not answered is that if the UK and US have such wonderful cyber ability and resources, how did the Paris attacks actually happen? It seems that the more snooping powers that the UK and the US demand, the less effect it has on the goal of preventing terrorism.

Cameron claims that ISPs are protecting terrorists

stupid cameronUK Prime Minister David “one is an ordinary bloke” Cameron has been claiming that ISPs are responsible for the deaths of fusilier Lee Rigby.

Responding to a report by the intelligence and security committee, Cameron said that internet companies are allowing their networks to be used to plot “murder and mayhem”.

He demanded that internet companies live up to their social responsibilities to report potential terror threats and said there was no reason for such firms to be willing to cooperate with state agencies over child abuse but not over combatting terrorism, or anything else that he might not happen to likethat week.

The parliamentary intelligence and security committee (ISC) concluded that the brutal murder of Rigby could have been prevented if a US internet company had passed on an online exchange in which one of the killers expressed “in the most graphic terms” his intention to carry out an Islamist jihadi attack.

However Cameron’s blaming the ISPs was probably more to cover up for the fact that the agencies had made a cock-up in their monitoring of Rigby’s murderers, Michael Adebolajo and Michael Adebowale.  He focused on a comment which said that if MI5 had had access to the exchange between one of the killers, Adebowale, and an extremist overseas, Adebowale would have become a top surveillance priority. By failing to alert the authorities, the company had, “however unintentionally,” provided a “safe haven for terrorists.”

The report did say that MI6 and MI5 had made errors but that the murder would have happened even if the errors had not.

This is one of the problems – terrorists are darn hard to spot at the best of times and these two were known as self-starter terrorists, whose connection with other terrorist groups is slight. The report says the two men appeared between them in seven different agency investigations but were for the most part regarded as low-level subjects of interest.

“Adebolajo was a high priority for MI5 during two operations: they put significant effort into investigating him and employed a broad range of intrusive techniques. None of these revealed any evidence of attack planning,” the report said.

Adebowale was never more than a low-level subject of interest and the agencies took appropriate action based on the rigorous threshold set down in law: they had not received any intelligence that Adebowale was planning an attack and, based on that evidence, more intrusive action would not have been justified.

However Cameron said there was no possible justification for US internet providers not to inform agencies of terrorist activity since they already cancelled the accounts of suspected terrorists.

This summer, the government updated its legislation to require internet companies to cooperate with the state and report potential terrorist activity, but he said the level of cooperation was not satisfactory, mostly because of a reluctance for ISPs to be involved with what would be a police state.

Given that the ISP in this case was based in the US, it would have been incredibly unlikely that Cameron cracking down on UK ISPs would have made the slightest difference.

However, he admitted there was legal uncertainty about the duty of internet companies based in the US to cooperate with UK agencies due to conflicting laws in the US.

“There were errors in these operations, where processes were not followed, decisions not recorded, or delays encountered. However, we do not consider that any of these errors, taken individually, were significant enough to have made a difference,” the report says.

Councils snoop on employees, residents

fingerprintHard evidence shows that UK councils behave far worse than Google and employ cameras to check whether their own employees and residents follow the made up rules council officials operate.

It has emerged CCTV cameras follow every movement of the binmen as they pick up wheelie bins, and binmen are called to task if they get a tiny iota wrong.

A letter from a man called Robert Brown – waste and recycling operations manager at Oxford City Council, a functionary for the body  – confirms that a corporation operating binmen has cameras watching all the time to see what both their employees and residents are up to.

We have asked for full YouTube footage of the probably daily snooping, by back door cameras watching both employees and residents, in the hope there might be transparency.

Brown said to a resident of back water Mill Street, in Oxford: “We have taken the time to check out our inboard cameras and can confirm that your bin was not presented correctly when our operatives came to service your street.”

The resident told TechEye: “My bin was where it had been for the last four and a half year years. It is a narrow street and I would not care to put a bin on the pavement because people are trying to take their children to school and walk on the narrow street.”

