6 C
Wednesday, November 22, 2017
Home Tags Law Enforcement

Tag: Law Enforcement

Undercover officers have arrested a 63-year-old Chicago man on accusations that he used a handheld jamming device to disrupt mobile phone service on the subway. Enlarge / Photo from Reddit of the alleged cell phone jammer. The lawyer for the financial analyst at the University of Illinois Hospital & Health Sciences System said his client just wanted peace and quiet on his commute. "He's disturbed by people talking around him," Chicago attorney Charles Lauer said of defendant Dennis Nicholl. "He might have been selfish in thinking about himself, but he didn't have any malicious intent." The Chicago Tribune also said that a local judge, when setting $10,000 bail after the Tuesday arrest, dubbed the defendant "the cellphone police." Lauer did not immediately respond to Ars' request for comment. Chicago Transit Authority commuters have been complaining for months that their mobile devices were suddenly losing connectivity while riding Chicago's subway and elevated train lines. Pictures of the alleged culprit had been circulating on social media and even on Reddit.

An undercover operation, police said, led to the man's arrest on a felony charge of signal jamming, which carries a maximum penalty of a year in prison. In a statement, Chicago police said: Dennis Nicholl was arrested after he was identified as the man utilizing a signal jamming device on the CTA Redline.

CTA Authorities have been investigating complaints by passengers about cell phone reception. With the help of an anonymous 911 call, the Chicago Police Department and CTA Authorities were able to identify the suspect. Nicholl was observed utilizing the jamming device on the Redline by covert officers in a joint operation with CPD, CTA and the FCC. Nicholl entered the CTA Redline at the Loyola stop on the morning of March 8th , 2016 and utilized the interference device between the Loyola and Granville stops. He was arrested without incident on the Granville CTA Platform. A photo of the defendant on a recent Reddit post shows what appears to be Nicholl in a rail car with a soda can in between his legs. He's holding the bulky handheld jammer, which can be purchased online.

The jammer has five antennae or prongs jutting from it and looks like a walkie-talkie. The Chicago Tribune said the defendant pleaded guilty to a misdemeanor charge of jamming mobile phones in 2009. His equipment was confiscated, and he was sentenced to a year of probation, the paper reported.
Oncology patients' diagnoses, treatment details slurped US cancer clinic 21st Century Oncology has admitted that a breach on its systems may have exposed private information on 2.2 million patients and employees. Unidentified hackers were able to access sensitive patient and employee data, including names, SSNs, diagnosis and treatment details and insurance information after breaking into the clinic’s network. The clinic was informed of the breach by the FBI in November 2015 but the Feds asked 21st Century to hold off from disclosing the incident until a thorough investigation had been completed.

This explains why the clinic only went public in admitting the breach this week. Hackers accessed the systems at the beginning of October last year. In its statement, 21st Century apologised for the incident while trying to quieten concerns by stating that there’s no evidence that the leaked data has been misused.

The clinic added that it had “taken additional steps to enhance internal security protocols to help prevent a similar incident in the future”. We have no indication that the information has been misused in any way; however, out of an abundance of caution, we are notifying the affected patients and offering them a free one-year credit protection services. We also recommend that patients regularly review the explanation of benefits that they receive from their health insurer.
If they see services that they did not receive, please contact the insurer immediately. We deeply regret any concern this may cause our patients, and we want to emphasize that patient care will not be affected by this incident. The incident marks the second time 21st Century Oncology learned of a data breach from federal authorities.
In 2013, federal law enforcement informed the clinic of an insider breach allegedly linked to a tax refund fraud scheme, as databreaches.net reports. “The fact that 21st Century Oncology has been breached should set off alarm bells to other companies in the healthcare industry,” said Kevin Watson, chief exec at Florida-based Netsurion, a provider of remotely-managed security services. “We know that hackers are in constant pursuit of highly sensitive, personal data and that they are equipped with sophisticated methods to gain access to it. “It appears that diagnosis and treatment information might have been exposed, which could unlock the potential for significant medical fraud.

