Tuesday, March 31, 2015

Ross Ulbricht's Lawyers Were Told About Corrupt Investigators, But Barred From Using That During His Trial

We already wrote about Monday's unsealed criminal complaint against two government agents who were key players in investigating Silk Road -- but who used that position to steal Bitcoins and a lot of other questionable behavior. Now it comes out that the Justice Department revealed the existence of this investigation to Ross Ulbricht's lawyers five weeks before Ulbricht's trial -- but then blocked Ulbricht's legal team from using that information, even as the Justice Department continued to rely on evidence from both of the apparently corrupt federal agents. Ulbricht's lawyer, Joshua Dratel, has put out a statement pointing out some of the problems here:
In addition to keeping any information about the investigation from the defense for nearly nine months, then revealing it only five weeks prior to trial, and then moving to keep sealed and secret the general underlying information so that Mr. Ulbricht could not use it in his defense at trial, and then stymying the defense at every turn during trial when the defense tried to introduce favorable evidence, the government had also refused to agree to the defense’s request to adjourn the trial until after the indictment was returned and made public – a modest adjournment of a couple of months, since it was apparent that the investigation was nearing a conclusion.

Throughout Mr. Ulbricht’s trial the government repeatedly used the secret nature of the grand jury investigation as an excuse to preclude valuable defense evidence that was not only produced in discovery, independent of the investigation of Mr. Force, but also which was only at best tenuously related to that investigation. In that manner the government deprived the jury of essential facts, and Mr. Ulbricht of due process. In addition, the government failed to disclose previously much of what is in the Complaint, including that two federal law enforcement agents involved in the Silk Road investigation were corrupt. It is clear from this Complaint that fundamentally the government’s investigation of Mr. Ulbricht lacked any integrity, and was wholly and fatally compromised from the inside.
Dratel suggests that the corrupt behavior of Force and Bridges raises questions about nearly all aspects of the Ulbricht case, especially since they have already showed that they abused their access to the Silk Road platform in a way that could change the site and account information.

Additional information shows that Force not only acted as "Chief Compliance Officer" for CoinMKT while still employed as a DEA agent (and abusing his ability to use government databases for the job), but as a report from Sarah Jeong at Forbes shows, he also reached out to Mt. Gox CEO Mark Karpeles:
And then even asked about working with Mt. Gox as well, with this bizarre "American government and economy will crash in the next five years" statement:
Just about a month later, when Bridges was the affiant on helping the government seize millions of dollars from Mt. Gox (just days after withdrawing the money he himself allegedly stole from Silk Road), Force emailed Karpeles again, saying "told you should have partnered with me!"
And that doesn't even get into the fact that the whole "murder plot" that was such a headline grabber in the original criminal complaint only happened after Bridges apparently took the money and Ulbricht reached out to Force to get him to put out a hit on the guy he thought had stolen the money (who had actually been cooperating with the government, which allowed Bridges to get the info to steal the money in the first place).

As we noted in our earlier piece, the criminal complaint shows that Force himself abused his power as a DEA agent to fake a subpoena against Venmo trying to get his own account unfrozen -- and it appears that when that didn't work, Force tried to further abuse his power to seize Venmo's bank account in response. A snippet from an email he sent to a colleague:
Venmo has since registered with FinCEN, but I want to know if they have state money license remitting licenses in California and New York. Can you check? If not, I want to seize their bank accounts (need to identify them) a la BRIDGES and [M.M.’s] seizure warrants for Mt. Gox.
And here's the big question: were Bridges and Force really just two "bad apples" in the investigation? Or could it have gone much deeper? As Jeong notes in her report:
During the trial, the defense kept trying to introduce the character of “mr. wonderful,” a Baltimore DHS agent who coerced a Silk Road moderator into giving her account over to law enforcement. Although many of Force’s aliases are listed in the criminal complaint against him, none of them are “mr. wonderful.” (In any case, Force is a DEA agent, and “mr. wonderful” is DHS). Who is mr. wonderful? What exactly did he do?
In other words, whether or not you believe that Ulbricht was DPR, the investigation and trial against him was a complete and utter mess, and these new charges raise an awful lot of questions about the fairness of that trial.

