Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Rapiscan's Backscatter Machines May End Up In US Federal Buildings

timothy posted about a year and a half ago | from the why-waste-such-a-valuable-resource dept.

Government 171

McGruber writes "The Federal Times, a weekly print newspaper published by Gamnett Government Media Corp, is reporting that the Rapiscan Systems 'backscatter' passenger screening machines used by the U.S. Transportation Security Administration will likely be redeployed to federal buildings. Rapiscan System's backscatter machines have exposed passengers to radiation since they were first installed. As previously reported on Slashdot, TSA decided last month to stop using the machines because the manufacturer was unable to make changes to the machines that were mandated by Congress. Now TSA is attempting to sucker another federal agency into taking the nude-o-scopes."

cancel ×

171 comments

Congress? (5, Insightful)

rtfa-troll (1340807) | about a year and a half ago | (#42849837)

What better place for people to exposed to needless cancer risk from ionizing radiation concentrated just below the surface of their skin than the place that voted for this?

Re:Congress? (0)

Pinky's Brain (1158667) | about a year and a half ago | (#42849991)

Cancer risk from non-ionizing radiation actually ...

The latest research suggests that it's ability to affect DNA is highly dependent on both frequency and specific coding of genes, the evidence is very murky though. I don't think any congress critter and especially not any lobbyist will go through these things though, they are solely for the plebs.

Re:Congress? (4, Informative)

Ferzerp (83619) | about a year and a half ago | (#42850021)

Incorrect. Backscatter machines use very low amounts of ionizing radiation.

You're confusing them with the models being left in place, the "millimeter wave" ones, which do not.

Re:Congress? (1)

Pinky's Brain (1158667) | about a year and a half ago | (#42850029)

Oops ... I thought they were both being taken out of commission ... so if I were to travel to the US I'd still have the choice between increased cancer risks and being felt up? (I'm not rich enough to avoid the procedure.)

Re:Congress? (1)

ericloewe (2129490) | about a year and a half ago | (#42850063)

Unless you need to enter a federal building, you get the choice between the "enhanced patdown" and a non-ionising nude scanner (for now, another company may reintroduce backscatter x-ray scanners in the future, since Rapiscan's scanners were only removed for bureaucratic reasons).

Re:Congress? (2)

Pinky's Brain (1158667) | about a year and a half ago | (#42850169)

Well as I said it's non ionising, but the jury is still out on the long term effects of THz radiation ... so patdown it would be, assuming I'd still chose to travel to the US despite it's governments hostility to visitors (and it's own population).

Not THz.. GHz.. (0)

Anonymous Coward | about a year and a half ago | (#42850403)

The millimeter wave scanners run at 30 GHz.. 1mm wavelength. I think that propagation at 30 GHz is fairly well understood. Penetration is very small, so energy is deposited in the skin.

Re:Not THz.. GHz.. (-1)

Anonymous Coward | about a year and a half ago | (#42851923)

Speaking of penetration, I had a TSA "patdown" a couple months ago. The dude stuck his finger up my asshole. BTW, this wasn't at the security checkpoint, it was in the bathroom, while he was giving me a blowjob. I'm not gay, so it was a little weird.

Re:Congress? (5, Insightful)

Anonymous Coward | about a year and a half ago | (#42850083)

http://wh.gov/pu7x

Re:Congress? (4, Insightful)

Nidi62 (1525137) | about a year and a half ago | (#42850183)

Of course, you realize that the Congressmen would simply exempt themselves from using these scanners (of course, not due to any negative health effects this machines certainly don't have, but because it would take up too much of their valuable time that is better spent selflessly serving their country). The only people that would be subjected to these scanners would be the tourists and school kids coming in for a tour or to watch a congressional session.

Re:Congress? (4, Insightful)

Anonymous Coward | about a year and a half ago | (#42850295)

It makes sense... I work in a government building that is also a tourist attraction. Every day I scan my ID card and breeze through the turnstiles while children, old ladies, and lawyers/lobbyists have to queue up and go through the X-Ray machines. I always smirk when I pass a group of lawyers... yeah they may be getting paid $50/minute and have a suit that cost more than my car but they still gotta take off their belt and surrender their precious cell phones like everyone else...

Re:Congress? (1)

Anonymous Coward | about a year and a half ago | (#42850517)

Can we stop saying that these machines don't have serious health effects? They do. There's no argument about this in the literature. Yes, health risks are serious risks here.

Why not just read what the experts actually have to say?

http://www.npr.org/assets/news/2010/05/17/concern.pdf

Re:Congress? (1)

Nidi62 (1525137) | about a year and a half ago | (#42850569)

Might want to check your sarcasm detector there, buddy

Re:Congress? (5, Informative)

_Ludwig (86077) | about a year and a half ago | (#42850621)

Congress members are already exempt from security screening at the Capitol and their other office buildings. See here [wikipedia.org] for a relevant funny story, if your definition of funny includes a *headdesk* and general despair for the country and the human race in general.

Re:Congress? (0)

Anonymous Coward | about a year and a half ago | (#42850245)

Great suggestion! The quickest way to drop these devices into the dustbin is to use them to scan our federal representatives! It may also be interesting to see what they are composed of... "Sir (or Ma'am), I keep scanning Representative Boehner, but nothing shows up on the scope!". :rolleyes:

Re:Congress? (2)

funwithBSD (245349) | about a year and a half ago | (#42850253)

The internet will be officially dead when nude scans of Nancy Pelosi and Mitch McConnel are posted...

Re:Congress? (4, Interesting)

Runaway1956 (1322357) | about a year and a half ago | (#42850473)

My first thought matched your post. But - Federal Buildings aren't exactly the halls of congress, or even Janet Napolitano's office.

People enlisting in the armed services traditionally have gone through preliminary indoctrination / induction procedures in federal buildings. A lot of vital statistics stuff is found in federal buildings. FBI offices, ATF offices, federal marshall's offices, and more. The Federal Building in Oklahoma City that was bombed was targeted because the ATF and FBI were located there. Few, if any, of those various federal employees had anything to do with approval of these machines.

Worse, the public is still being exposed to this crap.

Congress needs to just mandate that the damned things are destroyed. End of story.

Congress really ought to just grow some balls, and decide to get rid of TSA and Homeland Security. I've seen nothing to suggest that they have improved on security in the United States. Fund the border patrol, and allow them to do the jobs they have been mandated to do since day one. And, Customs, as well. Keep the Air Marshalls, but put them under the authority of the FBI.

We've gone so horribly wrong, and Homeland Security is the center of all that wrongness.

Prisons (1)

Quick Reply (688867) | about a year and a half ago | (#42851299)

I was hoping that they could go into prisons instead of being destroyed. But only prisoners and their scumbag visitors have to. Go through them. Prison staff and lawyers get safe ones when they need to be screened. Actually scratch that, send the lawyers through the back scatter too.

Re:Congress? (0)

Anonymous Coward | about a year and a half ago | (#42852033)

This has been tried before. Nazi germany considered irradiating (undesirable) people with x-rays at post offices and other government buildings. But they were smart enough to scrap that plan.

You're fault. (0)

Anonymous Coward | about a year and a half ago | (#42849851)

You continue to fly.

You continue to work under unacceptable conditions.

Strike or suffer.

ruoy4bni

Re:You're fault. (0)

Anonymous Coward | about a year and a half ago | (#42850013)

I am fault?

Re:You're fault. (0)

Anonymous Coward | about a year and a half ago | (#42850043)

Jesus, slashbots are perdictable. Try focussing on the message.

erp4bni

Can't we put these in the supermarket? (1)

fustakrakich (1673220) | about a year and a half ago | (#42849855)

They would be great for checking the freshness of avocados. And maybe they can be used to irradiate the meat you buy.

Re:Can't we put these in the supermarket? (1)

ericloewe (2129490) | about a year and a half ago | (#42850067)

Not nearly powerful enough to do that. Just powerful enough to be a cancer risk.

Re:Can't we put these in the supermarket? (1)

Jmc23 (2353706) | about a year and a half ago | (#42850113)

It's called using your fingers and checking for unbroken flesh. All of your food is already irradiated, don't worry, your government loves you.

Re:Can't we put these in the supermarket? (1)

ColdWetDog (752185) | about a year and a half ago | (#42850409)

All of your food is already irradiated ...

I know this is Slashdot, but most people think that the sun is, in general, a good idea.

Re:Can't we put these in the supermarket? (1)

Jmc23 (2353706) | about a year and a half ago | (#42850493)

Top dwellers are not welcome here!

Re:Can't we put these in the supermarket? (0)

Anonymous Coward | about a year and a half ago | (#42850637)

Actually, most people - namely Asians in general and Chinese in particular - are staying away from sun.

Duh! (2)

kakaburra (2508064) | about a year and a half ago | (#42849857)

What a fucking waste of money

Yep. And more... (0)

Anonymous Coward | about a year and a half ago | (#42849929)

I occasionally fly out of Hartford/Sringfield (BDL) and they used to have these GE bomb sniffers & metal dectors. Which I don't think many would object to - metal detector and just something to sense explosives - that's pretty much all we really need.

Anyway, they were removed for these Rapidscans. I asked the TSA guy while he was feeling me up (I opt out ALWAYS when I see a Rapidscan) about those GE machines and commented how I MUCH prefered them.

He said, "They were a maintenance nightmare. So we got rid of them."

Now the Rapidscans are sitting there doing nothing.

So, while the sheep are so terrified of the extremely unlikely event of another 9/11 (the new cockpit doors eliiminated that threat), we will keep spending money on SHIT produced by companies that are well connected to Congress - maybe GE should have hired Chertoff.

Of course, the sheep will jump in their cars, speed around and tailgate, eat their junk food, and gain ever more weight. And while they are on their deathbeds, dieing form heart disease or from other complications from obesity or carcinogens while their savings are wiped away and collectors come after them for their healthcare bills (insurance never covers it all), they can be rest assured that they did not die a quick death from a terrorist.

Re:Yep. And more... (1)

CohibaVancouver (864662) | about a year and a half ago | (#42850027)

Not only that, they'll pound on their chest about the erosion of their nonsensical 'second amendment' rights, while their truly important rights drift away like so much gossamer...

Re:Yep. And more... (3, Insightful)

Anonymous Coward | about a year and a half ago | (#42850205)

Your truly important rights will disappear in the loss of the rights protected by the 2nd amendment. Don't believe it? What will YOU do when they pass a law that allows them to arrest you for no reason? Oh wait, they already have. OK, what will YOU do when they pass a law that allows them to pass judgement on you and execute you without a trial? Oh... ermm... they did that too.

OK, what will you do when they tell you that you have to worship a religion not of your choosing? Or that you aren't allowed to bitch about what a shitty government we have? Or that you can't say the president is a douchebag?

The whole point to the 2nd Amendment is that it gives the people the ability to defend their unalienable rights if need be. Its not about hunting or sporting clays as our current leadership would have plebs like you believe. Its to give the people the ability to cast down a tyrannical government if ever the need arises.

Re:Yep. And more... (1)

vinehair (1937606) | about a year and a half ago | (#42850407)

Your truly important rights will disappear in the loss of the rights protected by the 2nd amendment. Don't believe it? What will YOU do when they pass a law that allows them to arrest you for no reason? Oh wait, they already have. OK, what will YOU do when they pass a law that allows them to pass judgement on you and execute you without a trial? Oh... ermm... they did that too.

OK, what will you do when they tell you that you have to worship a religion not of your choosing? Or that you aren't allowed to bitch about what a shitty government we have? Or that you can't say the president is a douchebag?

The whole point to the 2nd Amendment is that it gives the people the ability to defend their unalienable rights if need be. Its not about hunting or sporting clays as our current leadership would have plebs like you believe. Its to give the people the ability to cast down a tyrannical government if ever the need arises.

This is what Americans actually believe.

Good luck taking down an armed military with your plinkers, if they actually WANT to get rid of you. Or they could, you know, keep doing the slow-boil that they've been doing for years. That seems to be working pretty well - as you already note yourself. Why fight them when you can just make them agree with you?

Re:Yep. And more... (1)

sjames (1099) | about a year and a half ago | (#42851107)

Don't underestimate small arms. There's a reason the modern army still has an infantry.

Re:Yep. And more... (1)

Fnord666 (889225) | about a year and a half ago | (#42851671)

Good luck taking down an armed military with your plinkers, if they actually WANT to get rid of you. Or they could, you know, keep doing the slow-boil that they've been doing for years. That seems to be working pretty well - as you already note yourself. Why fight them when you can just make them agree with you?

The question becomes whether the members of the US armed forces are actually willing to turn their weapons on their neighbors, coworkers or friends? It's one thing to be deployed to a different country in a distant land against a population that differs from you in ethnicity, beliefs, etc. The brainwashing needed there is fairly low level, of the patriotic sort. To view large groups of people from your own country, your own neighborhood, your own church as a mortal enemy that needs to die takes things to a whole different level.

Re:Yep. And more... (1)

CohibaVancouver (864662) | about a year and a half ago | (#42850471)

The whole point to the 2nd Amendment is that it gives the people the ability to defend their unalienable rights if need be

How?