And if insurance plan information was stolen along with identity information, data thieves would have a good indicator on which identities hold a higher value, based on the value of the insurance plan.” ® Sponsored: Why every enterprise needs an Internet Performance Management (IPM) Strategy
Surrey County Council Last fall, a Maryland man’s frequent activities at a local casino resulted in robbers using a GPS tracker to follow him home.

Days later, they bound and gagged his two children, then stole $6,000 in cash plus an iPhone 6. If that wasn't crazy enough, Mario Guzman (a pseudonym) was also followed by someone else less than a week earlier. His wife, Alicia Guzman (another pseudonym), had hired a private investigator to keep tabs on her husband, according to a Montgomery County Police report. (Ars has changed the names of this feuding couple to protect their privacy interests.)Mario Guzman regularly drove 50 miles, six days a week, from his home in Germantown to a casino in Baltimore, according to a recently-released police report that Ars obtained Tuesday from the Montgomery County Police Department.

The report notes that Alicia Guzman suspected her husband of adultery and "gambling with large sums of money." On November 11, 2015, Greg Townsend of Montgomery Investigative Services, Inc., followed Guzman as he made his way from home to the Horseshoe Casino as per his routine.

After watching Guzman enter the casino, Townsend returned back to Guzman’s car so that he could place his own GPS tracker on the Audi. (Weeks earlier, Mario Guzman had even hired his own private investigator to check for such devices that he suspected would be put on his car at his wife’s behest, which had not yet occurred.) However, Townsend noticed two people in an Acura parked next to Guzman’s Audi.

They "were watching Townsend." After a few minutes, the Acura drove away, but not before Townsend wrote down the license plate.

Townsend then resumed his mission to put his own GPS tracker on the Audi, but found that there was already a GPS tracker there, near the rear passenger side tire.

The PI then moved this tracker towards the driver’s side of Guzman’s car and put his own underneath the undercarriage between the front and rear doors.

Townsend then returned to his own car nearby. After a short period, a different-colored Acura drove up, and Townsend watched as two people got out and began examining the underside of Guzman’s car along the passenger side.

Townsend managed to take a video of this pair, but was unable to note the new Acura's plate. Montgomery County Police Detective Thomas Thompson wrote in the police report that he "believes this suspect was trying to retrieve the GPS tracker that he or someone in his organization placed under [Mario Guzman]’s vehicle.

The suspect obviously couldn’t find the GPS tracker because Townsend placed [the tracker] in a different location on the vehicle." Before departing, the suspect briefly opened and closed his own trunk. Townsend resumed physical surveillance on Guzman’s Audi, and after an unspecified period of time, Guzman returned with a woman.

Both Guzman and the woman got into the Audi, and they drove off. The investigator then began to follow the Audi as it drove into a "wooded area of Baltimore." The police report flatly notes "[Mario Guzman] eventually went home for the evening." A terrifying scene Six days later, on November 17, Guzman’s two children, aged 21 and 14, were at home. (The police report makes no mention of Mario or Alicia Guzman being at home, suggesting that they weren't there.) The 21-year-old man and his younger sister went out to get something to eat in the evening. Upon their return at 8:10pm, they opened the garage door.

Two masked suspects suddenly appeared, drew guns, and ordered them to the ground. The Guzman children complied and were promptly bound and gagged with zip ties and duct tape. One of the suspects kept an eye on the girl while the man was ordered into the house at gunpoint. "Where is the money?" the gunman barked. The 21-year-old showed him the various locations where the family stored cash, and the first gunman eventually gathered up $6,000 in cash belonging to Mario Guzman.

They also took the 14-year-old’s iPhone 6. Within minutes, the two suspects fled the scene.

