Home Tags Vietnam

Tag: Vietnam

Financial cyberthreats in 2016

In 2016 we continued our in-depth research into the financial cyberthreat landscape. We've noticed over the last few years that large financial cybercriminal groups have started to concentrate their efforts on targeting large organizations – such as banks, payment processing systems, retailers, hotels and other businesses where POS terminals are widely used.

72-year-old vet—who spent $96k in stolen funds on online porn—gets prison

reader comments 17 Share this story Enlarge Fox61 A Connecticut veteran who was treasurer at both an American Legion and VFW post was sentenced Friday to 2.5 years in prison. Local media said Frederick Brown, 72, of Mansfield, spent $96,000 on Internet porn over a three-year period. According to local media, Brown stopped pilfering funds after realizing the veterans' posts were running out of cash. He stole as much as $144,000 in all. Local media said the defendant got "sucked in" to viewing live online pornography in which women became more provocative when viewers tipped more online tokens. "Mr.

Brown said that he basically got 'sucked in' and continued to do it because it was fun," according to a warrant. "Mr.

Brown stopped... buying tokens in September 2014 because he started running out of money, and he was worried that someone else in the post would find out." Brown, a B-52-bomber Vietnam veteran with no prior criminal record, was also ordered to serve five years of probation and to repay the money. His attorney urged house arrest and said the defendant requires a heart transplant, has diabetes, and suffers from chronic liver failure. Listing image by Fox61

US pulls out of Trans-Pacific Partnership

Enlarge / President Donald Trump signs an executive order Monday withdrawing from the Trans-Pacific Partnership as Chief of Staff Reince Priebus looks on in the Oval Office.Saul Loeb/Getty Images reader comments 249 Share this story With the stroke of a pen from President Donald Trump, the United States officially withdrew Monday from the Trans-Pacific Partnership, a proposed and controversial 12-nation trade pact dealing with everything from intellectual property to human rights. "Everybody knows what that means, right? We’ve been talking about this for a long time," Trump said as he signed the order and made good on his campaign promise to remove the US from the trade deal. "A great thing for the American worker." During the election campaign, he called the TPP a "disaster." President Barack Obama had praised the pact, but it was put on life support just days after Election Day.

That's when congressional leaders told the White House that it would no longer consider entering the pact with a lame-duck president.

The failing deal was of interest to Ars due to how intellectual property would have been treated.

As we noted, "the TPP exported US copyright law regarding how long a copyright lasts.

For signing nations, the plan would have made copyrights last for the life of the creator plus 70 years after his or her death.

That's basically the same as in the US." The nations remaining in the sputtering pact include Japan, Australia, Peru, Malaysia, Vietnam, New Zealand, Chile, Singapore, Canada, Mexico, and Brunei.

China has proposed a 16-nation free-trade bloc that includes India.

The Trump administration is expected to begin trade negotiations with each TPP nation separately. The Motion Picture Association of America had hailed the TPP when the 2,000-page text of the pact was released in 2015, after negotiations were carried out in secret. "The TPP reaffirms what we have long understood—that strengthening copyright is integral to America’s creative community and to facilitating legitimate international commerce," Chris Dodd, the MPAA chairman, said at the time.

Computop and AsiaPay Partner to Enable Retailers to Safely and Effectively...

Bamberg and Hong Kong – December 15, 2016 – Computop, a leading payment service provider, and AsiaPay, one of Asia-Pacific’s most distinguished payment service providers, today announced their new strategic partnership.

The relationship enables retailers to securely process payments in Asia-Pacific through Computop’s Paygate payment gateway using the payment methods that consumers in the region prefer and trust, helping to positively impact sales and the overall customer experience.A recent e-Marketer report noted that Asia-Pacific will remain the world’s largest retail e-commerce market, with sales expected to top $1 trillion in 2016 and more than double to $2.725 trillion by 2020.