Re:Yep. And more... (1)

CohibaVancouver (864662) | about a year and a half ago | (#42850549)

American democracy is far more powerful to effect change than that Colt .45 under your pillow ever will be. Why will we see immigration reform in the USA in the next four years? Because Latinos vote. Why has the Republican party gone loony? Because Tea Partiers vote. Why is weed legal in Washington state? Because of the vote. If you want your rights back stop buying guns and start unelecting the people who are taking them away, and make it clear why you are unelecting them.

Re:Yep. And more... (1)

tqk (413719) | about a year and a half ago | (#42851747)

American democracy is far more powerful to effect change than that Colt .45 under your pillow ever will be.

Look back a few decades to the VietNam war. A bunch of peasants armed with AK-47s and Pungi sticks routed two Superpowers (first France, then the USA) armed with tanks, jet fighters, B-52s, Air Cavalry, & etc. Look at the US today. The DHS is terrified of shoe bombers. The FBI is manufacturing plots with willing dupes.

That voting box is looking pretty pathetic these days, and more so every passing day. When your front runners are Obama and Romney, or Clinton and Palin, it's not working.

Re:Yep. And more... (1)

Mitreya (579078) | about a year and a half ago | (#42851675)

OK, what will YOU do when they pass a law that allows them to pass judgement on you and execute you without a trial? Oh... ermm... they did that too.

I don't know if that makes it better or worse -- but they have _not_ passed a law that allows them to execute you without a trial.

What they did, was to write a secret memo that explains why that have that right already. Then they wrote a summary of the secret memo which they just released. They may already be executing people without a trial, but the law allowing this is yet to pass.

Re:Yep. And more... (1)

Teun (17872) | about a year and a half ago | (#42851943)

US government officials have repeatedly told us the dangers of terrists is because they hate the freedom you guys enjoy.

So it's only logic you lower the risk of terrorism by taking away these terrible freedoms.

Re:Yep. And more... (0)

Anonymous Coward | about a year and a half ago | (#42850275)

Today's cliche ridden rant brought to you by the letters F and O.

Re:Yep. And more... (1)

Anonymous Coward | about a year and a half ago | (#42850303)

FYI, calling people "sheep" is the easiest way to cause everyone to ignore what you're saying.

Re:Yep. And more... (1)

ColdWetDog (752185) | about a year and a half ago | (#42850433)

FYI, calling people "sheep" is the easiest way to cause everyone to ignore what you're saying.

Not really, a grammar error will do just fine. The laser-like focus on the misplaced comma will incite a half dozen threads about the Oxford Manual of Style, totally obscuring any point the thread had to make.

What's with the name, dude? (1)

Latent Heat (558884) | about a year and a half ago | (#42849867)

So is it Rapiscan as in "add" or Rapiscan as in "ape"?

Re:What's with the name, dude? (0)

Anonymous Coward | about a year and a half ago | (#42849951)

I believe it's ape, as in "Rapey-scan". They wanted to go with something both memorable and that reflected the intended use, metaphorically speaking. Another success story brought to you by Hot Branding Ltd.

Re:What's with the name, dude? (1)

foobsr (693224) | about a year and a half ago | (#42849987)

So is it Rapiscan as in "add" or Rapiscan as in "ape"?

Think rape.

CC.

Re:What's with the name, dude? (0)

Anonymous Coward | about a year and a half ago | (#42850259)

Stephen Colbert beat you to this joke over a week ago.

Re:What's with the name, dude? (0)

Anonymous Coward | about a year and a half ago | (#42850921)

Stephen Colbert stole this joke from slashdot over a week ago.

FTFY.

Re:What's with the name, dude? (1)

Jmc23 (2353706) | about a year and a half ago | (#42850151)

rapiscan

rapi - scan

rapi(d) - scanner

That would be a pretty logical inference.

Re:What's with the name, dude? (3, Insightful)

mrbester (200927) | about a year and a half ago | (#42850189)

Given its function Rapey-scan is just as valid.

Re:What's with the name, dude? (1)

sjames (1099) | about a year and a half ago | (#42851139)

Yes, rap(e)-i-scan makes a great deal of sense.

Is it cheaper? (0)

c0lo (1497653) | about a year and a half ago | (#42849891)

So, is it just happened the feds have found a cheaper and more efficient way to execute its citizens than by using drones?

(should have tried with cyanide gas first)

Why? (0)

Anonymous Coward | about a year and a half ago | (#42849899)

Has there been some new threat to federal buildings that bypasses already existing metal detectors and x-ray conveyors such that the privacy and health of civil employees and visitors need be compromised? Or, are we trying to make sure the manufacturers' profits stay up?

excellent! (0)

Anonymous Coward | about a year and a half ago | (#42849917)

Put one each doorway in all of the NSA buildings.

Microsoft Kinect Spy System - you were warned! (-1)

Anonymous Coward | about a year and a half ago | (#42849931)

Microsoft Kinect Spy System

THIS ARTICLE IS BEING SCRUBBED FROM THE NET. THE SITE IT WAS ORIGINALLY POSTED TO YANKED THE PLUG ON THEIR WHOLE SITE!!! COPY/PASTE THIS ARTICLE AS MUCH AS POSSIBLE TO DISCUSSION FORUMS, BLOGS, FACEBOOK, TWITTER, AND ARCHIVE AND MIRROR THIS DOCUMENT SO IT DOES NOT VANISH FOREVER!

"So you just got the Kinect/Xbox360 gaming system and you're having fun, hanging out in your underwear, plopped down in your favorite lounge chair, and playing games with your buddies. Yeah, it's great to have a microphone and camera in your game system so you can "Kinect" to your pals while you play, but did you read that Terms of Service Agreement that came with your Kinect thingy? No? Here, let me point out an important part of that service agreement.

        If you accept the agreement, you "expressly authorize and consent to us accessing or disclosing information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft, our partners, or our customers, including the enforcement of our agreements or policies governing your use of the Service; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public."

Did you catch that? Here, let me print the important part in really big letters.

"If you accept the agreement, you expressly authorize and consent to us accessing or disclosing information about you, including the content of your communications⦠on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public."

OK, is that clear enough for ya? When you use the Kinect system, you agree to allow Microsoft (and any branch of law enforcement or government they care to share information with) to use your Kinect system to spy on you. Maybe run that facial recognition software to check you out, listen to your conversations, and keep track of who you are communicating with.

I know this is probably old news to some, but I thought I would mention it because it pertains to almost all of these home game systems that are interactive. You have to remember, the camera and microphone contained in your game system have the ability to be hacked by anyone the game company gives that ability to, and that includes government snoops and law enforcement agents.

Hey, it's MICROSOFT. What did you expect?

And the same concerns apply to all interactive game systems. Just something to think about if you're having a "Naked Wii party" or doing something illegal while you're gaming with your buddies. Or maybe you say something suspicious and it triggers the DHS software to start tracking your every word. Hey, this is not paranoia. It's spelled out for you, right there in that Service Agreement. Read it! Here's one more part of the agreement you should be aware of.

        "You should not expect any level of privacy concerning your use of the live communication features (for example, voice chat, video and communications in live-hosted gameplay sessions) offered through the Service."

Did you catch it that time? YOU SHOULD NOT EXPECT ANY LEVEL OF PRIVACY concerning your voice chat and video features on your Kinect box."

###

"Listen up, you ignorant sheep. Your government is spending more money than ever to spy on its own citizens. That's YOU, my friend. And if you're one of these people who say, "Well I ain't ever done nothing wrong so why should I worry about it?' - you are dead wrong. Our civil liberties are being taken away faster than you can spit. The NSA is working away on its new "First Intelligence Community Comprehensive National Cyber-security Initiative Data Center' to keep track of every last one of us. This thing will be the size of 17 football stadiums. One million square feet, all to be filled with more technology and data storage than you could imagine. And 30,000 spy drones are set to be launched over America which can each stay aloft for about 28 hours, traveling 300 miles per hour. WHY? Why do we want these things in our skies?

The military is now taking a keen interest in the Microsoft Kinect Spy System, the fastest selling electronic device in history. Conveniently self-installed in over 18 million homes, this seemingly innocent game system, armed with facial recognition programming and real-time recording of both sound and video, will be used by our own government to spy on and record us in our own homes.

And it doesn't stop there. Other game systems such as Nintendo's WWII are also being turned into government-controlled spy systems. WHY?

That's the real question. WHY?!!! Why is our own government spending billions and billions of dollars to spy on its own people? To keep us safe? Do you really believe that?"

Microsoft's Kinect System is Watching You
Published on Apr 5, 2012 by TheAlexJonesChannel:

https://www.youtube.com/watch?v=gkYgC-AvPGM [youtube.com]

###

Big Brother alert: Microsoft wants to know how many friends you've got in your living room

- http://blogs.telegraph.co.uk/technology/micwright/100008237/big-brother-alert-microsoft-wants-to-know-how-many-friends-youve-got-in-your-living-room/ [telegraph.co.uk]

By Mic Wright Gadgets Last updated: November 9th, 2012

- http://blogs.telegraph.co.uk/technology/author/micwright/ [telegraph.co.uk]

"One of Microsoft's latest patent applications[1] is a humdinger. It proposes to turn the Kinect camera into a snitch for movie studios, reporting back just how many friends you've got in your living room and what they're watching. Think that sounds alarmist? Here's what it actually says: "The users consuming the content on a display device are monitored so that if the number of user-views licensed is exceeded, remedial action may be taken." It's that blatant â" a system to spy on private viewing habits.

If put into practice, Microsoft's plan could mean that the film you're watching suddenly stops playing if it detects that you've got more people squashed on to the sofa than the licence allows. You'd then be prompted to buy a more expensive licence to keep watching. It's as if Big Brother had built 1984's Telescreen not to monitor the population but to ensure no one was pirating the Two Minutes Hate.

In all likelihood, Microsoft will struggle to actually apply this patent in the real world. While copyright holders would be delighted, customers would be turned off by such a draconian system. But that's what's interesting about this application and patent applications in general: they often reveal what companies would do if they could get away with it. The black and white drawings and blandly technical language can cover immoral, scary and downright evil ideas.

There was an even more striking example from Apple earlier this year[2]. In September, it was granted a patent for "Apparatus and methods for enforcement of policies upon a wireless device", i.e. a system allowing companies or governments to remotely disable mobile phones and tablets in a particular area.

While Apple mentions benign examples such as preventing phone calls from disturbing concerts or ensuring devices are switched off on planes, it also states: "Covert police or government operations may require complete "blackout" conditions." That's exactly the kind of feature certain governments would love to use to suppress pictures and videos. The patent Apple put its stamp on is a handy form of censorship regardless of whether it will ever apply it.

Last year, Google's chairman, Eric Schmidt, said that the company would hold off from creating a facial recognition service because it would be "crossing the creepy line". Still, Google has filed for and been granted extensive patents in the area and, as its Project Glass augmented reality goggles move forward, who knows when the "creepy line" will shift?"

[1] http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220120278904%22.PGNR.&OS=DN/20120278904&RS=DN/20120278904 [uspto.gov]

[2] http://www.zdnet.com/apple-patent-could-remotely-disable-protesters-phone-cameras-7000003640/ [zdnet.com]

(C) Copyright of Telegraph Media Group Limited 2012

###

"People are aware that Windows has bad security but they are underestimating the problem because they are thinking about third parties. What about security against Microsoft? Every non-free program is a âjust trust me program'. âTrust me, we're a big corporation. Big corporations would never mistreat anybody, would we?' Of course they would! They do all the time, that's what they are known for. So basically you mustn't trust a non free programme."

"There are three kinds: those that spy on the user, those that restrict the user, and back doors. Windows has all three. Microsoft can install software changes without asking permission. Flash Player has malicious features, as do most mobile phones."

"Digital handcuffs are the most common malicious features. They restrict what you can do with the data in your own computer. Apple certainly has the digital handcuffs that are the tightest in history. The i-things, well, people found two spy features and Apple says it removed them and there might be more""

From:

Richard Stallman: 'Apple has tightest digital handcuffs in history'
www.newint.org/features/web-exclusive/2012/12/05/richard-stallman-interview/

###

Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware

In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87

How many rootkits does the US[2] use officially or unofficially?

How much of the free but proprietary software in the US spies on you?

Which software would that be?

Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.

How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computer's files on the basis of faith alone?

If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, don't you?

I'm now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:

APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.

Where are the commercial or free anti-malware organizations and individual's products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or 'deleted/junk posts' forum section, someone or a team of individuals will mock you in various forms 'tin foil hat', 'conspiracy nut', and my favorite, 'where is the proof of these infections?' One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed you're using the proprietary Microsoft Windows OS. Now, let's move on to Linux.

The rootkit scanners for Linux are few and poor. If you're lucky, you'll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.

Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they don't call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and I've been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.

Don't let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch the void of the APT malware described above which will survive any wipe of r/w media. I'm convinced, on both *nix and Windows, these pieces of APT malware are government in origin. Maybe not from the US, but most of the 'curious' malware I've come across in poisoned binaries, were written by someone with a good knowledge in English, some, I found, functioned similar to the now well known Flame malware. From my experience, either many forum/mailing list mods and malware developers/defenders are 'on the take', compromised themselves, and/or working for a government entity.

