First up, this from the McClatchy Washington Bureau:
In face of Russian aggression, Obama tells Baltic states NATO, US have their back
President Barack Obama accused Russia of fomenting violence in Ukraine and told the Baltic states that NATO and the United States military will respond if Russia attacks a member of the alliance.
Speaking in Estonia before traveling to a NATO summit, Obama pledged that the three countries independence “will always be guaranteed by the strongest military alliance the world has ever known.”
He said the former Soviet Republics had successfully embraced democracy, but that Russia’s aggression against Ukraine threatens that progress.
From the McClatchy Washington Bureau, Cold War revitalization:
NATO may create quick-strike force over Ukraine crisis
President Barack Obama and allied leaders will respond to Russian aggression in Ukraine by moving to set up a quick-strike force of several thousand troops at the NATO summit this week in Wales.
NATO Secretary General Anders Fogh Rasmussen said Monday the new multinational force would be part of a “Readiness Action Plan (that) responds to Russia’s aggressive behavior,” adding that “it equips the alliance to respond to all security challenges wherever they may arise.”
Rasmussen acknowledged that a NATO conference originally scheduled to focus on Afghanistan will now be dominated by the Ukraine crisis when heads of the 28 member nations gather Thursday and Friday in Newport on Wales’ southern coast off the Bristol Channel.
From the Guardian, vroom-vroom:
Nato summit: US and UK to debate military options for tackling Isis
- Britain will discuss possibilities with US, including joining in air attacks in Iraq, and chance of rescue attempt for threatened Brit
The United States and Britain will discuss a range of military options for tackling Islamic State (Isis) at the Nato summit, opening in Wales on Thursday, ranging from joining in air attacks in Iraq and possibly Syria, to providing more arms to the Kurds and Iraqi government forces fighting them on the ground.
The British military will also discuss internally and with its US counterparts, following their own failed attempt last month, the realistic chances of special forces mounting a rescue operation to save the Briton threatened by Isis with beheading.
On Wednesday, after a meeting of the government emergency group Cobra, the British foreign secretary Philip Hammond said the UK government had to discuss the wider threat posed to the British public as well as the individual British citizen under threat.
From Sky News, a declaration:
US Vows To ‘Degrade And Destroy’ Islamic State
- A video is released showing an IS militant killing a US reporter – and warning that a kneeling British hostage will be next.
Barack Obama has vowed that justice will be done against the Islamic State after it beheaded a second American journalist.
The US President said America would “not be intimidated” by IS violence and promised to “degrade and destroy” its forces.
He spoke after a video was released apparently showing a masked IS militant killing US reporter Steven Sotloff – and warning that a British hostage will be next.
The Independent covers a stumbling block:
Tory anti-terror laws in trouble after Lib Dems raise serious legal concerns
David Cameron’s plans to tighten the anti-terror laws are in trouble amid a deepening split inside the Coalition.
The Liberal Democrats have warned they will not be bounced into backing new legislation, and would not allow the Conservatives to blame them for blocking a crackdown.
Lib Dem sources claim Mr Cameron overreached himself when he floated new laws last Friday without considering whether they were workable, saying that the problem was not Lib Dem opposition, but doubts among Government legal advisers.
In the Commons, the Prime Minister vowed that plans to toughen the laws so that terror suspects could be forced to relocate to another area “will go ahead.”
From intelNews, spooky blowback continues:
Turkey summons US chargé d’affaires to protest spying claims
The government of Turkey has summoned the interim head of the United States diplomatic mission in the country to lodge an official protest over reports that Washington has been spying on Turkish leaders for nearly 10 years.
German publication Der Spiegel said on Sunday that American intelligence agencies, with the help of British operatives, have engaged in “intensive spying” of Turkish government officials since at least 2006. The German newsmagazine said the information was based on internal documents released by American defector Edward Snowden, a former employee of the US National Security Agency who is currently living in Russia.
The documents show that the NSA, which conducts worldwide communications interception on behalf of the US government, places Turkey “ahead of Cuba” when it comes to intelligence collection in the service of American national security.
From the Guardian, takin’ it to the judge:
NSA bulk collection of phone data under scrutiny as federal case opens
Justice Department officials face pointed questions on opening day of case that could push NSA privacy to supreme court
Federal judges pointedly questioned a Justice Department lawyer on Tuesday about the National Security Agency’s bulk collection of US phone data, in the opening day of case that represents a major step toward a supreme court ruling on the constitutionality of the program.
A three-judge panel from the second circuit court of appeals aimed skeptical questions at assistant attorney general Stuart Delery about the scope and breadth of the call-records dragnet, reported last year by the Guardian thanks to leaks from Edward Snowden.
