wiredmikey writes "Telecommunications giants Verizon and AT&T both announced (separately) this week that they would join a growing list of tech and telecom sector companies in publishing a 'transparency report' about demands for information from law enforcement agencies. Verizon said the first report would come in early 2014, with updates being published semi-annually. AT&T said it would also release a semiannual report starting in early 2014 with information 'to the extent permitted by laws and regulations.' The transparency reports will include things such as the total number of law enforcement agency requests in criminal cases, subpoenas, court orders and warrants. However, telecom and tech firms are still barred from releasing data on national security requests from the FBI and U.S. intelligence services."

Trailrunner7 writes "The challenge to the NSA's domestic surveillance program filed with the Supreme Court by the Electronic Privacy Information Center ended Monday, with the court refusing to consider the challenge at all. EPIC had filed the challenge directly with the Supreme Court rather than going through the lower courts. EPIC, a non-profit organization involved in privacy policy matters, had asked the court to vacate an order from a judge in the Foreign Surveillance Intelligence Court that had enabled the NSA's collection of hundreds of millions of Verizon call records under the so-called metadata collection program. The challenge hinged on the idea that the FISC had gone outside of its authority in granting the order."

Dega704 sends this story from Ars: "A Senate bill called the 'Consumer Choice in Online Video Act' (PDF) takes aim at many of the tactics Internet service providers can use to overcharge customers and degrade the quality of rival online video services. Submitted yesterday by U.S. Sen. Jay Rockefeller (D-WV), the 63-page bill provides a comprehensive look at the potential ways in which ISPs can limit consumer choice, and it boots the Federal Communications Commission's power to prevent bad outcomes. 'It shall be unlawful for a designated Internet service provider to engage in unfair methods of competition or unfair or deceptive acts or practices, the purpose or effect of which are to hinder significantly or to prevent an online video distributor from providing video programming to a consumer,' the bill states. A little more specifically, it would be illegal to 'block, degrade, or otherwise impair any content provided by an online video distributor' or 'provide benefits in the transmission of the video content of any company affiliated with the Internet service provider through specialized services or other means.' Those provisions overlap a bit with the FCC's authority under its own net neutrality law, the Open Internet Order, which already prevents the blockage of websites and services. However, Verizon is in court attempting to kill that law, and there is a real possibility that it could be limited in some way. The Consumer Choice in Online Video Act could provide a hedge against that possible outcome."

Nerval's Lobster writes "Google is still the tech company that spends most lavishly to make its influence known in Washington, D.C., according to a report analyzing the lobbying activity of technology firms. Using data from disclosure forms filed with the Clerk of the House of Representatives, the oversight group Consumer Watchdog added up the efforts of tech-company representatives to get in front of lawmakers and state their employers' case. Facebook's spending on lobbying rose 47 percent between 2012 and 2013, from $980,000 during the third quarter of 2012 to 1.4 million during 2013. Microsoft also boosted its spending by 20 percent, from $1.9 million in 2012 to $2.2 million during the third quarter of this year. Google cut its spending on lobbyists, but still spent $3.4 million during the third quarter – three times what Facebook spent during the same quarter. Apple's lobbying efforts shot up 111 percent between the third quarter of 2012 and 2013, but still amounted to only $970,000 this year. Cisco Systems spent $890,000; IBM spent $1.18 million; Intel spent $980,000 and Oracle spent $1.36 million. Though telecommunications firms are in a separate category, Google still outspent Verizon (down 2 percent, to $3.04 million) and Verizon Wireless (up 19 percent, to $1.2 million). It was trumped by AT&T (up 23 percent, to $4.3 million)."