Search enough, and you'll arrive at some lone individuals who cry out their system is compromised and nothing in their attempts can shake it of some 'strange infection'. These posts receive the same behavior as I said above, but often they are lone posts which receive no answer at all, AT ALL! While other posts are quickly and kindly replied to and the 'strange infection' posts are left to age and end up in a lost pile of old threads.

If you're persistent, the usual challenge is to, "prove it or STFU" and if the thread is not attacked or locked/shuffled and you're lucky to reference some actual data, they will usually attack or ridicule you and further drive the discussion away from actual proof of APT infections.

The market is ripe for an ambitious company or individual to begin demanding companies and organizations who release firmware and design hardware to release signed and hashed packages and pour this information into the cloud, so everyone's BIOS is checked, all firmware on routers, NICs, and other devices are checked, and malware identified and knowledge reported and shared openly.

But even this will do nothing to stop backdoored firmware (often on commercial routers and other networked devices of real importance for government use - which again opens the possibility of hackers discovering these backdoors) people continue to use instead of refusing to buy hardware with proprietary firmware/software.

Many people will say, "the only safe computer is the one disconnected from any network, wireless, wired, LAN, internet, intranet" but I have seen and you can search yourself for and read about satellite, RF, temperature, TEMPEST (is it illegal in your part of the world to SHIELD your system against some of these APT attacks, especially TEMPEST? And no, it's not simply a CRT issue), power line and many other attacks which can and do strike computers which have no active network connection, some which have never had any network connection. Some individuals have complained they receive APT attacks throughout their disconnected systems and they are ridiculed and labeled as a nutter. The information exists, some people have gone so far as to scream from the rooftops online about it, but they are nutters who must have some serious problems and this technology with our systems could not be possible.

I believe most modern computer hardware is more powerful than many of us imagine, and a lot of these systems swept from above via satellite and other attacks. Some exploits take advantage of packet radio and some of your proprietary hardware. Some exploits piggyback and unless you really know what you're doing, and even then... you won't notice it.

Back to the Windows users, a lot of them will dismiss any strange activity to, "that's just Windows!" and ignore it or format again and again only to see the same APT infected activity continue. Using older versions of sysinternals, I've observed very bizarre behavior on a few non networked systems, a mysterious chat program running which doesn't exist on the system, all communication methods monitored (bluetooth, your hard/software modems, and more), disk mirroring software running[1], scans running on different but specific file types, command line versions of popular Windows freeware installed on the system rather than the use of the graphical component, and more.

[1] In one anonymous post on pastebin, claiming to be from an intel org, it blasted the group Anonymous, with a bunch of threats and information, including that their systems are all mirrored in some remote location anyway.

[2] Or other government, US used in this case due to the article source and speculation vs. China. This is not to defend China, which is one messed up hell hole on several levels and we all need to push for human rights and freedom for China's people. For other, freer countries, however, the concentration camps exist but you wouldn't notice them, they originate from media, mostly your TV, and you don't even know it. As George Carlin railed about "Our Owners", "nobody seems to notice and nobody seems to care".

[3] http://www.stallman.org/ [stallman.org]

Try this yourself on a wide variety of internet forums and mailing lists, push for malware scanners to scan more than files, but firmware/BIOS. See what happens, I can guarantee it won't be pleasant, especially with APT cases.

So scan away, or blissfully ignore it, but we need more people like RMS[3] in the world. Such individuals tend to be eccentric but their words ring true and clear about electronics and freedom.

I believe we're mostly pwned, whether we would like to admit it or not, blind and pwned, yet fiercely holding to misinformation, often due to lack of self discovery and education, and "nobody seems to notice and nobody seems to care".

(Remotely Attacking Network Cards)
http://theinvisiblethings.blogspot.com/2010/04/remotely-attacking-network-cards-or-why.html [blogspot.com]

(Persistent BIOS Infection)
http://www.phrack.org/issues.html?issue=66&id=7#article [phrack.org]

(BIOS --> Vbootkit code(from CD,PXE etc.) --> MBR --> NT Boot sector --> Windows Boot manager --> Windows Loader --> Vista Kernel)
http://www.securityfocus.com/columnists/442/2 [securityfocus.com]

(The ROMOS project)
http://web.archive.org/web/20100111040625/http://rayer.ic.cz/romos/romose.htm [archive.org]

Secure boot is Microsoft's attempt to maintain computer OS market share as their influences is being stripped away by the likes of Google (Android) and Apple (iOS). With HTML5 on the way, we will have WEB based applications that rival desktop versions, and run on ANY device. The OS is just a layer to get to where the real work gets done, information exchange.

AND the worst part is, secure boot doesn't actually fix the problem it pretends it solves. It can't. This is the whole DRM of DVD's and BluRay all over again. Look at how well that is working out.

DRM is broken by design."
- linux.slashdot.org/comments.pl?sid=2985953&cid=40681007

"Richard Stallman has finally spoken out on this subject. He notes that 'if the user doesn't control the keys, then it's a kind of shackle, and that would be true no matter what system it is.' He says, 'Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot.' Stallman adds that 'this is not a security feature. This is abuse of the users. I think it ought to be illegal.'""
- linux.slashdot.org/story/12/07/17/2326253/richard-stallman-speaks-about-uefi

I'm concerned about new rootkits which target PCI devices, such as the graphics card and the optical drives, also, BIOS. Where are the malware scanners which scan PCI devices and BIOS for mismatches? All firmware, BIOS and on PCI devices should be checksummed and saved to match with others in the cloud, and archived when the computer is first used, backing up signed firmware.

When do you recall seeing signed router firmware upgrades with any type of checksum to check against? Same for PCI devices and optical drives and BIOS.

Some have begun with BIOS security:

http://www.biosbits.org/ [biosbits.org]

Some BIOS has write protection in its configuration, a lot of newer computers don't.

###

CIA Head: We Will Spy On Americans Through Electrical Appliances
Global information surveillance grid being constructed; willing Americans embrace gadgets used to spy on them
http://www.prisonplanet.com/cia-head-we-will-spy-on-americans-through-electrical-appliances.html [prisonplanet.com]

###

Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.
Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information." It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."
- http://www.bbc.co.uk/news/science-environment-20629671 [bbc.co.uk]
- http://cryptogon.com/?p=32789 [cryptogon.com]

###

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"

http://catless.ncl.ac.uk/Risks/19.60.html#subj9 [ncl.ac.uk]

###

"I'd worry about a Tempest virus that polled a personal computer' personal computer' CD-ROM drive"

Yes and the hard drive and in some PC's the cooling fans as well are under CPU control.

You can also do it with PC's where the CPU does not control the fan, but the hardware has a simple thermal sensor to control it's speed. You do this by simply having a process that uses power expensive instructions in tight loops, thus raising the CPU temprature (it's one of the side channels I was considering a long time ago when thinking about how the temp inside the case changed various things including the CPU clock XTAL frequency).

The change in sound side channel is one of the first identified problems with Quantum Key Distribution. Basicaly the bod who came up with the idea whilst first testing the idea could tell the state of "Alice's polarizer" simply by the amount of noise it made...

The CD-ROM motor idea I'd heard befor but could not remember where till I followed your link.

Dr Lloyd Wood has worked with the UK's Surrey Uni, the European Space Agency and Americas NASA and one or two other places as part of his work for Surrey Satellite Technology Ltd. He has been involved with CLEO (Cisco router in Low Earth Orbit) and other work on what's being called "The Space Internet".

Of interest is his work on Delay and Disruption Tolerant Networks (DTN). It's not been said "publicaly" as far as I'm aware but the work has aspects that are important to anonymity networks such as TOR.

You can read more on Dr Wood's DTN work etc at,

Lloyd Wood - Delay-Tolerant Networking work
http://personal.ee.surrey.ac.uk/Personal/L.Wood/dtn/ [surrey.ac.uk]

The UK occupies an odd position in the "Space Race" it is the only nation who having put a satellite into space then stopped further space rocket development (the Black Knight launch platform was considerably safer and more economic than the then US and CCCP systems). The UK has however continued in the Space Game and is perhaps the leading designers of payloads for scientific and industrial satellites (it probably is on military sats as well but nobody who knows for sure is telling ;-)

Clive Robinson
Schneier on Security: Information-Age Law Enforcement Techniques
http://www.schneier.com/blog/archives/2012/12/interesting_win.html#c1049823 [schneier.com]

###

Schneier has covered it before: power line fluctuations (differences on the wire in keys pressed).

Thereâ(TM)s thermal attacks against cpus and temp, also:

ENF (google it)

A treat (ENF Collector in Java):

sourceforge dot net fwdslash projects fwdslash nfienfcollector

No single antimalware scanner exists which offers the ability to scan (mostly proprietary) firmware on AGP/PCI devices (sound cards, graphics cards, usb novelty devices excluding thumb drives), BIOS/CMOS.

If you boot into ultimate boot cd you can use an archane text interface to dump BIOS/CMOS and examine/checksum.

The real attacks which survive disk formats and wipes target your PCI devices and any firmware which may be altered/overwritten with something special. It is not enough to scan your hard drive(s) and thumb drives, the real dangers with teeth infect your hardware devices.

When is the last time you:

Audited your sound card for malware?
Audited your graphics card for malware?
Audited your network card for malware?

Google for:

* AGP and PCI rootkit(s)
* Network card rootkit(s)
* BIOS/CMOS rootkit(s)

Our modern PC hardware is capable of much more than many can imagine.

Do you:

        Know your routerâ(TM)s firmware may easily be replaced on a hackerâ(TM)s whim?
        Shield all cables against leakage and attacks
        Still use an old CRT monitor and beg for TEMPEST attacks?
        Use TEMPEST resistant fonts in all of your applications including your OS?
        Know whether or not your wired keyboard has keypresses encrypted as they pass to your PC from the keyboard?
        Use your PC on the grid and expose yourself to possible keypress attacks?
        Know your network card is VERY exploitable when plugged into the net and attacked by a hard core blackhat or any vicious geek with the know how?
        Sarch out informative papers on these subjects and educate your friends and family about these attacks?
        Contact antimalware companies and urge them to protect against many or all these attacks?

Do you trust your neighbors? Are they all really stupid when it comes to computing or is there a geek or two without a conscience looking to exploit these areas?

The overlooked threat are the potential civilian rogues stationed around you, especially in large apartment blocks who feed on unsecured wifi to do their dirty work.

With the recent news of Russian spies, whether or not this news was real or a psyop, educate yourself on the present threats which all antimalware scanners fail to protect against and remove any smug mask you may wear, be it Linux or OpenBSD, or the proprietary Windows and Mac OS you feel are properly secured and not vulnerable to any outside attacks because you either donâ(TM)t need an antivirus scanner (all are inept to serious attacks) or use one or several (many being proprietary mystery machines sending data to and from your machine for many reasons, one is to share your information with a group or set database to help aid in threats), the threats often come in mysterious ways.

Maybe the ancients had it right: stone tablets and their own unique language(s) rooted in symbolism.

###

âoeDisconnect your PC from the internet and donâ(TM)t add anything you didnâ(TM)t create yourself. It worked for the NOC list machine in Mission Impossibleâ

The room/structure was likely heavily shielded, whereas most civvies donâ(TM)t shield their house and computer rooms. There is more than meets the eye to modern hardware.

Google:

subversion hack:
tagmeme(dot)com/subhack/

network card rootkits and trojans
pci rootkits
packet radio
xmit âoefm fingerprintingâ software
âoespecific emitter identificationâ
forums(dot)qrz(dot)com

how many malware scanners scan bios/cmos and pci/agp cards for malware? zero, even the rootkit scanners. have you checksummed/dumped your bios/cmos and firmware for all your pci/agp devices and usb devices, esp vanity usb devices in and outside the realm of common usb devices (thumbdrives, external hdds, printers),

Unless your computer room is shielded properly, the computers may still be attacked and used, Iâ(TM)ve personally inspected computers with no network connection running mysterious code in the background which task manager for windows and the eqiv for *nix does not find, and this didnâ(TM)t find it all.

Inspect your windows boot partition in *nix with hexdump and look for proxy packages mentioned along with command line burning programs and other oddities. Computers are more vulnerable than most would expect.

You can bet all of the malware scanners today, unless they are developed by some lone indy coder in a remote country, employ whitelisting of certain malware and none of them scan HARDWARE devices apart from the common usb devices.

Your network cards, sound cards, cd/dvd drives, graphics cards, all are capable of carrying malware to survive disk formatting/wiping.

Boot from a Linux live cd and use hexdump to examine your windows (and *nix) boot sectors to potentially discover interesting modifications by an unknown party.

The hum that helps to fight crime (ENF) (-1)

Anonymous Coward | about a year and a half ago | (#42849945)

Archived @:
http://slexy.org/view/s21UWKzafS [slexy.org]
http://hpaste.org/79175 [hpaste.org]
https://paste.debian.net/plain/216145 [debian.net]
======
The hum that helps to fight crime (ENF) Electrical Network Frequency analysis

"For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.