Judge Gerard Lynch, a Barack Obama appointee, asked what was “so uniquely valuable about phone records” that compelled the NSA to collect all domestic phone records, in bulk, without individual suspicion of terrorism, espionage or any other wrongdoing.
From The Hill, if they support it, can it really be reform?:
Holder, spy chief support Senate NSA reform bill
Attorney General Eric Holder and Director of National Intelligence James Clapper are lending their support to the Senate’s effort to rein in the National Security Agency, a boost for advocates of reform.
The two sent a letter this week to Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) in support of his bill to end the NSA’s bulk collection of Americans’ phone records.
“Overall, the bill’s significant reforms should provide the public greater confidence in our programs and the checks and balances in the system,” Holder and Clapper wrote in the joint letter, which Leahy released on Wednesday.
On to hackery, first with Businessweek:
Does Apple’s HealthKit App Have a Nude Celebrity Photo Problem?
The nude photos stolen from Jennifer Lawrence, Kate Upton, and other female celebrities could spell trouble for Apple’s forthcoming health-care app. It wouldn’t be a stretch for those following news of the leaked photos to worry about trusting their iPhones with intimate health data.
Apple (AAPL) has already acknowledged that “certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions” while denying “any breach in any of Apple’s systems.” But that carefully worded defense may not reassure those nervous users busy taking their own private pictures off iCloud, Apple’s online storage program.
Apple’s new app, HealthKit, is expected to combine data from activity trackers and medical records in one place. The company is expected to discuss the program and associated tools with developers at a high-profile event on Sept. 9. The idea is to let other app developers tap into health data, with permission from the iPhone user. “You can allow the data from your blood pressure app to be automatically shared with your doctor. Or allow your nutrition app to tell your fitness apps how many calories you consume each day,” promises a preview of HealthKit on Apple’s website.
From Business Insider, another kind of blowback:
Apple Shares Tank After The Celeb Nude Scandal, And Pacific Crest Tells Everyone To Sell
Last week, the company was flying high as anticipation built for the iPhone 6, and the iWatch, which are expected to be announced next week. The stock was hitting new all-time highs, trading up to $103.20, but today it’s back under $100.
It all came to a screeching halt over the weekend for Apple, when nude photos of celebrities hit the web. Apple’s weak security on iCloud, where the photos were backed up, was blamed for the photos hitting the web.
The timing couldn’t be worse. Apple is about to roll out a new mobile payments feature, as well as health tracking data tied to your iPhone. Most of that data is likely to be stored right on the phone, and therefore more secure. However, most people won’t understand that delineation. Most people will think, “If Apple can’t be trusted with photos, can it be trusted with banking data and health data? “
Summing up with Jimmy Kimmel Live [and catch that “commercial” at the end:
Jimmy Kimmel’s Leaked iCloud Photo
Nude and intimate photos of Jennifer Lawrence, Kate Upton and many other stars were posted online over Labor Day weekend, believed to have been hacked from their Apple iCloud accounts. It’s embarrassing, especially for Jimmy since he happens to be one of the people who got caught up in this.
Nextgov covers other implications:
What Does Alleged iCloud Hack Mean For Federal Agencies?
Most federal agency employees with iPhones probably don’t have to worry about hackers ogling naked photos of them saved in Apple’s iCloud backup system.
But they might have cause for concern about attackers targeting the cloud service to peer at sensitive government information, cybersecurity experts warn.
The problem, experts say, is a lack of awareness. iCloud, by default, automatically backs up a user’s device over Wi-Fi every day, according to Apple’s website.
Federal employees could be uploading sensitive information when they work on their personally owned iPhones — unless agencies take action. And it is not clear that they are.
The Los Angeles Times covers another hackery consequence:
Hacker may have sent bomb threat at O.C. schools; no explosives found
Police in Fountain Valley now say they believe a 17-year-old student’s email account was hacked and that there’s no evidence he sent a threatening message that forced the closure of Fountain Valley High School and an adjoining continuation school as police searched for weapons and explosives.
Teachers and administrators have been allowed back on the campuses but are being escorted by police officers, part of a final precautionary step before the schools are reopened, police said.
All classes, though, have been canceled for the day.
From MIT Technology Review, oh joy:
Networked Home Gadgets Offer Hackers New Opportunities
- Connected appliances such as TVs can provide hackers a way into your house.
Connecting a new appliance to your home’s Wi-Fi network or broadband modem could increase the risk that data such as passwords will be taken from computers in your house. Such is the warning from antivirus company Kaspersky Lab in a forthcoming report on the side effects of more and more home devices being connected to the Internet.
