Posted on

Republicans storm ultra-secure “SCIF,” some with cell phones blazing

The US House of Representatives.

Enlarge / The US House of Representatives. (credit: Wally Gobetz / Flickr)

On Wednesday, Republican lawmakers committed a major breach of security when they carried cell phones as they tried to storm a secure room where a closed-door impeachment hearing with a Defense Department official was taking place.

At least one House member, Rep. Matt Gaetz of Florida, got inside the Sensitive Compartmented Information Facility (SCIF) in the basement of the House of Representatives. Despite strict rules barring all electronics inside such closed-off areas, Gaetz openly tweeted: "BREAKING: I led over 30 of my colleagues into the SCIF where Adam Schiff is holding secret impeachment depositions. Still inside—more details to come."

A picture published by The New York Times showed a man identified as a House Republican holding up his phone as if taking pictures or video as he entered the secure room. A sign on the door of the room said, "Cameras and other recording devices prohibited without proper authorization." The room has lockers outside the doors where people are required to store electronics before entering.

Read 8 remaining paragraphs | Comments

Posted on

ISPs worry a new Chrome feature will stop them from spying on you

ISPs worry a new Chrome feature will stop them from spying on you

Enlarge (credit: Thomas Trutschel/Photothek via Getty Images)

When you visit a new website, your computer probably submits a request to the domain name system (DNS) to translate the domain name (like arstechnica.com) to an IP address. Currently, most DNS queries are unencrypted, which raises privacy and security concerns. Google and Mozilla are trying to address these concerns by adding support in their browsers for sending DNS queries over the encrypted HTTPS protocol.

But major Internet service providers have cried foul. In a September 19 letter to Congress, Big Cable and other telecom industry groups warned that Google's support for DNS over HTTPS (DOH) "could interfere on a mass scale with critical Internet functions, as well as raise data-competition issues."

On Sunday, the Wall Street Journal reported that the House Judiciary Committee is taking these concerns seriously. In a September 13 letter, the Judiciary Committee asked Google for details about its DOH plans—including whether Google plans to use data collected via the new protocol for commercial purposes.

Read 18 remaining paragraphs | Comments

Posted on

Judge allows suit against AT&T after $24 million cryptocurrency theft

An AT&T store in New Jersey.

Enlarge / An AT&T store in New Jersey. (credit: Michael Brochstein/SOPA Images/LightRocket via Getty Images)

When Michael Terpin's smartphone suddenly stopped working in June 2017, he knew it wasn't a good sign. He called his cellular provider, AT&T, and learned that a hacker had gained control of his phone number.

The stakes were high because Terpin is a wealthy and prominent cryptocurrency investor. Terpin says the hackers gained control of his Skype account and tricked a client into sending a cryptocurrency payment to the hackers instead of to Terpin.

After the attack, Terpin asked AT&T to escalate the security protections on his phone number. According to Terpin, AT&T agreed to set up a six-digit passcode that must be entered before anyone could transfer Terpin's phone number.

Read 9 remaining paragraphs | Comments

Posted on

Tech firms “can and must” put backdoors in encryption, AG Barr says

Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California.

Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. (credit: Elijah Nouvelage | Getty Images)

US Attorney General William Barr today launched a new front in the feds' ongoing fight against consumer encryption, railing against the common security practice and lamenting the "victims" in its wake.

"The deployment of warrant-proof encryption is already imposing huge costs on society," Barr claimed in remarks at a cybersecurity conference held at Fordham University Tuesday morning. Barr added that encryption "seriously degrades" law enforcement's ability to "detect and prevent a crime before it occurs," as well as making eventual investigation and prosecution of crime more difficult.

The existence of encryption means "converting the Internet and communications into a law-free zone" that criminals will happily take advantage of to do more crimes, Barr added, likening it to a neighborhood that local cops have abandoned.

Read 14 remaining paragraphs | Comments