blogger

Saturday, September 14, 2013

bitcoin gold earn money 2013

What is bitcoin? see video



Like gold, Bitcoin derives its value from scarcity. It is intentionally difficult to use computers to create and add to the chain of cryptographic phrases that make each bitcoin unique—a process known as bitcoin mining. The currency is capped with a finite limit, too, so the more bitcoins exist in the world, the harder and slower it is to mine more of them. 
1 bitcoint (BTC) = 149.22$

i share some links for you to earn bitcoin or to get daly free for visit's site.....

please donate to this addres : 1Gjd6m86uwnERRstFQ3fBnevdaWs553pxT


faucet.bitcoinadsmart0September 14, 2013, 12:42
bitbucks0September 14, 2013, 12:39
bitcoinsurvey0September 14, 2013, 12:38
GetBitcoin0September 14, 2013, 12:38
canhasbitcoin0September 14, 2013, 12:37
virtualfaucet0September 14, 2013, 12:35
srbitcoin0September 14, 2013, 12:34
hitleap0September 14, 2013, 12:33
hartcode0September 14, 2013, 12:31
dailybitcoins0September 14, 2013, 12:30
abitback0September 14, 2013, 12:30
coinflow0September 14, 2013, 12:29
coinflow0September 14, 2013, 12:28
bitcoin4you0September 14, 2013, 12:28
bitvisitor/0September 14, 2013, 12:27
abitback0September 14, 2013, 12:26
abitback0September 14, 2013, 12:26
bitvisit0September 14, 2013, 12:26
bitcrate

Saturday, July 20, 2013

Android Backups Could Expose Wi-Fi Passwords to NSA

Android

Google's "back up my data feature" for Android may be a convenient and easy way to back up files, but it also may put network security at risk by exposing the passwords of encrypted Wi-Fi networks.
On his personal blog, Electronic Frontier Foundation (EFF) staff technologist Micah Lee pointed out that the backup feature syncs all the network passwords your Android devices remember to Google's cloud storage.
"Because Android is so popular, it's likely that Google has plaintext Wi-Fi passwords for the majority of password-protected Wi-Fi networks in the world," Lee wrote.
As an Android device owner adds Wi-Fi network passwords over the course of using the device, every new password is saved on the device. But because Android devices aren't equipped to encrypt passwords, the devices must be saving and transmitting those passwords in plaintext.
"With your home Wi-Fi password, an attacker can sniff Wi-Fi traffic outside your house (without connecting to your network) and then decrypt it all, passively eavesdropping on your private network," Lee wrote.
"If the attacker wants to do more active attacks, they can connect to your Wi-Fi network and mount a man-in-the-middle attack to eavesdrop on and modify any unencrypted Internet traffic," Lee added. "If you download a file, they can serve you a malicious version instead."
In a statement to tech blog Ars Technica, Google said that Android backup data was "encrypted in transit, accessible only when the user has an authenticated connection to Google and stored at Google data centers, which have strong protections against digital and physical attacks."

SEE ALSO: The 5 Best Android Security Apps
The Google representative did not specify whether the data was encrypted on Google's servers, but added that disabling backup on an Android device would cause all backups to be erased.
Lee noted that since Google at least partly cooperates with NSA data-mining operations, it's possible that the spy agency could get hold of Wi-Fi passwords.
The Android backup feature is turned on by default on stock Android devices, which includes the Nexus line of smartphones and tablets. It can be switched on or off under Backup & Reset in the stock Android Settings menu.
(Manufacturers that tweak their Android builds, such as Samsung or HTC, have their own policies.)
Backup is part of the main Android application program interface, or API, meaning it can be accessed by other apps in order to transmit data to the cloud in case the device were to become compromised.

How to get drunk off of gummy bears and oranges. So cool! Click here

Wednesday, May 1, 2013

15 interesting and extremely helpful #Linux CLI tricks

As you start spending more and more time working on Linux command line, you tend to learn some cool tricks that make your life easy and save you lot of time. I have been working on Linux command line for many years now and I have learned a lot of Linux command line tricks. Here in this article, I will discuss some Linux command line tricks that I find worth using in my day to day command line activities.
NOTEAll the examples in this article are tested on bash shell.
TIP – Did you know sudo works with wives too?! *lulz*
sudo

Very usefully Linux command line tricks…

1. How to delete files with leading or trailing spaces?

You might find yourself struggling with deleting files with leading or trailing spaces through ‘rm’ command on Linux command line.
For example :
$ rm tempFile
rm: cannot remove `tempFile': No such file or directory
So we see that rm command says that this file does not exist. But you are pretty confident that file with such name exists. Then the only thing could be that this file name would be having leading or trailing spaces.
You can use double quotes to avoid this problem :
$ rm "tempFile "
The above command worked in my case.

Note that if you do not want to use double quotes then ‘\ ‘ can be used. Here is an example :
$ rm tempFile\
Remember to add a space after back slash.

2. How to delete files with names beginning with hyphen (-) ?

Sometimes you may find yourself stuck with a situation like this :
You have to delete a file named -1mpFile.out
$ ls
-1mpFile.out                          CPPfile.o             libCfile.so      mylinuxbook_new  prog          split
But, when you try using rm command, following error is produced :
$ rm -1mpFile.out
rm: invalid option -- '1'
Try `rm ./-1mpFile.out' to remove the file `-1mpFile.out'.
Try `rm --help' for more information.
Even if you use double quotes, you get the following error :
$ rm "-1mpFile.out"
rm: invalid option -- '1'
Try `rm ./-1mpFile.out' to remove the file `-1mpFile.out'.
Try `rm --help' for more information.
So, rm command considers the hyphen ‘-’ as an indicator that some command line option will follow and so it treats ’1mpFile.out’ as an option. Hence the error.
Now, to tell ‘rm’ that the word beginning with hyphen is file name, you need to pass double hyphen (–) first. Here is an example :
$ rm -- -1mpFile.out
So this should remove the file successfully.
Since this problem is generic ie you will observe this problem even while creating this file using ‘touch’ command etc. Double hyphen can be used with other commands too for the same purpose.
Here is another example of double hyphen but this time with touch and ls commands :
$ touch -1mpFile.out
touch: invalid option -- '1'
Try `touch --help' for more information.
$ touch -- -1mpFile.out
$ ls — -1mpFile.out -1mpFile.out
So we can safely use double hyphen (–) in a generic sense with different Linux commands.