By now most consumers are aware that security is a major problem for their laptops and PCs, says David Jacoby, a security researcher at Kaspersky Lab. But they don’t realize that appliances like TVs, DVD players, and printers that connect to a home network are vulnerable to similar threats. What’s more, most such devices have no security protections built in whatsoever, he says (see “Securing the Smart Home, from Toasters to Toilets”). “Consumers need to understand that the devices that they buy might be vulnerable,” says Jacoby.
Jacoby recently hacked several Internet-enabled devices connected to his own home network, including his TV, printer, router, and remote storage devices. He came up with a laundry list of flaws in several everyday products, and is working with manufacturers to fix them before making a report public to highlight the severity of the problem.
Network World covers hackery in Latin America:
Attack hijacks DNS settings on home routers in Brazil
An ongoing attack in Brazil tricks users into visiting malicious websites that attempt to silently change the Domain Name System settings of their home routers.
If the attack is successful, the routers are reconfigured to use rogue DNS servers that redirect victims to phishing pages when they open banking sites, said Fabio Assolini, a security researcher at Kaspersky Lab, in a blog post Tuesday.
The attack starts with spam emails that tell recipients they’re being cheated and asks them to click on a link. The link leads to an adult content website that in the background forces browsers to load specifically crafted URLs.
SecurityWeek covers another vulnerability:
Enterprises Warned of DDoS Attacks Leveraging Linux Malware
Akamai Technologies has published a threat advisory to warn organizations of attacks where cybercriminals are infecting Linux servers with malware capable of launching powerful distributed denial-of-service (DDoS) attacks.
According to the alert released Wednesday, attacks leveraging Linux malware dubbed IptabLes and IptabLex have been launched against the entertainment industry and other verticals. The threats are designed to target Linux distributions such as Debian, CentOS, Ubuntu and Red Hat, and have been placed on servers by exploiting vulnerabilities in Apache Struts, Apache Tomcat, the open source search and analytics engine Elasticsearch, and other software components.
According to the alert, attackers are leveraging flaws in these programs to breach servers and escalate their privileges, which enables them to drop and execute the malicious binary. Administrators can detect infections by looking for files named “.IptabLes” or “.IptabLex” in the “/boot” directory. However, Akamai points out that these are post-infection indicators since these are not the names of the malicious files at the moment when they’re dropped.
And from Nextgov, downgrading a threat:
Instagram Identity Theft: New Spam Bots are Copying Real Accounts, Pic-for-Pic and Word-for-Word
On Instagram, if it looks like you, and talks like you, and posts like you, it may not actually be you. A new wave of spam bots are apparently avoiding detection by Instagram’s filters by copying real people… picture for picture, word for word.
The harmless-but-creepy occurrence was revealed in an article on The Verge, whose own video director Christian Mazza recently had his account hijacked… and he’s not the only one.
Others are reporting the same thing, and though it’s not causing any issues — the bots are literally just copying your profile photo, setting up under a new username and then reposting some of your images, caption and all — it’s oddly unsettling to know that someone out there might be pretending to be you.
We said downgrading, because they miss one key implication: By stealing the work of others and reposting it as their own, they could sell the photos for commercial use and collect money right due to the actual photographer. Odd that Nextgov would miss the implication.
Popular Science covers a mystery:
Mysterious Phony Cell Towers Could Be Intercepting Your Calls
- Every smart phone has a secondary OS, which can be hijacked by high-tech hackers
Like many of the ultra-secure phones that have come to market in the wake of Edward Snowden’s leaks, the CryptoPhone 500, which is marketed in the U.S. by ESD America and built on top of an unassuming Samsung Galaxy SIII body, features high-powered encryption. Les Goldsmith, the CEO of ESD America, says the phone also runs a customized or “hardened” version of Android that removes 468 vulnerabilities that his engineering team team found in the stock installation of the OS.
His mobile security team also found that the version of the Android OS that comes standard on the Samsung Galaxy SIII leaks data to parts unknown 80-90 times every hour. That doesn’t necessarily mean that the phone has been hacked, Goldmsith says, but the user can’t know whether the data is beaming out from a particular app, the OS, or an illicit piece of spyware. His clients want real security and control over their device, and have the money to pay for it.
To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone. Interceptors look to a typical phone like an ordinary tower. Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.
From the Guardian, more corrupt cop capering:
Plebgate: Met obtained phone records of Sun political editor without consent
- Tom Newton Dunn said to be unaware of intervention which led to arrest of officer on suspicion of leaking information to paper
Police investigating the Plebgate saga obtained the telephone records of the political editor of the Sun without his consent, despite laws which entitle journalists to keep their sources confidential.
The Metropolitan police report into the scandal reveals that the force arrested an officer on suspicion of leaking information to the Sun after an analysis of Tom Newton Dunn’s phone records.
The Met also obtained call records to the Sun newsdesk to try to identify a second potential source to the Plebgate scandal.
