• 12 posts
  • 16 comments
Joined 3 years ago
Cake day: June 8th, 2023
    • American Crime Story (2016) [Season 2]

      Season two examines the 1997 murder of legendary fashion designer Gianni Versace outside of his Miami Beach mansion by serial killer Andrew Cunanan, interweaving storylines involving the lead-up to the murder and the criminal investigation that includes a nationwide manhunt for Cunanan.

    • Dirk Gently’s Holistic Detective Agency (2016)

      A comedic thriller that follows the bizarre adventures of eccentric “holistic” detective Dirk Gently and his reluctant assistant Todd. An adaptation of Douglas Adams’ wildly successful comic novels.

    • Ghost in the Shell: Stand Alone Complex (2002)

      In the future when technological enhancements and robotics are a way of life, Major Motoko Kusanagi and Section 9 take care of the jobs that are too difficult for the police. Section 9 employs hackers, sharpshooters, detectives and cyborgs all in an effort to thwart cyber criminals and their plans to attack the innocent.

    • Mad Men (2007)

      Set in 1960-1970 New York, this sexy, stylized and provocative drama follows the lives of the ruthlessly competitive men and women of Madison Avenue advertising.

    • Orb: On the Movements of the Earth (2024)

      After learning heretical teachings about the Earth and the Sun, a child prodigy searches for his master’s hidden research while evading the Inquisition.

    • Star Trek: The Next Generation (1987)

      Follow the intergalactic adventures of Capt. Jean-Luc Picard and his loyal crew aboard the all-new USS Enterprise NCC-1701D, as they explore new worlds.

    • Twin Peaks (1990)

      The body of Laura Palmer is washed up on a beach near the small Washington state town of Twin Peaks. FBI Special Agent Dale Cooper is called in to investigate her strange demise only to uncover a web of mystery that ultimately leads him deep into the heart of the surrounding woodland and his very own soul.

    • Utopia (2013)

      The Utopia Experiments is a legendary graphic novel shrouded in mystery. When a group of strangers find themselves in possession of an original manuscript, their lives suddenly and brutally implode.

    • Wilfred (2011)

      Everyone else sees Wilfred as just a dog, but Ryan sees a crude and somewhat surly, yet irrepressibly brave and honest Australian bloke in a cheap dog suit. While leading him through a series of comedic and existential adventures, Wilfred the dog shows Ryan the man how to overcome his fears and joyfully embrace the unpredictability and insanity of the world around him.

  • Within the article are responses to public records requests on if agencies are using the Immigration Violator hotlist.

    Also included are ways to Conduct background research, and file a public records request.

    When a car passes an automated license plate reader (ALPR), its plate is captured and instantly compared against a list of vehicles that police are actively looking for or that police have identified for real-time surveillance. These are called “hotlists,” and EFF has learned that one used by agencies across the country targets immigrants on behalf of Immigration and Customs Enforcement (ICE).

    Agencies using Flock Safety ALPR systems commonly allow the plates their cameras collect to be compared against the FBI’s National Crime Information Center (NCIC) hotlists. These hotlists are broken into “topics,” such as “Gang or Suspected Terrorist,” “Stolen Vehicle,” and “Missing Person.”

    The “Immigration Violator” hotlist is populated exclusively by ICE, and it is the only agency authorized to enter or maintain records in this system, according to the NCIC operator manual. It includes license plates associated with administrative warrants, which are issued by ICE agents without judicial review. The manual further describes the data:

    The Immigration Violator File contains records on criminal aliens who have been deported for drug trafficking, firearms trafficking, or serious violent crimes and on foreign-born individuals who have violated some section of the Immigration and Nationality Act.

    And:

    If the ICE has reasonable grounds to believe that the subject may be operating a particular vehicle or a vehicle bearing a particular license plate, the vehicle and/or license data may be included in the record.