Trailrunner7 writes "A security researcher discovered a simple vulnerability in Verizon Wireless's Web-based customer portal that enabled anyone who knows a subscriber's phone number to download that user's SMS message history, including the numbers of the people he communicated with. The vulnerability, which has been resolved now, resulted from a failure of the Verizon Web app to check that a number entered into the app actually belonged to the user who was entering it. After entering the number, a user could then download a spreadsheet file of the SMS activity on a target account. Cody Collier, the researcher who discovered the vulnerability, said he decided right away to report it to Verizon because he is a Verizon customer and didn't want others to have access to his account information. 'I am a Verizon Wireless customer myself, so upon finding this, I immediately looked for a way to contact Verizon. I wouldn't want my account information to exposed in such way,' Collier said via email."

Nerval's Lobster writes "The U.S. Army Research Laboratory has awarded as much as $48 million to researchers trying to build computer-security systems that can identify even the most subtle human-exploit attacks and respond without human intervention. The more difficult part of the research will be to develop models of human behavior that allow security systems decide, accurately and on their own, whether actions by humans are part of an attack (whether the humans involved realize it or not). The Army Research Lab (ARL) announced Oct. 8 a grant of $23.2 million to fund a five-year cooperative effort among a team of researchers at Penn State University, the University of California, Davis, Univ. California, Riverside and Indiana University. The five-year program comes with the option to extend it to 10 years with the addition of another $25 million in funding. As part of the project, researchers will need to systematize the criteria and tools used for security analysis, making sure the code detects malicious intrusions rather than legitimate access, all while preserving enough data about any breach for later forensic analysis, according to Alexander Kott, associate director for science and technology at the U.S. Army Research Laboratory. Identifying whether the behavior of humans is malicious or not is difficult even for other humans, especially when it's not clear whether users who open a door to attackers knew what they were doing or, conversely, whether the "attackers" are perfectly legitimate and it's the security monitoring staff who are overreacting. Twenty-nine percent of attacks tracked in the April 23 2013 Verizon Data Breach Investigations Report could be traced to social-engineering or phishing tactics whose goal is to manipulate humans into giving attackers access to secured systems."

alphadogg writes "If you think your house has bad cellular coverage, Verizon Wireless has you beat: A small, windowless room high up in a San Francisco office building gets no service at all. That's not because carriers are neglecting the bustling South of Market business district where the room is located. Instead, it's because Verizon is paying so much attention to what's going on there. The room with zero bars is in the heart of the Verizon Innovation Center, where Verizon network and business experts help developers of new wireless devices and apps to turn their ideas into products."

Zott writes "The Boston Globe has a front-page story about Verizon's FiOS that recounts what many of us here in Boston and some surrounding urban areas know already: Verizon won't invest in the physical plant and actually offer the fiber optic Internet and TV service here in the 'hub of the universe.' This hasn't stopped Verizon from launching a new advertising campaign with Donnie Wahlberg (member of New Kids on the Block, actor, and well-known Boston native) standing in Copley Square and the Charlestown neighborhood touting the product. It goes even further, though — according to the Globe's article, '"This is New England, where people tell it straight," says Wahlberg... "No phonies, no fakers, no shortcuts."' Except for the shortcut in the fine print that's presumably in the ad somewhere: 'FiOS not available in all areas.'"

snydeq writes "InfoWorld's Bill Snyder writes of Verizon's diabolical plan to to charge websites for carrying their packets — a strategy that, if it wins out, will be the end of the Internet as we know it. 'Think of all the things that tick you off about cable TV. Along with brainless programming and crummy customer service, the very worst aspect of it is forced bundling. ... Now, imagine that the Internet worked that way. You'd hate it, of course. But that's the direction that Verizon, with the support of many wired and wireless carriers, would like to push the Web. That's not hypothetical. The country's No. 1 carrier is fighting in court to end the Federal Communications Commission's policy of Net neutrality, a move that would open the gates to a whole new — and wholly bad — economic model on the Web.'"