The Guzman children managed to escape from the zip ties and called 911. The police report does not specify whether the cash came from Mario Guzman's casino winnings. When Alicia Guzman learned of the incident, she told Detective Thompson that she had hired Townsend to put a GPS tracker on her husband’s car.

Detective Thompson, along with a forensic specialist, verified that Townsend’s GPS tracker was indeed still there. (The Supreme Court famously ruled in 2012 that the police cannot put such a GPS tracker on a suspect without a warrant, but that ruling has no bearing on individuals, be they private investigators or robbers.) Authorities then ran DNA swabs from the duct tape used to gag the children and found one match in the FBI’s Combined DNA Index System (CODIS).

The match belonged to Kevin Darnell Carroll, a convicted felon with an "extensive criminal history." According to The Washington Post, Carroll was arrested last week on charges of armed robbery, first degree burglary, and many others.

Carroll’s accomplice, described by police as a "black male," remains at large. The future of crime? Law professors who specialize in privacy and surveillance told Ars that they had never heard of a case like this. "This mundane surveillance warfare, if you like, among the perpetrators, the suspicious spouses, and ultimately the police (DNA swabs) nicely sums up the world we live in today," Elizabeth Joh, a professor at the University of California, Davis, said in an e-mail. Neil Richards, a professor at Washington University in St. Louis, said that this is a good reminder that technological innovation can be used for good as well as for ill. "As technologies become more widely available, we shouldn’t be surprised that they are put to illegal uses," he said in an e-mail. "Criminals have always been on the leading edge of tech adoption, from telephones to pagers to mobile burners, and we shouldn’t be surprised to see more of these stories in the coming years." Mario Guzman, Alicia Guzman, and the hired PIs immediately did not respond to Ars’ request for comment.

Thompson was not available to respond to Ars’ further questions. "Members of the police department cannot comment on any additional details of this case until it has been adjudicated," Officer Rick Goodale, a Montgomery County Police Department spokesman, told Ars by e-mail.
It's "precrime" meets "thoughtcrime." China is using its substantial surveillance apparatus as the basis for a "unified information environment" that will allow authorities to profile individual citizens based upon their online behaviors, financial transactions, where they go, and who they see.

The authorities are watching for deviations from the norm that might indicate someone is involved in suspicious activity.

And they're doing it with a hand from technology pioneered in the US.As Defense One's Patrick Tucker reports, the Chinese government is leveraging "predictive policing" capabilities that have been used by US law enforcement, and it has funded research into machine learning and other artificial intelligence technologies to identify human faces in surveillance video.

The Chinese government has also used this technology to create a "Situation-Aware Public Security Evaluation (SAPE) platform" that predicts "security events" based on surveillance data, which includes anything from actual terrorist attacks to large gatherings of people. The Chinese government has plenty of data to feed into such systems.

China invested heavily in building its surveillance capabilities in major cities over the past five years, with spending on "domestic security and stability" surpassing China's defense budget—and turning the country into the biggest market for security technology.

And in December, China's government gained a new tool in surveillance: anti-terrorism laws giving the government even more surveillance powers, and requiring any technology companies doing business in China to provide assistance in that surveillance. The law states that companies “shall provide technical interfaces, decryption and other technical support and assistance to public security and state security agencies when they are following the law to avert and investigate terrorist activities”—in other words, the sort of "golden key" that FBI Director James Comey has lobbied for in the US.

For obvious reasons, the Chinese government is particularly interested in the outcome of the current legal confrontation between the FBI and Apple over the iPhone used by Syed Farook. Bloomberg reports that China is harnessing all that data in an effort to perform behavioral prediction at an individual level—tasking the state-owned defense contractor China Electronics Technology Group to develop software that can sift through the online activities, financial transactions, work data, and other behavioral data of citizens to predict which will perform "terrorist" acts.

The system could watch for unexpected transfers of money, calls overseas by individuals with no relatives outside the country, and other trigger events that might indicate they were plotting an illegal action.