    Buried in the Flock Safety administrative interface, there is a drop-down menu where agencies select which NCIC topics to subscribe to. If Immigration Violator is selected, the local agency will receive an alert that a vehicle ICE is looking for has been sighted. According to Flock Safety, ICE itself does not get an alert, although the local agency may contact ICE to let them know. Many agencies also participate or collaborate with immigration enforcement (through, for example, 287(g) agreements) and may take steps to stop a vehicle based on one of these alerts.

    Knowing whether your agency has this box checked isn’t just useful information—it’s the kind of evidence that can change how officials vote when a contract comes up for renewal. So, how can you find out if your local agency is using the Immigration Violator list? It takes some digging, and you may not be successful. But here’s what has worked for us in some instances.

cross-posted from: https://infosec.pub/post/48574767

Within the article are responses to public records requests on if agencies are using the Immigration Violator hotlist.

Also included are ways to Conduct background research, and file a public records request.

When a car passes an automated license plate reader (ALPR), its plate is captured and instantly compared against a list of vehicles that police are actively looking for or that police have identified for real-time surveillance. These are called “hotlists,” and EFF has learned that one used by agencies across the country targets immigrants on behalf of Immigration and Customs Enforcement (ICE).

Agencies using Flock Safety ALPR systems commonly allow the plates their cameras collect to be compared against the FBI’s National Crime Information Center (NCIC) hotlists. These hotlists are broken into “topics,” such as “Gang or Suspected Terrorist,” “Stolen Vehicle,” and “Missing Person.”

The “Immigration Violator” hotlist is populated exclusively by ICE, and it is the only agency authorized to enter or maintain records in this system, according to the NCIC operator manual. It includes license plates associated with administrative warrants, which are issued by ICE agents without judicial review. The manual further describes the data:

The Immigration Violator File contains records on criminal aliens who have been deported for drug trafficking, firearms trafficking, or serious violent crimes and on foreign-born individuals who have violated some section of the Immigration and Nationality Act.

And:

If the ICE has reasonable grounds to believe that the subject may be operating a particular vehicle or a vehicle bearing a particular license plate, the vehicle and/or license data may be included in the record.

Buried in the Flock Safety administrative interface, there is a drop-down menu where agencies select which NCIC topics to subscribe to. If Immigration Violator is selected, the local agency will receive an alert that a vehicle ICE is looking for has been sighted. According to Flock Safety, ICE itself does not get an alert, although the local agency may contact ICE to let them know. Many agencies also participate or collaborate with immigration enforcement (through, for example, 287(g) agreements) and may take steps to stop a vehicle based on one of these alerts.

Knowing whether your agency has this box checked isn’t just useful information—it’s the kind of evidence that can change how officials vote when a contract comes up for renewal. So, how can you find out if your local agency is using the Immigration Violator list? It takes some digging, and you may not be successful. But here’s what has worked for us in some instances.

The “KIDS Act” Is an Age Surveillance Bill, Take Action. Tell Congress to reject this age-gating bill

Within the next week, Congress is preparing to vote on the KIDS Act, a sprawling package of legislation that seeks to control Americans’ web browsing and private messaging. The package includes a revised version of the Kids Online Safety Act, or KOSA, combined with a collection of other internet bills, study bills, reporting requirements, and new regulations. Instead of debating any of these proposals on their merits, lawmakers are attempting to move them all at once under an ultra-expedited process.

The package of cobbled-together bills is a mess, with different age-gating schemes for different services, using different standards. It’s a lot of complexity, and a lot of legal risk. Faced with that, many companies will conclude that the safest option is restrictive age-checking practices across their entire platforms.

Buried inside the KIDS Act are provisions that will push online services to verify all users’ ages, require government-directed moderation policies for online speech, and even create new rules about private and encrypted communications. While supporters continue to claim this bill protects minors online, its requirements come at the expense of privacy, free expression, and the ability of people of all ages to use the internet without revealing sensitive data.