It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air. ...

"The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.

Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.

This buzz is an annoyance for sound engineers trying to make the highest quality recordings. But for forensic experts, it has turned out to be an invaluable tool in the fight against crime.

While the frequency of the electricity supplied by the national grid is about 50Hz, if you look at it over time, you can see minute fluctuations. ...

Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.

Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information."

It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."

- http://www.bbc.co.uk/news/science-environment-20629671 [bbc.co.uk]
- http://cryptogon.com/?p=32789 [cryptogon.com]

#

Met lab claims 'biggest breakthrough since Watergate'
Power lines act as police informers

- http://www.theregister.co.uk/2010/06/01/enf_met_police/ [theregister.co.uk]

#

Noisy, muffled, incoherent recordings are an audio engineerâ(TM)s worst nightmare, but all too often they contain vital evidence in criminal trials. Itâ(TM)s the job of the forensic audio specialist to extract that evidence.

- http://www.soundonsound.com/sos/jan10/articles/forensics.htm [soundonsound.com]

#

(discussion forum) Electrical network frequency analysis, Mains frequency variations detectable in digital audio recordings?

- http://www.hydrogenaudio.org/forums/index.php?showtopic=81346 [hydrogenaudio.org]

#

Met Police use electrical 'hum' to solve crimes

The Metropolitan Police is using the "hum" of background noise produced by mains electricity to help solve crimes, it has been disclosed.

- http://www.telegraph.co.uk/news/uknews/crime/9739037/Met-Police-use-electrical-hum-to-solve-crimes.html [telegraph.co.uk]

#

Related Research
- http://www.ece.umd.edu/~ravig/Research.html [umd.edu]

#

Engineers Use Electrical Hum To Fight Crime

- http://science.slashdot.org/story/12/12/12/1331243/engineers-use-electrical-hum-to-fight-crime [slashdot.org]

#

Howâ(TM)s the 60Hz coming from your wall?

- http://hackaday.com/2012/07/24/hows-the-60hz-coming-from-your-wall/ [hackaday.com]

#

Detecting Edited Audio

- https://www.schneier.com/blog/archives/2012/12/detecting_edite.html [schneier.com]

#

Dating Recordings by Power Line Fluctuations

- https://www.schneier.com/blog/archives/2010/06/dating_recordin.html [schneier.com]

#

NFI ENF Collector (software!)

"This is an ENF collector in java for collecting the variation in frequency in the electric network via the audio card with a AC adapter with the correct voltage. It can assist in forensic research for determining the time of the recording."

- http://sourceforge.net/projects/nfienfcollector/ [sourceforge.net]

#

ENF Extraction From Digital Recordings Using Adaptive Techniques and Frequency Tracking

- https://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6193429 [ieee.org]

#

Electrical network frequency analysis @ Wikipedia.org

"Electrical network frequency (ENF) analysis is a forensic science technique for validating audio recordings by comparing frequency changes in background mains hum in the recording with long-term high-precision historical records of mains frequency changes from a database. In effect the mains hum signal is treated as if it were a time-dependent digital watermark that can help identify when the recording was created, and help detect any edits in the recording. Historical records of main frequency changes are kept on record e.g. by police in the German federal state of Bavaria since 2010.

The technology has been hailed as "the most significant development in audio forensics since Watergate." However, according to a paper by Huijbregtse and Geradts, the ENF technique, although powerful, has significant limitations caused by ambiguity based on fixed frequency offsets during recording, and self-similarity within the mains frequency database, particularly for recordings shorter than 10 minutes.

More recently, researchers demonstrated that the indoor lights such as fluorescent lights and incandescent bulbs vary their light intensity in accordance with the voltage supplied, which in turn depends on the voltage supply frequency. As a result, the light intensity can carry the frequency fluctuation information to the visual sensor recordings in the similar way as the electromagnetic waves from the power transmission lines carry the ENF information to audio sensing mechanisms. Based on this result, researchers demonstrated that visual track from still video taken in an indoor lighting environments also contain ENF traces that can be extracted by estimating the frequency at which ENF will appear in a video as low sampling frequency of video (25â"30 Hz) cause significant aliasing. It was also demonstrated in the same research that the ENF signatures from visual stream and the ENF signature from audio stream in a given video should match. As a result, the matching between the two signals can be used to determine if the audio and visual track was recorded together or superimposed later."

- https://en.wikipedia.org/wiki/Electrical_network_frequency_analysis [wikipedia.org]

#

The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following purposes: research or private study; criticism or review; or reporting current events.

TEMPEST Attacks! LCD Monitor leaks to FRS radio (-1)

Anonymous Coward | about a year and a half ago | (#42849955)

TEMPEST Attacks! LCD Monitor leaks system noise to FRS

This post is one example of why Tor developers should focus on anti-TEMPEST-ing the Tor Browser, in color, fonts, etc.
===
I don't operate any wireless equipment at my living location. This includes computers, computer equipment, routers, non-computer equipment, etc.

I'm having a problem with one of my LCD monitors.

It works without problems. That was until I picked up some heavy static noises from a hand held radio. I eliminated all sources of generating this type of noise until I came towards an LCD monitor. When the monitor is on and there is content on the screen the radio makes several types of garbage(static) sounds. As I manipulate contents on the screen, maximize and minimize windows, open different applications, the radio responds with scratchy(static) noises to match the activity on the screen. This includes typing and mouse movement.

When I switched the desktop background to a solid black color without wallpaper, the radio noise went down to almost nothing. But when I loaded any program with a white background, the noise from the radio exploded in volume.

When I passed the radio across different computer and non-computer electronic devices other than the LCD monitor, the wired mouse made a high pitched squeal sound within the static. None of the other computing devices such as the tower generated any noise.

I tried CRT monitors and separate computers attached to the CRT monitors but they did not generate any noise in the radio. On the computer connected to the net, I unplugged the cable leading to the router to rule this out but it made no difference, the LCD monitor is at fault.

While monitoring the radio noise, there were several instances where the noise on the channel being monitored stopped, and I switched to another channel and the same noise appeared. Why would the noise from the LCD switch channels during normal use of the LCD? Back and forth throughout the day the noise generated by the LCD would switch from one channel to the next and back to the first channel again.

The noise extends several steps within my living location. I'll test this another day to determine if it extends outside my living location and if so by how many feet.

The computer/monitor are grounded and attached to a surge protector. I'm not sure what I need to do to stop this, or if I should ignore it.

I assumed LCDs would be quieter than CRTs when it came to noise.

Unless I have a radio tuned to a specific channel, the LCD does not generate any noise which I can detect, unless it's above my hearing capacity.

The LCD monitor also functions as speakers, and while the sound cable is connected to the tower, I have disabled the onboard sound in my BIOS. The only other connection is the DVI cable to the tower.

How may I decrease this noise or eliminate it? It seems like the LCD is a mini radio station. When I turn it off the noise in the radio stops, if I blacken the screen the noise lessens. When I switch to a colorful background or load white screened applications like a web browser the noise jumps up loudly. I've tried grabbing and moving a browser window around the screen and the movement matches the noises in the radio.

Would any of this be considered normal?
==-
This certainly isn't unheard of, it's because some part of the monitor is unshielded. The more fix-it stuff is at the top of the following, with the technical backdrop that just might be good to know is at the bottom.

Unfortunately, the issue is most likely the panel charging the LCs. The only thing you can do is see if the manufacturer will replace it or upgrade you. Complain to the manufacturer, be sure to come up with some important thing it's interfering with(if I recall some medical devices use some sort of radio).

If the issue is actually internal wiring which is highly unlikely as detailed below, and it isn't in warranty, attempt to shield it yourself. To shield it yourself, you'll need thin foil(not kitchen foil) and electrical tape.

So, in any given monitor, there's 3 main parts. Input, logic, and output. Output, as previously mentioned, can't really be shielded. To shield both of the other sections, all you really need to do is manipulate the wiring to reduce the number of holes in the foil wrap needed to put it all back together. Obviously this will take some trial and error, and time.

USEFUL INFO THAT ISN'T REQUIRED:

Shielding wires can best be thought of as a encasing a wire in a Faraday cage, made of foil. If you want to see an example, Apple's iPod charging cords are all shielded, strip the insulation and see for yourself. This shielding acts doubly, keeping EM noise from messing with the signal, and keeps the signal's own noise from leaving.

WHY IT IS THE CHARGING PANEL AND NOT WIRING:
Because of the specific details you provided( bravo to you, the amount of data provided helped ), I can conclude that the charging panel(the array of electrodes responsible for producing the image) is putting out the interference. Three of your observations prove this.

First, you state the noise ceases completely when the monitor is turned off, which is consistent with it being EM noise.
Second, the noise's perceived pitch changes when the display is manipulated, which is to be expected, as the electrode charges would change as the display changes.
Third, a black screen is "quieter" than a white screen. Black is the lowest charge state, with the only power in use going to the backlight.

As for your questions:
Noise hopping channels isn't unheard of, though I don't know the science behind it. My best guess is that because the noise isn't an intended result of the electricity, small changes in voltage/amperage result in those hops.
(indirect question-ish) The mouse was likely the only other emitter because it has a fairly high density of wires + it emits light.
===-
@W00t:

What 1s the d1fference between - and where may 1 obta1n the non-k1tchen "foil" you ment1oned?

The d1sturbances sound l1ke a bugged env1ronment. The squeal com1ng from one area and/or dev1ce could mean the locat1on of the bug has been found - and 1 know adding a small dev1ce and/or mod1f1cation to a keyboard and/or mouse 1s s1mple enough - espec1ally for a quick 1n and out the door type bugging.

1s there an affordable method of sh1elding the equ1pment while not violating FCC/TEMPEST laws? Would a simple screen d1mmer attached to the monitor bring the no1se down? Or would 1t be best to put out the extra money requ1red by purchas1ng spec1al paint or wallpaper wh1ch blocks RF signals?

Whether or not 1t's a bug, at this point you are broadcast1ng your computer mon1tor and 1ts activ1t1es, down to the keyboard and mouse movements. What 1s the use of using Tor or any other l1ke serv1ce 1f you are pwned over the a1r waves?
====-
You could use kitchen foil, it's just more unwieldy to work with.

Yes, it could be a bug, I was running under the assumption you had no reason to believe you were bugged, and if you did you ran bug sweeps. If you believe you are bugged, you should definitely dismantle things to make sure a bug isn't simply piggybacking on the same power source.

Dimming the screen would reduce noise, but not completely eliminate it.
=====-
Thanks, W00t.

"Dimming the screen would reduce noise, but not completely eliminate it."

I have modified my browser to function with a black background and my choice of text colors and unchecked the option for all pages to use their own colors, so every page I visit is black with my choice of font/links colors. I'll rescan to determine if this lessens the noise. It's ugly, but tolerable. Coupled with a black theme for the desktop, including the background and system wide applications should also help - including disabling images in the browser.

You mentioned foil. I'm not an electrician, but wouldn't wrapping cords with foil and finishing the job off with a layer of strong black tape possibly conduct electricity? Are you suggesting I cover all wires leading to the computer(s) using this method? Wouldn't they each require special grounding? How many repeating layers of this and/or other material is needed? Have you tried "conductive tubing?"

While I want to shield enough to block noisy RF, I don't want to create a microwave type scenario where RF is contained but it still remains and is possibly amplified so as to add to the degeneration of my health, if that's possible.

1. Ferrite beads
2. Split beads
3. Toroids

CONDUCTIVE TUBING & FERRITE SNAP BEAD
http://www.lessemf.com/wiring.html [lessemf.com]

https://en.wikipedia.org/wiki/Electromagnetic_interference [wikipedia.org]
https://en.wikipedia.org/wiki/Electromagnetic_radiation_and_health [wikipedia.org]
https://en.wikipedia.org/wiki/Electromagnetic_shielding [wikipedia.org]
https://en.wikipedia.org/wiki/EMF_measurement [wikipedia.org]

I could try some or all of the three options above in addition to your advice? TY
===-
Anyways this reminding me of Van Eck phreaking look it up, some pretty interesting stuff.

Yep, had the same thought.

Countermeasures are detailed in the article on TEMPEST, the NSA's standard on spy-proofing digital equipment. One countermeasure involves shielding the equipment to minimize electromagnetic emissions. Another method, specifically for video information, scrambles the signals such that the image is perceptually undisturbed, but the emissions are harder to reverse engineer into images. Examples of this include low pass filtering fonts and randomizing the least significant bit of the video data information.
====-
can someone please point me to techie LCD monitor internal guides? If I'm going to take it apart I'd like to know what to expect. I've read more about Van Eck and Tempest than anyone can teach me here. Now I'm looking for LCD guides of what's inside.
===-
To be honest, its not the whats inside the LCD monitor you should be worrying about if you want to phreak LCD's . You should be worry more about the RF side of things, and figuring out the spread spectrum clock signal so you can pick up the signal. Top if off background noise is going to be bitch when it comes to LCD. Old CRT monitors are way easier to phreak those thing throw off EM radiation like nobody business.
===-
The noise coming from the LCD monitor is appearing on FRS channels:

- https://en.wikipedia.org/wiki/Family_Radio_Service [wikipedia.org]

It continues for several minutes before it jumps to another channel then after a few minutes jumps back to the original channel. One of my concerns is the ability for others to pluck this noise from the air (Van Eck/TEMPEST) and monitor my activity, or possibly use an attack against the computer somehow. A recent UN report mentioned a high tech method(s):

* U.N. report reveals secret law enforcement techniques

"Point 201: Mentions a new covert communications technique using software defined high frequency radio receivers routed through the computer creating no logs, using no central server and extremely difficult for law enforcement to intercept."