3. How to delete all files in a directory except some (with particular extensions) ?

Suppose you have a directory with lot of files and you want to delete all the files except some of them (with particular file extensions). This can be done in following way :
Here is a directory containing lot of files :
$ ls
a.out         Cfile.c  file.c             macro.c     my_printf.c   orig_file.orig  stacksmash.c
bfrovrflw.c   cmd.c    firstPYProgram.py  main.c      new_printf.c  orig_file.rej   test_strace.c
bufrovrflw.c  env.c    helloworld.c       my_fopen.c  new.txt       prog.c          virtual_func.c
Now, you want to delete all the files except .c and .py files.
Here is what you can do :
$ rm !(*.c|*.py)

$ ls
bfrovrflw.c   Cfile.c  env.c   firstPYProgram.py  macro.c  my_fopen.c   new_printf.c  stacksmash.c   virtual_func.c
bufrovrflw.c  cmd.c    file.c  helloworld.c       main.c   my_printf.c  prog.c        test_strace.c
So you can see that files with all other extensions got deleted.

4. How to create customized backup using touch and find commands?

Touch command in association with find command can be used to create customized backups.
Suppose you want to create a backup of files that you created or changed in a directory between 9am and 5pm. For this, the very first step is to create two files temp1 and temp2 with timestamps as 9am and 5pm respectively.
$ touch -d "9am" temp1
$ touch -d "5pm" temp2
These commands will create two files temp1 and temp2 with access and modification timestamps as 9am and 5pm respectively.
Let’s cross check these by using stat command:
$ stat temp1
 File: `temp1'
 Size: 0 Blocks: 0 IO Block: 4096 regular empty file
 Device: 806h/2054d Inode: 528534 Links: 1
 Access: (0664/-rw-rw-r--) Uid: ( 1000/stun) Gid: ( 1000/stun)
 Access: 2013-04-29 09:00:00.000000000 +0100
 Modify: 2013-04-29 09:00:00.000000000 +0100
 Change: 2013-04-29 16:06:05.982909491 +0100
 Birth: -
$ stat temp2
 File: `temp2'
 Size: 0 Blocks: 0 IO Block: 4096 regular empty file
 Device: 806h/2054d Inode: 529476 Links: 1
 Access: (0664/-rw-rw-r--) Uid: ( 1000/stun) Gid: ( 1000/stun)
 Access: 2013-04-29 12:00:00.000000000 +0100
 Modify: 2013-04-29 12:00:00.000000000 +0100
 Change: 2013-04-29 16:06:12.090939793 +0100
 Birth: -
So we see that timestamps was as expected. Now move to the directory where you want to create the backup of files. Here are the contents of the directory in my case :
$ ls
bfrovrflw.c   Cfile.c  env.c   firstPYProgram.py  macro.c  my_fopen.c   new_printf.c  stacksmash.c   virtual_func.c
bufrovrflw.c  cmd.c    file.c  helloworld.c       main.c   my_printf.c  prog.c        test_strace.c
Now, I create a directory named ‘bkup’ and run the following command :
$ find . -newer ../temp1 ! -newer ../temp2 -exec cp '{}' ./bkup/ ';'
The -newer and ! -newer options in command above will first find all the files with modification time between 9am and 5pm. Then the -exec option makes sure that the cp command is run for every result (‘{}’) of find command and the file is copied to ./bkup/ folder. The terminating ‘;‘ is the indication that cp command terminates here.
Now, if you see the ‘bkup’ directroy, you’ll find all the backed up files there. Here is what I saw in my case :
$ cd bkup/
$ ls
bfrovrflw.c   Cfile.c  env.c   firstPYProgram.py  macro.c  my_fopen.c   new_printf.c  stacksmash.c   virtual_func.c
bufrovrflw.c  cmd.c    file.c  helloworld.c       main.c   my_printf.c  prog.c        test_strace.c
As all the files were created between 9am and 5pm so all of them were backed up.

5. Why rm command fails with error ‘Argument list too long’?

This usually happens when you have a directory containing huge number of files. When you do a rm -rf over it, you get something like :
-bash: /bin/rm: Argument list too long
This issue can be resolved using following command (please switch over to the desired directory before running this command):
find * -xdev -exec rm -f '{}' ';'
The find command above will supply input to rm command in batches that it can process. This is one of the fastest method to delete files.

6. How to search for all the files in a directory containing a particular string?

This can be easily achieved using grep command.
Here are a couple of examples :
$ grep -l "printf" *.c
bfrovrflw.c
bufrovrflw.c
Cfile.c
cmd.c
env.c
file.c
helloworld.c
macro.c
main.c
my_fopen.c
my_printf.c
new_printf.c
prog.c
stacksmash.c
test_strace.c
$ grep -l "buff" *.c
bfrovrflw.c
If it is desired to view the lines where the string is used in the file, then ‘find’ command can be used with ‘xargs’ and ‘grep’ command in the following way :
$ find ./ -name "*.c" | xargs grep "buff"
./bfrovrflw.c:    char buff[15];
./bfrovrflw.c:    gets(buff);
./bfrovrflw.c:    if(strcmp(buff, "MyLinuxBook"))
So we see that even the lines containing the string “buff” were displayed in the output.

7. How to Empty a file using ‘>’ operator ?

Suppose you want to empty a file from command line.
Here is how easily you can do it :
$ > [complete file path]
For example :
$ > ./logfile
This will delete all the contents of the file ‘logfile’ and empty it.

8. How to search man pages for a particular string?

You might have used Linux man pages to understand more about a command, function etc. But, what if you want to know which man pages discuss about a particular topic. For example, what if I want to know that which man pages discuss about ‘login’?
Well, there exists an option -k through which you can do this. Here is an example :
$ man -k login
access.conf (5)      - the login access control table file
add-shell (8)        - add shells to the list of valid login shells
chsh (1)             - change login shell
faillog (5)          - login failure logging file
faillog (8)          - display faillog records or set login failure limits
getlogin (3)         - get username
getlogin_r (3)       - get username
gnome-session-properties (1) - Configure applications to start on login
hotot (7)            - lightweight & opensource microbloging client
issue (5)            - prelogin message and identification file
lastlog (8)          - reports the most recent login of all users or of a given user
login (1)            - begin session on the system
login (3)            - write utmp and wtmp entries
login.defs (5)       - shadow password suite configuration
login_tty (3)        - tty utility functions
logname (1)          - print user's login name
...
...
...
So we see that all the man pages that discuss about ‘login’ were displayed in the output.

