« First...102030...2,1782,1792,1802,1812,182...2,1902,2002,210...Last »

Chelsea Manning: Military Is Denying Me Gender Treatment

Posted on by

By Tracy Connor

A year after requesting gender-reassignment treatment, convicted national-security leaker Chelsea Manning says the military has given her nothing but "lip service." In an exclusive statement to NBC News, the former Army private once known as Bradley Manning said life in the military lockup at Fort Leavenworth, Kansas, has restricted her ability to express her gender identity. "For example, in my daily life, I am reminded of this when I look at the name on my badge, the first initial sewed into my clothing, the hair and grooming standards that I adhere to, and the titles and courtesies used by the staff. Ultimately, I just want to be able to live my life as the person that I am, and to be able to feel comfortable in my own skin."

Manning is serving a 35-year sentence after being convicted of sending classified documents to anti-secrecy website WikiLeaks. She became the first military inmate to ask for treatment for gender dysphoria and went public with her decision to live life as a woman in a TODAY interview last August. She asked for a treatment plan that would consider three measures: dressing and living as a woman, hormone therapy and possible surgery.

Last month, Defense Secretary Chuck Hagel approved an Army recommendation to begin the early stages of gender reassignment, including counseling and approval to dress as a woman, officials said. But Manning's lawyer, David Coombs, said in a statement that the military has failed to carry out the recommendation and that he is prepared to sue. "The military's failure to comply with the treatment recommendations and protocols for Chelsea's diagnosed gender dysmorphia violates her well-established constitutional right to be free from cruel and unusual punishment," Coombs wrote.

The Army declined to say when treatment might begin.

"The Department of Defense has approved a request by Army leadership to provide required medical treatment for an inmate diagnosed with gender dysphoria. I can't discuss the medical needs of an individual," Army spokeswoman Lt. Col. Alayne Conway said.

"In general terms, the initial stages of treatment for individuals with gender dysphoria include psychotherapy and elements of the 'real life experience' therapy. Treatment for the condition is highly individualized and generally is sequential and graduated."

First published August 22 2014, 1:48 AM

Tracy Connor is a senior writer for NBC News. She started this role in December, 2012. Connor is responsible for reporting and writing breaking news, features and enterprise stories for NBCNews.com. Connor joined NBC News from the New York Daily News, where she was a senior writer covering a broad range of news and supervising the health and immigration beats. Prior to that she was an assistant city editor who oversaw breaking news and the courts and entertainment beats.

Earlier, Connor was a staff writer at the New York Post, United Press International and Brooklyn Paper Publications.

Here is the original post:
Chelsea Manning: Military Is Denying Me Gender Treatment

Bush and Obama Spurred Ed Snowden to Spill U.S. Secrets

Posted on by

The whistleblower started out as an idealistic booster of the national-security state. Illegal and immoral behavior he witnessed on the inside turned him into an outsider.

Pablo Martinez Monsivais/AP

Before Edward Snowden joined Daniel Ellsberg and Chelsea Manning in the annals of American whistleblowers, he was a young man who witnessed the attacks of September 11, 2001, and enthusiastically volunteered to join the national-security state. Back then, he believed in the wisdom of the War in Iraq, saw the National Security Agency as a force for good, and hoped to serve within the system. Since his first interview with Glenn Greenwald and Laura Poitras, we've known that he gradually lost faith in the federal government, believed it to be engaged in illegal, immoral acts, and decided to gather and leak some of its secrets.

One of the most comprehensive narratives of what specifically prompted his transition from insider to conscientious objector appears in the recently published interview he granted to James Bamford, author of several books on the NSA. Whether one believes Snowden's leaks to be salutary or deeply regrettable, it's useful to understand and grapple with what prompted him to act as he did, especially as the Obama administration works to make future leaks less likely. One method for preventing leaks that hasn't been discussed: Run a federal government that carries out fewer morally and legally objectionable actions in secret.

According to the interview, Snowden was disillusioned and influenced by what he saw during his time at the CIA and the NSA, as many Americans would've been:

Elsewhere, Snowden has noted his disillusionment at the treatment of previous NSA whistleblowers, as well as his amazement that James Clapper and Keith Alexander were allowed to lie or mislead in congressional testimony without consequences.