- http://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf [unodc.org]
- http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques/ [hacker10.com]

In addition, I don't want my LCD monitor constantly sending monitor and/or system activity to a FRS channel(s) for others to hear. I choose wired over wireless for a reason, and there shouldn't be any noise coming from my LCD monitor and appearing over FRS, unless there is a bug or problem with the monitor. All of my
CRT systems are silent on FRS.

When I position the radio near different components, the power supply doesn't emit any noise on FRS, but it could be a problem, I don't know, I'll move to that once I resolve the LCD monitor problem, unless the PSU is the problem and not the monitor.

I may take apart the LCD monitor, I'm looking for a good list of what I'll find if I do.

I peered inside the vents on the top/back left hand side with a strong flashlight and came across a strange piece of silver tape inside, here's how I describe it:

OOGGGGGGGGGGGGGGG__

OO = a small thin black material coming out from underneath the silver piece of tape
GG = the strip of silver tape
__ = the bottom right hand portion of the silver tape is raised enough to allow a pinky finger entry

The silver tape/material/opening under tape is on the top left corner inside the monitor. The rest of the length and area inside that I can see contain no tape or black material. I've seen photos of planted bugs in people's living spaces and most if not all of the invasive ones are wrapped/covered in silver foil. I've found no other reason for that strip and material to be there, but what do I know.
=====
In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

http://catless.ncl.ac.uk/Risks/19.60.html#subj9 [ncl.ac.uk]

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"
===-
"I'd worry about a Tempest virus that polled a personal computer' personal computer' CD-ROM drive"

Yes and the hard drive and in some PC's the cooling fans as well are under CPU control.

You can also do it with PC's where the CPU does not control the fan, but the hardware has a simple thermal sensor to control it's speed. You do this by simply having a process that uses power expensive instructions in tight loops, thus raising the CPU temprature (it's one of the side channels I was considering a long time ago when thinking about how the temp inside the case changed various things including the CPU clock XTAL frequency).

The change in sound side channel is one of the first identified problems with Quantum Key Distribution. Basicaly the bod who came up with the idea whilst first testing the idea could tell the state of "Alice's polarizer" simply by the amount of noise it made...

The CD-ROM motor idea I'd heard befor but could not remember where till I followed your link.

Dr Lloyd Wood has worked with the UK's Surrey Uni, the European Space Agency and Americas NASA and one or two other places as part of his work for Surrey Satellite Technology Ltd. He has been involved with CLEO (Cisco router in Low Earth Orbit) and other work on what's being called "The Space Internet".

Of interest is his work on Delay and Disruption Tolerant Networks (DTN). It's not been said "publicaly" as far as I'm aware but the work has aspects that are important to anonymity networks such as TOR.

You can read more on Dr Wood's DTN work etc at,

http://personal.ee.surrey.ac.uk/Personal/L.Wood/dtn/ [surrey.ac.uk]

The UK occupies an odd position in the "Space Race" it is the only nation who having put a satellite into space then stopped further space rocket development (the Black Knight launch platform was considerably safer and more economic than the then US and CCCP systems). The UK has however continued in the Space Game and is perhaps the leading designers of payloads for scientific and industrial satellites (it probably is on military sats as well but nobody who knows for sure is telling ;-)

Clive Robinson
http://www.schneier.com/blog/archives/2012/12/interesting_win.html#c1049823 [schneier.com]
===-
I don't think there should be anymore blinking if you remove the CD/DVD inside.
If it keeps blinking, find out which process uses it.
Anyway, you can disable it when you're not using it, if it's bothering you.

And shield your monitor.
http://en.wikipedia.org/wiki/Electromagnetic_shielding [wikipedia.org]
====-
"I don't think there should be anymore blinking if you remove the CD/DVD inside."

Does Tails support this at boot?

If not, is there a Linux LiveCD which allows this and does not give you root access at boot?

I've looked at several different distributions which allow you to boot into RAM and remove the CD, but they all give you root and that's a very insecure environment to run TBB in!

"If it keeps blinking, find out which process uses it."

It doesn't blink on the several distros which boot into RAM, but I don't want to run Tor as root or reconfigure the permissions/PAM/etc. just to use TBB. As above, with Tails and many LiveCDs which don't boot into RAM, 99% of them have this blinking light issue. The actual INSTALLS I've done to HDD experience constant light activity too, even more so, without anything to explain them.

For Linux, I've ran rkhunter, chkrootkit, tiger, and other tools and nothing malicious is found. Without a deep binary analysis I don't know what else I could do.

For Windows, I use a few programs in the SysInternals Suite and they display strange usage on the system and reference programs which cannot be found with a search on the system, references to impersonation, spoofing, and more. I've ran almost every N.American scanner on the Windows systems, including command line only rootkit detectors and I've seen some strange 'strings' of binaries mentioned, but have no idea on how to clean the system.

I prefer to run LiveCDs because all installations, Windows and Linux, contain unexplainable frenzies of blinking lights, far worse than the blink every second on most LiveCDs. I'm wondering if this is firmware malware on my NIC or the CDROM itself. This has existed for years and never goes away, no matter what system I use, this strange baggage seems to re-infect everything.

"Anyway, you can disable it when you're not using it, if it's bothering you."

Disable what?

"And shield your monitor."

Thanks. I'm investigating and most of the guides require specific addons to the computer's cabling system. Most of the guides appear incomplete, or are in another language other than English.

Any comments on the Tempest/blinking light possibility?

Any comments on why it's spewing out noise to FRS stations and freq hopping?
===-
More comments from elsewhere:

@kb2vxa:

"You're making a mountain out of a mole hill."

I respect your opinion and I don't wish to argue against it, but please look at it from the way I and some others have. I want to eliminate the noise created by the LCD monitor. If this was such a common experience, I would expect at least one of the dozens of other electronic equipment to generate some noise, however faint, on FRS - but they do not.

"You are under the wrong impression that somehow RF hash from the back light can somehow carry data. A liquid crystal display (LCD) does not generate its own light like a CRT or plasma screen and requires a light source to make the display visible. Even those that do cannot transmit computer data being none reaches the monitor."

The LCD is connected to a tower, which other devices connect to. Under testing I've heard the CDROM drive accessing data noises within the FRS channels, along with mouse movements and keyboard activity, along with other noises. When I disable the LCD monitor, all of these disturbances vanish. This means the weakness is in the monitor, and my tower is well shielded or shielded enough so as not to generate any noise in radios I can notice. The reference I made to the strange tape and material within the back side of the LCD monitor at the top could be a sign of some type of antenna or device for amping.

"Their FRS radios will only hear what yours does, RF hash, no data whatsoever THAT IS if one is standing outside your house tapping the radio and scratching his head wondering what's the matter with his radio. You and only you know what it is and where it's coming from."

And what of experienced and curious sysadmins? Rogue crackers? Bored HAMs?
Are there any remote radio injection attacks against systems? This is something I'll research later, as I do believe it was mentioned in at least one whitepaper on side channel attacks.

"Thanks for the chuckles, if the report reveals secrets it would not be published but sent by secret courier to the KGB in Moscow."

I'm not aware of any secrets revealed within the document. But it did raise an interesting point without exposing the method(s) delivered to us from an interesting party. This wasn't just some random article written by some anonymous, disturbed fellow and posted to a pastebin or conspiracy minded blog or forum. And one cannot deny the dozens of TEMPEST attacks available today.

"So... all this and no word on moving the radio farther from the monitor. Why don't you try talking somewhere besides in front of the computer if it bothers you so much?"

Thank you for considering conversation as my reason for posting this, but it is not. I would not choose a noisy channel to talk on. Clear conversation is not the point of this thread. I desire the elimination of this garbage coming from the LCD monitor. I don't care if no one in the world can pick up on it and hear it, I would like to properly resolve it and not ignore it.

One can also dredge up the subject of EMF on health, too, but I have not experienced any disturbance of health from exposure to this noise and most people would argue any possible EMF effects on health to be one of one's over active imagination and not real world application.

[-]

A continued discussion was posted elsewhere, this may be useful in the voyage to remove this "noise":

[-]

In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

[-]

http://catless.ncl.ac.uk/Risks/19.60.html#subj9 [ncl.ac.uk]

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"

[-]

Any comments on the silver tape and material inside the back of the LCD? ...Disconnection of the LED CDROM and HDD lights could be something I should do to relieve one possible issue.

[-]

Some articles with examples:

"If everything is just right, you can pick up signals from some distance. "I was able to eavesdrop certain laptops through three walls," says Kuhn. "At the CEBIT conference, in 2006, I was able to see the Powerpoint presentation from a stand 25 metres away."

uhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximise the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.

As for defending against this kind of attack, Kuhn says using well-shielded cables, certain combinations of colours and making everything a little fuzzy all work."

- http://www.newscientist.com/blog/technology/2007/04/seeing-through-walls.html [newscientist.com]

=!==-!=
TO EASILY VIEW THE PDF files below:
=!==-!=

Online viewer for PDF, PostScript and Word:

"This is an online viewer, with which you can view PDF and PostScript files as browsable images and Word documents as web pages. Given a URL on the net or a file on your computer, the viewer will try to retrieve the document, convert it and show it to you. No plugin software is required."

http://view.samurajdata.se/ [samurajdata.se]

The viewer software is open source, licensed under the GNU Public License.
=!==-!=

Electromagnetic eavesdropping risks of flat-panel displays
http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf [cam.ac.uk]

=

Eavesdropping attacks on computer displays
- http://www.cl.cam.ac.uk/~mgk25/iss2006-tempest.pdf [cam.ac.uk]

=

Compromising emanations: eavesdropping risks of computer displays
- http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.html [cam.ac.uk]
- http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.pdf [cam.ac.uk]

=

Compromising emanations of LCD TV sets
- http://www.cl.cam.ac.uk/~mgk25/emc2011-tv.pdf [cam.ac.uk]

=

"Q: Can I use filtered fonts also on flat-panel displays

My experience so far has been that with LCDs, the video cable is the most significant source of radiated information leakage. Where an analogue video cable (with 15-pin VGA connector) is used, low-pass filtered fonts have the same benefits as with CRTs. Where a purely digital video cable is used (DVI-D, laptop-internal displays with FPD/LVDS links, etc.) only the last step, namely randomizing the least-significant bits, should be implemented.

Where the video signal is entirely encoded in digital form, the low-pass filtered step will not have the desired effect. In fact, it can actually increase the differences between the signal generated by individual characters, and thereby make automatic radio character recognition more reliable."

- http://www.cl.cam.ac.uk/~mgk25/emsec/softtempest-faq.html [cam.ac.uk]

=

Remotely Eavesdropping on Keyboards (and read the comments!)

"The researchers from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne are able to capture keystrokes by monitoring the electromagnetic radiation of PS/2, universal serial bus, or laptop keyboards. They've outline four separate attack methods, some that work at a distance of as much as 65 feet from the target.

In one video demonstration, researchers Martin Vuagnoux and Sylvain Pasini sniff out the the keystrokes typed into a standard keyboard using a large antenna that's about 20 to 30 feet away in an adjacent room."

- https://www.schneier.com/blog/archives/2008/10/remotely_eavesd.html [schneier.com]

=

Video eavesdropping demo at CeBIT 2006
- http://www.lightbluetouchpaper.org/2006/03/09/video-eavesdropping-demo-at-cebit-2006/ [lightbluetouchpaper.org]

=

Optical Emission Security â" Frequently Asked Questions

"Q: What about LEDs?

For devices with RS-232 serial ports, it is customary to provide a status indicator LED for some of the signal lines (in particular transmit data and receive data). Often, these LEDs are directly connected to the line via just a resistor. As a result, anyone with a line of sight to the LED, some optics and a simple photosensor can see the data stream. Joe Loughry and David A. Umphress have recently announced a detailed study (submitted to ACM Transactions on Information and System Security) in which they tested 39 communications devices with 164 LED indicators, and on 14 of the tested devices they found serial port data in the LED light. Based on their findings, it seems reasonable to conclude that LEDs for RS-232 ports are most likely carrying the data signal today, whereas LEDs on high-speed data links (LANs, harddisk) do not. Even these LEDs are still available as a covert channel for malicious software that actively tries to transmit data optically.

I expect that this paper will cause a number of modem manufacturers to add a little pulse stretcher (monostable multivibrator) to the LEDs in the next chip set revision, and that at some facilities with particular security concerns, the relevant LEDs will be removed or covered with black tape.