Findings also noted that the region will see the fastest rise in retail e-commerce sales, increasing 31.5% this year.
In addition, according to a study by Kantar TNS, Asia-Pacific is leading the world in mobile payment with over half (53%) of connected consumers using their mobile phones to pay for goods or services at the point-of-sale via apps.

As such, the Computop and AsiaPay partnership enables retailers to capitalize on the growth opportunity that Asia-Pacific presents. “Expanding business into foreign markets may seem daunting, but working with companies that have a strong foothold in those regions and that understand the payment behaviors and preferences of consumers in those countries is key to retailer success,” said Ralf Gladis, CEO of Computop. “Through our partnership with AsiaPay, Computop is able to provide merchant customers with the opportunity to take advantage of Asia-Pacific consumers’ appetite for e-commerce. With Computop Paygate integrated with AsiaPay, retailers benefit from the secure payment options that southeast Asian consumers expect and trust.” “We are very honoured to be a strategic partner of Computop,” said Joseph Chan, CEO of AsiaPay. “Our company has more than 16 years of experience in credit card processing and international business service, giving us a solid position as a premier e-Payment player in the region.

Furthermore, we have a keen understanding of merchants’ payment requirements in the fast-paced e-commerce business environment. We believe that a strategic cooperation with Computop can help merchants improve their processing efficiency, thereby contributing to their business growth as well as support their global endeavor,” he added. Founded in 2000, AsiaPay offers secure and cost-effective electronic payment processing solutions and services to banks and e-businesses globally.

The company offers a variety of card payments, online bank transfers, e- wallets and cash payments across over 16 countries, including Hong Kong, China, India, Indonesia, Malaysia, Singapore, Philippines, Taiwan, Thailand and Vietnam.
It is a certified international 3-D secure vendor for VISA, MasterCard, American Express and JCB. Computop Paygate is a PCI-certified omnichannel payment platform that provides retailers with secure payment solutions and efficient fraud prevention for international markets.

Computop integrated AsiaPay into Paygate to offer merchants a wide range of payment methods in the Asia-Pacific region to support their cross-border and global commerce efforts. Payment methods available on Paygate include Alipay, American Express, JCB, Tenpay and WeChat, along with many other widely-accepted payment options that consumers in these countries use. About ComputopComputop is a leading global payment service provider (PSP) that provides compliant and secure solutions in the fields of e-commerce, POS, m-commerce and Mail Order and Telephone Order (MOTO).

The company, founded in 1997, is headquartered in Bamberg, Germany, with additional independent offices in China, the UK and the U.S.

Computop processes transactions totalling $24 billion per year for its client network of over 14,000 mid-size and large international merchants and global marketplace partners in industries such as retail, travel and gaming.

Global customers include C&A, Fossil, Metro Cash & Carry, Rakuten, Samsung and Swarovski.

Following the recent asset deal with the Otto Group, Computop is now processing payments for merchants that previously used EOS Payment, including all 100 Otto retail brands.
In cooperation with its network of financial and technology partners, which it has expanded over many years, Computop offers a comprehensive multichannel solution that is geared to the needs of today's market and provides merchants with seamlessly integrated payment processes. For further information, please visit www.computop.com. About AsiaPayFounded in 2000, AsiaPay, a premier electronic payment solution and technology vendor and payment service provider, strives to bring advanced, secure, integrated and cost-effective electronic payment processing solutions and services to banks, corporate and e-Businesses in the worldwide market, covering international credit card, China UnionPay (CUP) card, debit card and other prepaid card payments. AsiaPay is an accredited payment processor and payment gateway solution vendor for banks, certified IPSP for merchants, certified international 3-D Secure vendor for Visa, MasterCard, American Express and JCB.

AsiaPay offers its variety of award-winning payment solutions that are multi-currency, multi-lingual, multi-card and multi-channel, together with its advanced fraud detection and management solutions. Headquartered in Hong Kong, AsiaPay offers its professional e-Payment solution consultancy and quality local service support across its other 12 offices in Asia including: Thailand, Philippines, Singapore, Malaysia, Mainland China, Taiwan, Vietnam, Indonesia and India.