Carmaker Volkswagen is facing criticism from privacy-conscious drivers after GrapheneOS users reported being locked out of the company’s mobile app, leaving some unable to log in, sync vehicle data, or remotely control their cars.

Reports began surfacing on the GrapheneOS forum and Reddit’s r/degoogle community, where users described suddenly losing access to Volkswagen’s app despite using fully updated devices.

The issue appears to affect Volkswagen’s app ecosystem rather than a specific vehicle model, so owners that rely on VW Connect, We Connect, We Connect ID or related services could potentially be affected.

Some posters pointed to the apparent contradiction that Volkswagen’s software continues to support older, end-of-life Android versions while rejecting GrapheneOS installations.

One affected user, Aaron94, said Volkswagen’s app stopped working entirely after a logout.

Despite enabling compatibility settings and trying multiple workarounds, they were unable to log back in.

Another user, XavDub, reported similar problems. “First symptom, sync did not work anymore from the app, so I tried to logout to login again, but it’s since just impossible,” they wrote, adding that testing on a standard Google Pixel running stock Android worked normally.

When XavDub contacted the German car maker, the company responded that GrapheneOS “is not an official Volkswagen offering” and advised them to contact their OS provider instead.

The timing has raised eyebrows because Volkswagen recently changed the APIs used to access vehicle data.

According to German tech title Heise, the change disrupted third-party tools used by owners for smart charging, solar energy integration, and home automation.

It’s shaping up to be a cruel summer for GrapheneOS users. Earlier this month reports emerged that age-verification provider Yoti, used by Sony, Facebook and TikTok, had allegedly flagged GrapheneOS users during verification processes, prompting widespread backlash in privacy communities.

This week, EFF joined Foxglove, Human Rights Watch, and 60 other organizations in writing to the UK’s Minister of State for Border Security and Asylum, Alex Norris, raising serious concern about the Home Office’s decision to deploy Facial Age Estimation (FAE) to assess asylum-seeking children from 2027.

The letter points to four key concerns:

Discrimination

As with most face estimation and recognition tools, there is ongoing bias in the deployment of these technologies. With FAE, many have highlighted its baked-in failures and discrimination, particularly in relation to women and people of color. Evidence shows that FAE is most accurate for estimating the ages of Eastern European men, but even then it consistently produces errors. The Home Office itself noted “that FAE performance can vary depending on ethnicity” and skin tone.

Inaccuracy

The Home Office has admitted that FAE systems are imprecise for analyzing 16-to 18-year-olds, with even the “top systems” having an “error margin of around 2.5 years here.” This is exactly the age range for which the Home Office has chosen to deploy this technology. And this error margin will be widened yet further because children seeking asylum often suffer from trauma-induced aging.

Lawfulness of Use of Children’s Data

Major concerns exist around the lawful basis on which the Home Office, or its chosen third-party FAE vendors, could have sought consent to collect and process photographs or data from asylum-seeking children to train this system. Further, there is no clarity on the images and/or data that this technology has been trained on.

Lack of Necessary Disclosure

The Home Office claims “extensive testing has already been carried out across diverse groups, including different ethnicities, genders and age ranges, indicating promising performance and accuracy.” But these purported “promising” results have not been published, nor have any Equality or Data Protection Impact Assessments.

The letter continues by requesting clarification on several key questions regarding these concerns. EFF and partners have provided the UK government 21 days for a response, and we urge the Home Office to take on this uphill task in good faith and release the information.

You can read the letter in full here.

With no serious debate, including on proposed amendments, Canada is blazing full speed ahead with Bill C-22, which would threaten encryption and increase surveillance. Also known as the Lawful Access Bill, Bill C-22 is currently moving forward quickly to a vote despite the many, many criticisms civil liberty groups and the tech industry have hurled at it.