9. How to redirect stderr output messages to a file?

It so happens mostly that standard commands/programs/services stream normal log messages to stdout while error log messages to stderr stream. Now, if you just do something like :
$ [some-command] > logfile
Then only the messages that were directed to stdout would be redirected to the file ‘logfile’ but no message that was directed to stderr would be redirected to the file.
Here is an example :
$ touch new > /home/stun/derp_test/logfile 
touch: cannot touch `new': Permission denied
$ cat /home/stun/derp_test/logfile 
$
So we see that error was not redirected to the log file.
Now, to correct this, do something like :
$ touch new > /home/stun/derp_test/logfile 2>&1
$ cat /home/stun/derp_test/logfile 
touch: cannot touch `new': Permission denied
So we see that this time the error was redirected to the file successfully. Please note that 2>&1 combines both stdout and stderr streams to stdout stream only.

10. How to follow multiple log files on the go?

If it is required to follow multiple log files as they are being updated then this can be done through tail command.
Suppose I want to monitor two log files ‘logfile’ and ‘logfile1′ simultaneously then I will use the tail command as follows :
$ tail -f logfile logfile1
==> logfile <==

==> logfile1 <==

==> logfile <==
hi

==> logfile1 <==
hello
So you can see that dynamic updates to these log files can easily be monitored through tail command.

11. How to make a command not to show up in the output of ‘history’ command?

Well, sometimes you would want to run a command but do not want it to appear in the output of Linux history command.
You can achieve this by inserting a space before you type the command on prompt.
Here is an example :
$  df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/sda6       29640780 6174904  21960188  22% /
udev             1536752       4   1536748   1% /dev
tmpfs             617620     892    616728   1% /run
none                5120       0      5120   0% /run/lock
none             1544040     156   1543884   1% /run/shm
Note that there is a space between ‘$’ and ‘df’.
Now, let’s confirm whether this command appears in the output of ‘history’ :
$ history | grep df
 1633  ls *.pdf
 1634  mv LinuxCommandsPart1.pdf LinuxCommandsPart1
 2245  history | grep df
The df command was not captured in the output of history command.

12. How to simulate on-screen typing just like you see in movies?

Well, to simulate typing just like you see in movies, use ‘pv’ command.
Try this out :
 echo "You can simulate on-screen typing just like in the movies" | pv -qL 10
Check the output for yourself. :-)

13. How to escape the aliased version of a command?

The alias command, as we all know is used to create aliases of the commands that act as short cuts and save time.
For example, I have created alias of ls command such that whenever I execute ls, its ‘ls -lart’ that gets executed.
$ alias ls='ls -lart'
Now, if I ever intend to escape the alias and want to execute only ls, then I can do this by beginning the command with a backslash ie ‘\’.
Here is an example :
$ \ls
1                      CPPfile.o            libCPPfile.so    mylinuxbook_new  prog.c        stacksmash.c
So we see that the original ls command was executed.
NOTE – If you want to suppress an alias for a whole login session, you can use ‘unalias’ command for that.

14. How to make efficient use of Linux command line history using !! and ! ?

Double exclamation ie ‘!!’ represents the last run command on the shell. Here is an example :
 
$ uname -a
Linux stun-Inspiron-1525 3.2.0-36-generic-pae #57-Ubuntu SMP Tue Jan 8 22:01:06 UTC 2013 i686 i686 i386 GNU/Linux

$ !!
uname -a
Linux stun-Inspiron-1525 3.2.0-36-generic-pae #57-Ubuntu SMP Tue Jan 8 22:01:06 UTC 2013 i686 i686 i386 GNU/Linux
So what best can we do with !! ?
Well, firstly, you can extend the command easily. Here is an example :
$ !! | grep Linux
uname -a | grep Linux
Linux stun-Inspiron-1525 3.2.0-36-generic-pae #57-Ubuntu SMP Tue Jan 8 22:01:06 UTC 2013 i686 i686 i386 GNU/Linux
Also, it so happens many times that you run a command and you get an error that the command requires root privileges. Then you press the ‘up arrow’ key + home key + write ‘sudo’ . Well all this can be avoided using !!. Here is an example :
$ touch new_binary
touch: cannot touch `new_binary': Permission denied

$ sudo !!
sudo touch new_binary
[sudo] password for stun:

$ ls new_binary 
new_binary
Sometimes you would like to append a command to existing shell script or would like to create a new shell script, then you can use ‘!!’ to the task easily. Here is an example :
$ ls -lart /home/stun/derp_test/*.py

-rw-rw-r-- 1 stun stun 50 Mar  1 00:23 /home/stun/derp_test/firstPYProgram.py
$ echo !! > script.sh 
echo ls -lart /home/stun/derp_test/*.py > script.sh

$ cat script.sh 
ls -lart /home/stun/derp_test/firstPYProgram.py
So we see that this way !! proves to be easy and time saving. Now, lets come to single exclamation ie ‘!’ . Unlike double exclamation ie ‘!!’, through single exclamation ‘!’, we can access any previously run command that exists in command line history. Here are some examples : Use serial number from output of history command to run a particular command
 
$ history
...
...
...
2039  uname -a | grep Linux
 2040  dmesg
 2041  clear
 2042  cd bin
 2043  clear
 2044  pwd
 2045  touch new_binary
 2046  sudo touch new_binary
 2047  ls new_binary 
 2048  history

$ !2039
uname -a | grep Linux
Linux stun-Inspiron-1525 3.2.0-36-generic-pae #57-Ubuntu SMP Tue Jan 8 22:01:06 UTC 2013 i686 i686 i386 GNU/Linux
So we see that command number 2039 was run through single exclamation ‘!’ without having to type or copy paste the command again.
You can use negative integer values with ‘!’ to run second last command, third last command, fourth last command…and so on.
Here is an example :
 