Permalink | Comments | Email This Story







CNBC Worries About Poor, Helpless Multinational Corporations Who Are Being 'Cyberbullied'

Do you remember the last time your tweets made a corporation cry? Or when you Facebooked a multinational into deleting its home page? Or that one time when police were called in to investigate threats to withhold future purchases?

In an article far less overwrought than its title would suggest, some analysts are comparing social media backlash to "cyberbullying."

Cyberbullying isn't something normally associated with large corporations. However, in the last week alone social networking played a big role in humbling two culturally influential institutions: Starbucks and DC Comics. Both companies beat a hasty retreat from planned campaigns, and in the process learned a painful lesson in frontier Internet justice.

They join a gallery of big companies that have learned the hard way that hell hath no fury like a Twitter user scorned. So has social media ushered in the age of cyberbullying of big companies?

According to experts, the answer is yes … and no. By and large, the Internet is seen by many as a way to hold companies accountable for their business practices, and give consumers a measure of leverage. Yet it also means big firms no longer totally control their own narratives, and companies can quickly become helpless bystanders in their own story.
Since the average social media user's market cap is far below that of the "bullied," this would seem to be be more evidence that the internet levels the playing field like nothing that has come before it. Sure, pre-internet backlash was possible, but it involved letter-writing campaigns that worked only for those who enjoyed delayed gratification, boycotts that generally had more effect on local media coverage than the bottom lines of the companies targeted, and petitions with actual handwritten signatures very few people in the upper management levels ever saw.

Now, the backlash is not only immediate, but it's massively multiplied. The word "firestorm" is thrown around, but despite its causal ubiquity, it's actually a rather apt metaphor. When a company (and there's so many to choose from) screws up -- especially if its first reaction is to quell/ignore criticism -- the complaints of the few become the movement of the masses. An entity's reputation can go up in flames in a matter of hours, especially if its responses are combative or defensive. Memory-holing offending content or killing off social media pages is completely suicidal. And complaints about the "unfairness" of the criticism (even when the criticism isn't legitimate) isn't going to turn the tide, because no one really wants to hear a multi-million dollar corporation indulging in self-pity.

Of course, the same platforms that are decried as being tools of bandwagon-jumping haters can be used proactively by companies. Too many companies believe a fire can be extinguished by waiting for it to burn itself out. Engagement means more than blasting out corporate site links and discount codes. It means listening. It also means publicly dealing with screw-ups in real time. Some companies can't handle this, having outsourced their social media presence to random employees or interaction-free bots. The internet can be "won," but most companies apparently aren't in the position to do so, despite years of social media unrest clearly indicating the importance of agility and responsiveness.

No matter what it feels like to be the target of the well-oiled internet hate machine, it's a stretch to call this sort of thing "bullying." Wrong or right, internet backlash usually involves "punching up." Sure, the number of people involved can give this a "bullying" appearance, but the same tools being used to criticize can be used to connect. Far too many companies either can't or won't perform this essential part of maintaining an "online presence." And when they don't, they lose. Unlike most other bullying, the power still remains in the hands of the "bullied." It's up to them to use it effectively.



Permalink | Comments | Email This Story







Monday, March 30, 2015

Macro-based malware strikes again: How to keep your networks safe

Bad guys have regained interest in macro-based malware, reports Microsoft and Trend Micro. Learn why vigilance is key to combatting it.