The data traffic on LEDs is not a periodic signal, and therefore, unlike with video signals, periodic averaging cannot be used to improve the signal-to-noise ratio. The shot-noise limit estimation technique that I used to estimate the CRT eavesdropping risk can even more easily (because no deconvolution is needed) also be applied to serial port indicators and allows us to estimate a lower bound for the bit-error rate at a given distance. I have performed a few example calculations and concluded that with a direct line of sight, and a 100 kbit/s signal (typical for an external telephone modem), at 500 m distance it should be no problem to acquire a reliable signal (one wrong bit every 10 megabit), whereas for indirect reflection from the wall of a dark room, a somewhat more noisy signal (at least one wrong bit per 10 kilobit) can be expected to be receivable in a few tens of meters distance.

- http://www.cl.cam.ac.uk/~mgk25/emsec/optical-faq.html [cam.ac.uk]

=

Ancient Story on Slashdot: Coming to a Desktop near you: Tempest Capabilities

"New Scientist has an interesting article about a new toy we will all want. It's a card that plugs in one of your PCI slots and allows you to scan the EMF spectrum and read your neighbours terminal. In about 5 years you might be able to get one for just under £1000. (Modern Tempest Hardware costs about £30000) "

http://www.yro.slashdot.org/story/99/11/08/093250/coming-to-a-desktop-near-you-tempest-capabilities [slashdot.org]

=

"Any unshielded electrical device with a variable current (including LCDs) will give out EMF radiation. It's the nature of the beast.

For that matter, light is EMF radiation, so unless you have your LCD in a coal-mine, it's reflecting EMF all the time it's switched on.

Then, there's the fact that screen monitoring isn't the only monitoring you can do. I used to use a radio, tuned into the bus for the PET, as a sound card. Worked surprisingly well, for all that very clunky metal shielding. What's to stop a much higher-quality receiver from seeing the data, in an unshielded box, being sent TO the LCD, or to any other device on the machine?

It's a mistake to assume that Tempest technology is single-function and that that single-function only works in a single situation."

- http://slashdot.org/comments.pl?sid=2333&cid=1553178 [slashdot.org]

=

800Mbps Wireless Network Made With LED Light Bulbs
- http://science.slashdot.org/story/11/08/02/1322201/800Mbps-Wireless-Network-Made-With-LED-Light-Bulbs [slashdot.org]

=

There are a lot of other files, many in PPT format, which can be found easily on this subject of LCD monitor (and other computing devices) TEMPEST sniffing.

===

Sources for this discussion:

- http://forums.radioreference.com/computer/255488-lcd-monitor-broadcasts-noise-radio-why.html [radioreference.com]
- http://clsvtzwzdgzkjda7.onion/viewtopic.php?f=9&t=10919 [clsvtzwzdgzkjda7.onion] .onion link above requires a running Tor client session in order to view. (https://www.torproject.org)

This on-going discussion backed up to Pastebin(s) in order to retain it as an artifact. Many of these
types of discussions are REMOVED from the net because of the nature of the discussion (TEMPEST).

50 Million Potentially Vulnerable to UPnP Flaws (-1)

Anonymous Coward | about a year and a half ago | (#42849967)

50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads

###

Multi-Article Document:

Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws

###

Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/ [google.com]

###

COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.

###

This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):

http://hpaste.org/81561 [hpaste.org] (RAW: http://hpaste.org/raw/81561 [hpaste.org] )
http://kpaste.net/66c9a3 [kpaste.net]
http://oxynux.org/pastebin/n3rae9-1874 [oxynux.org]
http://pastebin.com/XHkXHfuF [pastebin.com] (RAW: http://pastebin.com/raw.php?i=XHkXHfuF [pastebin.com] )
http://paste.blixt.org/9819498 [blixt.org]
http://paste.lisp.org/display/135035 [lisp.org] (RAW: http://paste.lisp.org/display/135035/raw [lisp.org] )
http://paste.yt/p2605.html [paste.yt] (RAW: http://paste.yt/P2605.txt [paste.yt] )
http://slexy.org/view/s2r3Si2W3C [slexy.org]
https://paste.debian.net/230670/ [debian.net]
http://www.inetpro.org/pastebin/11699 [inetpro.org] (RAW: http://www.inetpro.org/pastebin/11699/view/raw [inetpro.org] )

###

(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws

by Brian Donohue | January 29, 2013, 1:15PM

https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913 [threatpost.com]

"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.

A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.

Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to the report.

Rapid7 claims that the UPnP protocol has suffered from a number of security problems over the last decade or so. Despite rarely implemented authentication mechanisms, the presence of privileged capabilities on questionable networks, and common programming flaws, Rapid7 decided to focus its research on three classes of problems: programming flaws in common UPnP SSDP implementations that can be exploited to crash the service and execute arbitrary code; exposure of the UPnP control interface that exposes private networks to attacks from the Internet; and programming flaws in the UPnP HTTP and SOAP implementations that can be exploited to crash the service and execute arbitrary code.

"This research was primarily focused on vulnerabilities in the SSDP processor across embedded devices," Rapid7' CSO HD Moore elaborated via email. "The general process was to identify what was out there, make a list of the most commonly used software stacks, and then audit those stacks for vulnerabilities. The results were much worse than we anticipated, with the most commonly used software stack (libupnp) also being the most vulnerable."

According to Moore, the two most commonly implemented UPnP software libraries both contain remotely exploitable vulnerabilities. More than 73 percent of systems uncovered by SSDP were derived from just four development kits: Portable SDK for UPnP Devices; MiniUPnP; a commercial stack likely developed by Broadcom; and one other kit whose developer could not be determined. The most current version of Portable UPnP SDK--at the time the research was conducted--accounted for the previously mentioned 23 million IPs that are vulnerable to remote code execution through a single user datagram protocol packet.

Most Portable UPnP SDK devices are not running on the latest version of the software. Researchers determined that the users running older versions of Portable UPnP SDK could be compromised by no fewer than eight remotely exploitable flaws.

The latest version MiniUPnP (1.1) fixed a remotely exploitable stack overflow in the SOAP handler from its earlier version (1.0), but the SSDP determined that more than 14 percent of MiniUPnP users have yet to update and that 330 separate products remain vulnerable. The MiniUPnP library was also vulnerable to a parsing flaw in the SSDP handler that has since been patched.

UPnP is, according to Rapid 7, a protocol standard, often enabled by default, that allows computers and various other network connected devices to communicate with one another and simplifies the discovery and control of network devices. Devices with UPnP enabled by default include smart TVs, IP cameras, printers, media servers and routers to name a few. It is enabled by default on Mac OS X, Microsoft Windows, and a number of Linux distros. Different devices have different capabilities but some common functions include incoming port mapping on home routers, identification of network printers, and managing media services.

Rapid7 is encouraging that users disable UPnP on all Internet facing systems and replace any systems that do not offer the ability to disable the protocol. Some of these vulnerabilities, such as the Portable UPnP SDK and MiniUPnP, have been patched, but as Moore notes, it takes time for the various device makers and application developers to implement the patch into their products. In the meantime, users will remain vulnerable. He also explains that a number of products are âoeno longer shipping,â meaning that users of that equipment will not receive patches and will remain vulnerable until they remove or replace the products in question.

Rapid7â(TM)s ScanNow tool tocan be used check whether systems are vulnerable.

In the white paper, Rapid7 goes on to make a number of recommendations to Internet service providers, businesses, and home and mobile users that may be vulnerable as well providing in depth analysis of the specific vulnerabilities themselves."

https://threatpost.com/sites/default/files/upnp.jpg [threatpost.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]
http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]
https://community.rapid7.com/docs/DOC-2150 [rapid7.com]

###

(Part 2): Security Flaws in Universal Plug and Play: Unplug, Don't Play

by HD Moore in Information Security | Jan 29, 2013 1:05:19 AM

https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]

"This morning we released a whitepaper entitled Security Flaws in Universal Plug and Play. This paper is the result of a research project spanning the second half of 2012 that measured the global exposure of UPnP-enabled network devices. The results were shocking to the say the least. Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks outlined in this paper. The two most commonly used UPnP software libraries both contained remotely exploitable vulnerabilities. In the case of the Portable UPnP SDK, over 23 million IPs are vulnerable to remote code execution through a single UDP packet. All told, we were able to identify over 6,900 product versions that were vulnerable through UPnP. This list encompasses over 1,500 vendors and only took into account devices that exposed the UPnP SOAP service to the internet, a serious vulnerability in of itself.

The vulnerabilities we identified in the Portable UPnP SDK have been fixed as of version 1.6.18 (released today), but it will take a long time before each of the application and device vendors incorporate this patch into their products. In most cases, network equipment that is "no longer shipping" will not be updated at all, exposing these users to remote compromise until UPnP is disabled or the product is swapped for something new. The flaws identified in the MiniUPnP software were fixed over two years ago, yet over 330 products are still using older versions.

For the reasons outlined above, we strongly suggest that end users, companies, and ISPs take immediate action to identify and disable any internet-exposed UPnP endpoints in their environments. UPnP is pervasive - it is enabled by default on many home gateways, nearly all network printers, and devices ranging from IP cameras to network storage servers.

To this end, we have provided ScanNow UPnP, a free tool that can identify exposed UPnP endpoints in your network and flag which of those may remotely exploitable through recently discovered vulnerabilities. A screenshot of this tool in action in the lower right.

If you are accessing the internet from your home network, we now offer an alternative to ScanNow and Metasploit. The Rapid7 UPnP Check is a one-click security scan for broadband and mobile users. If you are concerned about the security of your non-technical friends and family, this is a quick way for them to check their home router for UPnP vulnerabilities. The main difference between this service and ScanNow is that the UPnP Check will run a scan from the internet and can only check the external interface of your router.

Although ScanNow only supports Microsoft Windows, users of Mac OS X and Linux can accomplish the same task using Metasploit. To use the latest module,which includes vulnerability reporting for the recently disclosed vulnerabilities, make sure you have the most current update applied.

Using this module within Metasploit's web interface is simple. Create a new project and access the Modules tab. In the search bar, enter "ssdp_msearch", then select the module named UPnP SSDP M-SEARCH Information Discovery. Enter the network range you want to scan and Metasploit will take care of the rest. The module will run in the background and the Analysis tab will be updated with hosts and vulnerabilities as they are found.

Image: https://community.rapid7.com/servlet/JiveServlet/showImage/38-6031-2749/scannow.png [rapid7.com]

To accomplish the same task using the command-line, first open the Metasploit console.

$ msfconsole
msf>

From the msf prompt, enter the following commands, substituting your own network for RHOSTS

msf > use auxiliary/scanner/upnp/ssdp_msearch
msf auxiliary(ssdp_msearch) > set RHOSTS 192.168.0.0/24
msf auxiliary(ssdp_msearch) > run

Any devices supporting UPnP should appear, with specific CVEs listed for those that have at least one exploitable vulnerability.

[*] 192.168.0.9:1900 SSDP Net-OS 5.xx UPnP/1.0 | http://192.168.0.9:3278/etc/linuxigd/gatedesc.xml [192.168.0.9]

[+] 192.168.0.254:1900 SSDP miniupnpd/1.0 UPnP/1.0 | vulns:2 (CVE-2013-0229, CVE-2013-0230)

If you are interested in hearing more about these issues, I will be hosting a one-hour webcast on February 4th at 3:00pm EST. You can also leave comments on this post.

-HD"

https://community.rapid7.com/docs/DOC-2150 [rapid7.com]
http://pupnp.sourceforge.net/ [sourceforge.net]
http://miniupnp.free.fr/ [miniupnp.free.fr]
http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]
http://upnp-check.rapid7.com/ [rapid7.com]
http://information.rapid7.com/Webcast-UPnP-Registration.html?LS=1677495%20&CS=blog [rapid7.com]

Tags: metasploit, device, vulnerability, webcast, upnp

###

(Part 3): Router Scan: Universal Plug and Play - Router Security Check

http://upnp-check.rapid7.com/ [rapid7.com]

"Universal Plug and Play (UPnP) is a protocol standard that allows easy communication between computers and network-enabled devices. This protocol is enabled by default on millions of systems, including routers, printers, media servers, IP cameras, smart TVs, home automation systems, and network storage servers.

Recent research from Rapid7 revealed that at least 40-50 million of these devices are at risk due to security flaws in the UPnP protocol. These issues potentially expose millions of users to remote attacks that could result in the theft of sensitive information or further assaults on connected machines such as personal computers.

This service can test your router and determine whether it is vulnerable to attack. Clicking the Scan My Router button below will start the test. To learn more about UPnP vulnerabilities, please see this blog post.

This service is only suitable for identifying whether your UPnP is exposed to the internet. To check for internal exposure, we recommend downloading the free ScanNow for UPnP tool. We particularly recommend this for business users."

https://community.rapid7.com/docs/DOC-2150 [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play#comment-3596 [rapid7.com]
http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]

Scan My Router: http://upnp-check.rapid7.com/scan [rapid7.com]
Download ScanNow: http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]
FAQ: http://upnp-check.rapid7.com/faq [rapid7.com]

###

(Part 4): ScanNow for Universal Plug and Play (UPnP) | For Windows | Download

https://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]

"The free scanner checks whether your network-enabled devices might be vulnerable to attack through the UPnP protocol.

