Facebook exec arrested in WhatsApp case

Facebook is becoming the next tech giant to spar with law enforcement over privacy concerns.

Diego Dzodan, a Facebook executive, was arrested by Brazilian federal police on Tuesday for “repeated non-compliance with court orders”, according to a statement released by police. Brazilian police want information from a WhatsApp account that is linked to a drug trafficking investigation. WhatsApp is a messaging service that is used monthly by more than 1.5 billion people worldwide. Dzodan was taken into what the Brazilian police call preventative prison and could be held for a week or more.

Facebook wants to ensure that it maintains the privacy of its users from government intervention. In WhatsApp’s case, the company may not be able to help Brazilian authorities because it does not store users’ messages. In addition, WhatsApp is undergoing increased end to end encryption, which will make it even harder for the company to turn over user data. WhatsApp said in a statement that it disagreed with the Brazilian authorities on the case. “We are disappointed that law enforcement took this extreme step,” the messaging business said. “WhatsApp cannot provide information we do not have.”

Facebook, which bought WhatsApp in 2014 for $19 billion in 2014, condemned the Brazilian government’s move releasing this statement:

“We’re disappointed with the extreme and disproportionate measure of having a Facebook executive escorted to a police station in connection with a case involving WhatsApp, which operates separately from Facebook,” a spokesman said. “Facebook has always been and will be available to address any questions Brazilian authorities may have.”

This isn’t the first time Brazil has gone head to head with WhatsApp. In December, a judge ordered the shutdown of WhatsApp for the country for two days after not complying with a criminal investigation, but the ruling was overturned the next day.

 

Article via CNET, 1 March 2016; The New York Times, 2 March 2016

Photo: WhatsApp / iOS by Álvaro Ibáñez [Creative Commons Attribution-NonCommercial-NoDerivs]


Apple will make iPhone harder to hack

Apple has plans to make their iPhone harder to hack amid the current controversy with the FBI.

The FBI wants Apple to create new firmware that would allow them to hack into encrypted data on an iPhone that belongs to a San Bernardino terrorist. Apple CEO Tim Cook is fighting the request citing the infringement on digital privacy. He also wrote an open letter to explain Apple’s position. Now the company is thinking of taking further steps and prevent passcode-free recovery mode in future iPhones.

The FBIs current request for backdoor access to the iPhone would require Apple to create software that would allow the FBI to bypass security features that prevent hacking. Specifically, the FBI has already looked at an online backup on iCloud of the phone, but they want Apple to disable a security feature that would allow them to have as many tries as possible to unlock the phone. In order to comply, Apple would have to change their operating system to no longer have this feature, which would make millions of iPhone users vulnerable.

As this issue has escalated, Apple is looking to prevent these types of request in the future. When it comes to iCloud security, Apple encrypts its data on its servers but still owns the decryption keys. So if the FBI asks Apple for iCloud data, Apple can decrypt iPhone backups and hand them to the FBI. Now the company is thinking of changing that.

Instead, Apply may give the private keys to the customer, which would remove Apple from being able to decrypt backups. This would mean that future government request for decrypted data would not be possible, but it also means that Apply would not be able to help customers either, since they would not be able to decrypt their backups.

In the Future Apple wants to find a way to limit or do away with DFU (device firmware update) mode. Apple created DFU mode for troubleshooting purposes, such as when your iPhone doesn’t work anymore because of a broken operating system.  If such a big crash happens, Apple lets you boot your iPhone into DFU mode, so that you can reinstall a fresh version of iOS without having to enter a passcode.

DFU mode is at the center of the debate because its current design makes the FBI requests possible, if Apple chooses to make the software changes. You can currently reinstall a new operating system without having to enter a passcode. In fact this is how many jailbreak the iPhone. But, if Apple requires that you enter your passcode to enter into DFU mode, that all changes. Apple would no longer have the ability to create software that lets the government hack into your phone.

In the wake of increasing government request of user data and the revelation of NSA breaches by Snowden, Apple has make it harder to hack iPhones. The tech giant looks to stay that course and increase security for the protection of its customers and their data.