onehitwonder writes "The race to build out advanced cellphone networks in the U.S. has contributed to a spike in deaths among tower workers, making this one of the industry's deadliest years and drawing fresh scrutiny from federal regulators, according to The Wall Street Journal. At least 10 workers have died in falls from communication towers so far this year, and three more were seriously injured. The accidents, nine of which were related to cellphone network work, come during one of the biggest building booms in years, as Sprint Corp. and T-Mobile US Inc. ramp up major network upgrades in an attempt to catch up with Verizon Wireless and AT&T Inc."

cold fjord writes "The Telegraph reports, 'GCHQ has received at least £100 million from the U.S. to help fund intelligence gathering, raising questions over American influence on the British agencies. ... It also emerged that the intelligence agency wants the ability to "exploit any phone, anywhere, any time" and that some staff have raised concerns over the "morality and ethics" of their operational work. ... The agency has faced claims it was handed intelligence on individuals from the US gained from the Prism programme that collected telephone and web records. However, it has been cleared of any wrongdoing or attempts to circumvent British law by the parliamentary intelligence and security committee, as well as by Mr Hague. The payments from the U.S. National Security Agency (NSA) are detailed in GCHQ's annual "investment portfolios", leaked by Mr Snowden to The Guardian. The NSA paid GCHQ £22.9million in 2009, £39.9million in 2010 and £34.7million in 2011/12. ...Another £15.5million went towards redevelopment projects at GCHQ's site in Bude, Cornwall, which intercepts communications from the transatlantic cables that carry internet traffic. ... A Cabinet Office spokesman said: "In a 60-year alliance it is entirely unsurprising that there are joint projects in which resources and expertise are pooled, but the benefits flow in both directions."'" dryriver also wrote in with news that several telecoms are collaborating with GHCQ (BT, Vodafone, and Verizon at least). From the article: "GCHQ has the ability to tap cables carrying both internet data and phone calls. By last year GCHQ was handling 600m 'telephone events' each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time. ... Documents seen by the Guardian suggest some telecoms companies allowed GCHQ to access cables which they did not themselves own or operate, but only operated a landing station for. Such practices could raise alarm among other cable providers who do not co-operate with GCHQ programmes that their facilities are being used by the intelligence agency."

Bennett Haselton writes "How did a $400-billion company ship millions of units of a phone with a calendar app that displays the wrong date, a texting app that can't reply to group texts, a screen capture function that doesn't work, and a phone app that won't let me use the keypad unless the speakerphone is on? The answer, perhaps, suggests deeper questions about why market forces fix certain problems but not others, and what to do about it." Read on for the rest of Bennett's thoughts.

dryriver writes with news of the latest document release on NSA spying programs. Quoting The Guardian: "A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats, social media activities and the internet browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its 'widest-reaching' system for developing intelligence from the Internet. The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight. The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10. 'I, sitting at my desk,' said Snowden, could 'wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.' U.S. officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: 'He's lying. It's impossible for him to do what he was saying he could do.'" The slides in question. Looks like it was Mike Rogers that was lying and not Snowden. So much for the NSA's attempt at quieting public fear by releasing information on the Verizon phone data collection program before Congressional hearings today.

sl4shd0rk writes "Federal Judge William Pauley has dismissed an Obama Administration request to delay a hearing on Verizon/NSA data sifting. The ACLU has argued that the sifting is not authorized by statute and even if it were it would still be unconstitutional. The Obama Administration requested the delay on the grounds it needed more time to search through its classified material to determine what was suitable for disclosure." See also the case docket. Motions must be filed by August 26th, and oral arguments begin on November 1st.

New submitter Anita Hunt (lissnup) writes "This snooping hack-in-a-backpack could become a hot Summer accessory, since Reuters reported that 'researchers at iSec hacked into a Verizon network extender, which anyone can buy online, and turned it into a cell phone tower (video interview) small enough to fit inside a backpack capable of capturing and intercepting all calls, text messages and data sent by mobile devices within range.'"

transporter_ii writes "So what does it cost the government to snoop on us? Paid for by U.S. tax dollars, and with little scrutiny, surveillance fees charged by phone companies can vary wildly. For example, AT&T, imposes a $325 'activation fee' for each wiretap and $10 a day to maintain it. Smaller carriers Cricket and U.S. Cellular charge only about $250 per wiretap. But snoop on a Verizon customer? That costs the government $775 for the first month and $500 each month after that, according to industry disclosures made last year to Congressman Edward Markey."