Snowden's account raises a question for Americans who want classified information kept secret. Would they rather have a national-security state run by employees who are inclined to speak out publicly when they witness years of immoral or illegal behavior? Or would they prefer them to keep quiet to avoid revealing sensitive information to adversaries? I submit that a system that conducts mass surveillance on Americans, tortures abroad, destroys the lives of innocents in intramural competitions to accrue CIA assets, ponders using pornography to discredit non-terrorists, and passes the private information of Americans to foreign governments is particularly dangerous if staffed entirely by people who are not sufficiently troubled by all that to let the public know what is going on.

George W. Bush, Barack Obama, and the most prominent members of their teams feel differently, of course, which helps explain why Snowden became a whistleblower in the first place. The national-security state is its own worst enemy, doing more to undermine its own legitimacy than its critics ever could.

Read more here:
Bush and Obama Spurred Ed Snowden to Spill U.S. Secrets

Stealing encryption keys through the power of touch

Posted on by

Researchers from Tel Aviv University have demonstrated an attack against the GnuPG encryption software that enables them to retrieve decryption keys by touching exposed metal parts of laptop computers.

There are several ways of attacking encryption systems. At one end of the spectrum, there are flaws and weaknesses in the algorithms themselves that make it easier than it should be to figure out the key to decrypt something. At the other end, there are flaws and weaknesses in human flesh and bones that make it easier than it should be to force someone to offer up the key to decrypt something.

In the middle are a range of attacks that don't depend on flaws on the encryption algorithms but rather in the way they've been implemented. Encryption systems, both software and hardware, can leak information about the keys being used in all sorts of indirect ways, such as the performance of the system's cache, or the time taken to perform encryption and decryption operations. Attacks using these indirect information leaks are known collectively as side channel attacks.

This research is a side-channel attack. The metal parts of a laptop, such as the shielding around USB ports, and heatsink fins, are notionally all at a common ground level. However, this level undergoes tiny fluctuations due to the electric fields within the laptop. These variations can be measured, and this can be used to leak information about encryption keys.

The measurements can be done by directly attaching a digitizer to a metal part of the laptop, but they don't have to be this obvious. The researchers showed that they could retrieve information with connections at the far end of shielded USB, VGA, and Ethernet connections. They also used human touch: a person in contact with metal parts of the laptop can in turn be connected to a digitizer, and the voltage fluctuations can be measured.

The researchers note that this works better in hot weather, due to the lower resistance of sweaty fingers.

While the information retrieval was better when used with high-end lab equipment, the researchers also experimented with using a smartphone connected to Ethernet shielding via its headphone port, and found that this was sufficient to perform some attacks.

The major importance source of the voltage variations is the processor. The simplest thing to detect is probably whether the processor is active or sleeping, with the researchers saying that on almost all machines, the difference between an active processor and a processor suspended with the "HLT" instruction could be detected. On many machines, finer grained information was visible. The research recorded the fluctuations with a sample rate of between a few tens of kilohertz, and a few megahertz. These sample rates are far lower than the several gigahertz that processors operate, and so these measurements can't give insight into individual instructionsbut this wasn't actually necessary.

During encryption and decryption operations, the processor has to perform certain long-running operations (for example, exponentiation of various large numbers), and these operations caused a consistent, characteristic set of voltage fluctuations. When sampling the voltages at a rate of a few MHz, keys for the RSA and ElGamal encryption algorithms could be extracted in a few seconds.

This attack required a single piece of encrypted data to be decrypted a few times.

Continued here:
Stealing encryption keys through the power of touch

Google Gets in a Trusted Stores Encryption Tangle

Posted on by

A conflict between Google's push to make the Web more secure and its Trusted Store program may be costing at least one business money.

Pegasus Auto Racing Supplies, which encrypts all the pages on its website, has had its application for Google's Trusted Stores program turned down, according to The Wall Street Journal.

Think of the badge as the equivalent of the Good Housekeeping Seal. Having it could boost a site's revenue.