Friday, March 27, 2015

TSA Waves Convicted Murderer With Explosives Experience Through Its PreCheck Lane

The TSA's PreCheck program also expedites security screening for "notorious convicted felons" and "former domestic terrorists." Who knew? From the sounds of its in-depth pre-screening efforts, you would think (unnamed) convicted felons wouldn't be able to sail past the checkpoint without even slowing down, but apparently, that's exactly what happened. And it's not just any former felon/domestic terrorist, but one who was previously convicted of murder and offenses involving explosives. (via Kevin Underhill/Lowering the Bar)
The U.S. Office of Special Counsel (OSC) received a whistleblower disclosure alleging a sufficiently notorious convicted felon was improperly cleared for TSA Pre✓ screening, creating a significant aviation security breach. The disclosure identified this event as a possible error in the TSA Secure Flight program since the traveler’s boarding pass contained a TSA Pre✓ indicator and encrypted barcode.
The good news (such as it were) is that the TSA did not grant the unnamed felon/terrorist PreCheck approval through its laborious and intrusive application process. It also didn't wave him/her through because lines were backing up at the normal checkpoints. (This is called "Managed Inclusion" by the TSA, but it more resembles "For the Hell of It" in practice…) That ends the good news.

It did, however, use its "risk assessment rules" to determine the terrorist/felon to be of no threat. This might be encouraging news for former felons/domestic terrorists, perhaps signaling that government agencies may ultimately forgive some criminal acts and not subject former felons to additional security harassment in perpetuity. Then again, this may just be the TSA's excuse for waving someone with questionable PreCheck clearance through security because a checkmark -- and its own internal bureaucracy -- told it to.
We also determined the Transportation Security Officer (TSO) followed standard operating procedures, but did not feel empowered to redirect the traveler from TSA Pre✓ screening to standard lane screening.
The OIG recommends more "empowerment" for rank-and-file. Good luck with that. If officers don't feel empowered, it's because management has shown them that questioning the (broken and wildly inconsistent) system isn't an option. Neither is doing any independent thinking. When this officer attempted to push it up the line, he/she ran into a pretty predictable response.
[T]he TSO knew of the traveler's TSA Pre✓disqualifying criminal convictions. The TSO followed the standard operating procedures and reported this to the supervisory TSO who then directed the TSO to take no further action and allow the traveler through the TSA Pre✓ lane. As a result, TSA does not have an incident report for this event.
One of the TSA's Behavioral Detection Officers (highly-trained in the art of the mental coin toss) was also contacted by the concerned officer. And, again, no further action was taken/recommended.

In the end, a felon/terrorist boarded a plane because the TSA's bureaucratic process can't handle contradictory variables. The PreCheck approval said "yes," but the previous convictions said PreCheck approval should never have happened. The TSA deferred to the obviously incorrect checkmark on the boarding pass. And now we have the punchline to the joke that starts, "A murderer with explosives experience walks into a PreCheck lane…"

The OIG's mostly-redacted recommendation criticizing the TSA's over-reliance on fallible pre-screening processes was mostly ignored by the agency.
TSA officials did not concur with Recommendation 1. In its response, TSA said that with respect to individuals who may pose an elevated security risk to commercial aviation, theU.S. Government's approach to domestic aviation security relies heavily on the TSDB and its Selectee List and No Fly List subcomponents. TSA said, had the intelligence or national law enforcement communities felt that this traveler posed an elevated risk to commercial aviation, they would have nominated the traveler to one of these lists and prevented the traveler from being designated as lower-risk.
To which the OIG responded, "Well, that 's obviously not working because this traveler should have been automatically denied PreCheck approval."
We consider TSA's actions nonresponsive to the intent of Recommendation 1, which is unresolved and open. TSA said it relies on the U.S. Government watchlisting process to identify individuals that represent an elevated risk to commercial aviation. However, not all non-watchlisted passengers are lower-risk and eligible for TSA Pre✓. For example, TSA has established disqualifying criteria, in addition to the watchlisting process, for an applicant seeking TSA Pre✓ Application Program membership. TSA will deny membership to an applicant convicted of any of the 28 disqualifying criminal offenses or not a U.S. citizen or Lawful Permanent Resident. Even though the traveler is not watchlisted, the traveler would be permanently ineligible for TSA Pre✓.
And yet, a convicted murderer has been PreCheck approved. The TSA wants to blame the rest of the government. The OIG just wants someone to use common sense, rather than never questioning a boarding pass. The OIG has a good point. The TSA claims it's shifting to a smarter, more responsive travel security, like the PreCheck program and its many Behavioral Detection Officers. But when a situation involving both arose, it left the thinking to its brainstem -- unwavering faith in databases and policy -- rather than making any move indicative of higher thought processes.

