India Rolls Out Central Monitoring System To Snoop On All Communications
hypnosec tipped us to news that India is rolling out a new intrusive monitoring system, using the authority of a 2000 telecom law. Quoting The Times of India: "However, Pavan Duggal, a Supreme Court advocate specialising in cyberlaw, said the government has given itself unprecedented powers to monitor private Internet records of citizens. 'This system is capable of abuse,' he said. The Central Monitoring System, being set up by the Centre for Development of Telematics, plugs into telecom gear and gives central and state investigative agencies a single point of access to call records, text messages, and emails as well as the geographical location of individuals." Privacy advocates are worried about abuse, partially because India has no effective privacy legislation, and the "...Indian government under PM Manmohan Singh has taken an increasingly uncompromising stance when it comes to online freedoms, with the stated aim usually to preserve social order and national security or fight 'harmful' ...
Bruce Schneier: Why Collecting More Data Doesn't Increase Safety
Jeremiah Cornelius writes "Bruce Schneier, security expert (and rational voice in the wilderness), explains in an editorial on CNN why 'Connecting the Dots' is a 'Hindsight Bias.' In heeding calls to increase the amount of surveillance data gathered and shared, agencies like the FBI have impaired their ability to discover actual threats, while guaranteeing erosion of personal and civil freedom. 'Piling more data onto the mix makes it harder, not easier. The best way to think of it is a needle-in-a-haystack problem; the last thing you want to do is increase the amount of hay you have to search through. The television show Person of Interest is fiction, not fact.'"
Cyber Vulnerabilities Found In Navy's Newest Warship
An anonymous reader writes with some potentially troubling news about some security issues with the Navy's newest class of coastal warships."A Navy team of computer hacking experts found some deficiencies when assigned to try to penetrate the network of the USS Freedom, the lead vessel in the $37 billion Littoral Combat Ship program, said the official, who spoke on condition of anonymity. The Freedom arrived in Singapore last week for an eight-month stay, which its builder, Lockheed Martin Corp., hopes will stimulate Asian demand for the fast, agile and stealthy ships. 'We do these types of inspections across the fleet to find individual vulnerabilities, as well as fleet-wide trends,' said the official."
The Activists Who Bring Security To the Oppressed
msm1267 writes "Tibetans inside China or in exile, along with Syrians, Iranians and other groups oppressed by autocratic regimes, rely on technology to communicate and organize protests. Yet state-sponsored attackers have infiltrated the devices and platforms used by the oppressed to put their freedom or lives in danger. Groups such as Tibet in Action or Citizen Lab Munk School of Global Affairs have put together resources to help educate and enhance the security of oppressed people."
Longest Running Linux Distribution Slackware Adopts MariaDB
First time accepted submitter Gerardo Zamudio writes with the news that Ur-distribution Slackware is replacing MySQL with MariaDB. From an update posted to the Slackware news feed yesterday: "This shouldn't really be a surprise on any level. The poll on LQ showed a large majority of our users were in favor of the change. It's my belief that the MariaDB Foundation will do a better job with the code, be more responsive to security concerns, and be more willing to work with the open source community. And while I don't think there is currently any issue with MySQL's licensing of the community edition for commercial uses, several threads on LQ showed that there is confusion about this, whereas with MariaDB the freedom to use the software is quite clear." (Here's a link to the mentioned poll.)
Found more than 1 month ago on channel Slashdot