Recent research from Rapid7 revealed that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. Three groups of security flaws in the protocol are exposing millions of users to remote attacks that could result in the theft of sensitive information or other criminal activity such as spying.

Use our free ScanNow tool today to find out if you might be one of the millions of users at risk through these vulnerabilities and what steps you can take to reduce risk."

https://community.rapid7.com/docs/DOC-2150 [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]

[Download For Windows] http://downloads.metasploit.com/data/releases/ScanNowUPnP.exe [metasploit.com]

###

(Part 5): PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.

by HD Moore | Jan 29, 2013 1:41 AM
last modified by HD Moore on Jan 29, 2013 1:42 AM

https://community.rapid7.com/docs/DOC-2150 [rapid7.com]

"This whitepaper details research conducted by Rapid7, which reveals that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. The paper investigates how three groups of security flaws relating to the UPnP protocol are exposing millions of users to attacks that could lead to a remote compromise of the vulnerable device.

We strongly recommend people to check whether they may be vulnerable, and if so, disable the UPnP protocol in any affected devices. Further details on mitigation strategies are included in the executive summary section at the front of the attached whitepaper. The document also includes details on the methodology of the research, breakdown and analysis of the findings and insights into the implications.

If you have any feedback or questions on this topic, please do share them
either below or on HD Moore's blog post on it."

[PDF] https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]

[View PDF Online]: http://view.samurajdata.se/ [samurajdata.se]

Tags: vulnerability, upnp, routers, isps, universal-plug-and-play, internet-service-providers, libupnp, miniupnpd

###

(Part 6): Millions of devices vulnerable via UPnP

djwm@h-online.com (djwm) | 30 January 2013, 11:28

http://h-online.com/-1794032 [h-online.com]
http://www.h-online.com/security/news/item/Millions-of-devices-vulnerable-via-UPnP-1794032.html [h-online.com]

"UPnP security During an IP scan of all possible IPv4 addresses, Rapid7, the security firm that is known for the Metasploit attack framework, has discovered 40 to 50 million network devices that can potentially be compromised remotely with a single data packet. The company says that remote attackers can potentially inject code into these devices, and that this may, for example, enable them to gain unauthorised access to a user's local network.

All kinds of network-enabled devices including routers, IP cameras, NAS devices, printers, TV sets and media servers are affected. They all have several things in common: they support the Universal Plug and Play network protocol, respond to UPnP requests from the internet, and use a vulnerable UPnP library to do so.

Rapid7's Chief Security Officer HD Moore said that, when scanning the IPv4 addresses, 81 million IPs had responded to UPnP discovery requests. This is already most peculiar in itself, as UPnP is only supposed to play a role within local networks. The protocol enables network devices to find each other and, for example, exchange instructions. Discovery requests are usually broadcast, and UPnP-enabled devices in a network then respond to them. It appears that manufacturers didn't allow for the possibility that such packets could arrive as unicasts from the internet.

It became apparent that in 73 per cent of cases, the manufacturers of the responding devices had implemented the UPnP features using one of four development kits, with most of them using Intel's libupnp or MiniUPnP. The security company examined the source code of these two tools and found eight vulnerabilities â" including seven buffer overflows â" in the most widely used version of libupnp alone. Three of the holes still exist in version 1.6.17, which was current up until Tuesday. The vulnerabilities can be found in the SSDP parser's unique_service_name() function. To inject arbitrary code into the vulnerable devices, all a potential attacker needs to do is send a UDP packet in the following way:

M-SEARCH * HTTP/1.1
Host:239.255.255.250:1900
ST:uuid:schemas:device:AAAA[â¦]AAAA:anything
Man:"ssdp:discover"
MX:3

The size of the network packet must not exceed 2,500 bytes, which should provide enough scope to inject a lean malicious program. In the obsolete (and still most widely-used) version 1.0 of MiniUPnP, the experts discovered two vulnerabilities that can be exploited to cripple affected devices (Denial of Service).

Rapid7 identified more than 6,900 vulnerable product versions by more than 1,500 vendors including D-Link, Fujitsu, Huawei, Logitech, Netgear, Siemens, Sony, TP-Link, Zyxel and many others. Although the vulnerabilities have been fixed in the current versions of the UPnP libraries â" the updated version 1.2 of MiniUPnP is already two years old â" most of the vulnerable devices are unlikely to be made safe any time soon. Many of them are probably long out of production and are no longer supported by their manufacturers.

The US-CERT has also released a vulnerability note concerning this threat and said that it has attempted to notify more than 200 affected vendors. The CERT recommends that the affected libraries should be updated â" which most customers can't do themselves. Alternatively, the US-CERT said that users should implement firewall rules to block UDP port 1900 or, if possible, disable the UPnP feature. Disabling UPnP is likely the most viable option for the majority of users. Of course, the device must first offer an appropriate option and then actually cease to respond to requests via the WAN interface for this approach to be successful.

Rapid7 has provided a free tool called ScanNow UPnP that allows users to search IP address spaces for vulnerable devices. Users enter information about their personal network to activate the tool. Another option is the ssdp_msearch Metasploit module, which can be accessed via the Metasploit console as follows:

msf > use auxiliary/scanner/upnp/ssdp_msearch
msf auxiliary(ssdp_msearch) > set RHOSTS 192.168.0.0/24
msf auxiliary(ssdp_msearch) > run

Users who discover a vulnerable device that responds to UDP packets from the internet on their network should seriously consider disabling the UPnP feature or, if necessary, decommission the device. Attackers can potentially exploit vulnerable devices to gain access to local networks â" and Rapid7's report will likely inspire many a hacker to attempt to do just that."

http://www.rapid7.com/ [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]
http://pupnp.sourceforge.net/ [sourceforge.net]
http://miniupnp.free.fr/ [miniupnp.free.fr]
http://www.kb.cert.org/vuls/id/922681 [cert.org]
http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp [rapid7.com]

Copyright © 2013 Heise Media UK Ltd.

###

(Part 7): 50 Million Potentially Vulnerable To UPnP Flaws

Wednesday January 30, @02:17AM

http://tech.slashdot.org/story/13/01/30/022224/50-million-potentially-vulnerable-to-upnp-flaws [slashdot.org]

"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks. A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw. 'This research was primarily focused on vulnerabilities in the SSDP processor across embedded devices,' Rapid7's CSO HD Moore said. 'The general process was to identify what was out there, make a list of the most commonly used software stacks, and then audit those stacks for vulnerabilities. The results were much worse than we anticipated, with the most commonly used software stack (libupnp) also being the most vulnerable.'"

http://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913 [threatpost.com]
https://community.rapid7.com/docs/DOC-2150 [rapid7.com]
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play [rapid7.com]

###
EOF

RFID, Writeprint, Stylometry, Firmware Backdoors.. (-1)

Anonymous Coward | about a year and a half ago | (#42849983)

"Everything we see has some hidden message. A lot of awful messages are coming in under the radar - subliminal consumer messages, all kinds of politically incorrect messages..." - Harold Ramis

"RFID in School Shirts must be trial run"

The trial runs began a LONG time ago!

We're way past that process.

Now we're in the portion of the game where they will try and BRAINWASH us into accepting these things because not everyone BROADCASTS themselves on and offline, so RFID tracking will NEED to be EVERYWHERE, eventually.

RFID is employed in MANY areas of society. RFID is used to TRACK their livestock (humans) in:

* 1. A lot of BANK's ATM & DEBIT cards (easily cloned and tracked)
* 2. Subway, rail, bus, other mass transit passes (all of your daily
activities, where you go, are being recorded in many ways)
* 3. A lot of RETAIL stores' goods
* 4. Corporate slaves (in badges, tags, etc)

and many more ways!

Search the web about RFID and look at the pictures of various RFID devices, they're not all the same in form or function! When you see how tiny some of them are, you'll be amazed! Search for GPS tracking and devices, too along with the more obscured:

- FM Fingerprinting &
- Writeprint
- Stylometry

tracking methods! Let's not forget the LIQUIDS at their disposal which can be sprayed on you and/or your devices/clothing and TRACKED, similar to STASI methods of tracking their livestock (humans).

Visit David Icke's and Prison Planet's discussion forums and VC's discussion forums and READ the threads about RFID and electronic tagging, PARTICIPATE in discussions. SHARE what you know with others!

These TRACKING technologies, on and off the net are being THROWN at us by the MEDIA, just as cigarettes and alcohol have and continue to be, though the former less than they used to. The effort to get you to join FACEBOOK and TWITTER, for example, is EVERYWHERE.

Maybe, you think, you'll join FACEBOOK or TWITTER with an innocent reason, in part perhaps because your family, friends, business parters, college ties want or need you. Then it'll start with one photo of yourself or you in a group, then another, then another, and pretty soon you are telling STRANGERS as far away as NIGERIA with scammers reading and archiving your PERSONAL LIFE and many of these CRIMINALS have the MEANS and MOTIVES to use it how they please.

One family was astonished to discover a photo of theirs was being used in an ADVERTISEMENT (on one of those BILLBOARDS you pass by on the road) in ANOTHER COUNTRY! There are other stories. I've witnessed people posting their photo in social networking sites, only to have others who dis/like them COPY the photo and use it for THEIR photo! It's a complete mess.

The whole GAME stretches much farther than the simple RFID device(s), but how far are you willing to READ about these types of instrusive technologies? If you've heard, Wikileaks exposed corporations selling SPYWARE in software and hardware form to GOVERNMENTS!

You have to wonder, "Will my anti-malware program actually DISCOVER government controlled malware? Or has it been WHITELISTED? or obscured to the point where it cannot be detected? Does it carve a nest for itself in your hardware devices' FIRMWARE, what about your BIOS?

Has your graphics card been poisoned, too?" No anti virus programs scan your FIRMWARE on your devices, especially not your ROUTERS which often contain commercially rubber stamped approval of BACKDOORS for certain organizations which hackers may be exploiting right now! Search on the web for CISCO routers and BACKDOORS. That is one of many examples.

Some struggle for privacy, some argue about it, some take preventitive measures, but those who are wise know:

Privacy is DEAD. You've just never seen the tombstone.

I almost hope they do it... (0, Troll)

Improv (2467) | about a year and a half ago | (#42849995)

It's pretty amusing watching people freak out over these things and call them nude-o-scopes and similar. Just like with gun-control laws, I don't care a lot about the underlying issue, but it's so tempting to take a stance just because the NRA folk are so bloody nuts.

Re:I almost hope they do it... (5, Insightful)

Anonymous Coward | about a year and a half ago | (#42850071)

If you don't care a lot about the fourth amendment, I'm not sure anyone should give a shit what you say.

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850073)

Clueless liberal. I just joined the NRA because they are one of the few fighting the Democrat's anti-constitutional crap. It's not nuts to want to defend the 2nd amendment. Keep in mind that what the liberals do to the 2nd amendment will be done to the rest.

Licensing (i.e. permission to be able to exercise the 2nd amendment) is already being imposed on the 1st. Don't believe me? Remember the free-speech zones during the past two DNC's?

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850109)

AAAaaahahahahahaha. You think it's just the liberals. Bwhahahahahaaaa. That's funny.

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850173)

Clueless liberal. I just joined the NRA because they are one of the few fighting the Democrat's anti-constitutional crap. It's not nuts to want to defend the 2nd amendment. Keep in mind that what the liberals do to the 2nd amendment will be done to the rest.

Licensing (i.e. permission to be able to exercise the 2nd amendment) is already being imposed on the 1st. Don't believe me? Remember the free-speech zones during the past two DNC's?

Clueless conservative. We also remember the free speech zones at Republican National Conventions and the ones imposed by George W Bush wherever he went. Would you now like to discuss how some conservatives are advocating that Christians should be more free to build churches than Moslems are to build mosques even though both are guaranteed equal rights and freedom of religion under the constitution? Or how gay people's rights under the constitution should be overridden by christian scripture?

Re:I almost hope they do it... (1, Interesting)

sco08y (615665) | about a year and a half ago | (#42850143)

It's pretty amusing watching people freak out over these things and call them nude-o-scopes and similar. Just like with gun-control laws, I don't care a lot about the underlying issue, but it's so tempting to take a stance just because the NRA folk are so bloody nuts.

The NRA folks are nuts? It's the gun grabbers who are calling to lock people away in jail for owning a rifle with scary parts, or for owning a sheet metal box with a spring in it.

None of the pro-gun folks want to send *you* to jail for being a douche, after all.

Why do you fear and hate your tax-paying, law-abiding neighbors so much that you want to see them spend hard time in jail for owning a gun?

Re:I almost hope they do it... (-1)

Anonymous Coward | about a year and a half ago | (#42850211)

Please repeat after me:

No one wants to throw you in jail for having a gun.

Any law is going to proactive and not retroactive. Now I know this is a tough concept for people to get but, take off the tin foil hat for one bloody second and TRY and have a rational conversation. If you can't then well you proved Improv right now didn't you?