China's definition of "terrorism" is more expansive than that of many countries. At a news conference in December, China Electronics Technology Group chief engineer Wu Manqing told reporters, "We don’t call it a big data platform, but a united information environment…It’s very crucial to examine the cause after an act of terror, but what is more important is to predict the upcoming activities.”
More Inception than legal argument at this point The US Department of Justice has appealed a decision by a New York judge to refuse the FBI access to an iPhone: one part in a wider legal battle between law enforcement and Apple. The New York case is separate from the San Bernardino case in California, over which Apple and the FBI have been very publicly fighting. However the decision by a New York magistrate last month to shoot down the FBI's demand that Apple help agents access a locked iPhone, and his rationale for doing so, have been widely cited and referenced, not least by Apple. In New York, the iPhone belongs to alleged drug dealer Jun Feng, whereas the San Bernardino phone belonged to mass killer Syed Farook. In particular, magistrate judge James Orenstein concluded that the FBI did not have the legal authority to compel Apple to help them bypass the phone's passcode and, critically, said the powerful All Writs Act was the wrong legal instrument to use.

The FBI is using that same act to argue for access in the San Bernardino case. Judge Orenstein wrote: The implications of the government's position are so far-reaching – both in terms of what it would allow today and what it implies about Congressional intent in 1789 – as to produce impermissibly absurd results. He added that to give the FBI and DEA the powers they requested would greatly expand governmental powers and put the All Writs Act's constitutionality in doubt. He also declared that since Apple has no responsibility for Feng's wrongdoing, he could not justify "imposing on Apple the obligation to assist the government's investigation against its will." The New York case was addressed by FBI director James Comey at a Congressional hearing on the Apple case last week, where he acknowledged that the FBI had lost. He tried to play down its importance by suggesting it was just one fight in a much larger battle. Regardless, the decision is important, so prosecutors have asked district judge Margo Brodie to look at it and grant them the court order that Orenstein denied. The FBI argues that Orenstein looked at the question too broadly and focused on possible future abuse rather than the actual case he was considering.

And then effectively accuses him of overreach by saying his ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority." It also argues – as it has done in the San Bernardino case – that the request is device-specific and so does not constitute blanket approval for the FBI to break into any iPhone. As for Apple, unsurprisingly it is in favor of Orenstein's judgment, with a spokesman saying that the company "shares the judge's concern" that use of the All Writs Act in these case is a dangerous path and a "slippery slope". ® Sponsored: 2016 global cybersecurity assurance report card
The U.S.

Department of Justice has appealed an order by a court in New York that turned down its request that Apple should be compelled to extract data from the iPhone 5s of an alleged drug dealer. The case in New York is seen as having a bearing on another high-profile case in California where Apple is contesting an order that would require the company to assist the FBI, including by providing new software, in its attempts at cracking by brute force the passcode of an iPhone 5c running iOS 9. The phone was used by one of the two terrorists in the San Bernardino killings on Dec. 2 and the FBI wants Apple to disable the auto-erase feature on the phone, which would erase all data after 10 unsuccessful tries of the passcode, if the feature was activated by the terrorist. The DOJ argues in the New York case as well that it is unable to access the data on the phone running iOS 7, because it is locked with a passcode.

By trying repeated passcodes, the government risks permanently losing all access to the contents of the phone because when an iPhone is locked it is not apparent if the auto-erase feature is enabled, according to the filing Monday. But Apple can help extract the data from the iPhone 5s, which it has done dozens of times in the past for similar iPhone versions at the request of the government, the DOJ argues.

For versions of the operating system that predate iOS 8, Apple has the capability to bypass the passcode feature and access the contents of the phone that were unencrypted, it wrote in the filing. Invoking user privacy and safety, Apple has said that its previous acquiescence to similar judicial orders does not mean it consents to the process.