An anonymous reader writes "The LA Times mentions that after visiting well known sites such as ADP, Verizon Wireless, Scottrade, Geico, Equifax, PayPal and Allstate, sensitive data remains in the browser disk cache despite those sites using SSL. This included full credit reports, prescription history, payroll statements, partial SSNs, credit card statements, and canceled checks. Web servers are supposed to send a Cache-Control: no-store header to prevent this, but many of the sites are sending non-standard headers recognized only by Internet Explorer, and others are sending no cache headers at all. While browsers were once cautious about writing content received over SSL to the disk cache, today, most do so by default unless the server specifies otherwise."

An anonymous reader writes "At a hearing today before the Senate Judiciary Committee, FBI director Robert Mueller confirmed the agency is using unmanned drones for surveillance within the U.S. Senator Chuck Grassley asked, 'Does the FBI own or currently use drones and for what purpose?' Mueller replied, 'Yes, for surveillance.' Grassley then asked, 'Does the FBI use drones for surveillance on U.S. soil?' Mueller said, 'Yes, in a very, very minimal way, and seldom.' With regard to restricting the use of drones to protect citizens' privacy, Mueller said, 'It is still in nascent stages but it is worthy of debate and legislation down the road.' According to article, 'Dianne Feinstein, who is also chair of the Senate intelligence committee, said the issue of drones worried her far more than telephone and internet surveillance, which she believes are subject to sufficient legal oversight.'"

Rick Zeman writes "'Confidentiality is critical to national security.' So wrote the Justice Department in concealing the NSA's role in two wiretap cases. However, now that the NSA is under the gun, it's apparently not so critical, according to New York attorney Joshua Dratel: 'National security is about keeping illegal conduct concealed from the American public until you're forced to justify it because someone ratted you out.' The first he heard of the NSA's role in his client's case was 'when [FBI deputy director Sean] Joyce disclosed it on CSPAN to argue for the effectiveness of the NSA's spying.' Dratel challenged the legality of the spying in 2011, and asked a federal judge to order the government to produce the wiretap application the FBI gave the secretive Foreign Intelligence Surveillance Court to justify the surveillance. 'Disclosure of the FISA applications to defense counsel – who possess the requisite security clearance – is also necessary to an accurate determination of the legality of the FISA surveillance, as otherwise the defense will be completely in the dark with respect to the basis for the FISA surveillance,' wrote Dratel. According to Wired, 'The government fought the request in a 60-page reply brief (PDF), much of it redacted as classified in the public docket. The Justice Department argued that the defendants had no right to see any of the filings from the secret court, and instead the judge could review the filings alone in chambers."

colinneagle writes "A recent GigaOm report discusses Verizon's 'peering' practices, which involves the exchange of traffic between two bandwidth providers. When peering with bandwidth provider Cogent starts to reach capacity, Verizon reportedly isn't adding any ports to meet the demand, Cogent CEO Dave Schaffer told GigaOm. 'They are allowing the peer connections to degrade,' Schaffer said. 'Today some of the ports are at 100 percent capacity.' Why would Verizon intentionally disrupt Netflix video streaming for its customers? One possible reason is that Verizon owns a 50% stake in Redbox, the video rental service that contributed to the demise of Blockbuster (and more recently, a direct competitor to Netflix in online streaming). If anything threatens the future of Redbox, whose business model requires customers to visit its vending machines to rent and return DVDs, it's Netflix's instant streaming service, which delivers the same content directly to their screens."