Permalink | Comments | Email This Story







Protect your Mac with Sesame 2 multi-factor authentication

Jesus Vigo reviews the multi-factor authentication protection offered by Sesame 2 for modern Mac desktops or laptops.


A Growing Chorus Is Trying To Rewrite The History Of Net Neutrality -- And Blame Absolutely Everything On Netflix

With either an ISP lawsuit or a 2016 party shift the only way to kill our new net neutrality rules, neutrality opponents have some time to kill. As such, they're in desperate need of somewhere to direct their impotent rage at the foul idea of a healthier Internet free from gatekeeper control. Step one of this catharsis has been to publicly shame the FCC for daring to stand up to broadband ISPs in a series of increasingly absurd and often entirely nonsensical public "fact finding" hearings. Step two is to push forth a series of editorials that tries to rewrite the history of the net neutrality debate -- with Netflix as the villainous, Machiavellian centerpiece.

A few weeks ago, Netflix CFO David Wells told attendees of an investor conference that Title II was "probably not" what the company wanted at the outset. This resulted in an endless stream of stories about how Netflix had "flip-flopped" on its net neutrality position and simply could not be trusted. Except if you actually bothered to read the transcript of his comments, he goes on to note the company is very pleased where things have wound up, and happy to have a viable regulatory mechanism at the FCC to file complaints over things like interconnection:
"Were we pleased that it pushed to Title II, probably not, right? I mean, we were hoping that, there might be a non-regulated solution to it. But it seems like companies that are pursuing their commercial interests including us have to arrive at something like that. So we're super pleased that there is now a notion, at least a vehicle, for a complaint...So I would say we are very pleased with what's been accomplished."
Wells pretty clearly explains that while it would have been nice if we could have protected net neutrality without regulation, it became pretty clear that Title II was the only way regulators could adequately police anti-competitive behavior in the broadband sector. That's what Title II supporters have been saying for months: while Title II isn't perfect, it's the best option we have given the lack of broadband competition in the sector (which despite a lot of rhetoric isn't improving anytime soon). There's nothing hypocritical -- or even shocking -- about what Wells said.

Still, that Wells had exposed Netflix as a shady trickster has somehow become the talking point du jour in the media and among net neutrality opponents for much of the last six months, with editorials and headlines suggesting Netflix was now "shunning ObamaNet", or was suffering "lobbyist remorse" over net neutrality. In an editorial for the Wall Street Journal, Holman Jenkins Junior declared the CFO had somehow single-handedly proven that the entire push for net neutrality was somehow a Netflix Con:
"Why, a month after this deluge of demurrers, did Netflix change its tune radically and call for utility regulation of even the upstream “network of networks,” which previously had not been considered part of the net-neutrality debate? Because Netflix was then rolling out its own network, Open Connect, to bypass the public network in favor of direct tie-ups with last-mile providers like Comcast,Verizon and AT&T. This largely ignored story has been told in detail by a disparate group of analysts and lawyers including Dan Rayburn, Larry Downes, Jonathan Lee and Fred Campbell. Netflix effectively engineered a slowdown of its own service in late 2013 by relying on an intermediary with inadequate capacity, then waved a bloody shirt in pursuit of the direct-connection deals that today allow Netflix to distribute its content more efficiently and cheaply.