 $history
...
...
...
 2049  ! 2039
 2050  uname -a | grep Linux
 2051  history

$ !-2
uname -a | grep Linux
Linux stun-Inspiron-1525 3.2.0-36-generic-pae #57-Ubuntu SMP Tue Jan 8 22:01:06 UTC 2013 i686 i686 i386 GNU/Linux
Run a new command with argument of previous command
Here is an example :
$ ls /home/stun/derp_test/*.py
/home/stun/derp_test/firstPYProgram.py

$ ls -lart !$
ls -lart /home/stun/derp_test/*.py
-rw-rw-r-- 1 stun stun 50 Mar  1 00:23 /home/stun/derp_test/firstPYProgram.py
So we see that ‘!$’ can be used to fetch argument from previous command and use it with the current command.
In case of two arguments, use carrot ‘!^’ to access first argument Here is an example :
$ ls /home/stun/derp_test/*.py /home/stun/derp_test/*.txt
/home/stun/derp_test/file.txt           /home/stun/derp_test/output.txt  /home/stun/derp_test/sort.txt
/home/stun/derp_test/firstPYProgram.py  /home/stun/derp_test/sort1.txt   /home/stun/derp_test/test.txt
/home/stun/derp_test/input.txt          /home/stun/derp_test/sort2.txt
$ ls -lart !^
ls -lart /home/stun/derp_test/*.py
-rw-rw-r-- 1 stun stun 50 Mar  1 00:23 /home/stun/derp_test/firstPYProgram.py
So we see that through ‘!^’ we can access the first argument of the previous run command. To access the any other argument (of previous run command) in current command, ‘![prev command name]:[argument number]‘ can be used. Here is an example :
$ ls !ls:2
ls /home/stun/derp_test/*.txt
/home/stun/derp_test/file.txt    /home/stun/derp_test/sort1.txt  /home/stun/derp_test/test.txt
/home/stun/derp_test/input.txt   /home/stun/derp_test/sort2.txt
/home/stun/derp_test/output.txt  /home/stun/derp_test/sort.txt
So this way, the second argument (of the previous command) was accessed. To access all the arguments of a previously run command, use ‘!*’ Here is an example :
$ ls -lart !*
ls -lart /home/stun/derp_test/*.py /home/stun/derp_test/*.txt
-r--r--r-- 1 stun stun 50 Oct 24  2012 /home/stun/derp_test/output.txt
-r--r--r-- 1 stun stun  7 Nov 10 13:46 /home/stun/derp_test/input.txt
-r--r--r-- 1 stun stun  8 Dec  7 20:38 /home/stun/derp_test/sort1.txt
-r--r--r-- 1 stun stun  8 Dec  7 20:39 /home/stun/derp_test/sort2.txt
-r--r--r-- 1 stun stun 14 Dec 14 20:45 /home/stun/derp_test/file.txt
-r--r--r-- 1 stun stun 41 Jan 23 20:42 /home/stun/derp_test/sort.txt
-rw-rw-r-- 1 stun stun 50 Mar  1 00:23 /home/stun/derp_test/firstPYProgram.py
-rw-rw-r-- 1 stun stun  0 Mar 10 15:31 /home/stun/derp_test/test.txt
Use ‘![keyword]‘ to run the last command starting with [keyword] Here is an example :
$ !ls
ls -lart /home/stun/derp_test/*.py
-rw-rw-r-- 1 stun stun 50 Mar  1 00:23 /home/stun/derp_test/firstPYProgram.py
So we see that the last ls command was executed. This way you can just write the first keyword of the command (which is command name usually) and you do not need to write the complete command. Single exclamation ‘!’ will do it for you.

15. How to switch between directories efficiently?

Working on Linux command line means switching between lot of directories. You are in a directory ‘A’, then you move to directory ‘B’. Now you want to come back to directory ‘A’. Typing the complete directory path for ‘A’ can be cumbersome sometimes. For this you can use ‘cd -’ short cut. Here is an example :
 
$ pwd
/home/stun

$ cd /usr/local/bin/

$ cd -
/home/stun
So we see that it’s easy to switch between two directories using cd- .
But, ‘cd -’ resolves only a partial problem. It can only switch you back to last directory only. What if you switch between multiple directories and then want to come back to the first or some other desired directory? I mean, suppose you are in a directory ‘A’, then you switch to directories ‘B’ -> ‘C’ -> ‘D’ -> ‘E’ and then you want to again go back to directory ‘A’.
Well, for this, you can use the combination of ‘pushd’ and ‘popd’.
Here is an example :
 
$ pwd
/home/stun

$ pushd /home/stun
~ ~

$ cd /usr
$ cd /tmp
$ cd /proc

$ popd
~

$ pwd
/home/stun
As you can see, first you pass the desired directory (to which you want to come back eventually) as argument to ‘pushd’ and then through ‘popd’ you can actually trigger a directory switch to that directory from anywhere on the command prompt.
Anyhow that’s for now, be free to comment and tip me more commands you think are useful i’ve could add to this “guide”.

Saturday, April 27, 2013

LivingSocial Hacked — More Than 50 Million Customer Names, Emails, Birthdates and Encrypted Passwords Accessed (Internal Memo)