Oxford City Council’s Brown produced one sample of video and four photographs to demonstrate the local resident was in the wrong, but posed the question to TechEye about surveillance of both staff and the people that pay Oxford City Council’s functionary bills.

A local resident told TechEye – on conditions of anonymity – that the binmen had been happy to deliver the blue bin to its inevitable consignment in a Grunwald’s vehicle but that he was puzzled that what she thought was a mistake on the behalf of the binmen, turned out to be an act of mass surveillance.

At press time, Oxford City Council was unable to reply because they only operate between the hours of nine to five, Monday to Friday. We’ll try tomorrow to get a definitive answer from Robert Brown – that is to say his representatives on earth, the press officers at Oxford City Council.

As you can see, from the pictures, below  there is a lack of cohesive advice to both binmen and residents.  We at TechEye are also concerned at the lack of transparency and intrusion from Oxford City Council and its representatives.  More on Tuesday.

morebins

bins

Retailers are pulling an NSA on shoppers

smartphone-shoppingSmartphones and tablets have not just changed the way we shop online, they are also having an impact in brick-and-mortar shops, as many shoppers are using them to compare prices and read product reviews. But shoppers aren’t the only ones doing a bit of intelligence work on the ground, the retailers are responding in kind.

More and more retailers, or click-and-mortar outfits are gathering data from smartphone users in stores, reports AFP. They are simply using the smartphones to check what the shoppers are up to, where they are moving and what they are looking for. The practice is not going down well with privacy groups, but shops seem to like what they are getting and there are even a number of start-ups specialising in the field.

Of course, the data shops can collect is rather limited, but it is nonetheless useful. They can track users visits and their identities, learn how frequently the shoppers return, see what they are looking for in the shops and so on. The data allows them to better understand customer behaviour and to come up with ways of getting more return business and making better offers to potential customers.

Although privacy concerns are rather fashionable these days, thanks to America’s attempts to beat East Germany in spying on its own citizens, most of the data collected by the shops seems relatively harmless, as it doesn’t include any truly personal data, such as phone numbers, emails or credit card info. In fact, anyone who swipes a credit card in the shop is likely to be providing the shop with more valuable information.

It sounds like a benign and relatively harmless practice, but if it catches on it will undoubtedly draw more scrutiny. Not because it is dangerous or unethical, but because talking about privacy and data security is a pretty good way of getting on the telly and getting some free publicity.

Employers rely on staff not to snoop

snoopBusinesses are placing too much trust in their employees when it comes to safeguarding company data, a survey by LogRhythm has found.

However employees are pulling the wool over their bosses’ eyes.

Questioning 1,000 employers, the cyber threat defence, detection and response company found 80 percent do not believe any of their workers would view or steal confidential information, while three quarters admitted to having no enforceable systems in place to prevent unauthorised access to company data by employees.

And some seem to have all the faith in the world when it comes to their staff with a third claiming they don’t believe they need such systems at all.

In addition, around two thirds of companies surveyed  admitted to not regularly changing passwords to stop ex-employees being able to access sites or documents.

However, on the employees side, it seems not all is well. In a separate survey of 2,000 staff LogRhythm found that 23 percent had accessed or taken confidential data from their workplace, with one in 10 saying that they do it regularly.

The most accessed confidential data related to details of colleagues’ salaries,  with 38 percent of staff admitting to snooping around to find this out, while a further 23 percent said they looked for details of colleague bonus schemes.

A huge 94 percent of those who had accessed confidential information or stolen company data had never been caught.

When asked, more than a quarter of employers could not identify the biggest threats to their confidential data, while 14 percent did not even know whether employees have stolen data – even though they believe employees would do so.

Ross Brewer, vice president and managing director for international markets at LogRhythm, came to the groundbreaking conclusion that this showed there was a “clear gap between businesses’ internal security procedures and the harsh reality of employee behaviour”.