Federal judge rules police can’t force you to unlock your iPhone with Touch ID or Face ID

❝ In the United States, a suspect’s property has the potential to be searched by law enforcement officials as part of an investigation, but some items are typically left alone. While people are protected from having to unlock their devices via a passcode, biometric security has been considered fair game for use by investigators, bypassing the passcode rules.

A January 10 filing in the United States District Court for the Northern District of California applying for a search warrant for a residence in Oakland reveals investigators wanted to look into the affairs of suspects in an alleged blackmail attempt, where they were claimed to have threatened to “distribute an embarrassing video” of the victim unless a payment was made.

❝ As part of the warrant request, there was also a request to compel individuals present in the search to use a fingerprint reader, facial recognition, or iris recognition to unlock devices found on the property. In the filing, the court denies the request, as it “runs afoul of the Fourth and Fifth Amendments,” specifically in relation to unlocking devices.

Nice to see there are a few judges remaining who rate the value of our Constitution above conservative wannabe fascists.

Keeping Sources Secure


Birgit Püve for The New York Times

How do you keep communications with sources secure?

❝ Before moving to Europe this summer, I spent about a decade covering national security and intelligence in cities like Washington, so I’m pretty security conscious. Before I left, a friend who works in intelligence offered a gentle reminder that most countries would probably consider me fair game for intelligence collection.

So I use a cheap Chromebook when traveling to places where curious eyes might be tempted to sneak a peek. I set it up with a burner account, and I never connect it to any personal or business accounts.

And all those note-taking apps? If I’m working on something particularly sensitive or talking to someone who is sticking his neck out by meeting with me, those notes often don’t get saved digitally. When the story is done, the notebook gets tossed and that’s the end of it.

RTFA and check out what Matt uses/does when he’s not in Total Invasive Security Fear Mode.

Comcast sent Ian 10 pizzas. Not to be nice; to manipulate.

❝ I didn’t realize how seriously companies take social media until last year, when I opened my front door and saw a delivery guy holding a stack of pizza boxes up to his chin.

Comcast had recently started advertising mobile-phone service where I live. Given that Comcast and AT&T were already the only local choices for broadband and cable, the move felt like an ominous sign of even more industry consolidation. I took to Twitter to air this worry. “It’s nice that Comcast is offering mobile phone service now,” I posted. “But until I can get Comcast delivery pizza I will remain empty inside…”

❝ …The company saw my tweet and responded: “Hey Ian, you rang? DM us the address where you would like it delivered & we’ll make it happen.” I thought I was calling Comcast’s bluff by answering that I wanted gluten-free mushroom pizza, and that because I was a customer, the company should know my address. “Do your brand thang,” I quipped…

Then the pizzas arrived. Ten of them, from a local place that delivers gluten-free pies. I was surprised, which is exactly the outcome Comcast was after.

Read the whole article. More and more folks are reacting to Social Media and what it has become – instead of what the cheerful delivery of free pizza would like you to believe. Is it worth it to you to leave their cozy quarters as, for example, Om Malik and many others have done with Facebook? Or stay just with Twitter as many of those leaving Facebook have also done?

And why? Two social media giants – in each of their categories are just that. Separate and distinct categories serving differing needs. And what do they care about you? Your privacy?

US in group of nations calling for encryption back doors

The privacy of Internet users “is not absolute,” according to a statement from a five-country coalition that includes the United States following a meeting about security, with the overall theme demanding technology companies to make social networks and messaging services safer and to offer more support to government agencies to break encryption and access potentially sensitive data…

“Privacy laws must prevent arbitrary or unlawful interference, but privacy is not absolute,” the statement reads. “It is an established principle that appropriate government authorities should be able to seek access to otherwise private information when a court or independent authority has authorized such access based on established legal standards. The same principles have long permitted government authorities to search homes, vehicles, and personal effects with valid legal authority.”

Lockstep unity between these five English-speaking nations and they all sound like they’d have no problem with the divine right of kings, either.

OTOH, There is this letter to Washington politicians from lots of organizations concerned with our human rights – including privacy.

GOOGLE lets outside developers read your email

❝ Just over a year after promising to no longer scan user emails in Gmail for personalized ads, Google is allowing outside developers to do just that

❝ According to a Wall Street Journal report published Monday, Google continues to allow outside software developers to “scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools.”

Vetted app developers that are part of Google’s Gmail program are allowed to read these emails to create new services or app features. Normally, the bulk of emails are scanned electronically by computer software, but in some cases human employees are doing the reading.

Same as it ever was.

Facebook PR Campaign says “Your info is safe, now” — WRONG!!

The Cambridge Analytica scandal exposed what wasn’t really a secret, that Facebook is harvesting a lot of user data and that the data is shared with others. The privacy breach revealed that Facebook wasn’t doing enough to protect your privacy and that developers like Cambridge Analytica could take your data and your Facebook friends’ data and use it for whatever they wanted.

Since these revelations, Facebook has been trying to convince everyone that it can be trusted, that it will take measures to stop these practices, that your privacy matters to the company. But while it was performing this massive PR campaign, a different quiz app that had as many as 120 million users left their data exposed for others to see. Facebook was warned about it and needed many weeks to address and fix it properly.

Depending on what quizzes you took, the javascript could leak your Facebook ID, first name, last name, language, gender, date of birth, profile picture, cover photo, currency, devices you use, when your information was last updated, your posts and statuses, your photos and your friends.

RTFA originally published by the hacker who revealed the privacy breach.

Apple’s next-gen iPhone/iPad iOS adds feature to block criminal and political snoops – and coppers!


appletoolbox.com

❝ Apple in a statement to AppleInsider on Wednesday said iOS 12’s incarnation of “USB Restricted Mode” will thwart not just criminals, but searches by spies and police.

❝ In regards to law enforcement, the feature was created to protect iPhone owners in countries where the police seize phones at will. The move is aimed at regions with fewer legal protections than the U.S…

❝ Apple decided to make improvements to iOS security after learning of iPhone cracking techniques being used by both criminals and law enforcement agencies…With USB Restricted Mode, those attempting to gain unwarranted access to an iPhone will have an hour or less to reach a cracking device before being locked out.

Bravo! Apple still leads the pack when it comes to concern for individual privacy, offering protection ignored by many in the tech industry. And a helluva lot of politicians, pimps and police.