But the government, which has a warrant, claims that Apple made an U-turn in the particular instance, having first agreed to extract the data, when it responded that "Upon receipt of a valid search warrant pursuant to the instructions laid out in [the legal process guidelines], we can schedule the extraction date within a 1-2 week time frame." At no time during the communications ahead of the government seeking an order did Apple object to the propriety of the proposed order directing its assistance, according to the DOJ filing Monday. Magistrate Judge James Orenstein of the U.S.

District Court for the Eastern District of New York ruled recently that Apple can’t be forced to extract the data from the iPhone.

The government's reading of the All Writs Act, a statute enacted in 1789 and commonly invoked by law enforcement agencies to get assistance from tech companies on similar matters, would change the purpose of the law “from a limited gap-filing statute that ensures the smooth functioning of the judiciary itself into a mechanism for upending the separation of powers by delegating to the judiciary a legislative power bounded only by Congress's superior ability to prohibit or preempt.” But the government argues that the residual authority of the court under the All Writs Act is particularly important where legislation lags behind technology or risks obsolescence. The government argues that courts have relied on the All Writs Act to mandate third-party assistance with search warrants even in circumstances far more burdensome that what is requested in the New York case.

An unreasonable burden on the third-party is a key criterion when a Judge considers an order under the Act.

Apple has argued that a burden on the company would be the impact on its ability to protect customer information, which could threaten the trust customers have in the company and tarnish the Apple brand. The DOJ is now asking the court to review the decision by the Magistrate Judge. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree,” Apple said in a statement on the new filing by the DOJ.

The company said it shared the Judge’s concern “that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy."
Director tells MIT that all must cooperate in response to crims' use of ciphers Robert Hannigan, director of GCHQ, told an audience at the Massachusetts Institute of Technology that there was an ethical problem presented by encryption and it was necessary for industry's technical experts to help them work out a solution on its use by criminals. Published alongside the speech were two newly declassified papers by James Ellis, a cryptographer at GCHQ who, in the 1970s, secretly invented public-key cryptography. The papers, titled The Possibility of Secure Non-Secret Digital Encryption (PDF) and The Possibility of Secure Non-Secret Analogue Encryption (PDF), had remained classified for almost 50 years. Though Ellis had first invented the capability, public-key cryptography would actually be made public in 1976, in a famous paper titled New Directions in Cryptography (PDF) written by Whitfield Diffie and Martin Hellman – who won the Turing Award this February, 40 years after the paper's publication, for their contributions to the field. Hannigan said he was publishing the Ellis papers for three reasons, key among which was how advances in 1970s public-key cryptography reversed “centuries of assumptions about how communications could be protected.” This gave the director “some hope that our current difficulties can be overcome.” For nearly 100 years we have been intimately involved in strengthening encryption. From traditional protection of military communications, through personal privacy online – including identity verification for Government digital services – through the security of domestic “smart” power meters – where the design principle is that homeowners are in control of their data – to the security of the nuclear firing chain, we understand the importance of encryption for the economy and for the individual. That importance grows as more of our private lives move online and the economy becomes increasingly dependent on digital currency and block-chain systems. Hannigan added: “But what the history of our cryptology teaches me above all is that the enduring problems in the debate over privacy and security are essentially moral rather than technical.” The ethical issue presented by encryption “is the problem presented by any powerful, good invention, including the internet itself,” which could be used by miscreants, said Hannigan. “TOR is the most topical example: a brilliant invention that is still invaluable to those who need high degrees of anonymity, notably dissidents, human rights advocates and journalists; but an invention that is these days dominated in volume by criminality of one sort or another.” Hannigan claimed he was not in favour of banning encryption, nor asking for mandatory backdoors. He stated he was “puzzled by the caricatures in the current debate, where almost every attempt to tackle the misuse of encryption by criminals and terrorists is seen as a ‘backdoor’.” For those of us in intelligence and law enforcement, the key question is not which door to use, but whether entry into the house is lawful at all.
In our case that means applying the European Convention on Human Rights, as set out in UK domestic law: is what we are doing lawful (and appropriately sanctioned), is it necessary, and is it proportionate, notably in its infringement of privacy? Proportionality was important to consider.