hacked
LivingSocial, the daily deals site owned in part by Amazon, has suffered a massive cyber attack on its computer systems, which an email from CEO Tim O’Shaughnessy — just sent to employees and obtained by AllThingsD.com — said resulted in “unauthorized access to some customer data from our servers.”
The breach has impacted 50 million customers of the Washington, D.C.-based company, who will now be required to reset their passwords. All of LivingSocial’s countries across the world appear to have been affected, except in Thailand, Korea, Indonesia and the Philippines, as LivingSocial units Ticketmonster and Ensogo there were on separate systems.
One positive note in a not-so-positive situation: The email sent to employees and customers noted that neither customer credit card nor merchant financial information was accessed in the cyber attack.
This is the latest big data breach in the consumer Internet space, which has seen troublesome incursions into some high-profile companies recently, including Zappos, LinkedIn and Evernote.
When asked for comment on the email, a LivingSocial PR spokesman confirmed the attack and that 50 million customers were impacted.
The attack comes at a tough time for the company, since it has been trying to turn itself around after a downturn across the daily deals landspace. LivingSocial got a large cash infusion recently from investors to help staunch its losses. Amazon owns 29 percent of the company.
More to come, but here’s the email sent to employees, including one that will be sent to customers soon:
Re: Security Incident
LivingSocialites –
This e-mail is important, so please read it to the end.
We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.
Two things you should know:
1. * The database that stores customer credit card information was not affected or accessed.
2. * The database that stores merchants’ financial and banking information was not affected or accessed.
The security of our customer and merchant information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.
To ensure our customers and merchants are fully informed and protected, we are notifying those who may have been impacted via email explaining what happened, expiring their passwords, and requesting that they create new passwords. A copy of the note is included below this email.
If you have any questions or concerns, please visit Pulse –https://pulse.livingsocial.com/intranet/Home/more_updates.html — for a list of frequently asked questions. If you have additional questions that aren’t answered in the FAQs, please submit them via email to XXX@livingsocial.com.
Because we anticipate a high call volume and may not be able to answer or return all calls in a responsible fashion, we are likely to temporarily suspend consumer phone-based servicing. We will be devoting all available resources to our web-based servicing.
I apologize for the formality of this note, which the circumstances demand. We need to do the right thing for our customers who place their trust in us, and that is why we’re taking the steps described and going above and beyond what’s required. We’ll all need to work incredibly hard over the coming days and weeks to validate that faith and trust.
– Tim
Subject: An important update on your LivingSocial.com account
LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.
The database that stores customer credit card information was not affected or accessed.
Although your LivingSocial password would be difficult to decode, we want to take every precaution to ensure that your account is secure, so we are expiring your old password and requesting that you create a new one.
For your security, please create a new password for your < > account by following the instructions below.
1. Visit LivingSocial.com
2. Click on the “Create a New Password” button (top right corner of the homepage)
3. Follow the steps to finish
We also encourage you, for your own personal data security, to consider changing password(s) on any other sites on which you use the same or similar password(s).
The security of your information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.
Please note that LivingSocial will never ask you directly for personal or account information in an email. We will always direct you to the LivingSocial website — and require you to login — before making any changes to your account. Please disregard any emails claiming to be from LivingSocial that request such information or direct you to a different website that asks for such information.
If you have additional questions about this process, the “Create a New Password” button on LivingSocial.com will direct you to a page that has instructions on creating a new password and answers to frequently asked questions.
We are sorry this incident occurred, and we look forward to continuing to introduce you to new and exciting things to do in your community.
Tim O’Shaughnessy
CEO, LivingSocial

Thursday, April 25, 2013

Arrested Hacker Trolls Australian Feds, Claims to be "Leader of LulzSec"

Arrested "hacker" had a flashy desk job; Anonymous laughs at his wild claims

"It seems you have been living..two lives. In one life, you're Thomas A. Anderson, program writer for a respectable software company....you pay your taxes, and you...help your landlady carry out her garbage. The other life is lived in computers, where you go by the hacker alias...and are guilty of virtually every computer crime we have a law for."
--The Matrix (1999)

I. Sydney Police Catch Corporate Man Moonlighting as a "Hecker"

That quote echoes the situation that a senior staffer at a "prominent" IT firm finds himself in after he was apprehended Monday evening by Australian Federal Police (AFP) following his alleged defacement of an Australian federal government website.  The AFP warns that hacking isn't just "harmless fun" and that they'll hunt down lawbreakers.

The alleged hacker -- or "hecker" as Anonymous sometimes says -- has been released on bail and will be tried in Woy Woy Local Court in Sydney on three computer crimes charges:
 

Two counts of unauthorised modification of data to cause impairment, contrary to section 477.2 of the Criminal Code Act 1995; and

One count of unauthorised access to, or modification of, restricted data, contrary to section 478.1 of the Criminal Code Act 1995.

Australian Police
The Australian Federal Police have caught themselves a hecker.
[Image Source: The Daily Telegraph]

The maximum penalties for the offenses are two years and ten years, respectively.

II. Suspect Claims to be King of LulzSec, Australian Police Get Excited

Authorities report that the man made the astounding claim to be the "leader of LulzSec".  You may recall that LulzSec was the group that in 20111 hacked Sony Corp. (TYO:6758) several times and also breached government sites.  Most of the folks from LulzSec are already in custody or in prison.  And most sources indicate that hacker-turned-double agent for the U.S. federal government Hector Xavier Monsegur (handles: "Sabu", "Xavier DeLeon", and "Leon") was the group's true leader.

Usually when a real LulzSec leader/hacker gets arrested, there's major Twitter traffic, with members of LulzSec parent hacker league Anonymous confirming the validity of the claim.  In this case, it appears the AFP -- and the members of the media who unquestioningly carried their claims -- have been duped.  The local Anonymous branch's Twitter account carried the disclaimer:
So it sounds like the hacker may either have been looking to get famous on the internet or simply trolling the Australian police.  Either way, they bit, parroting his claims proudly at their press conference.

LulzSec
It appeared the AFP were trolled. [Image Source: LulzSec]

This isn't the first time hackers have made a mockery of the Australian feds.  Back in 2009 they claimed to be hack-proof, a claim which earned them a prompt hacking by Anonymous.

https://www.facebook.com/YourAnonymoNews

Wednesday, April 24, 2013

The Internet’s Own Boy




An investigative documentary from director Brian Knappenberger about the life of the internet pioneer and activist Aaron Swartz.
  • Launched: Apr 24, 2013
  • Funding ends: May 24, 2013

