Ryan Singel | Wired.com 

The Transportation Security Administration suspended Verified Identity Pass from enrolling any new passengers in its get-through-security-faster program on Tuesday, after the company lost (and then oddly found) a unencrypted laptop containing personal information of 33,000 people who had applied for the so-called Registered Traveler program.

The company learned of the loss of an unencrypted laptop from the San Francisco airport on July 26 that included enrollees’ names, addresses, dates of birth and some drivers’ license numbers. TSA suspended new enrollments in the company’s Clear Pass program until the company complies with rules requiring that such data notifies all of the affected enrollees.

Read the rest of this entry »

Kevin Poulsen | Wired.com

A U.S. government office in Quantico, Virginia, has direct, high-speed access to a major wireless carrier’s systems, exposing customers’ voice calls, data packets and physical movements to uncontrolled surveillance, according to a computer security consultant who says he worked for the carrier in late 2003.

“What I thought was alarming is how this carrier ended up essentially allowing a third party outside their organization to have unfettered access to their environment,” Babak Pasdar, now CEO of New York-based Bat Blue told Threat Level. “I wanted to put some access controls around it; they vehemently denied it. And when I wanted to put some logging around it, they denied that.”

Pasdar won’t name the wireless carrier in question, but his claims are nearly identical to unsourced allegations made in a federal lawsuit filed in 2006 against four phone companies and the U.S. government for alleged privacy violations. That suit names Verizon Wireless as the culprit.

Pasdar has executed a seven-page affidavit for the nonprofit Government Accountability Project in Washington, which on Tuesday began circulating the document (.pdf), along with talking points (.doc), to congressional staffers hashing out a Republican proposal to grant retroactive legal immunity to phone companies who cooperated in the warrantless wiretapping of Americans.

According to his affidavit, Pasdar tumbled to the surveillance superhighway in September 2003, when he led a “Rapid Deployment” team hired to revamp security on the carrier’s internal network. He noticed that the carrier’s officials got squirrelly when he asked about a mysterious “Quantico Circuit” — a 45 megabit/second DS-3 line linking its most sensitive network to an unnamed third party.

Read the rest of this entry »

Noah Shachtman | wired.com

A recently-unearthed U.S. Navy research project calls for creating mad-made floods and droughts to “disrupt [the] economy” of an enemy state.

“Weather modification was used successfully in Viet Nam to (among other things) hinder and impede the movement of personnel and material from North Viet Nam to South Viet Nam,” notes a Naval Air Warfare Weapons Division - China Lake research proposal, released last month through the Freedom of Information Act. But “since that time military research on Weather Modification has dwindled in the United States.”

The proposal suggests a study of the latest weather manipulation techniques, to “give the U.S. military a viable, state-of-the-art weather modification capability again.” With that in hand, American forces would be able…

Read the rest of this entry »

By Ryan Singel     08.29.07 | 2:00 AM

The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act.

The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation’s telecom infrastructure than observers suspected.

It’s a “comprehensive wiretap system that intercepts wire-line phones, cellular phones, SMS and push-to-talk systems,” says Steven Bellovin, a Columbia University computer science professor and longtime surveillance expert.

Slideshow
Snapshots of the FBI Spy Docs

DCSNet is a suite of software that collects, sifts and stores phone numbers, phone calls and text messages. The system directly connects FBI wiretapping outposts around the country to a far-reaching private communications network.

Read the rest of this entry »