Drawing a parallel with GCHQ's celebrated efforts at Bletchley Park, Hannigan said that it would not make sense to see the breaking of Enigma as a “backdoor”.
In the "easy example" of the breaking of the German Enigma code, it clearly enabled an Allied victory and an early end to the Holocaust, and, as such, could be considered proportionate. Hannigan stated that "what Turing and his colleagues recognised was that no system is perfect and anything that can be improved can almost inevitably be exploited, for good or ill.” “That is still true today.” said Hannigan. “It does not follow that Enigma was a poor system, or ‘weak’, or easily broken by anyone.
In fact we continued to build and use improved derivatives of Enigma – ‘Typex’ – for some years after the war.

For Turing, I do not think there was any such thing as an impregnable door, whether front, back or side: there were strong doors and degrees of security.” 'We want better security'. Oh yeah? Hannigan lauded Turing for his work on encryption and decrypting others' crypto, claiming that “strengthening and improving encryption has been the focus of our most brilliant mathematicians over the decades, and still is.” This is interesting.
In his book The Hut Six Story, Gordon Welchman, who founded Bletchley Park's Hut Six, cited an article by Professor Jean Stengers, of the University of Brussels, titled La Guerre de Messages Codes (1930-1945) approvingly: From pg. 17, The Hut Six Story, by Gordon Welchman [Stengers] knows the reason for British reluctance to reveal the methods they developed. He has discovered that, after the war, Britain sold a considerable number of Enigma machines to certain countries, no doubt claiming that they were unbreakable.

But, says Stengers, British codebreakers had no trouble. As I have made clear in this book, it is my firm conviction that what I have revealed should have been made available to our partners many years ago.

The over-prolonged secrecy has, in my view, already been prejudicial to our future national security.

The reason for the secrecy, made public at last, is hard to accept.* * I, personallly, have heard conflicting statements on this matter, but, on balance, I believe that Jean Stengers is correct. Following the publication of his book, Welchman was infamously described as “a disastrous example to others” by GCHQ. He subsequently lost his security clearance and ability to work in the USA on secure communications systems. There's security and there's security Expanding on the operational difficulties posed by encryption, Hannigan said: Turing also knew that human behaviour was rarely as consistent as technology: we are all to some extent too busy or careless in our use of it. Put more positively, we routinely make trade-offs not just between privacy and security, but privacy and usability. The level of security I want to protect the privacy of my communications with my family is high, but I don’t need or want the same level of security applied to protect a nuclear submarine’s communications, and I wouldn’t be prepared to make the necessary trade-offs. It is not inconsistent to want, on the one hand, to design out or mitigate poor user behaviour, but at the same time exploit that behaviour when lawful and necessary. The debate, for Hannigan, is not about back or front doors, but about “where you risk letting anyone else in if you accept that the lawful authorities can enter with a warrant.” All of this meant “some very practical cooperation with the industry. Whatever high level framework, whatever posture democratic nations decide upon will need to be implemented by commercial providers.

And this will get technical.