Pegasus co-owner Christopher Heitman applied for a Trusted Stores badge in 2012 but was turned down because all his site's pages were encrypted.

Google reportedly told him that the Trusted Stores program is not compatible with HTTPS when the protocol is used for non-sensitive pages such as a site's home page or product listings.

The Trusted Stores program requires applicants to encrypt only pages that contain sensitive information, such as home addresses and credit card numbers.

Heitman applied again this month and once again was turned down.

The Trusted Stores badge "is designed to be suppressed and not show up on secure pages," Google reportedly told Heitman in an email. "However, per the program guidelines, it is required that the badge must be displayed on all pages of your site."

The Google policy "is as clear and easy to understand as a bowl of spaghetti," Jeff Kagan, a technology industry analyst, told the E-Commerce Times.

Google recently announced that it would, in effect, give encrypted Web pages more weight in its search algorithms, resulting in higher rankings.

Continued here:
Google Gets in a Trusted Stores Encryption Tangle

Does Microsoft Really Love Open Source?

Posted on by

Microsoft's relationship with the open source movement has undergone an extraordinary transformation over the last few years, from a deep hostility to what can only be described as an embrace.

One specific target of its hatred was the GNU General Public License (GPL), under which much open source software is made available. "The way the license is written, if you use any open-source software, you have to make the rest of your software open source," Steve Ballmer, Microsoft's ex-CEO, said erroneously in a Chicago Sun-Timesinterview back in 2001.

The open source Linux, which threatened the company's Windows Server operating systems, was another Microsoft target. "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches," Baller said in the same interview.

[ Related: Microsoft Embraces Open Source -- to a Point ]

What Microsoft is up to now was unthinkable back then. Today Microsoft is involved with open source community. It participates in open source projects. It has open sourced some of its formerly proprietary software, such as parts of its ASP.NET Web application framework, the Windows Phone toolkit and the Azure .NET software development kit. It has set up CodePlex, a free open source project hosting site.

Going one stage further, the company has established Microsoft Open Technologies Inc. (Open Tech), a wholly owned subsidiary of Microsoft "focused on advancing Microsoft's commitment to openness across the company and throughout the industry."

What does Microsoft mean by "openness"? "Openness is much more than just open source. It also includes interoperability and open standards," says Gianugo Rabellino, senior director of Open Source communities at Open Tech. This triumvirate of open source, open standards and interoperability is a refrain that Rabellino -- and, indeed, Microsoft -- keeps coming back to.

Software Market Changed, So Microsoft Changed, Too

The big question: Why the change? Why the complete about-face when it comes to open source software from deep hostility to open embrace?

"The market has changed," says Rabellino, saying that 2002 was very different than today. "Everyone is adapting. So is Microsoft."

Link:
Does Microsoft Really Love Open Source?

Scientists Hack Cryptography Keys By Simply Touching a Laptop

Posted on by

It sounds like something out of an episode of Spooks: Researchers have discovered a way to use simple touch to decode the cryptography keys that are intended to secure your information. It's as easy as gauging the electric potential coursing through your computer while it's working.

In the MIT Technology Review today, we learn of a paper out of Tel Aviv University (title: Get Your Hands Off My Laptop) that details the process of measuring the ground electric potential in laptops. There are several ways to do this: You could, say, use a wire. But that's not nearly as exciting as using your own handpreferably sweaty!and then "analyzing that signal using sophisticated software."

Here's how the authors explain the process:

This potential can be measured by a simple wire, non-invasively touching a conductive part of the laptop (such as the metal heatsink fins or shielding of USB, Ethernet, VGA, DisplayPort and HDMI ports), and connected to a suitable amplifier and digitizer. The chassis potential, thus measured, is affected by ongoing computation, and our attacks exploit this to extract RSA and ElGamal keys, within a few seconds.

According to the researchers, the hand method works "is especially effective in hot weather, since sweaty fingers offer lower electric resistance."

Essentially, they're taking advantage of the "noise" your computer makes while it's processing this information, to figure out exactly when and how they should listen in. Which brings us to an important point: How to resist it. According to MIT, it's "possible to avoid such attacks by adding random data to computations." In other words, we'll need to build codes on top of code. [MIT Technology Review]

Image: Lasse Kristensen.

