Tuesday, December 18, 2012

Tuesday 12-18-12

One of the good things about being poor is that i wont have this problem.  lol 

Smart TVs can spy on their owners

Viewers, beware: while you’re watching TV, your TV might be watching you back. A security firm discovered that Samsung’s Smart TV can give hackers access to the device’s built-in camera and microphones, allowing them to watch everything you do.


The Malta-based firm ReVuln posted a video showing its team of researchers hacking into one of the Samsung TVs and accessing its settings, channel lists, widgets, USB drives, and remote control configurations. The security flaw allows hackers to access any and all personal data stored on the TV.

“We can install malicious software to gain complete root access to the TV,” the video writes.

With this access, hackers can use the Smart TVs built-in camera and microphones to see and hear everything in front of it. Instead of just watching TV, viewers could themselves be watched without knowing it.

But this flaw isn’t present in just one specific model. The vulnerability affects all 11 Samsung televisions of the latest generation. The Smart TVs have many of the same features as a computer, but lack the same kind of protection. The devices do not have security features such as firewalls and antivirus software.

Fortunately for concerned viewers, the problem has a silver lining: hackers must first breach the network that the television is connected to, as well as know the IP address of the device. As a result, security breaches would likely only occur as a targeted attack against an individual, rather than randomly. Unlike an Internet virus, a hacker would have to exploit the network manually.

Luigi Auriemma, co-founder of ReVuln, told NBC News that the main concern with this possibility is that hackers could target specific companies or individuals whose businesses they have an interest in.

“In our opinion, it’s more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet,” Auriemma wrote in a statement for NBC. “That’s interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices.”

A hacker must be connected to the local network in order to access the Smart TV – so keeping wifi passwords secure is very important. Those with stalkers or valuable data on their device may want to be particularly cautious.

“Consider that little kid next door that’s good with computers,” said Travis Carelock, content director and research technologist at Black Hat.

“We’re moving into a whole different world,” said Trey Ford, general manager of the group. “Growing up, you and I didn’t have a wirelessly connected camera pointing at the couch.”

Viewers who have any of the plasma 8000 series, the 7500 LED LCD series, the 8000 LED LCD series or the 9000 LED LCD series might want to make sure to keep personal data off their TVs and be careful about what they say or do in the device’s presence.

Even though chances might be slim that the average viewer will have his or her Smart TV hacked into, the capability of technology to watch its viewers is a chilling glimpse into a more high-tech future.

“That’s what will make this a whole lot more fun in the future,” Ford said.

Samsung said it is launching an investigation to look into the security flaw.
http://rt.'com/usa/news/smart-tv-security-access-092/

The "new" J. edgar Hoover, Eric Holder? 

 Attorney General Secretly Granted Gov. Ability to Develop and Store Dossiers on Innocent Americans
  In a secret government agreement granted without approval or debate from lawmakers, the U.S. attorney general recently gave the National Counterterrorism Center sweeping new powers to store dossiers on U.S. citizens, even if they are not suspected of a crime, according to a news report.Earlier this year, Attorney General Eric Holder granted the center the ability to copy entire government databases holding information on flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and other data, and to store it for up to five years, even without suspicion that someone in the database has committed a crime, according to the Wall Street Journal, which broke the story.
Whereas previously the law prohibited the center from storing data compilations on U.S. citizens unless they were suspected of terrorist activity or were relevant to an ongoing terrorism investigation, the new powers give the center the ability to not only collect and store vast databases of information but also to trawl through and analyze it for suspicious patterns of behavior in order to uncover activity that could launch an investigation.
The changes granted by Holder would also allow databases containing information about U.S. citizens to be shared with foreign governments for their own analysis.
A former senior White House official told the Journal that the new changes were “breathtaking in scope.”
But counterterrorism officials tried to downplay the move by telling the Journal that the changes come with strict guidelines about how the data can be used.
“The guidelines provide rigorous oversight to protect the information that we have, for authorized and narrow purposes,” Alexander Joel, Civil Liberties Protection Officer for the Office of the Director of National Intelligence, told the paper.
The NCTC currently maintains the Terrorist Identities Datamart Environment database, or TIDE, which holds data on more than 500,000 identities suspected of terror activity or terrorism links, including friends and families of suspects, and is the basis for the FBI’s terrorist watchlist.
Under the new rules issued in March, the NCTC can now obtain almost any other government database that it claims is “reasonably believed” to contain “terrorism information.” This could conceivably include collections of financial forms submitted by people seeking federally backed mortgages or even the health records of anyone who sought mental or physical treatment at government-run hospitals, such as Veterans Administration facilities, the paper notes.
The Obama administration’s new rules come after previous surveillance proposals were struck down during the Bush administration, following widespread condemnation.
In 2002, the Pentagon’s Total Information Awareness program proposed to scrutinize both government and private databases, but public outrage killed the program in essence, though not in spirit. Although Congress de-funded the program in 2003, the NSA continued to collect and sift through immense amounts of data about who Americans spoke with, where they traveled and how they spent their money.
The Federal Privacy Act prohibits government agencies from sharing data for any purpose other than the reason for which the data was initially collected, in order to prevent the creation of dossiers, but agencies can do an end-run around this restriction by posting a notice in the Federal Register, providing justification for the data request. Such notices are rarely seen or contested, however.
The changes to the rules for the NCTC were sought in large part after authorities failed to catch Umar Farouk Abdulmutallab before he boarded a plane on Christmas Day in 2009 with explosives sewn into his underwear. Abdulmutallab wasn’t on the FBI watchlist, but the NCTC had received tips about him, and yet failed to search other government databases to connect dots that might have helped prevent him from boarding the plane.
As the NCTC tried to remedy that situation for later suspects, legal obstacles emerged, the Journal reports, since the center was only allowed to query federal databases for a specific name or a specific passenger list. “They couldn’t look through the databases trolling for general ‘patterns,’” the paper notes.
But the request to expand the center’s powers led to a heated debate at the White House and the Department of Homeland Security, with Mary Ellen Callahan, then-chief privacy officer for the Department of Homeland Security, leading the charge to defend civil liberties. Callahan argued that the new rules represented a “sea change” and that every interaction a citizen would have with the government in the future would be ruled by the underlying question, is that person a terrorist?
Callahan lost her battle, however, and subsequently left her job, though it’s not known if her struggle over the NCTC debate played a role in her decision to leave.

http://www.wired.com/threatlevel/2012/12/gov-dossiers-on-us-citizens/  

Does really surprise anyone, got to pay for the votes you bought, right?  

Obama Sandy aid bill filled with holiday goodies unrelated to storm damage

Vics suffer as $60B aid plan gets porked up

http://www.nypost.com/p/news/national/little_help_here_1kW6aQ8fElj4CKwbheEV0N

Maybe this should be labeled under the heading "a Blinding flash of the obvious"


http://smallestminority.blogspot.com/2012/12/this.html

No comments:

Post a Comment