American Police Refused To Hand Over Hackers To France

While the American government requires that UK citizens are dragged into one of their courts to face sixty-year sentences, it looks like it is not even reluctant to hand over one of its own hackers over to a more sensible French court.

The US cyclist Floyd Landis had a go at cracking the PCs of the anti-doping lab that found him cheating during Tour de France 6 years ago. He was charged by the court in Paris, which heard how he and his former coach refused to show up in court. In addition, they both were helped by the government of the United States that refused to co-operate against the US hackers.

It turned out that Landis was similar to a UK hacker looking for UFOs or an Australian who published secret tapes of the US helicopter pilots who laughed as they gun down Reuters journalists. Anyway, the authorities seem to be reluctant to hand over American sporting heroes when they do the same sort of thing.

In fact, the French did have enough evidence to convict both Landis and Baker after a Trojan horse spy program was used 6 years ago to poke into the lab's servers to extract data about Landis' file, several months after he tested positive. After this, Landis admitted that he took drugs in his career. Meanwhile, the police explained that they couldn’t turn up who exactly ordered the hacking, thanks to the American authorities sitting on their hands. The data received during the hack was later used in an unsuccessful appeal to sports authorities. It was supposed to prove that Landis was clean and that the lab work was actually faulty. The court decided that Landis' role was limited to the knowledge that he had about the fraudulent origin of the laboratory data used by him and his defense team. The court also ruled that Landis knew that these lab results were really accurate, because he would admit 4 years later that he had taken drugs since 2002.

While Landis didn’t comment the trial, Baker insisted that the charges weren’t true. He said that he had nothing to do with any hacking and as far as he knew, the lab papers he received while serving as an expert consultant to the legal team were received in a legal way. He believes that everything is part of a plot to protect the laboratory, which appears to be a national French institution. As a result, they were both given a year's suspended sentences, which means that there’s probably nothing to worry about unless they ever commit another crime in this country again.

Court Demanded To Decrypt Password

In the 21st century, the talk is again about the Fifth Amendment! Some individual is alleged of a mortgage scam, which is not the rare case, but it can prove a test case to see whether it’s unconstitutional for the American government to punish people for refusing to disclose their encryption codes.

According to media reports, the US government has a federal judge to order the accused individual (a woman), Ramona Fricosu, to decrypt her encrypted laptop after she refused the authorities to do so. But it still has to be decided if such a request breaks the American Constitution's Fifth Amendment, which, as you remember, allows citizens to remain silent if they are charged.

The attorney of the suspected woman, Philip Dubois, argued that defendants cannot be constitutionally obligated to help the authorities interpret their files. In response, the American Justice Department insists that the court order is actually a simple extension of a long-standing ability of prosecutors to gather data that could become evidence at the trial.

In case Ramona Fricosu fails to compel, she amounts to a concession that criminals get an easy way out of prosecution – they can simply encrypt all their files and the police won’t be able to access them and collect evidence. Of course, the authorities don’t want this, so the government insists that the accused woman will be allowed to type her passwords in and unlock the encrypted files, and there will be nobody looking over her shoulder to see the passwords themselves. All the authorities wanted was the decrypted information, and they stressed that they didn’t require the woman to provide the password to the laptop – neither orally nor in written form.

The case attracted the attention of many civil rights groups, many of which are saying that the US citizens cannot be demanded to give any compelled testimonial communications. So, the rights groups wanted the legal shield of the Fifth Amendment to cover encryption passwords as well. The EFF (Electronic Frontier Foundation) also insisted that the Justice Department's request should have been rejected, because the Fifth Amendment reads that no person can be forced to be a witness against himself in any criminal case.

UK Will Enforce Internet Filtering

Blocking access to websites has been widely discussed in the United States with the PROTECT IP act first proposed this past spring. However, with the Senate approving the legislation, it turned out that the US isn’t the only country discussing the possibility of filtering the web.

Some leaked document, labeled “confidential”, has been posted on Open Rights Group website. The document in question details a proposal by the entertainment industry to pressure UK broadband providers to take part in a voluntary website blocking agreement. Such system is described as an approach to preventing access to online services which are focused upon copyright violation.