Currently titled “The Internet’s Own Boy,” the new film by Brian Knappenberger, director of “We Are Legion: The Story of the Hacktivists,” follows internet activist and programming pioneer Aaron Swartz from his teenage emergence on the internet scene and involvement in RSS and Reddit, to his increased interest in political advocacy and the controversial actions he allegedly took in downloading nearly four million academic articles from the online service JSTOR. The film explores Aaron’s arrest, the prosecution’s tactics in bringing the case to trial through the Computer Fraud and Abuse Act, the CFAA, and the impact a seemingly small hacking gesture had on Aaron’s life and the future of information access on the internet.
WE NEED YOUR HELP!  Independent documentaries created outside the studio or traditional broadcast system face an uphill battle getting made and distributed.  If we are able to raise the funds we need for this film, we hope to get creative with how we bring it to audiences.  In addition to finding as many new ways as possible to share the final documentary, we have decided in the spirit of open access to release the film digitally through a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.  Aaron gave a lot of his time and energy to Creative Commons.  We also hope to find other outlets as well as live screenings, a small theatrical run and bringing it to college campuses and libraries.  We think this is the best way to share this powerful story!
HELP US MAKE IT HAPPEN!  Any contribution gets us closer to the goal.  Obviously the way it works with Kickstarter, if we don't make the goal we don't get anything.
Director Brian Knappenberger
A lot has been written about Aaron, some of it very good, but I felt that taken as a whole it represented a fractured picture of him. I wanted to hear from the people who knew him, explore each chapter of his life and go through his numerous video appearances to have him tell his own story as much as possible. I was well aware of Aaron long before the news broke. I happened to be attending a social computing conference in New York at the time and surrounded by dozens of people who knew Aaron personally. Through their stories it became immediately clear how many diverse corners of the internet Aaron's work touched. A few days into the conference I started recording people’s memories of him on camera, and weeks later I knew I had to go deeper to fully understand what caused such an accomplished and inspired person to take his own life. As became obvious in "We Are Legion" many internet activists are so frustrated with existing systems that they consider them unfixable. But Aaron didn’t fit into this category. Countless friends describe him as someone who wanted to work within the system, to “hack” or use new tools to fix problems in our society – everything from internet freedoms to health care. 
This documentary is an opportunity to explore the influence one incredibly talented programmer and celebrated internet visionary had on the discussion of information access, what his involvement in such a volatile subject means for all internet users, and what his trial has shown us about the cracks in an outdated legal system that lead to such tragic consequences.
WE HAVE ALSO DECIDED AFTER THE FILM IS COMPLETED TO RELEASE THE RAW INTERVIEW FOOTAGE AND POST IT TO THE INTERNET ARCHIVE IN SAN FRANCISCO THROUGH A SIMILAR CREATIVE COMMONS LICENSE.  
“The Internet’s Own Boy” is currently in production. Money raised will go towards setting up further shoots, conducting interviews, facilitating research and collecting archival footage. The project also reunites Knappenberger with We Are Legion: The Story of the Hacktivists soundtrack composer John Dragonetti, who will compose an original score for the film.
YOUR CONTRIBUTIONS ARE CRITICAL to bringing this powerful story to a wider audience!
We anticipate the full film will cost us around $175K to complete, not including distribution, so this is just our first round of asking for funding. We may be back for finishing funds!  Anything from $5 to $5,000 helps and is HUGELY appreciated!
Many thanks for helping us tell this incredible story. It is a significant and poignant chronology of Internet history.

Risks and challenges Learn about accountability on Kickstarter

There are risks inherent in any film made outside the studio system. Mostly that's because the elements are many, including initial research and investigation, archival and original footage and interviews, soundtrack creation, final polishing with color correction and sweetening and then the many facets of distribution to a large audience. Because of Luminant Media's huge experience, we feel like this project has an excellent chance of being completed and going on to screen to huge numbers of people. Dir Brian Knappenberger has an enormous documentary track record.
We are firm believers in the power of independent documentaries. So far we have had such a huge outpouring of people interested in being a part of the documentary (and are truly grateful for their support) that we feel like we are well on the way to making a great and historically important film.
Many thanks!
The Luminant Media team
WE NEED YOUR HELP!