For more information, please visit www.asiapay.com and www.paydollar.com. ### For further information, please contact:Jessica MularczykAscendant Communications, for Computop in the U.S.Tel: 508-498-9300E-mail: jmularczyk@ascendcomms.net Charlotte HansonAscendant Communications, for Computop in the UKTel: +44 (0) 208 334 8041E-mail: chanson@ascendcomms.net Valerie SanchezSenior Channel ManagerAsiaPayTel: (632) 887-2288E-mail: valerie.sanchez@asiapay.com Alvin ChanAssociate Director, Sales & MarketingAsiaPayTel: +852-2538 8278E-mail: alvin.chan@asiapay.com

Trump says he’s going to get Apple to “build a big...

Enlarge / President-elect Donald Trump walks through the lobby of the New York Times Building following a meeting with editors of the paper on November 22, 2016.Spencer Platt / Getty Images News reader comments 104 Share this story President-elect Donald Trump told The New York Times in a Tuesday interview that he would incentivize Apple to “build a big plant” in the United States. During that interview, Trump touched on numerous subjects, changing his tune on several campaign positions. He backed off threats he made during his campaign to prosecute his political rival, Hillary Clinton, over her use of a personal e-mail server while she was Secretary of State. However, Trump indicated to columnist Thomas Friedman that he is going to double-down on bringing factory jobs back to America, especially in the Rust Belt from Michigan to Pennsylvania. FRIEDMAN: Are you worried, though, that those companies will keep their factories here, but the jobs will be replaced by robots? TRUMP: They will, and we’ll make the robots, too. [laughter] TRUMP: It’s a big thing, we’ll make the robots, too. Right now we don’t make the robots. We don’t make anything.

But we’re going to.
I mean, look, robotics is becoming very big and we’re going to do that. We’re going to have more factories. We can’t lose 70,000 factories. Just can’t do it. We’re going to start making things. Trump's point that America doesn't "make anything" is objectively false.

According to the Federal Reserve Bank of St. Louis, manufacturing is at the highest level it's been in a decade, but this economic output being achieved with fewer workers. Trump continued, saying that he had received a call from Apple CEO Tim Cook. As the president-elect recounted: …and I said, ‘Tim, you know, one of the things that will be a real achievement for me is when I get Apple to build a big plant in the United States, or many big plants in the United States, where instead of going to China, and going to Vietnam, and going to the places that you go to, you’re making your product right here.’ He said, ‘I understand that.’ I said: ‘I think we’ll create the incentives for you, and I think you’re going to do it. We’re going for a very large tax cut for corporations, which you’ll be happy about.’ But we’re going for big tax cuts, we have to get rid of regulations, regulations are making it impossible. Whether you’re liberal or conservative, I mean, I could sit down and show you regulations that anybody would agree are ridiculous.
It’s gotten to be a free-for-all.

And companies can’t, they can’t even start up, they can’t expand, they’re choking. Recently, the Nikkei Asian Review reported that Apple's manufacturing contractors, Foxconn and Pegatron have been looking into manufacturing the iPhone in the US. Apple did not immediately respond to Ars’ request for comment.

Trump did not mention the fact that earlier this year, he called for a boycott of Apple products.

Obama says he can’t pardon Snowden

Enlarge / U.S. President Barack Obama waves before boarding Air Force One as he departed Berlin on Saturday, Nov. 18.
It's the final European trip of his time in office.Photo by Carsten Koall/Getty Images reader comments 28 Share this story A campaign to pardon NSA leaker Edward Snowden, launched in combination with a fawning Oliver Stone film about him, hasn't made any headway.

The request spurred the entire membership of the House Select Committee on Intelligence, 13 Republicans and 9 Democrats, to send a letter to President Barack Obama urging against a pardon. "He is a criminal," they stated flatly. Obama weighed in on the matter on Friday.

During his European tour, he was interviewed by Der Spiegel—the largest newspaper in Germany, a country where Snowden is particularly popular.