That is where we will need goodwill on both sides.” ® Sponsored: Five essentials for improving endpoint security
Robber clobbered but catching carder is harder A Romanian carder arrested for using malware to plunder US$217,000 (£152,164, A$290,888) from ATMs has cut their way out of a Bucharest prison and escaped custody. Renato Marius Tulli, 34, escaped Police Precinct 19 with Grosy Gostel, 38, held for robbery charges, sparking a city-wide hunt, local media report. Gostel has been caught while malware man Tulli remains on the run. The carder and the robber cut a hole in the mesh fence and jumped an outer fence at the police station. Tulli and his gang raided ATMs maintained by NCR across Romania, Hungary, Spain, Russia, and the Czech Republic. They used the Tyupkin malware loading it onto ATMs using a CD slotted into the back of the machines. That malware has been upgraded in recent months and is now known as GreenDispenser and is being used to target ATMs across Mexico. There is little preventing the self-deleting malware from being used in other countries, experts say. ® Sponsored: DevOps: hidden risks and how to achieve results
Kārlis Dambrāns As expected, federal prosecutors in an iPhone unlocking case in New York have now asked a more senior judge, known as a district judge, to countermand a magistrate judge who ruled in Apple’s favor last week. Last week, US Magistrate Judge James Orenstein concluded that what the government was asking for went too far.
In his ruling, he worried about a “virtually limitless expansion of the government's legal authority to surreptitiously intrude on personal privacy.”The case involves Jun Feng, a drug dealer who has already pleaded guilty, and his seized iPhone 5S running iOS 7. Prosecutors have said previously that the investigation was not over and that it still needed data from Feng's phone.

As the government reminded the court, Apple does have the ability to unlock this phone, unlike the seized iPhone 5C in San Bernardino. Moreover, as Department of Justice lawyers note, Apple has complied numerous times previously. In its 51-page Monday filing, the government largely re-hashed its previous arguments, saying that existing law should force Apple’s assistance. In this case, the government arrested a criminal.

The government got a warrant to search the criminal’s phone. Law enforcement agents tried to search the phone themselves, but determined they could not do so without risking the destruction of evidence.

The government then applied for a second court order to ask Apple to perform a simple task: something that Apple can easily do, that it has done many times before, and that will have no effect on the security of its products or the safety of its customers.

This is how the system is supposed to work. In 2014 and 2015, Apple took a two-pronged approach to resisting government pressure: one was to make iOS 8 more resilient than previous versions of the operating system, making it impossible for Apple itself to bypass a passcode lockout.

The other crucial element was to impose firmer legal resistance in court filings.

The New York case is believed to be the first time that Apple openly resisted the government’s attempt to access a seized phone. Agree to disagree? This New York case pre-dates Apple's current battle with the government over a locked iPhone 5C that belonged to one of the shooters in the December 2015 terrorist attack in San Bernardino—that case is due to be heard in court next month in nearby Riverside, California.
In the California case, federal investigators asked for and received an unprecedented court order compelling Apple to create a new firmware to unlock the device.
In February 2016, Apple formally challenged that order, and the outcome is pending. Both the New York and California cases, however, involve the government’s attempt to use an obscure 18th-Century statute known as the All Writs Act, which enables a court to order a person or a company to perform some action. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree," an Apple spokesman told Ars in a statement. "We share the judge’s concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy." The New York case, however, marks the first time that a federal judge has ruled in favor of a more privacy-minded Apple. More recent amicus, or friend of the court briefs, supporting Apple, have cited Judge Orenstein’s ruling. “The government’s argument is: ‘I would have gotten away with it too, if it weren't for you pesky magistrate!’” Riana Pfefferkorn, a legal fellow at the Stanford Center for Internet and Society, told Ars.
Storage device manufacturer Seagate's executives informed employees last week that their income tax data had been shared with an unknown outside party as the result of a targeted phishing attack. On March 1, a Seagate employee sent the data to an outside e-mail address after receiving an e-mail purportedly from Seagate's CEO Stephen Luczo requesting 2015 W-2 data for current and former Seagate employees.

The employee, believing the request to be real, forwarded the W-2 reporting data—exposing everyone at Seagate to potential tax fraud and identity theft.The Seagate breach comes less than a week after Snapchat employees' data was leaked in the same way.
Security reporter Brian Krebs reported the breach after learning of it from a Seagate employee who had been given written notification of the breach. Seagate's spokesperson Eric DeRitis confirmed the incident to Krebs: "On March 1, Seagate Technology learned that the 2015 W-2 tax form information for current and former US-based employees was sent to an unauthorized third party in response to the phishing e-mail scam.

