Latest From the Blog
ACLU To FTC: Force Wireless Carriers To Secure Their Customers’ Smartphones With Available Updates
Anyone who has had their Android smartphone infected with malware will be interested in following the ACLU’s new efforts to better secure your device.
The ACLU has filed a formal complaint with the Federal Trade Commission, asking the agency to force the four biggest mobile carriers (AT&T, Verizon Wireless, Sprint Nextel, and T-Mobile USA) to begin providing Google-released security updates to their Android users.
Presently, wireless carriers decide arbitrarily whether or not they’ll provide these security updates to their customers. The ACLU warns that “there is no legitimate software upgrade path” for the Android customer, beyond having it provided by the carrier. And without these important security patches, customers risk being hacked — their phones remotely hijacked, their personal and private data stolen, their money fleeced from their online bank accounts.
The ACLU’s Principal Technologist and Senior Policy Analyst, Christopher Soghoian, wrote in the document filed with the FTC:
All four of the major wireless carriers consistently fail to provide consumers with available security updates to repair known security vulnerabilities in the software operating on mobile devices. […]
The wireless carriers have failed to warn consumers that the smartphones sold to them are defective and that they are running vulnerable operating system and browser software. The delivery of software updates to consumers is not just an industry best practice, but is in fact a basic requirement for companies selling computing devices that they know will be used to store sensitive information, such as intimate photographs, e-mail, instant messages, and online banking credentials.
The ACLU contends that these failures “constitute deceptive and unfair business practices subject to review by the FTC under section 5 of The Federal Trade Commission Act.” If the carriers refuse to provide important security updates, the ACLU states, then the “FTC should at a minimum force them to provide device refunds to consumers and allow consumers to terminate their contracts without penalty so that they can switch to a provider who will.”
JUST HOW BIG IS THIS PROBLEM?
Google’s Android operating system accounts for 75% of the entire smartphone market. This overwhelming dominance has helped make it a prime target for ‘black-hat’ hackers, who exploit vulnerabilities for nefarious, often criminal, purposes. Security company Kaspersky revealed in its Security Bulletin 2012 that “99% of newly discovered mobile malicious programs target the Android platform.” The monthly discovery rate for Android malware has skyrocketed from 8 per month in January 2011 to 800 per month by year end 2011 to a staggering 6,300 per month by year end 2012.
And despite Android’s exploding malware epidemic, only 2% of all Android users have received the latest Google security update from their carriers. Most of them never will.
Ars Technica’s Casey Johnston investigated the roll-out of security updates by manufacturers and wireless carriers. Her article charts the time in months between Google’s update release against the date it was applied to each smartphone. Some phones, she discovered, “never received updates during their lifetime.” She added that “all [the] phones we looked at had Android updates available to them within a reasonable time frame relative to the handset’s release, but the carrier or manufacturer never got around to pushing one out.”
She also found that all the carriers continue to sell phones which they have already ‘orphaned’ — meaning the carrier has no intentions of ever providing a security update to the phone, even if the update is vital for patching a severe vulnerability. The ACLU contends that the carriers have a duty to inform the customer of the severe security risks inherent in these ‘orphaned’ phones, before they purchase them.
For those in the market for a new Android smartphone, but who cannot wait for the ACLU’s efforts to pan out, there is only one Android smartphone guaranteed to receive timely security updates: Nexus. This is Google’s own Android smartphone. Google partners with others (Samsung, HTC, LG, etc) to design and manufacture the Nexus line, but allows all Nexus owners to bypass their carriers, and receive ALL their Android updates directly from Google.
Music: The Cribs Perform ‘Men’s Needs’ (video)
I am ashamed to confess that I am a Johnny-come-lately to this group. In fact, I only discovered them a few days ago through a Tweet by Edwyn Collins. And so seven years after its initial release, the song finally enjoys heavy rotation in my crib.
This English trio — formed in Wakefield, West Yorkshire in 2002 — consists of three brothers, two of which are twins. To date, the group has released five albums, most of which enjoyed critical acclaim. As if being completely ignorant of their existence wasn’t bad enough, I then went on to discover that one of my favorite guitarists, Johnny Marr of The Smiths, had become a member of the group between 2008 and 2011.
For those who too may have drifted out of the ‘in’ and into the ‘out’ with regards to the new music scene, you will be in for a pleasant surprise here. ‘Men’s Needs’ is The Cribs’ biggest hit to date. It is hands down excellent.