Read this article:
Scientists Hack Cryptography Keys By Simply Touching a Laptop

How to Break Cryptography With Your Bare Hands

Posted on by

The latest way to snoop on a computer is by measuring subtle changes in electrical potential as data is decrypted.

Touch sensitive: In a demonstration, a researcher captures cryptographic keys stored on a computer using a sophisticated algorithm that measures ground potential conducted through the skin.

With enough technical savvy, simply touching a laptop can suffice to extract the cryptographic keys used to secure data stored on it.

The trick is based on the fact that the ground electrical potential in many computers fluctuates according to the computation that is being performed by its processorincluding the computations that take place when cryptographic software operates to decrypt data using a secret key.

Measuring the electrical potential leaked to your skin when you touch the metal chassis of such laptops, and analyzing that signal using sophisticated software, can be enough to determine the keys stored within, says Eran Tromer, a computer security expert at Tel Aviv University.

The remarkable result is described in this paper due to be presented at a conference in South Korea next month, but it was demonstrated Tuesday at a cryptography conference in Santa Barbara, California.

A signal can be picked up by touching exposed metal on a computer chassis with a plain wire. Or that wire can make contact anywhere on the body of an attacker touching the computer with a bare hand (sweaty hands work best). The ground signal can also be measured by fastening an alligator clip at the far end of an Ethernet, VGA, or USB cable attached to the computer, or even wirelessly with sensitive voltage-detection equipment. The catch is that contact must be made as data is unlocked with a keyduring decryption of a folder or an e-mail message, for instance.

Tromer says his research team has used all those methods to extract encryption keys based on widely used, high-security standards4,096-bit RSA keys and 3,072-bit ElGamal keys.

The work contributes to a growing body of evidence that regardless of the software protections people place on computers, there are indirect ways to extract dataso-called side channel attacks.

Previous research efforts have found, for example, that analyzing the power consumption of a computer can reveal cryptographic keys. The good news is that analyzing subtle trends in power usage can also reveal whether a computer is being attacked (see Tiny Changes in Energy Use Could Mean Your Computer Is Under Attack).

The rest is here:
How to Break Cryptography With Your Bare Hands

The Next Battleground In The War Against Quantum Hacking

Posted on by

Ever since the first hack of a commercial quantum cryptography device, security specialists have been fighting back. Heres an update on the battle.

Quantum hacking is the latest fear in the world of information security. Not so long ago, physicists were claiming that they could send information with perfect security using a technique known as quantum key distribution.

This uses the laws of quantum mechanics to guarantee perfectly secure communication. And perfectly secure communication is what you get, at least in theory.

The trouble is that in practice the equipment used to carry out quantum key distribution has a number of weaknesses that an eavesdropper can exploit to gain information about the messages being sent. Various groups have demonstrated how quantum hacking presents a real threat to perfectly secure communication.

So in the cat and mouse game of information security, physicists have been fighting back by designing equipment that is more secure. Today, Nitin Jain at the Max Planck Institute for the Science of Light in Erlangen, Germany, and a few pals show how the changes still leave the equipment open to attack but at the same time reveal how the next generation of quantum cryptography could be made better.

In quantum key distribution, Alice sends information to Bob encoded in the polarisation of single photons. So she might send a sequence of 0s and 1s as a series of photons polarised horizontally and vertically. Bob can then use this information as the key to a one-time pad for sending information with perfect security. Hence the name quantum key distribution.

An eavesdropper, Eve, can only see the information Alice sends if she knows the directions that correspond to vertical and horizontal. Physicists call this the base of the system.

Without knowing the base, the information the photons carry will seem random. So a key part of the security of quantum key distribution comes from keeping Alices base secret.

Just over 10 years ago, hackers found a way for Eve to discover Alices base. All Eve has to do is shine a light into Alices equipment and measure the polarisation of the reflected photons. These will have bounced off the optical components that determine Alices base and so will be polarised in the same way. That gives Eve the crucial information she needs to decode the transmissions without Alice being any the wiser.