At least now we understand the famous but nearly indecipherable remarks of Netflix CFO David Wells at a Morgan Stanley media conference two weeks ago. To wit, Netflix had been happy to flog the net-neutrality meme while negotiating these agreements, Mr. Wells indicated, and then unhappy when the FCC took its rhetoric seriously and imposed sweeping Title II regulation.
One, as we've noted repeatedly, the new rules are not "utility-style regulations." ISPs are being classified as common carriers, but the FCC is forbearing from a massive swath of Title II regulations reserved for utilities, including price controls and local-loop unbundling. It's more like "Title II lite," and given the ample remaining loopholes for things like zero rated apps, it's very, very far from "heavy handed regulation." Two, Netflix's Open Connect CDN is a free CDN that benefits ISPs, Netflix and consumers alike, and which ISPs are free to refuse. It's not, as Jenkins and FCC Commissioner Pai have tried to claim, some kind of secret devil-worshiping cult (though that would certainly add an awesome twist to the story).

Three, to hear Netflix, Cogent and Level3 tell it, it was the ISPs that failed to upgrade their side of peering relationships to degrade performance and extract direct interconnection fees. That Netflix intentionally sabotaged its own business so it could enjoy the privilege of paying Comcast, AT&T, and Verizon what basically are "duopoly customer access fees" doesn't make the slightest bit of coherent sense. Still, this is the narrative that's now being pushed by numerous industry-friendly folk in papers and trade rags nationwide.

Broadband industry think tanker extraordinaire Fred Campbell has penned a similarly ridiculous editorial that's circulating among industry trade magazines. Campbell, too, suggests we're all victims of the dangerous, shadowy Netflix cabal, using the company's out-of-context CFO comments as the only notable proof:
"Netflix revealed its Title II advocacy was a ruse on March 4, when Netflix chief financial officer David Wells said the company was disappointed by the ultimate outcome at the FCC...Wells didn’t say what “non-regulated solution” Netflix had hoped to achieve, but anyone who followed last year’s shenanigans between Netflix and major ISPs knows that its interest was aimed at obtaining free interconnection deals. Wells’s statement makes clear that Netflix hoped its public push for Title II would force ISPs to capitulate to its demands."
So again, the proof-optional narrative being pushed by ISPs and net neutrality opponents is that the entire ten year net neutrality debate is really all just a clever ploy by Netflix -- to save a few bucks. Netflix is the villain, the narrative continues, and companies like AT&T, Verizon and Comcast -- with a generation of anti-competitive behavior under their belt -- are the real victims here.

Except to seriously believe that you'd have to be so intentionally, willfully oblivious to the point of causing yourself personal, bodily harm. You'd have to ignore that the net neutrality really began with AT&T's former CEO basically stating AT&T wanted to double dip content companies, billing them for doing absolutely nothing. You then have to ignore ten years of history involving giant ISP experiments aimed at trying to make this dream a reality, whether that's AT&T blocking Facetime to push unlimited users on to throttled plans, Verizon's history of trying to block, well, every single technological advancement it hasn't liked over the last decade, or this latest interconnection kerfuffle.

Of course most of us realize the crime Netflix is actually guilty of here: the company stood up to ISPs on issues like net neutrality, a lack of sector competition, broadband pricing and usage caps. You can't have a relatively-respected technology company like that talking trash about the nation's cozy, broken broadband duopoly. As such, the only solution is to discredit Netflix using the flimsiest arguments imaginable. I personally think it would have been much more effective to claim Netflix CEO Reed Hastings is a cyborg-vampire hybrid fueled by virgin and puppy blood, but then again, clumsy character assassination has never been my forte.

Permalink | Comments | Email This Story







Thursday, March 26, 2015

CyberNadir: Former Pilot Randomly Speculates (Incorrectly) That Recent Airbus Crash Could Be The Work Of Hackers

CNN and Fox had the market cornered on ridiculous airplane crash theories, up until recently. When Malaysia Airlines Flight 17 just up and vanished, CNN produced wall-to-wall coverage seemingly cribbed from low-rent conspiracy theory sites. UFO? Black hole? Any and all theories were entertained.