Article via TechCrunch, 25 February 2016

Photo: Tim Cook explica su postura al FBI del caso San Bernardino by iphonedigital [Creative Commons Attribution-NonCommercial-NoDerivs]

 


Uber defends driver screening

Uber is back in the news for yet another controversy concerning their drivers. The tech company recently settled a suit with customers who accused the company of less rigorous background checks than was advertised. Now their driver screening process is being scrutinized again as Jason Dalton, an Uber driver,  confessed to a Saturday shooting spree in Kalamazoo, Michigan while picking up customers.

Uber Chief Security Officer Joe Sullivan said that Mr. Dalton had no prior criminal background and no red flags that appeared during his background check that would have cause the company to be concerned. “No background check process would have flagged and anticipated this situation,” Sullivan said.

Until Saturday there were no complaints with Jason Dalton’s driving record with Uber. He had given more than 100 rides since starting with Uber at the end of January and had a rating of 4.73 out of 5. The only indications that he may be dangerous didn’t come until last Saturday, when several riders including one passenger complained of erratic driving. According to the Michigan police, Dalton then started a shooting rampage at 6pm where he wounded 9 people, killing 6. Michigan police state that Dalton started at 6pm by shooting a woman multiple times in a parking lot, and then drove around for hours randomly gunning down innocent bystanders. There have been no connections made between the driver and his victims.

One reason for the emphasis on Uber’s driver screenings is because they have missed criminals before, and they were able to use their job with the service to offend again. Houston is one of the few cities the requires Uber drivers to pass a FBI fingerprint check after an ex-con Uber driver allegedly raped one of his passengers. The city did not believe that Uber’s driver screenings and background checks were thorough enough, since the driver was able to pass Uber’s checks, although he had served 14 years in prison. Prosecutors in California have also questioned Uber’s driver screenings after a driver was found to have been convicted of murder, but Uber’s background check failed to reveal the criminal history.

Critics say that Uber would catch more of these criminals if they ran fingerprints in their background checks. The company currently runs the names of potential drivers through seven years of county and federal courthouse records, a multi-state criminal database, national sex offender registry, Social Security trace and motor vehicle records. Uber rejects anyone with a history of violent crimes, sexual offenses, gun-related violations or resisting arrest. But in light of the recent events, Uber seems to be leaning toward introducing fingerprint identification as part of their process.

Article via CNet, 22 February 2016

Photo via Newsday.com


Julian Assange should be free according to UN ruling

After nearly four years of being camped out in a converted office in the Ecuadorian embassy in London, Wikileaks founder Julian Assange awaited the United Nations ruling about his detention with anticipation. The verdict: Assange, according to the UN, has been “arbitrarily detained” since June 2012 given that he had not been provided due legal process prior to arrest.

The UK government disagrees. “This changes nothing,” a government representative said. “An allegation of rape is still outstanding and a European Arrest Warrant in place, so the UK continues to have a legal obligation to extradite him in Sweden.” Assange declined to respond to any allegations of sexual assault following the UN ruling, but his lawyer stated in 2010 that the charges were part of a “honeytrap” to discredit Assange.

Assange spoke to journalists via video webcast following the ruling. “I consider the outcome in this case to be vindication,” he said. “It is now the task of the United Kingdom and Sweden to implement the verdict.” He further described his detention as “illegal, immoral, [and] unethical.”

The UN Working Group on Arbitrary Detention (UNWGAD) argued that the Wikileaks founder has suffered “deprivation of liberty” since 2010, when he was sentenced to ten days in Wandsworth Prison and then 550 days under house arrest. Edward Snowden commented on the UK’s response to the ruling, saying that it “writes a pass for every dictatorship to reject UN rulings.”

Assange agreed, saying that his arrest would be a blow to international human rights efforts. “What right does this government, or the US government, or the Swedish government have to deny my children their father for five and a half years without any charges in any country?” he asked.

Article via CNET, 5 February 2016
Photo: Julian Assange Supporters — Embassy of Ecuador, Knightsbridge, London by Marshall24  [Creative Commons Attribution-NonCommercial-NoDerivs]


Yahoo sued for gender bias by male employee

Yahoo is being sued by a former employee that claims that he was discriminated against for being male.