The video was directed by Diane Martel and shot in Hollywood. It is brilliant in its simplicity — much like the promotional music videos that came out of the UK in the late 70s and early 80s. It simply consists of the band performing in front of a yellow backdrop, but with a naked young woman playing the mischievous saboteur and doing a pret-ty good job of poaching their spotlight.
VIDEO: Mara Verheyden-Hilliard: FBI Used Counterterrorism Resources To Monitor Occupy Group It Deemed NonViolent
The Partnership for Civil Justice Fund recently released newly obtained Freedom of Information Act (FOIA) documents which reveal that the FBI has been spying on Occupy Wall Street activists well before their very first protest.
In spite of the agency having acknowledged repeatedly in their internal documents that the movement opposes violence, and thus poses no threat, it still used counterterrorism resources and counterterrorism authorities to monitor them.
This may indicate that the movement’s political views in themselves are somehow being construed by officials as a ‘threat’.
The FBI stonewalled The Partnership for Civil Justice Fund’s FOIA request for over a year, and chose to release the highly redacted documents on the Friday going into the weekend preceding Christmas — a common tactic used by Federal agencies when releasing potentially embarrassing information, to ensure minimal press coverage and minimal public attention.
Today, Amy Goodman invited Mara Verheyden-Hilliard, executive director of the Partnership for Civil Justice Fund, to appear on DemocracyNow to discuss the group’s FOIA request and findings.
Verheyden-Hilliard tells about the FBI’s “intense coordination both with private businesses, with Wall Street, with the banks, and with state police departments and local police departments around the country.” The documents show the FBI going as far as using private groups as “proxy forces” to conduct undercover infiltration against the peaceful protesters to then report their findings back to the agency.
MUSIC: David Bowie And Members Of Queen Describe Writing Their Hit Song, ‘Under Pressure’
There has been much speculation over the years about who contributed what to the fabulous song, ‘Under Pressure’. Was it a Queen song — to which David Bowie merely lent his vocals, or was it a piece he and Queen wrote together, both musically and lyrically? Being one of my all-time favorite songs, I set […]
Password Protection: Why Password Management Applications Are Doomed To Fail
Mat Honan wrote a harrowing piece recently in Wired Magazine called “Kill the Password: Why a String of Characters Can’t Protect Us Anymore.” In it he described how having had a single password stolen from him by a young hacker literally turned his life upside down: This summer, hackers destroyed my entire digital life in […]
Rebuttal To Sam Seder’s Insistence That Voting Third Party Would Setback the Progressive Cause
Sam Seder recently invited veteran activist and Naked Capitalism Contributing Editor Matt Stoller onto his radio show to discuss his recent piece on Salon, entitled “The progressive case against Obama.” The discussion turned a bit testy as they battled around the logic behind voting for a third party Presidential candidate. You can listen to their debate HERE (begins […]
Robert Gibbs On U.S. Killing 16 Yr Old American 2-Weeks After Killing His Father: ‘Have A More Responsible Father’ (video)
In April 2010, Anwar al-Awlaki — an American citizen and an alleged leader of al-Qaeda operating out of Yemen — was placed on President Obama’s ‘Kill List’ for assassination. On September 30, 2011, an American drone targeted and killed him. Two weeks later and over 200 miles away from where Awlaki was killed, his 16 year […]
Comedy VIDEO: Triumph ‘The Insult Comic Dog’ Covers Presidential Debate, GOP Spin Room
Conan O’Brien’s furry correspondent Triumph takes GOP scalps at the final 2012 Presidential Debate: WATCH:
HuffPost Live’s Alyona Invites All-Star Panel To Discuss CIA Torture Whistleblower John Kiriakou’s Plea Deal (video)
CIA whistleblower John Kiriakou plead guilty this morning to revealing the identity of a CIA officer in the agency’s detention and interrogation program. He is expected to spend 2 1/2 years in prison. The reason he chose to negotiate a plea deal rather than go to trial was summarized succinctly by Marcy Wheeler (investigative blogger, Emptywheel): […]
ACLU’s Adam Schwartz: Law Enforcement Uses Fusion Centers To Scrutinize Innocent Americans (video)
Reason TV interviewed Adam Schwartz of the American Civil Liberties Union of Illinois where he discussed how law enforcement’s pervasive surveillance and data gathering efforts pose a threat to Americans’ constitutionally protected privacy and First Amendment rights. Schwartz describes the significance of fusion centers and the role they play: “In the wake of the 9-11 terror […]