As we’ve discussed before, Bill C-22 is dangerous on multiple levels. It pushes for requirements for metadata retention, expands information sharing with foreign governments, and establishes a mechanism that allows Canada’s Ministry of Public Safety to demand that companies create backdoors, effectively breaking encryption. That mechanism was a key facet of Part 2 in Bill C-22, and the government prevented it from being independently debated.

In a deep analysis of the bill, Citizen Lab and the Canadian Civil Liberties Association detail every one of flaws of this proposal, concluding that most elements are unsalvageable.

A wide range of tech companies agree. Signal, Apple, Google, and several VPN providers oppose the bill, and some have said they’d likely be forced to either cut Canadians off from certain features or shut down services in Canada altogether.

The Canadian government wants this dangerous, complicated, overreaching bill passed before June 19. Bill C-22 is riddled with privacy problems that affect millions of people. It should be debated and studied fully, not jammed through on an arbitrary deadline.

OpenMedia is offering a tool for Canadians to contact their elected representatives about the bill. Actions taken on OpenMedia’s website are governed by OpenMedia’s privacy policy, not EFF’s.

cross-posted from: https://infosec.pub/post/48272905

Federal immigration officers often use facial recognition technology to identify immigrants in the field. Now, a newly revealed document from the Department of Homeland Security outlines plans to give local police working on its behalf the same type of technology.

The document, first reported earlier this month by the tech news outlet 404 media, is a Privacy Threshold Analysis, which is essentially a federal report assessing whether the privacy implications of a tool warrant further government study.

The tool in question is a mobile app called the ICE Task Force Module, which allows local police to scan the faces of people they stop in their communities.

The app then compares the facial scan against more than 250 million government records. Those include the State Department’s visa records and records from the Traveler Verification Service, used by the Transportation Security Administration at airports to verify identities on international flights.

Once police scan a person’s face, the app then instructs an officer either to “not detain or arrest,” or it gives the officer a reference code to obtain more information from ICE.

The photos captured by the app are then stored in an internal DHS system for 15 years, the document states.

Those local officers, called “ICE non-federal law enforcement officers” in the document, are likely participants in the federal 287(g) program. A subset of that program, the Task Force Model, gives local police the authority to arrest immigrants on ICE’s behalf during their routine police duties. There are about 1,300 police agencies participating in the Task Force Model nationwide.

The DHS analysis “raises more questions than I think it answers,” says Clare Garvie, deputy director of the Technology Law and Policy Program at New York University School of Law’s Policing Project.

For one, the document says the app launched last September, which suggests police are already using it.

It also seems to work similarly to Mobile Fortify, a facial recognition app that ICE and officers with Customs and Border Protection already use, but it’s unclear whether the new app uses the same technology or something entirely its own.

Privacy experts told NPR that allowing local police to conduct similar surveillance could create a chilling effect on freedom of speech, if people begin to worry they’ll face repercussions for attending protests, for instance, or for legally observing ICE activity in their communities.

Homeland Security Secretary Markwayne Mullin acknowledged at a congressional hearing this month that the agency has used facial recognition technology on protesters and had been able to identify people who were present at protests in Oregon who were also at the recent protests outside the Delaney Hall Detention Facility in Newark, N.J.

What’s more, Garvie says, facial recognition technology is not always accurate, and there have been cases of people detained by ICE who were wrongly identified by the technology.

“This app wouldn’t work if they didn’t have databases to pull people’s pictures from and compare against,” says Cooper Quintin, a senior staff technologist with the Electronic Frontier Foundation, a nonprofit that advocates for digital privacy. “They’re playing semantics. They’re certainly not being forthright. You know, do they have a database of protesters? Maybe they don’t call it that.”

He says allowing police to use this technology to do immigration enforcement is a significant expansion of ICE’s operations.

“It makes this sort of face surveillance ubiquitous on American streets,” Quintin says. “I don’t think that Americans should tolerate law enforcement being able to scan anyone’s face at any time for any reason to try to determine their identity. This is the new form of ‘papers, please.’”