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850261)

WRONG! Wake up libreral. Owning a clip that can hold more than 7 rounds on a semi-automatic rifle in New York State is now (or soon will be) illegal. It's not retroactive. And the Dems are talking about taking guns too. Don't pay taxes will not just get your gun confiscated, it WILL land you in jail. Just listen to some of the crap coming our of Feinstein's mouth. We would love to have a rational conversation. The NRA did with Biden, but then all their concerns were thrown out the window and he recommended everything on their agenda. And for NYS's new law it was rushed through for a vote so quickly that there was no chance for a rational conversation. You are the one that needs a clue about what is happening.

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850731)

Fucking looney. Your the type that NEEDS to get rid of guns cause your dangerous. No one is going door to door to take weapons from you.

Re:I almost hope they do it... (1)

Meshugga (581651) | about a year and a half ago | (#42850283)

Wow ... that's all really ... retarded.

Re:I almost hope they do it... (1)

Jessified (1150003) | about a year and a half ago | (#42850341)

Simplifying much, with a side order of hyperbole.

Re:I almost hope they do it... (1)

Reverberant (303566) | about a year and a half ago | (#42850363)

None of the pro-gun folks want to send *you* to jail for being a douche, after all.

So long as we're going to resort to generalities...

No, they would just rather project your right to confront and shoot kids for the heinous crime of playing their music too loud (or the even more heinous crime of wearing a hoodie in rainy weather while carrying a can of iced tea).

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42850631)

or the even more heinous crime of wearing a hoodie in rainy weather while carrying a can of iced tea

I'm assuming you are referring to Travon. The same Travon who was beating the crap out of someone and yelled out "I'm going to fucking kill you" as he reached for a firearm the other guy had on him.

Yea, thats your idea of being killed for wearing a "hoodie in the rain". Right there we have the reason half the country hates you. You are a lying douche.

Re:I almost hope they do it... (1)

steppedleader (2490064) | about a year and a half ago | (#42851407)

It's the gun grabbers who are calling to lock people away in jail for owning a rifle with scary parts

Even though I'm fairly liberal, I see little reason to believe bringing back the assault weapons ban will make a significant difference in gun deaths -- it would probably be somewhere well south of a 1% difference. So I'm not out arguing that the ban should be brought back.

However, every time someone says that the only difference between assault weapons and regular weapons is that the former look scary, I have to ask: Why are such guns so popular if that is the case? Do you realize you are implying that all those people clamoring to buy such guns are doing so simply because they look scary? If that is the only distinction between these guns and others, why else buy them? The sort of person who chooses a gun simply based on how scary it makes them look is exactly the sort of person that shouldn't have a gun.

There are, in fact, functional differences between assault weapons and other guns. How important those differences are with regards to mass shootings seems like a reasonable question, although as I mentioned, I doubt they are huge. Why don't you argue that instead of implying that people who share your politics are just fools who have bought into Bushmaster's marketing that they need an AR-15 to be big scary man?

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42851813)

Don't bother when logic is applied the progun people just stuck their fingers in their ears and repeat the same mantra. God forbid they look inwards and wonder what void they need filled by the big scary guns.

Re:I almost hope they do it... (4, Informative)

JoshuaZ (1134087) | about a year and a half ago | (#42850219)

You are massively confusing two distinct issues. The Second Amendment is about a well-regulate militia. The Fourth Amendment is for reasonable search and seizure. Objecting to backscatter X-rays is, unlike the gun nuts, defended by classical readings of the Fourth Amendment. That's aside from the serious issue of exposing people to radiation with minimal safety precautions. Moreover, doing this with federal buildings would be a lot worse. You can at least have other alternatives to flying (long car travel, train travel, boat travel). But when one needs to go do something at a federal agency one doesn't have any options.

Re:I almost hope they do it... (3, Informative)

misexistentialist (1537887) | about a year and a half ago | (#42850871)

The Second Amendment is about a well-regulate militia

No, it's not. Just like the 4th prohibits the government from searching the people the 2nd prohibits disarming the people. You get the lowest level of freedom you accept: you probably support NYC stop-and-frisk because you are scared of guns, so stop resisting government control and relax.

Re:I almost hope they do it... (1)

JoshuaZ (1134087) | about a year and a half ago | (#42850915)

Stop and frisk is covered as not ok under the 4th Amendment. It has nothing to do with whether or not I'm scared of guns. As to the second Amendment it specifically starts with the phrase "A well regulated Militia, being necessary to the security of a free State". It is the only Amendment with a preamble explaining its purpose.

Re:I almost hope they do it... (2, Insightful)

Anonymous Coward | about a year and a half ago | (#42851197)

A misunderstood purpose, too. "Well regulated" did not mean "pass a whole bunch of pain in the ass rules about" like it does now. It meant "well skilled" or "well practiced". The point being that you could't be good with weapons if you didn't have any to be good with. "Militia" meant "anybody who is physically able to fight when needed". That we now have one thing the founders most decidedly did NOT want, a massive standing military force, does not take away from what the second amendment is all about. It is not about the National Guard, it is not about hunting, it is not about anything other than people having the right to own weapons and become proficient in their use.

It is similar to why there is no right to "privacy" mentionedi n the Constitution. If you "wanted some privacy" back then it meant you needed to go to the bathroom. They wouldn't waste ink on stuff like that, even omitting the absolute silliness of it from their point of view. Yet today, because the word means something a bit different, some people excuse government intrusion in our lives by saying there's no right to privacy in the Constitution. They're just as wrong as people who think the second amendment is about anything but people owning guns. Period.

Re:I almost hope they do it... (0)

Anonymous Coward | about a year and a half ago | (#42851749)

Not to disagree but wouldn't a militia of that sort require a state and federal structure similar to the National Guard? I mean isn't the current military situation such that at least some full time soldiers are required. Personally I would like to see that folded into the mission of the Navy as that is a constitutionally described entity, but that may broaden their mission to an unwieldy position. With a strong potential, given current politics, to end with a Navy dept. that was worse than the D.H.S.

Also, assuming you want all able bodies as part of this militia then wouldn't that require a form of conscription? Perhaps as a prerequisite in order to qualify for a High School Diploma or a GED? In this vein could we get a national holiday of 3 wks (plus travel time), for multiple state operations and competitions? Maybe summer (or what ever season) style camps for the kids. Or would that not be an acceptable use of tax dollars?

-crazy liberal.

Re:I almost hope they do it... (1)

Goetterdaemmerung (140496) | about a year and a half ago | (#42851437)

The definition of 'militia' includes pretty much everyone, especially definitions #2, #3 and #4. Changing or limiting the definition of the word may be a clever way to limit the scope of the 2nd Amendment, although I'd have to call shenanigans.

1. a body of citizens enrolled for military service, and called out periodically for drill but serving full time only in emergencies.
2. a body of citizen soldiers as distinguished from professional soldiers.
3. all able-bodied males considered by law eligible for military service.
4. a body of citizens organized in a paramilitary group and typically regarding themselves as defenders of individual rights against the presumed interference of the federal government.

Re:I almost hope they do it... (1)

JoshuaZ (1134087) | about a year and a half ago | (#42851597)

Yes, and historically definitions were closer to 1 than others. This isn't "shenanigans" but is the consensus of most law professors, linguists and others. The militias were official organizations under the state governors which eventually became what we call today the National Guard. Definition 4 is particularly egregiously modern and not relevant, and 3 just doesn't make sense in context.

Re:I almost hope they do it... (1)

phantomfive (622387) | about a year and a half ago | (#42852053)

Definition 4 is particularly egregiously modern

No it isn't. I don't know where you are getting this information. There is a reason Jefferson said at the time, "The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." That quote was said in support of Shay's rebellion, which was a paramilitary group regarding themselves as defenders of individual rights against interference of the government. There was some debate at the time, because not everyone supported Shay's rebellion. John Adams was worried that without central authority, there could be a descent into anarchy, as happened in the French revolution. However, the idea of a corrupt government trying to take their rights was strong in everyone's mind, since that is what had just happened to them a few years previous.

Some other quotes to drive the point home:

I ask, who are the militia? They consist now of the whole people, except a few public officers. But I cannot say who will be the militia of the future day. If that paper on the table[, the constitution draft,] gets no alteration, the militia of the future day may not consist of all classes, high and low, and rich and poor. --George Mason

[W]here and when did freedom exist when the power of the sword and purse were given up from the people? --Patrick Henry

A militia when properly formed are in fact the people themselves...and include all men capable of bearing arms...To preserve liberty it is essential that the whole body of the people always posses arms, and be taught alike, especially when young, how to use them...The mind that aims at a select militia, must be influenced by a truly anti-republican principle. --Melancton Smith

Before a standing army can rule, the people must be disarmed; as they are in almost every kingdom of Europe. The supreme power in America cannot enforce unjust laws by the sword; because the whole body of the people are armed, and constitute a force superior to any bands of regular troops that can be, on any pretense, raised in the United States. --Noah Webster (who ought to know something about the meaning of words)

Clearly... (0)

Anonymous Coward | about a year and a half ago | (#42850017)

Clearly, only visitors would be subjected to these kinds of scanning's, making it feel a lot like a way to keep voter participation to a minimum. Imagine having to pass through these 2+ times a day (before/after lunch) just to be a part of the system as a non-elected participant.

Genesis of the name (2)

blind biker (1066130) | about a year and a half ago | (#42850075)

At the pre-launch meeting:

VP of marketing: we have several suggestions for the product name
CEO: it doesn't really matter, the sale is a shoe-in. We could call it anything we want.
Product manager: O RLY!?

the land of the free and the home of the brave... (1)

fufufang (2603203) | about a year and a half ago | (#42850117)

News at 6 from North:

In the land of the free and the home of the brave, people are so afraid terrorist attack, they have decided to give up their own liberty (and possibly their health) in exchange for (a possibly false sense of) security.

.....

I think that might be how the rest of the world perceive the new USA.

Re:the land of the free and the home of the brave. (0)

Anonymous Coward | about a year and a half ago | (#42850669)

The USA has become a country too afraid to make their enemies feel insulted to do anything about terrorism.

We're in a new liberal world order here, and our "leadership" is far more interested in appeasing terrorists than actually doing anything about the problem of terrorism.

Our solutions to terrorism thus far have been to topple two nation-states, only one of which had anything to do with terrorism, and then retreat and cower in the corner and beg the world for forgiveness.

Re:the land of the free and the home of the brave. (0)

Anonymous Coward | about a year and a half ago | (#42852069)

That would make more sense if anyone in America had actually supported this.

Adult movie theaters (1)

stevegee58 (1179505) | about a year and a half ago | (#42850147)

Adult movie theaters should be snatching (pun intended) these things up. New 21st century peep show technology!

The only thing more disgusting (3, Funny)

WOOFYGOOFY (1334993) | about a year and a half ago | (#42850491)

The only thing more disgusting than Congress would be an image of Congress, nude.

Much better! (0)

Anonymous Coward | about a year and a half ago | (#42850821)

The citizens and non-citizens alike already know they are taking a risk in visiting a federal building. ;)

Don't some buildings aready have them? (0)

Anonymous Coward | about a year and a half ago | (#42851047)

DOJ already has these in place... I worked on a contract in and out of that building all this past Summer....

All for it.... (1)

Lumpy (12016) | about a year and a half ago | (#42851081)

As long as every official is FORCED AT GUNPOINT to go through them. Every single senator, Secretary, Tzar, even the President needs to be forced to use them at gunpoint like all of us have had to.

And every single one of the police force and security forces as well. they get the exact same treatment that is forced upon the rest of us.

Still lying (4, Interesting)

sjames (1099) | about a year and a half ago | (#42851239)

TSA still claims that NIST evaluated the machines and declared them safe even though NIST has plainly stated that it did not and can not.

Shareholder (1)

PPH (736903) | about a year and a half ago | (#42851247)

No doubt some TSA officials are investors in Rapiscan. So there's no way that company will be taking a loss on these things.

Re:Shareholder (1)

Fnord666 (889225) | about a year and a half ago | (#42851773)

No doubt some TSA officials are investors in Rapiscan. So there's no way that company will be taking a loss on these things.

Now we just need a way to check whether this is true or not.

Drug testing (1)

imuffin (196159) | about a year and a half ago | (#42851273)

I was thinking I'd buy up all the old machines at bargain basement prices and then sell them to companies that do ore-employment drug testing.

A common way to beat a drug test is to smuggle in clean urine, say, in a condom taped to your thigh. If people had to be naked-imaged first, this would be quite difficult.

If these machines can't be used to fight terrorism, my company could facilitate their use fighting the war on drugs. And make a tidy profit too.

Re:Drug testing (1)

Psyborgue (699890) | about a year and a half ago | (#42851803)

You are the sort of person who pushes us all down the slippery slope.

There is a plus side to all of this, folks. (0)

Anonymous Coward | about a year and a half ago | (#42851329)

If installed in Congress the low levels of radiation might actually render congress-men and (and -women) infertile, reducing the chances of their genetic material being passed on without the use of a clerk or student aid worker.

Congress protecting themselves from the people (1)

future assassin (639396) | about a year and a half ago | (#42851373)

how democracy like.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...