Meanwhile, for the public there are many reasons to be concerned, the main one being that the proposal is being discussed behind closed doors. In fact, this is the same as when pro-copyright outfits were trying to push for many controversial provisions in ACTA. This time, everything is being planned behind closed doors as well. However, when Wikileaks published the documents relating to ACTA back in 2008, it caused a major outcry from the public and human rights groups, and the same is expected now with the filtering proposal.

Indeed, according to the leaked document, “voluntary” Great Firewall of Britain will be just the same. Criticisms of the current proposal are all the same as well: was the system so bad that the industry decided to hide it from the public?

In addition, there are more reasons to be concerned. For example, the document, whilst mentioning evidence gathering, “prior warning and liberty”, also notes a turn-around time which is quick enough for “live events”, as well as a balance between swift action and evidence. Anyway, it’s hard to imagine a technical solution enabling Internet service providers to enforce an effective block within the time scale of a “live event”, regardless of the time it takes a court to act.

The Open Rights Group was the first to express concern for this policy, saying that it sets out a dangerous voluntary scheme involving so-called “expedited court procedures” as well as a “balance” between evidence and speed of action. Meanwhile, definitions of which content should be blocked are quite scarce, and there are no references to exactly how filtering would work. In the end, everyone understands that ISPs won’t be able to really prevent Internet users from accessing blocked services, since all it really takes to access them is the right proxy.

American Companies Will Be Forced To Disclose Hacks

Following the well-known recent Sony affair, American companies will be demanded to disclose if they’ve been hacked. That’s the essence of the new legislation currently drafted in Congress.

The idea for new legislation has been suggested by Mary Bono Mack, a Republican from California. All Mary Bono Mack wants is to see companies demanded to provide a basic level of protection for their customers' personal data, and if they fail it, they have to notify the government of the problem.

After Mack had held hearings on data leaks at Sony and Epsilon, a bill was promised to be brought in, specifically designed to protect user personal data. Now, if the proposed legislation gets the votes, it will force US businesses to protect their own consumers by at least requiring reasonable security policies and procedures able to protect information containing personal data. But the most interesting part is that the new law will provide for nationwide notice in case of a hack.

The bill is already circulating through the government. For example, the National Journal has revealed that the Commerce, Manufacturing, and Trade Subcommittee of the House Energy and Commerce Committee has scheduled a hearing for tomorrow to discuss the proposal.

Mary Bono Mack is reported to have had an aggressive timetable for pushing the draft through subcommittee and full committee. The reason for the rush is that punters can’t wait and want something done right now.

According to the new legislation, all companies in the United States would be demanded to erase old or unnecessary information. They would also be required to notify the government no later than 2 days after discovering a data loss. This part of the legislation is supposed to prevent wide-spread situations where outdated databases without protection were still kept on the company network, becoming a soft target for intruders.

However, the bill specifies that the companies wouldn’t have to tell about the breach if it’s "an accident". That promises to be quite interesting to see if the companies try and use this clause as a reason for not publicizing their failures. Finally, the law would provide the FTC with the authority over information protection at non-commercial organizations like universities and charities.

Sony Criticized For Lack Of Cybersecurity

The recent hack at Sony has left customers angry and security experts wondering why the company didn’t make basic fixes to its stricken cybersecurity program.

Late last week the hackers managed to compromise a massive amount of users’ personal data from Sony Pictures’ site using a simple technique. Security experts pointed out that the leak indicated how poorly Sony protected its users’ information: its security was bypassed by a simple attack method. The experts say that any website worth its salt should be able to withstand attacks of this kind. Considering that Lulz Security effortlessly managed to steal a massive amount of personal data of over 1,000,000 Sony users, the hackers must be lining up to give Sony a kicking.

Meanwhile, Sony CEO acknowledged the latest intrusion last Friday, claiming that the company had taken steps to protect against further security breaches. In addition, Sony was reported to retain a team of experts tasked to conduct the forensic analysis of the attack. However, Sony didn’t detail what specific action was taken to prevent future intrusion.