After discussing a wide range of issues, he was asked: Are you going to pardon Edward Snowden? Obama replied: "I can't pardon somebody who hasn't gone before a court and presented themselves, so that's not something that I would comment on at this point." He continued: I think that Mr.
Snowden raised some legitimate concerns. How he did it was something that did not follow the procedures and practices of our intelligence community.
If everybody took the approach that I make my own decisions about these issues, then it would be very hard to have an organized government or any kind of national security system. At the point at which Mr.
Snowden wants to present himself before the legal authorities and make his arguments or have his lawyers make his arguments, then I think those issues come into play. Until that time, what I've tried to suggest -- both to the American people, but also to the world -- is that we do have to balance this issue of privacy and security. When Obama said he "can't" pardon Snowden he may have meant he "won't" do it, unless circumstances change. Presidents have historically issued pardons even when no court or prosecutor has taken action, which was pointed out by Noa Yachot, who directs the Pardon Snowden movement and works for the ACLU. "The president can pardon anyone," wrote Yachot. "Richard Nixon hadn’t even been indicted when Gerald Ford issued a 'full, free, and absolute pardon unto Richard Nixon for all offenses against the United States which he, Richard Nixon, has committed or may have committed or taken part in' over the course of his presidency. Nor had the thousands of men who had evaded the Vietnam War draft, who were pardoned unconditionally by Jimmy Carter on his first day in office." And as part of the Iran nuclear deal he negotiated, Obama himself pardoned three Iranian-American men who had been indicted but had not stood trial. Snowden faces charges under the Espionage Act, a World War One-era law that doesn't distinguish between confidential material being given to foreign powers or to a journalist.

The ACLU has called the law "draconian."

MPAA-backed Trans-Pacific Partnership accord dead in wake of Trump win

A handful of protesters rally in Sydney, Australia, in 2014 as government officials and private industry negotiated the Trans-Pacific Partnership accord.SumOfUs reader comments 14 Share this story The Trans-Pacific Partnership, a proposed and controversial 12-nation trade pact dealing with everything from intellectual property to human rights, effectively died Friday.

Congressional leaders from both parties told the White House they would no longer consider it with a lame duck president, even one who staunchly backed the plan. Among the reasons the deal was relevant to Ars readers is because of how it treated intellectual property.

The TPP exported US copyright law regarding how long a copyright lasts.

For signing nations, the plan would have made copyrights last for the life of the creator plus 70 years after his or her death.

That's basically the same as in the US. When the 2,000-page text of the deal was released in November last year—after negotiations were done in secret—the Motion Picture Association of America hailed it. "The TPP reaffirms what we have long understood—that strengthening copyright is integral to America’s creative community and to facilitating legitimate international commerce," Chris Dodd, the MPAA chairman, said. At one point last year, many feared the TPP would require signing companies to mandate that Internet service providers terminate accounts for Internet copyright scofflaws.

That, however, never materialized.
In the US, many of the top ISPs have a six-strikes consumer infringement program. Knowledge Ecology International, which monitors international law, said the measure would have gutted provisions in American law encouraging more transparency of patents on biologic drugs.

The group said infringing any patent or copyright could have become more risky and costly. But what a difference a year makes.

Following the victory of Republican Donald Trump, the Senate Majority Leader Mitch McConnell, a Republican of Kentucky, and Sen.

Chuck Schumer, a New York Democrat, have said they would not bring up the TPP vote given that President Barack Obama is leaving office in January. "In terms of the TPP agreement itself, Leader McConnell has spoken to that, and it’s something that he’s going to work with the president-elect to figure out where they go in terms of trade agreements in the future," Wally Adeyemo, Deputy National Security Advisor for International Economic Affairs told The Wall Street Journal late Friday. The nations in the accord include the US, Japan, Australia, Peru, Malaysia, Vietnam, New Zealand, Chile, Singapore, Canada, Mexico, and Brunei.

They represent about 40 percent of the global economy.

China has proposed a 16-nation free-trade bloc that includes India.

That Botnet-of-Things malware is getting a nasty makeover

More bots.

