Gag Order Gone, Secrets of a National Security Letter are Revealed | FRONTLINE

An interview with Nicholas Merrill who, after 11 years of court battles, can now discuss the National Security Letter that the FBI gagged him with.

There are ways to legally compel information, they’re called warrants. Instead we have a security state that’s run amok. Funny how we don’t have much safety to show for the trillions of dollars we taxpayers have poured into the national security apparatus.

For the first time in 11 years, Nicholas Merrill is allowed to fully reveal the contents of a letter that came hand-delivered to him from the FBI.

In 2004, Merrill, then the CEO of a New York-based web-hosting firm called Calyx, received a so-called national security letter. The letter asked for what Merrill described as a significant array of information from the company, but because of a gag order, he was legally barred from even speaking about it.

“It was not a warrant. It was not stamped or signed by a court or a judge,” Merrill told FRONTLINE in the 2014 film United States of Secrets. “It was this letter demanding this information from me. And it also told me that I could never tell anyone that I had gotten the letter. It said that I could tell ‘no person.’”

Source: Gag Order Gone, Secrets of a National Security Letter are Revealed | FRONTLINE

Shady charity calling from 980-242-3241

I just got a mystery phone call from 980-242-3241, a number allegedly located in Charlotte, NC. A quick Google search shows that it is apparently a fake charity scam, asking for donations for breast cancer research. Comments on the 800Notes.com website indicate that the caller is rude and unprofessional.

If you get a call from these folks simply hang up. Don’t get scammed by an unsolicited phone call.

Dependent Verification Services are still a bad idea

If there’s one thing the handful of longtime MT.Net readers know it’s that there’s never been a dead horse that I didn’t love to beat! In this case, I’m returning again to the topic of dependent verification services such as those offered by AON Hewitt. My employer is changing health plans and as a part of the transition employees are being asked to go through the dependent verification process.

This is my second go-round with this process and it makes as little sense the second time around as it did the first. The verification firms tout fraud rates of up to 15% as justification for employers to hire the firm. Some research I’ve found online suggests that verification process costs the employer about $21 per employee.

Employers take note: the cost to your employees should also taken to account. The verification process is an anxiety-ridden exercise that does not engender trust in one’s employer. Under threat of terminating their health benefits, you are asking your employees to gather their sensitive and confidential personal documents and scan, fax, or mail them to a third party: the verification service.
Continue reading →

Spammers are targeting Facebook photo albums

Facebook photo spam

Over the past few days I’ve noticed ads inserted into my Facebook feed. Of course, “Sponsored Ads” are nothing new, but these new ads appear as photographs in which one of my Facebook friends has been tagged by one of their friends. The photos are added as a new photo album to the unsuspecting Facebook user’s album set. Then a number of photos are tagged with that user’s friends. Each of the user’s friends are tagged in the very same spot in the photograph, which should be a good clue to Facebook that the photo is suspicious.
Continue reading →

The Jet fuel; How hot did it heat the World Trade Center?

The Federal Emergency Management Agency (FEMA) report into collapse of the WTC towers, estimates that about 3,500 gallons of jet fuel burnt within each of the towers. Imagine that this entire quantity of jet fuel was injected into just one floor of the World Trade Center, that the jet fuel burnt with perfect efficency, that no hot gases left this floor, that no heat escaped this floor by conduction and that the steel and concrete had an unlimited amount of time to absorb all the heat. With these ideal assumptions we calculate the maximum temperature that this one floor could have reached.

“The Boeing 767 is capable of carrying up to 23,980 gallons of fuel and it is estimated that, at the time of impact, each aircraft had approximately 10,000 gallons of unused fuel on board (compiled from Government sources).”

Quote from the FEMA report into the collapse of WTC’s One and Two (Chapter Two).

Since the aircraft were only flying from Boston to Los Angeles, they would have been nowhere near fully fueled on takeoff (the aircraft have a maximum range of 7,600 miles). They would have carried just enough fuel for the trip together with some safety factor. Remember, that carrying excess fuel means higher fuel bills and less paying passengers. The aircraft would have also burnt some fuel between Boston and New York.

“If one assumes that approximately 3,000 gallons of fuel were consumed in the initial fireballs, then the remainder either escaped the impact floors in the manners described above or was consumed by the fire on the impact floors. If half flowed away, then 3,500 gallons remained on the impact floors to be consumed in the fires that followed.”

Continue reading →

Alexander: Do those new chip-based credit and debit cards need protection? – StarTribune.com

I was chatting with the cashier supervisor at the local Large Mart, asking if Large Mart would be going to the new, chip-based credit cards.