View post:
The Next Battleground In The War Against Quantum Hacking

WikiLeaks founder Julian Assange to leave Ecuador embassy …

Posted on by

However, Mr Assange and his legal advisers appeared to have made an embarrassing error by misunderstanding a basic aspect of the new legislation.

The Home Office quickly undermined his key claim by confirming the changes would not apply in the case of Mr Assange, who has been a wanted man in Sweden since 2010, because they are not retrospective.

Mr Assange, 43, is alleged to have raped a woman known as SW, then aged 26, and committed other sexual offences against AA, a 31-year-old woman.

The Australian claims that if he is extradited to Sweden, he will be sent on to the United States for questioning over WikiLeaks whistle-blowing, which has been accused of publishing material which damages national security.

Mr Assange, looking pale and haggard, told journalists: "I can confirm I will be leaving the embassy soon."

However, he said his intended departure was perhaps not driven by reports of his ill-health.

There was further confusion when a WikiLeaks spokesman at the press conference quickly disputed that Mr Assange would be leaving the embassy imminently.

Kristinn Hrafnsson said: "The plan, as always, is to leave as soon as the UK Government decides to honour its obligations in relation to international agreements."

Police officers have been stationed outside the embassy round-the-clock since Mr Assange decided to enter the building voluntarily in June 2012.

He faces arrest the moment he steps outside the building in Knightsbridge, behind Harrods department store.

See the original post here:
WikiLeaks founder Julian Assange to leave Ecuador embassy ...

WikiLeaks Founder Julian Assange Says he will Leave …

Posted on by

WikiLeaks founder Julian Assange cites health reasons for his decision to "soon" leave the Ecuadoran embassy in London where he's spent the last two years. (Reuters)

LONDON WikiLeaks founder Julian Assange said Monday he would soon be leaving the Ecuadoran Embassy in London, where he took refuge more than two years ago to avoid extradition to Sweden to face questioning for alleged sexual assaults.

But in a lengthy statement to reporters at the embassy, Assange did not give any indication of the exact timing or circumstances of his exit. And a WikiLeaks spokesman, Kristinn Hrafnsson, later clarified that Assanges comments had been a declaration of hope rather than a declaration that he would be walking out of the embassy.

Hrafnsson said Assange would leave when British authorities grant him safe passage to the airport and to Ecuador, something the government here has repeatedly said it is unwilling to do.

A Foreign Office spokeswoman, speaking under the customary terms of anonymity, reiterated that stance Monday, saying, We are clear that our laws must be followed and that Mr. Assange should be extradited to Sweden.

By speaking to the media Monday, Assange may have been hoping to gain leverage in negotiations that have been locked in a stalemate for two years. Assange cited recent changes to British law that could protect him from extradition because charges in Sweden have not yet been filed. But a Home Office spokeswoman said that the legal changes were not retroactive and that Assange had exhausted all appeal avenues.

British press reports have suggested in recent days that Assange is in poor health and needs urgent medical treatment for heart and lung conditions. Assange, who appeared subdued and halting in his statement alongside the Ecuadoran foreign minister, acknowledged that two years in the embassy, without access to outdoor spaces or exposure to sunlight, had caused certain difficulties.

Since June 2012, Assange has been holed up in a small embassy apartment, vowing to defy what he describes as an international effort to persecute him for his role in releasing a vast trove of classified U.S. government documents. Although Assange has been granted asylum by Ecuador, British police guard the embassy round the clock and say he will be arrested if he leaves the embassy grounds.

Assange has long been sought in Sweden for questioning based on two womens allegations of sexual assault. The 43-year-old Australian said Monday he believes that Sweden intends to send him on to the United States, where the Justice Department has been investigating his role in leaking the government documents, many of which relate to the Iraq and Afghanistan wars.

Pfc. Bradley Manning, a former army intelligence analyst, was sentenced by a U.S. military judge to 35 years in prison last year for providing the documents to WikiLeaks. The day after sentencing, Manning adopted the name Chelsea Manning and announced that he wanted to be identified as a woman.

View original post here:
WikiLeaks Founder Julian Assange Says he will Leave ...


« First...102030...2,1782,1792,1802,1812,182...2,1902,2002,210...Last »