Tuesday, April 23, 2013

Twitter storm v1.0 for #StopCISPA April 24, 2013

    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #          Twitter storm v1.0 for #StopCISPA            #
    #                                                       #
    #             Date:        April 24, 2013               #
    #             Time:          8:00PM GMT                 #
    #                            4:00PM EDT                 #
    #                            1:00PM PDT                 #
    # Goal: Trend #StopCISPA top 5 worldwide, #1 in the US  #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    # Twitter account of Senate members for directed tweets #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
             @Barbara_Boxer (D-Cali) Barbara Boxer
             @PorkBarrel (R-Okla) Tom Cobrun
             @SenatorCollins (R-Maine) Susan Collins
             @JohnCornyn (R-Texas) John Cornyn
             @JimDeMint (R-S.C.) Jim DeMint
             @ChrisDodd (D-Conn) Chris Dodd
             @DickDurbin (D-Ill) Richard Durbin
             @JohnEnsign (R-Nev) John Ensign
             @ChuckGrassley (R-Iowa) Charles Grassley
             @JimInhofe (R-Okla) James Inhofe
             @ClaireCMC (D-Mo) Claire McCaskill
             @SenatorMendez (D-N.J.) Bob Menendez
             @SenJeffMerkley (D-Ore) Jeff Merkley
             @MarkUdall (D-Colo) Mark Udall
             @TomUdall (D-N.M.) Tom Udall
             @MarkWarner (D-Virg) Mark Warner
             @RogerWicker (D-Miss) Roger Wicker
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #   Avoid the Twitter spam ban! Send tweets 2 minutes   #
    #   apart. Send to no more than three @users at a time  #
    # Create a temporary twitter account if you are worried #
    #      about a suspension on your main account!         #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #  Tweet Ideas. Be sure to add #StopCISPA for your own  #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    * CISPA is a violation of my INALIENABLE right to privacy #StopCISPA
    * CISPA allows our information to go to agencies who don't care about our privacy. https://eff.org/CISPA  #StopCISPA
    * We can't have security without privacy. Help us defend the Internet from CISPA! https://eff.org/CISPA  #StopCISPA
    * Preserve privacy and liberty on the Internet. https://eff.org/CISPA  #StopCISPA
    * What have you done to #StopCISPA today? https://cyberspying.eff.org/
    * Does the military really need to know I signed up for Google+ when it first came out, but haven’t posted since? #StopCISPA https://eff.org/r.1X2
    * #CISPA Allows data shared with the government to be used for purposes unrelated to cybersecurity #StopCISPA
    * A free and open internet depends on more privacy, but CISPA gives us less. #StopCISPA https://eff.org/CISPA
    * CISPA sacrifices liberty without improving security. We deserve both. https://eff.org/CISPA #StopCISPA
    * Does the government REALLY want to know what porn I look at? Why? Can't find your own? #StopCISPA
    * Please preserve privacy and liberty on the Internet. #StopCISPA
    * We need a judge's oversight to protect our privacy and a number of other rights. #CISPA removes this #StopCISPA!
    * Lawmakers are pushing a dangerous bill that would threaten Americans' privacy while immunizing companies from any liability. #StopCISPA
    * CISPA resembles a modern, capitalistic version of govt & industry practices once common in the (former) USSR. #StopCISPA
    * If you take ALL my privacies away, we may as well ban the use of clothing too! #StopCISPA
    * #StopCISPA because our privacy and freedom of speech are not for sale to corporate lobbyists!
    * Privacy is SACRED! #CISPA will KILL it! Companies won't be required to strip private info of online users. #StopCISPA
    * Do you want to allow the government the ability to monitor your #FAP sessions? I sure don't! #StopCISPA
    * Not only will this bill infringe upon the rights of US citizens, it will infringe upon the rights of all persons #StopCISPA
    * #CISPA is a violation of the EU privacy and human rights law, it violates international law, and the constitution #StopCISPA
    * A yes vote for this bill, is a no vote for freedom #StopCISPA
    * #StopCISPA Explainer #4: Is There Anything Besides  Information-Sharing Hidden in CISPA? Courtesy of the @ACLU  http://www.aclu.org/blog/national-security-technology-and-liberty/cispa-explainer-4-there-anything-besides-information
    * #StopCISPA Explainer #3: "What Can Be Done With  Information After It Is Shared?" Courtesy of the @ACLU  http://www.aclu.org/blog/national-security-technology-and-liberty/cispa-explainer-3-what-can-be-done-information-after
    * #StopCISPA explainer #2 "Who can info be shared with?"  Courtesy of the @ACLU  http://www.aclu.org/blog/national-security-technology-and-liberty/cispa-explainer-2-whom-can-information-be-shared
    * #StopCISPA explainer #1 "What Information Can Be  Shared?" Courtesy of the @ACLU  http://www.aclu.org/blog/national-security-technology-and-liberty/cispa-explainer-1-what-information-can-be-shared
    * Join millions of your fellow citizens online and protest against the passage of this bill #StopCISPA
    * Protect the freedoms of future generations, make sure they have a right to privacy! #StopCISPA
    * Join the @ACLU and the @EFF and protect the right to privacy! #StopCISPA
    * Google, Microsoft and Facebook have no business reporting my activity online to the FBI #StopCISPA
    * The government wants to read my naughty emails?! Fuck That!! #StopCISPA
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #                  Directed tweet ideas.                  #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    * Your support of CISPA shows your hypocrisy, asking everyone else to  give  up their right to privacy, while you remain able to hold onto  yours. #StopCISPA
    * We're not going to sacrifice all of our liberties for the illusion of safety. #StopCISPA
    * #CISPA overrides existing privacy law, and grants broad immunities to participating companies. #StopCISPA
    * We are deeply unhappy that the House passed #CISPA to destroy everyone's online and by extension offline privacy. #StopCISPA
    * Is this the USA or the Republic Of China? #StopCISPA
    * Until the iron curtain fell, the US Govt & commerce opposed this sort of paranoid-based privacy infringement #StopCISPA
    * #StopCISPA because patriotic Americans oppose secretive & cozy anti-public relations between commerce & the government.
    * Why are you denying me my inalienable rights that have been guaranteed to me in the constitution? #StopCISPA
    * The US government has no rights to monitor my private life, or my activities, this bill is fundamentally flawed. #StopCISPA
    * A yes vote today, means a no vote tomorrow for you, all politicians that support this will be voted out of office #StopCISPA
    * Do you enjoy your cozy 6 figure a year job? #StopCISPA and keep it, vote yes and be voted out!
    * If you vote yes on #CISPA, may come over to your place and watch you piss? #StopCISPA
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    #      Tweet ideas calling for an internet blackout       #
    #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
    * It's time for a #StopCISPA blackout on the order of the #SOPA protests @Google @ericschmidt @Wikipedia @reddit
    * Protest against the passage of #CISPA #StopCISPA @Google @ericschmidt @Wikipedia @reddit
    * Collusion in the business of mass surveillance violates privacy #StopCISPA @Google @ericschmidt @Wikipedia @reddit
    * Companies need no law granting them violation of privacy #StopCISPA @Google @ericschmidt @Wikipedia @reddit
    * Private emails, cloud data, and social media are all affected #StopCISPA @Google @ericschmidt @Wikipedia @reddit


    https://www.facebook.com/YourAnonymoNews


    https://pbs.twimg.com/media/BIh6RN8CcAAi8qi.jpg:large

Monday, April 22, 2013

How to bypass an Android smartphone’s encryption and security: Put it in the freezer

Galaxy Nexus, in the freezer, about to cough up its encryption keys via a cold boot attack

Share This article

Security researchers at the University of Erlangen-Nuremberg in Germany have shown that they can extract photos, surfing history, and contact lists from Android smartphones, even if the phone is locked and the disk is encrypted. The software, called FROST, has been open-sourced by the researchers and is reasonably easy to use, if you’re interested in replicating the results. There is a caveat, though: As the name suggests, you need to put the phone in the freezer first.
The attack vector used by Tilo Müller, Michael Spreitzenbarth, and Felix Freiling is referred to as a cold boot attack. Cold booting (or hard booting) is where you reboot a system by cutting the power completely, and then turning back on. When you restart a computer normally (i.e. a warm reboot), there are usually processes in place that clear/sanitize the system’s memory — but by cold booting and bypassing these processes, the contents of any RAM are preserved.
RAM slowly losing data integrity, as recovered by FROST
Six successive RAM dumps from a Galaxy Nexus, as its RAM slowly loses data integrity.
“But RAM is volatile,” you decry. “RAM loses its data as soon as power is cut,” you plea — and yes, to an extent, you are right. RAM is volatile, and it does require regular spikes of power to retain its data — but when power is cut, it actually takes a few seconds or minutes for the data to be lost. If you have some way of reading the RAM, you can extract all sorts of sensitive information — most notably, the encryption key used to encrypt the local hard drive or flash storage. This fault (feature?) is called data remanence, and it also refers to the tendency for hard drives and other magnetic media to preserve data, even after being wiped.
Recovering FDE encryption keys, with FROST
Reading RAM is difficult, though. In the case of larger computers, you can physically transplant the stick of RAM into another computer, and read off the memory contents there. With embedded devices, such as smartphones, you don’t have that option — which is where FROST (Forensic Recovery Of Scrambled Telephones) comes in. In short, FROST is an Android recovery image — a lot like ClockworkMod — that gives you access to any data stored in RAM after a cold boot. From the main FROST menu, you can attempt to recover the full-disk encryption (FDE) keys from RAM, or simply dump the entire contents of RAM via USB to another PC for further analysis. (See: Full disk encryption is too good, says US intelligence agency.)
A Galaxy Nexus in the freezer, preparing to give up its encryption keysNow, as we mentioned, it can take anywhere from a few seconds to a few minutes for RAM to lose its data. One of the variables that causes this variance is temperature; by cooling RAM down, it preserves data for longer. In one particularly awesome research paper [PDF], liquid nitrogen has been shown to preserve DRAM contents for an entire week. In this particular case, though, the security researchers placed a Samsung Galaxy Nexus into a freezer for an hour, until the phone’s internal temperature dropped to 10C (50F). Then, by quickly removing and inserting the battery (it must be done in under 500 milliseconds), and entering FROST, they were able to make a complete dump of the phone’s RAM. Without the freezer, the phone’s RAM would lose its data before it could be recovered.
While FROST is notable as the first successful example of a cold boot attack on Android, FROST is just the latest in a long line of cold boot attack tools. In a world where full disk encryption is the norm rather than the exception in criminal circles, the ability to recover encryption keys from memory is of vital importance to the FBI, CIA, and other intelligence agencies around the world. It is now standard practice for some police forces to absolutely make sure that computers are not turned off during raids, until they have been fully scanned for encryption keys and any other data that might still be in RAM. There are defenses that can be employed against cold boot attacks, such as not storing encryption keys in RAM, but for now it seems that Android at least is still vulnerable.