France 24 drones on:
US extends Niger drone capabilities in cooperation with France
The United States is preparing to redeploy drones already in Niger to set up a forward base in the Sahara closer to Islamist militants blamed for attacks across the region, according to US military and Defence Department officials.
In a move that illustrates growing cooperation between France and the US to combat militant Islamism in Saharan Africa, Washington deployed unarmed surveillance drones to Niger in 2013.
The move followed a French-led military operation that destroyed an al Qaeda enclave in neighbouring northern Mali.
And the U.S. Naval Institute News covers another step toward Skynet:
Navy’s Next Fighter Likely to Feature Artificial Intelligence
Artificial intelligence will likely feature prominently onboard the Pentagon’s next-generation successors to the Boeing F/A-18E/F Super Hornet and the Lockheed Martin F-22 Raptor.
“AI is going to be huge,” said one U.S. Navy official familiar with the service’s F/A-XX effort to replace the Super Hornet starting around 2030.
Further, while there are significant differences between the U.S. Air Force’s vision for its F-X air superiority fighter and the Navy’s F/A-XX, the two services agree on some fundamental aspects about what characteristics the jet will need to share.
From Shanghai Daily, a hazard of online shopping:
Online customer gets body bag for posting poor rating
A LOCAL customer was sent a dead body bag in an act of revenge for posting low ratings on an online shop based in Fujian Province.
The customer, surnamed Xue, had ordered a pair of shoes from the online shop on taobao.com, China’s largest online shopping platform. He received the shoes three days later but gave a poor rating to the shop because of the poor quality of the shoes and its slow delivery.
In return, he was bombarded with over 80 phone calls before being sent the body bag.
And the New York Times debunks a myth:
Deportations Don’t Lower Crime Rates, Study Says
Six years after the federal government opened an immigration enforcement program intended to improve public safety, deporting hundreds of thousands of people, many of them convicted criminals, a new study has concluded that the program has had “no observable effect on the overall crime rate.”
The finding “calls into question the longstanding assumption that deporting noncitizens who commit crimes is an effective crime-control strategy,” said the study, conducted by two law professors at the University of Chicago and New York University.
The analysis, scheduled for publication in the November issue of The Journal of Law and Economics, a journal for peer-review research, coincides with the Obama administration’s internal review of the program, known as Secure Communities. Jeh Johnson, the homeland security secretary, has suggested that he might overhaul the program, saying it needs “a fresh start.”
From the London Telegraph, inviting more terrorism?:
IRA suspects protected by human rights as ‘comfort letters’ are annulled
- Theresa Villiers, Northern Ireland Secretary, warns recipients of comfort letters that they can no longer rely on them to avoid prosecution
Theresa Villiers has refused to name the IRA suspects sent “comfort letters” because it would breach their human rights, despite admitting more could have been sent in error.
The Northern Ireland Secretary confirmed the Government was effectively annulling the assurances given to the so-called IRA “on-the-runs” that they no longer faced prosecution.
The Daily Telegraph disclosed on Wednesday that recipients of the letters, sent out in the years after the 1998 Good Friday Agreement, are to be told they are not worth the paper they are written on and they will still be pursued by police.
While BBC News warns of woes for those already behind bars:
Ministry of Justice fined over prison data loss
The Ministry of Justice has been fined £180,000 for “serious failings” in the handling of confidential data.
The Information Commissioner’s Office (ICO) said the penalty was related to the loss of a hard drive containing the details of almost 3,000 prisoners at Erlestoke prison in Wiltshire.
The disk was not encrypted.
The records, lost in 2013, included material on organised crime, prisoners’ health and drug misuse, and information about inmates’ victims and visitors.
And from TheLocal.de, a point we’ve been regularly making:
Sinti, Roma are most discriminated against
A new study has found that the Sinti and Roma people encounter more discrimination than any other group in Germany, with more than a fifth of Germans supporting their deportation.
The study found that 22 percent of respondents were for their deportation.
The head of the Federal Anti-discrimination Agency, which conducted the survey, is calling for politicians to act against discrimination of the Roma and Sinti populations in Germany.
“People don’t know anything about the Sinti and Roma. Their image is dominated by what people see on the streets,” Christine Lüders said on Wednesday on her appearance on ZDF’s morning news show, Morgenmagazin.
After the jump, the latest from Asia including a fascist visit and legal reforms Down Under, Al Qaeda expands to the subcontinent, a body count in Pakistan and protest suspicions, anger at a draconian sedition law in Malaysia, Chinese drone boasting, Sino/Canadian peace feelers, a political realignment in Japan, tightening those Indo/Japanese ties, and why LA’s 911 operators hate Facebook. . .