.
The real issue is that our government, in the goal of cybersecurity and monitoring, opened up almost all personal devices and many corporate systems to foreign state actors and hackers. If we are going to be serious about preventing hacking, the NSA & FBI have to allow closure of these access points.
Most of the corporate routers, home routers, PC mainboards, Operating Systems, home printers, cell phones all have access points for NSA & FBI intrusion.
The technology not only exists, it is imbedded within much of the firmware and software we use. This was done to make it easier for the government to access endpoints. Just as Windows, Azure, and other SUSE Linux platforms are subject to intrusion, most of the mainboards, routers (including Cisco), cameras, and cell phones have methods to gain remote entry, whether the owner tries to prevent it or not. Other firms add “secret” backdoors into their systems to ease diagnostics, and these will get disassembled and published in the dark web for future exploit. It is not about as much the extreme intelligence as the desire and time to learn the tools and operating system nuances. A good hacker does not leave footprints. So, when you hear talk of inspecting system logs, that is only to catch the most basic of hacker. This is why my next home machine is going to be Qubes OS.
================
RULE 41
I'm sure most of you have read or seen the latest news about the FBI expanding monitoring, by being able to gain entry into thousands to upwards of a claimed million computer or more on a single search warrant. If you haven't, here are some articles. They aren't hacking into any of our machines... they are using built in access points to gain immediate entry. These are the same entry points that foreign actors, nation states and hackers use. The government built in a portal that everyone can use, if they are so inclined.
Fortune: http://fortune.com/2016/11/30/rule-41/
FBI's New Hacking Powers Take Effect This Week
A single search warrant, multiple computers.
The FBI and other law enforcement agencies will be able to search multiple computers across the country with a single warrant thanks to a controversial rule change that takes effect on Thursday.
The expanded search power, known as “Rule 41,” is intended to make it easier for the FBI to carry out complex computer investigations. Until now, the government could only carry out a search of computers located in the district where the federal judge granted the warrant—typically only a few counties in a given state.
Civil liberties groups have warned Rule 41 represents a dangerous expansion of the government’s surveillance power, and will lead law enforcement bodies to “forum shop”—seeking warrants in districts where a judge is most likely to grant them.
The Hill: http://thehill.com/policy/cybersecurity/308088-last-ditch-effort-to-prevent-change-to-rule-41-fails
Last-ditch effort to prevent changes to law enforcement hacking rule fails
The updates to Rule 41 address two issues raised by modern cyber investigations. Currently, when suspects use technical means to disguise their location of their computers, it is impossible for law enforcement to determine in which jurisdiction officers must apply for a warrant. The updates would allow any judge to issue a warrant to hack a computer of a suspect hiding its location.
The new rules would also help fight botnets — networks of hijacked computers used to send spam or as a component of attacks that flood targets with too much traffic to properly function. Currently, law enforcement needs individual warrants to hack each computer it desires, slowing the process of shutting down a botnet. The updates to Rule 41 allow law enforcement to use a single application to apply to hack five or more computers.
“This proposed solution essentially gives our government a blank check to infringe upon our civil liberties,” said Daines.
Digital and civil liberties advocates believe that the new rules create a boundless new tool for surveillance. They fear that warrants for computers roped into a botnet permit the government to hack innocent victims, and that granting the right to approach any judge for a warrant would mean the government would cherry-pick judges.
EFF Deeplinks https://www.eff.org/deeplinks/2016/10/eff-goes-washington-fight-against-changes-rule-41
EFF Goes to Washington to Fight Against the Changes to Rule 41
If Congress does nothing, a new policy will take effect in less than two months that will make it easier than ever for the FBI to infiltrate, monitor, copy data from, inject malware into, and otherwise damage computers remotely.
With the threat of the "Rule 4" changes looming, EFF Senior Staff Attorney Nate Cardozo and EFF Activism Director Rainey Reitman recently flew to DC to speak to policymakers about the future of computer security and the ramifications of government hacking. Over the course of just a few days filled with back-to-back appointments, Nate and Rainey briefed dozens of legislative staffers on not only Rule 41, but the larger issue of government hacking and how the system lacks the necessary safeguards for privacy. They also briefed staff on the upcoming expiration of a law used to justify NSA surveillance of the Internet, Section 702 of the FISA Amendments Act.
EFF and our coalition partners have been raising the alarm about the updates to Rule 41 for months, and thousands have joined us in speaking out through our campaign No Global Warrants. The proposed changes to Rule 41 of the Federal Rules of Criminal Procedure--which are set to automatically go into effect on December 1, would make it easier for the government to get a warrant to hack into a computer. Whenever they are investigating a crime and encounter computers using location-obscuring technology, FBI agents would be able to request a warrant from practically any magistrate judge in any district in the United States. This removes one of the key safeguards our judicial system has against forum shopping: namely, that law enforcement must go to judges in the district where crimes actually take place.
These changes would make it easier than ever for FBI agents to seek out prosecution-friendly or technically-naïve judges to sign off on the dangerous hacking warrants. And we know these warrants invite abuse: we’ve already seen cases where a single warrant was used to hack into thousands of computers.
.
= new reply since forum marked as read