Lulz Security uploaded the stolen data to The Pirate Bay to prove that Sony stored its users’ passwords in a simple text file, which can only be called “disgraceful and insecure”.

Affected users blame Sony for allowing the intruders compromise their personal data, saying that such attitude showed little respect to the customers. Moreover, the company even failed to notify the users about the breach, which occurred several days ago.

Experts of the Cyber Consequences Unit of the United States, a research group engaged in monitoring online threats, were emphatic when asked whether people’s passwords could be stored unencrypted: they simply replied: “Never”. Passwords should always be hashed, so the companies should use some kind of encryption. U.S. Cyber Consequences Unit’s experts, who have been critical of the company’s security earlier, claimed that it needed to revise the methods used to safeguard the users’ personal information. Both Sony customers and security experts recommend the company to press the reset button on their cybersecurity program before another breach happens.

Forge Partnerships, US Urges

Manila, Philippines — As the nuclear-powered USS George Washington (CVN 73) arrived in Manila on Saturday, the United States underscored the need for all countries to work together and forge partnerships, saying “misunderstanding” is now the biggest threat in the region.

At the same time, amid recent developments at the South China Sea, an American commander emphasized the right of every country to access international waters as he said that prior to USS GW’s coming to Manila after they left Singapore where the warship also made a similar visit, they “operated up and down the South China Sea.”

Capt. David Lausman, USS GW’s commanding officer, however, emphasized they were operating peacefully “in international waters.”

Lausman also said that with US State Department Secretary Hillary Clinton’s remarks made last month that the US had a “national interest” in seeing the territorial disputes over the South China Sea resolved through a "collaborative diplomatic process by all claimants,"

“First of all, all international waters are of prime interest to our country and I would say they're an interest of your country too. We have a very rich culture, in dependence to a very stable maritime environment that we all live on,” said Lausman.

He added the United States “has had a long commitment to the Western Pacific” and it’s no secret that its warships, USS Midway, the Independence, the Kitty Hawk, and now the George Washington have been permanently forward deployed with all of their families in Yukosoka, Japan.

“As such this is a very close area for us, we spend about a 180 days a year at sea so it makes very good sense that we operate in the areas close to our home port, again the South China Sea area, up and down the Pacific,” he added.

Amid all these, Lausman said the biggest security challenge in the region now “is that we all need to work together, we learn from each other, just like when you meet a new neighbor in your neighborhood. The more you know each other, the more relaxed you are, the more you understand, and there's no misunderstanding.”

Lausman said that it is due to lack of communications and misunderstandings that tensions can build. And this misunderstanding, he said, is now the biggest threat in the region.

“We all want to work together. The fact that all our countries have partnerships, because our main goal is to keep the entire Pacific stable and free of terrorists, free from stress, and we can do that by understanding each other,” said Lausman.

“Again, the waters are great, the international waters, they belong to nobody and yet they belong to everybody,” he further stated.

The US warship’s visit comes amid escalating tensions over a territorial dispute in the South China Sea as China recently adopted a harder line on its claims to the area and with the United States getting into the debate.

China, Philippines, Vietnam, Taiwan, Brunei and Malaysia have their respective claims in South China Sea's more than 200 mostly-uninhabited small islands.

Last month, the USS Blue Ridge also made a port call to Manila. 30% Filipinos

Lausman told reporters who were given a tour of the warship, its visit also serves as a “homecoming” to its Filipino sailors, who comprise about 30 percent of the crewmembers.

“As you know from last year, about 30 percent of the crew have direct ties to the Philippines either through aunts, uncles, brothers, sisters, fathers, mothers, great uncles, great grandmothers, etc. and this is really a homecoming of families and cultures, because they are waiting to come back to their homes as well,” Lausman said, noting that during their last port call in Manila in August, 2009, “there was a lot of unique family reunions” and there are some again this year.

When asked how he would rate the Filipinos sailors’ performance onboard, Lausman responded, “We are glad that we have Filipinos on the ship” as he pointed to a group of them on formation behind him during the press briefing.

U