“Yeah, we’re going to get those within the next few weeks,” he said.

I nodded. “Well, I’ve been the victim of credit card fraud so many times that I welcome the extra security.”

“The new cards also have security problems,” the supervisor answered. “With the chip cards, thieves can read your cards while they’re in your wallet.”

That was news to me. The chip on my card is definitely a contact card, and any RFID-based credit card would be wide open to the world and truly offer zero security. Fortunately, banks aren’t using RFID, but Near-Field Communication (NFC), and only in some chips (i.e., not in the U.S. at this time). NFC has a range of 2-4 inches, which is about 1/12th the range of an RFID tag. Also, an NFC-capable device does encryption, while an RFID tag would only stupidly transmit static numbers.

So, tl;dr: current chip cards in the U.S. are contact-only, and NFC chips won’t be readable outside of your wallet. Bring on the chipped-card revolution, I say!

Q: Do the new EMV chip credit cards (named after the developers, Europay, MasterCard and Visa) require a protective cover so that they can’t be scanned by nearby thieves, just as RFID (radio frequency identification) cards do? Do other radio frequency ID cards, such as hotel key cards, pose a risk of identity theft?
Jan Sartee,
San Rafael, Calif.

A: There are two types of credit cards using EMV chip technology. One is read by a slot in a point-of-sale terminal; the other is read by holding the card near the sales terminal.

If your EMV card requires physical contact inside a reader, its transactions and account information can’t be scanned remotely by thieves. If it is a contactless card, there’s a chance it could be read by nearby spying equipment, although the credit card industry says that’s unlikely.

Source: Alexander: Do those new chip-based credit and debit cards need protection? – StarTribune.com

The Strange Saga of the MH370 Plane Part — NYMag

Speaking of MH-370, remember that Boeing 777 wing flapiron that washed ashore last month on Reunion Island? It turns out the ID plate on it is curiously missing, and the wing part appears to have been marinated somehow to artificially boost its barnacle growth.

This mystery gets stranger and stranger.

Tomorrow marks one month since a piece of a Boeing 777 washed up on the Indian Ocean island of La Réunion, but French investigators are no closer to confirming that the part came from missing Malaysia Airlines Flight 370. In fact, leaks from within the investigation suggest that the part might not have come from the plane at all.

Source: The Strange Saga of the MH370 Plane Part — NYMag

Malaysia Airlines MH-370

A few of my friends asked how we can so easily track mobile phones but a jumbo jet like Malaysia Airlines Flight 370 can disappear without a trace. First off, one of these is designed to transmit all the time, but aside from that difference it is a big ocean out there and it’s still possible to lose things in it.

I responded to my friends with this:

Radars don’t reach everywhere. Polar-orbiting satellites scan the globe but are not always around. Mobile phones have a hard enough time connecting to a tower when turned on in a plane at the terminal. Over the ocean? Forget it.

Continue reading →

Anchorage and crime

Knowing the number of tourists that must pass through here, I was hopeful that Anchorage’s downtown would be a welcoming place.

I was wrong. I never felt fully safe when we were there, always having my street-smarts kick in to move us along whenever danger seemed to show up. There were a some guys here and there who seemed to be sizing us up as we walked by, causing me to walk us a bit faster. Suddenly, carrying that gift shop bag through downtown didn’t seem so smart.

One evening we parked downtown and headed over to see the “Aurora” showing at the Anchorage Center for the Performing Arts. I overheard the usher there chatting with another tourist.

“Anchorage has a great downtown,” he said without much conviction. “Sure, it has it’s problems …,” he continued, never finishing his thought.
Continue reading →

This Hacker’s Tiny Device Unlocks Cars And Opens Garages | WIRED

Remember two years ago when I was captivated by a mystery device thieves were using to open car doors? This $32 device might just be it.

Thus, all the neighbors who have been claiming stuff was stolen from their cars when they knew their doors had been locked may be telling the truth.

At the hacker conference DefCon in Las Vegas tomorrow, Kamkar plans to present the details of a gadget he’s developed called “RollJam.” The $32 radio device, smaller than a cell phone, is designed to defeat the “rolling codes” security used in not only most modern cars and trucks’ keyless entry systems, but also in their alarm systems and in modern garage door openers. The technique, long understood but easier than ever to pull off with Kamkar’s attack, lets an intruder break into cars without a trace, turn off their alarms and effortlessly access garages.

Source: This Hacker’s Tiny Device Unlocks Cars And Opens Garages | WIRED

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31