New funny hack Click here

This website is offline in protest of CISPA

A archived screenshot in PNG with list of websites that have pledged to join the #CISPAblackout.



http://i.imgur.com/eKcTGCg.jpg

Click on Photo



Wednesday, April 17, 2013

No Digital Big Brother: Keep the Military Out of Your Email

This is it: after months of pitched battles, the Senate is set to vote on cybersecurity this week. Hundreds of thousands of Internet users have spoken out, and Senators listened. The Cybersecurity Act of 2012 has privacy safeguards that don’t exist in any other cybersecurity bill.
But everything could change in the next 5 days.


Here’s what we have to do to defend privacy

  1. Amend the bill to put in stronger safeguards for privacy. The Franken-Paul amendment would ensure that companies do not have new, overbroad authority to monitor and even block our private communications. Senator Wyden has also sponsored an amendment to promote location privacy. We’ve got to rally together to pass these privacy protections, especially the Franken-Paul Amendment.
  2. Stop attempts to remove the privacy protections. Some Senators are pushing an anti-privacy agenda that could undo months of effort. Senators John McCain and Kay Bailey Hutchison have put forth amendments to hand the reins of America’s cybersecurity systems to military intelligence agencies like the National Security Agency—the very agency responsible for the warrantless wiretapping program instituted under the Bush administration. They want to undo all the privacy protections we’ve won and turn the Cybersecurity Act of 2012 into another Big Brother Bill, just like CISPA in the House.
  3. Keep opposing the bill. We need to make it clear to Senators in every state Internet users everywhere oppose this bill. It’s dangerous and it’s unnecessary.

How we can do it

Together, we’ve generated tens of thousands of emails against this bill. But now it’s too late for emails.

Phone calls.

We need to generate thousands of calls.  The American Library Association has an awesome tool that will call your phone for you, give you talking points, and connect you to your Senators. Visit ALA now.

Twitter.

When we launched out Congressional Twitter Handle Detection Tool to fight CISPA, the results were extraordinary. Now we’re bringing it back for then newest fight in the cybersecurity debate. Tweet at your Senator now.

See cyberspying.eff.org for the latest alerts!

Spread the word. 

We need to get the word out to as many people as possible. Will you share this page?
Twitter | Facebook | Identi.ca | G+ |
This is our last chance to stop them. Join EFF, the American Library Association, Fight for the Future, Demand Progress and others in calling on the Senate to stand up for privacy. Tell your Senators to support the Franken-Paul Amendment and other amendments to support privacy, reject anti-privacy proposals, and oppose the Cybersecurity Act as a whole.

Under CISPA, Google, Facebook, Twitter, Microsoft, others can't promise to protect your privacy

Major technology and Web companies — not limited to Google, Facebook, Twitter and Microsoft — will not be allowed to promise to protect users' privacy should CISPA pass Congress.
capdometwi7610x430-620x366
CISPA will soon be voted on in the coming few weeks.
For those out of the loop, CISPA will allow private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify this so-called "threat information", and to then share that information with each other and the US government — without the need for a court-ordered warrant.
Under a new amendment voted on earlier today in the U.S. House [PDF], U.S. companies would have been able to keep their privacy policies intact and their promises valid, including terms of service, legally enforceable in the future.

Read this

What is CISPA, and what does it mean for you? FAQ
What is CISPA, and what does it mean for you? FAQ
But the Republicans narrowly failed to get it through by a 5-8 vote to reject the amendment.
According to CNET's Declan McCullagh, Rep. Pete Sessions (R-TX), who chairs the House Rules Committee, urged his colleagues to reject the amendment. And they did. All Republican members of the committee voted against, despite a unanimous show of support from the Democratic membership.
It would have allowed companies to make promises to their customers not to voluntarily share their data with other private firms or the U.S. government under the law, which would have been legally valid and enforceable in court.
It means that those who signed up to services under the explicit terms that data would not be shared — with perhaps the exception of the U.S. government if a valid court order or subpoena is served — would no longer have such rights going forward.
The amendment would have weakened CISPA's position. Now it gives these private firms watertight legal immunity under CISPA to share their customer and user data with other firms and the U.S. government, by being "completely exonerated from any risk of liability," according to Rep. Jared Polis (D-CO) speaking to our sister site CNET.
This gives private sector firms the right to hand over private user data, while circumventing existing privacy laws, such as emails, text messages, and cloud-stored documents and files, with the U.S. government and its law enforcement and intelligence agencies.
Today, the White House throwed its weight behind a threat that would see CISPA, known as its full title as the Cyber Intelligence Sharing and Protection Act, vetoed by President Obama should it pass his desk.
A vote on CISPA will go ahead on the House floor either on April 17 or April 18.

Like Us Anonops Anonimo


Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by http://www.thepiratesoft.org/ | Bloggerized by Lasantha - Premium Blogger Themes | Hack