Fox News hasn't exactly been the epitome of restraint, either. While it managed to avoid following CNN down these plane crash rabbit holes, it too has entertained some theories better left to operations that don't claim "news" to be a major part of their offerings. Fox News host Anna Kooiman suggested the metric system was to blame, what with kilometers being different than miles and Celsius and Fahrenheit not seeing eye-to-eye, potentially leading to some sort of in-flight calculation error.

MSNBC has decided it won't let its competition be the only "news" agencies spouting ridiculous theories. In an effort to get out ahead of the facts -- black box recordings indicated the co-pilot of the aircraft deliberately crashed the plane after locking the commanding pilot out of the cockpit -- MSNBC allowed the following theory to be presented -- completely unchallenged -- by one of its guests.

“There’s one possibility that no one has brought up, and I wonder could this be a hacking incident?” former commercial pilot Jay Rollins told MSNBC’s Diaz-Balart. “This is very similar in my mind to what happened when the U.S. lost that drone over Iran. The same thing, suddenly the aircraft was responding to outside forces…"

Rollins said that the plane’s descent was “worrisome” because “it makes me think about hacking, some sort of interference into the computer system.”
Now, hacking a plane isn't impossible. At 2013's Hack in the Box conference, German security consultant Hugo Teso used his own app -- PlaneSploit -- to demonstrate that an Android phone could be used to reroute a plane, send it diving towards the ground or to set off every alarm in the aircraft.

Or not. Teso's demonstration involved sending flight information to airborne planes with these instructions (in a simulated environment, of course) via ACARS (Aircraft Communications and Response Addressing System) to the FMS (Flight Management System). But there were multiple problems with his plan. First of all, the flight computer has to accept the new instructions and, secondly, pilots would have to be unable to override bad instructions. Neither of which are a distinct possibility.

Patrick Smith, another commercial airline pilot, albeit one far less likely to openly speculate on "hacked" planes than Jay Rollins, pointed out the flaws in Teso's hack.
The problem is, the FMS — and certainly not ACARS — does not directly control an airplane the way people think it does, and the way, with respect to this story, media reports are implying. Neither the FMS nor the autopilot flies the plane. The crew flies the plane through these components. We tell it what to do, when to do it, and how to do it. Whatever data finds its way into the FMS, and regardless of where it’s coming from, it still needs to make sense to the crew. If it doesn’t, we’re not going to allow the plane, or ourselves, to follow it.

The sorts of disruptions that might arise aren’t anything a crew couldn’t notice and easily override. The FMS cannot say to the plane, “descend toward the ground now!” or “Slow to stall speed now!” or “Turn left and fly into that building!” It doesn’t work that way. What you might see would be something like an en route waypoint that would, if followed, carry you astray of course, or an altitude that’s out of whack with what ATC or the charts tells you it ought to be. That sort of thing. Anything weird or unsafe — an incorrect course or altitude — would be corrected very quickly by the pilots.
So, the problem isn't that hacking is impossible. It's just very, very unlikely. And in this case, hacking had nothing to do with the plane crash.

No, the problem is that news agencies looking to wring every bit of ratings possible from a tragedy are willing to make viewers stupider under the guise of "news." When facts just aren't available, 24-hour news teams lean heavily on whatever theory will provide the most entertainment (for lack of a better word). Former pilot Jay Rollins may have three decades of experience, but his speculation draws on none of it. Instead, it just takes a bit of what's selling right now (anything "cyber") and what has always sold (fear) and leaves the viewers with less information than they would have obtained by skipping the coverage completely. The truth, however, is simultaneously more horrific (in that there's little that can be done to thwart a pilot determined to crash a plane) than the "hacked plane" theory and more mundane -- at least in terms of "exciting" news coverage.



Permalink | Comments | Email This Story