Gregory Anderson, who was employed in Yahoo’s media division was fired in November 2014.  He filed a lawsuit against the tech giant, alleging the company’s performance management system was arbitrary and unfair. Anderson “alleges that Mayer encouraged and fostered the use of the QPR Program to accommodate management’s subjective biases and personal opinions, to the detriment of Yahoo’s male employees.”

The QPR Program at Yahoo is the controversial quarterly performance review program that ranks employees and then fires the lowest ranking ones. In the Media division, where Anderson was an editor, the complaint says that when male and female employees got equally low scores (anything under 3), the women were favored and the men were fired. What’s worse, in the case that both male and female employees got the same score, the men were fired and the female employee took over the male employees job.

This isn’t the first discrimination lawsuit to be tied to a stack ranking system. In the early 2000s, a cascade of cases against Ford, Goodyear, and Capital One, alleged that such systems led to age discrimination against older employees

The lawsuit also alleges that in addition to discriminating against men, Yahoo fires people without just cause and did not give 60 days’ notice to staff affected in mass layoffs. In California, layoffs are defined as terminating more than 50 people at one time, therefore not providing notice violates California law. In addition to the complaint about the way that people were fired, Anderson’s complaint also alleges that there was unfair gender based biased for hiring.  Former Chief Marketing Officer Kathy Savitt, almost exclusively hired women into management positions in Yahoo’s media division.

Under Title VII of the 1964 Civil Rights Act and also California’s Fair Employment and Housing Act, discrimination on the basis of sex is illegal. It doesn’t matter which gender the person happens to be.

“The Anderson lawsuit raises the question of how to correct lingering gender discrimination against women and suggests that the answer is not yet more illegal discrimination,” wrote Anderson’s attorney Jon Parsons in a statement about the lawsuit.

Article via Huffington Post, 4 February 2016

Photo: Yahoo! by Eric Hayes [Creative Commons Attribution-NonCommercial-NoDerivs]


Natural gas leak leads to criminal charges

Over 100 days after the beginning of a natural gas leak near the the Porter Ranch neighborhood, criminal charges are being brought against Southern California Gas Company. Los Angeles County District Attorney Jackie Lacey has filed charges due to failing to immediately report the natural gas leak at its Aliso Canyon facility to proper authorities, her office announced Tuesday. Southern California Gas Company is being charged with four misdemeanor counts: three counts of failing to report the release of hazardous material from Oct. 23 to Oct. 26 and one count for the discharge of air contaminants starting Oct. 23 through the present, according to the complaint.

In late November, 58,000 kilograms of methane per hour have been leaking into the atmosphere due to the breach. Since then, the natural gas leak has released emissions equivalent to burning more than 862,000 gallons of gasoline.

Methane is the primary component of natural gas, and can leak almost anywhere in the supply chain. Methane leaks like this, are a contributing factor to climate change and the overall warming of the environment. Figures from 2007 showed that there are about 400 underground methane storage sites like Aliso Canyon (Southern California Gas Co. current major leak), and these storage facilities are poorly regulated. There’s little federal oversight of such facilities, and the state is not consistent with enforcing regulations. This lack of oversight creates opportunities for such large leaks to go unnoticed and in this case, unaddressed for so long. Souther California Gas Company say that the leak will finally be stopped by late this month, but the methane will linger in the atmosphere, most likely for decades.

The gas company could be fined up to $25,000 a day for each day that it failed to notify the California Office of Emergency Services and up to $1,000 per day for air pollution violations.

“It is important that Southern California Gas Co. be held responsible for its criminal actions… We will do everything we can as prosecutors to help ensure that the Aliso Canyon facility is brought into compliance,” stated District Attorney Jackie Lacey in a written statement.  “I believe we can best serve our community using the sanctions available through a criminal conviction to prevent similar public health threats in the future.”

Arraignment for the company is set for Feb. 17 at the Santa Clarita Branch of the Los Angeles County Superior Court.

Article via fivethirtyeight.com, 3 February, 2016; Daily News, 2 February 2016

Photo Demonstrating On The Leak by Greenpeace USA [Creative Commons Attribution-NonCommercial-NoDerivs]