Loss of Privacy

Keeping you informed on recent losses to privacy and civil rights worldwide.

Browsing Posts tagged crime

What has been known to those with common sense has now been verified by a internal report in the United Kingdom.

FacebookTwitterGoogle+TumblrRedditHacker News

Flattr this!

Currently, the state of Ohio only allows the taking of DNA if a person has been convicted of a felony or violent misdemeanor, however, a new bill in the state would change the law to expand DNA collection to anyone arrested regardless of guilt or innocence.

Law enforcement currently supports the expansion, claiming that it will prevent future crimes, but others feel that collection DNA before a conviction presumes guilt and, therefore, crosses a line.  The bill also fails to address what would happen to the DNA should a person not be convicted.

The American Civil Liberties Union of Ohio opposes the measure, saying it poses a “myriad of civil liberty risks” including violating a person’s constitutional protections against illegal search and seizure, is ripe for abuse and is an invasion of privacy.

“Collecting DNA from all arrestees is a search and there should be some process, a court order or warrant, for a search,”

Authorities claim that the bill is merely updating the law to reflect current thinking elsewhere, including the federal government.  If the bill passes, it will be enacted in 2011 because the state still has to figure out how to pay for it.

If enacted, Ohio will follow 21 other states that have laws to take DNA from arrestees, according to Gordon Thomas Honeywell Governmental Affairs, a lobbying group that tracks DNA legislation.

Three other states – Illinois, Massachusetts and Pennsylvania – have laws pending.

Kentucky and Indiana take the DNA after felony convictions. Indiana introduced a similar bill, but it died before coming to a vote.

The federal system last year began taking DNA from anyone arrested on a federal crime.

Every state, as well as the federal government who has allowed for this type of testing has committed an invasion of privacy against individuals.  They have eliminated due process for people with the stroke of a pen of fear.  People are arrested every day, yet are innocent of the crime they are accused of.  Collecting their DNA upon arrest changes the fundamentals of our society from innocent until proven guilty to guilty for all time.

Instead of automatically assuming this bill will solve all the crime problems we have, we should be erring on the side of caution.  There is no need to trample on the Constitution and infringing on our rights.  The Constitution gives us these rights to protect us from the law.  Now, the law wants to take them away, putting right back where we started in 1776.  Personal freedom should always come first and this bill isn’t even considering the harm it will do to millions of people if passed.

FacebookTwitterGoogle+TumblrRedditHacker News

Flattr this!

If you oppose President Obama’s proposed indefinite detention, then head over to the ACLU’s website and send in your petition.  From their site:

A debate over the fundamental character of our democracy is heating up: whether or not we can imprison people for an indefinite amount of time without charging them with a crime and without holding trial.

We need everyone who believes in the Constitution and the American system of justice to let the President know that preserving our values and the rule of law is a top priority — before indefinite detention becomes a reality.

Send President Obama a message. Let him know that — whether through legislation or executive order — you are firmly opposed to indefinite detention. We will also send the message to your members of Congress, letting them know of your concern.

FacebookTwitterGoogle+TumblrRedditHacker News

Flattr this!

In the latest twist in hacking ATMs, hackers in Russia and Ukraine are using ATMs to obtain all the details necessary to clone a card and use it in criminal activity.

It allows a gang member to walk up to an ATM, insert a “trigger” card, and use the machine’s receipt printer to produce a list of all the debit card numbers used that day, including their start and expiry dates – and their PINs. Everything needed, in fact, to clone those cards and start emptying bank accounts. In some cases, the malicious software even allows the criminal to eject the machine’s banknote storage cassette into the street.

Once installed, the malware implements a “card data harvesting” routine, SpiderLabs said in an alert to banks issued at the end of May. When a customer inserts their card, the malware records to hard disc its account number, start date, expiry date and three-digit security code, as well as the PIN entered.

“That PIN data gets encrypted when it is transmitted through to the bank,” explains Henwood, “but inside the machine it’s in the clear. So this little bugger just sits there stealing all the card data.”

The hardest bit for the criminals is installing the malware in the first place, as it requires physical access to the machine. That most likely means an inside job within a bank, or using bribes or threats to encourage shop staff to provide access to a standalone ATM in a shop or mall.

SpiderLabs’ analysts studied lsass.exe malware on 20 ATMs. They found multiple variants, and warn that it is almost certainly programmed to evolve further. One big concern is that it will become network capable – able to spread from machine to machine over the closed networks used by banks.

They need to move fast; SpiderLabs expects the technology to spread from eastern Europe to the US and Asia. European countries using chip-and-PIN cards will initially be immune because these ATMs encrypt PINs as they are typed, but it probably won’t take hackers long to get around this too.

The biggest problem is that ATMs should not be using any type of OS at all.  All that’s required for an ATM is a microcontroller and a small amount of RAM (a few K is enough).  Furthermore, the fact that these “professionals” were astonished that lsass.exe can be used for nefarious reasons proves they haven’t a clue about malware and virii that have been using this for at least ten years.

The fact is, this was an inside job, so do a proper investigation and solve the problem.  You also know what the malware is, so scan that and clean out the problem.

FacebookTwitterGoogle+TumblrRedditHacker News

Flattr this!

The pentagon has plans to build a blimp that will fly for ten years, spying on everything.  It will be capable of detailed radar surveillance of vehicles, planes, and people.

The 450-foot-long craft would give the U.S. military a better understanding of an adversary’s movements, habits and tactics, officials said. And the ability to constantly monitor small movements in a wide area — the Afghanistan- Pakistan border, for example — would dramatically improve military intelligence.

It could also be used in the USA.  They just like to test things in the Middle East first.

FacebookTwitterGoogle+TumblrRedditHacker News

Flattr this!