The information was sent by an employee who believed the phishing e-mail was a legitimate internal company request.” DeRitis told Krebs "several thousand" employees were affected, and that the company is working with federal law enforcement; employees will receive two years of credit protection from the company. Credit protection won't help that much however, as in both cases, it's likely the phishing attack came from criminals planning to use the data to file fraudulent tax returns.
In February, the IRS reported that IRS.gov electronic tax filing credentials for 101,000 social security numbers were stolen from a contractor's systems. Last year, criminals using stolen personal identifying information from commercial data breaches obtained access to tax data for over 300,000 taxpayers from IRS' tax record system.
It is believed that the attack came from Nigeria. Krebs reported on a fraudulent tax return case last March in which a woman aided fraudsters by cashing a check in the US and wiring the proceeds to Nigeria.
The DOJ wants Apple return to security levels present in iOS 7, before default encryption. Two weeks ahead of a scheduled court date, Apple continues to publicly battle the FBI's request to unlock one of its iPhones.
Senior Vice President of Software Engineering Craig Federighi on Sunday penned an opinion piece for the Washington Post, which suggests that compliance will set mobile security back at least three years. The U.S. Justice Department, he said, believes security on iOS 7 was "good enough," so Apple should roll back to the security level of that operating system. "But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers," Federighi wrote. "What's worse, some of their methods have been productized and are now available for sale to attackers who are less skilled by often more malicious." Apple decided to encrypt its mobile operating system by default beginning with iOS 8, meaning device-level data is inaccessible even to Cupertino, so the company cannot turn over things like phone passcodes and iMessage chats to the feds. But following a December terrorist attack in California, the government is itching to access an iPhone 5c issued to one of the shooters, Syed Rizwan Farook, by his employer, the San Bernardino Health Department. The FBI wants Apple to create a new mobile operating system, which could disable a feature that wipes the gadget after 10 incorrect password guesses—"intentionally creating a vulnerability that would let the government force its way into an iPhone," Federighi said. "Once created, this software—which law enforcement has conceded it wants to apply to many iPhones—would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all," he added. The tech titan is even willing to take its fight against the FBI over iPhone backdoors all the way to the Supreme Court, where it would have the support of numerous industry heavyweights. Oral arguments are set for March 22 in federal court.
Software engineering senior veep Craig Federighi cranks up debate about that iPhone Apple's opened another front in its argument over FBI access to San Bernardino killer Syed Farook's iPhone, arguing in a Washington Post column that creating even a single possible point of attack threatens national and personal security. Apple's senior veep of software engineering Craig Federighi makes that argument here, correctly pointing out that compromising a device known to be used by an individual is a fine way to access data and facilities that individual accesses. “Our nation’s vital infrastructure — such as power grids and transportation hubs — becomes more vulnerable when individual devices get hacked,” he argues. “Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person’s smartphone.” Smartphones are therefore “part of the security perimeter that protects your family and co-workers.” Federighi goes on to say that Apple works mighty hard to ensure its products are secure and asserts “Doing anything to hamper that mission would be a serious mistake.” He then criticises the FBI's request for a special cut of iOS to probe Farook's phone, and others pertinent to other investigations, as “Once created, this software — which law enforcement has conceded it wants to apply to many iPhones — would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all.” Which is where the op-ed gets a little bit hard to follow, because Federighi neglects to mention that in the Farook case the court order specifies the special cut of iOS work only on Farook's phone and that it be used only on government or Apple premises.
Is Federighi therefore saying Apple doesn't think it can prevent hackers from penetrating its defences, extracting the special cut of iOS and adapting it to work on multiple phones? Or that Apple would be careless enough to make access to an iOS-cracker easy? “We cannot afford to fall behind those who would exploit technology in order to cause chaos,” Federighi concludes. “To slow our pace, or reverse our progress, puts everyone at risk.” Might misrepresenting the facts of a critical case testing important frontiers of the digital age have the same effect? ® Sponsored: Definitive guide to continuous networking monitoring