Thanks, Internet of Things.reader comments 29 Share this story Mirai—the malware responsible for creating a massive "botnet" of hacked Internet-connected cameras, digital video recorders, and other devices that interrupted Internet services for many last week—is still in action, according to data from the network security company Arbor Networks.

An ever-shifting army of about 500,000 compromised Internet of Things (IoT) devices is still being controlled by Mirai, based on Arbor's tracking of the malware's communications.

And multiple command-and-control networks are still directing those devices to attack websites and service providers across the Internet.

But as previously predicted, new and improved versions of the Mirai malware—based on the openly-published source code Mirai's alleged author posted on September 30—are now appearing in the " and wreaking additional havoc. In a blog post, Roland Dobbins, Principal Engineer on Arbor's ASERT Team, noted that "relatively high concentrations of Mirai nodes have been observed in China, Hong Kong, Macau, Vietnam, Taiwan, South Korea, Thailand, Indonesia, Brazil, and Spain." Devices that are vulnerable to Mirai takeover, he noted, "are typically listening for inbound telnet access on TCP [port] 23 and TCP [port] 2323," and compromised devices communicate via "a remote-control backdoor" that is also present in Mirai, "accessible via TCP/103." Mirai botnets constantly scan the entire Internet for vulnerable devices, so even when a device is rebooted or reset, it can be compromised all over again within 10 minutes. Dobbins also noted that "multiple threat actor groups are actively working to expand and improve" the attacks that were coded into Mirai, and that "some alterations in the DDoS attack capabilities of at least one Mirai-derived botnet have been observed in the wild." In a Skype call with Ars, Dobbins said, "It's a minor enhancement to one of the existing [Mirai] attacks." He couldn't give detail about the enhancements, but he added that "multiple groups are working to enhance and customize Mirai." The original Mirai code is capable of a variety of attacks against DNS services and websites, in addition to more generic network "flood" attacks based on the TCP, UDP, and Generic Routing Encapsulation protocols. Mirai accounted for most of the attack on Dyn's DNS service on October 21, and was part of earlier attacks on security reporter Brian Krebs' site and on French cloud provider OVH.

Those attacks measured over 600 gigabits per second and over 1.5 terabits per second at their peaks, respectively. While the total volume of traffic thrown at Dyn hasn’t yet been publicly released, Level 3 Communications chief security officer Dale Drew said in a Twitter conversation that the numbers had been shared with major network operators.

Drew told Ars in a separate conversation that "tens of millions" of distinct devices were involved in the Dyn DoS attack, and that some of them were clearly not Mirai-infected devices; not all of the devices were necessarily active at the same time. Dobbins wrote that the "potential collateral impact of DDoS attacks launched by the Mirai botnet can be highly significant." The outbound traffic from hacked devices—including attacks against intended targets and scanning for other vulnerable devices—could crimp the network bandwidth of even major broadband ISPs, causing outages for customers. Given the wide availability of the code, it's fairly certain that even more Mirai variants will emerge—and make their presence felt as the holidays approach.

Criminal botnet operators will likely use Mirai's success as a way to extract blackmail payments from online retailers and banks with threats of interfering with online shopping.
Stopping (or at least reducing) those attacks will require network operators to work to identify vulnerable or hacked devices themselves and block the command-and-control traffic to them.

HAUD SS7 firewall protects 23m subscribers in Vietnam

Press Release Vinaphone to benefit from market leading security & monetisation solution 27 October 2016, Malta: Go-to partner in A2P monetisation and revenue assurance for mobile operators, HAUD, is now providing its market leading SMS and SS7 solution to Vinaphone, one of the largest mobile network operators (MNOs) in Vietnam. Vinaphone, with its 23.3m subscriber base, will benefit from HAUD’s A2P monetisation solution; enabling new revenues to be raised from international A2P traffic. HAUD’s A2P monetisation solution will protect the operator’s revenues from leakage, while protecting the Vietnamese subscribers from fraudulent attacks over SMS, a fast-growing type of telecoms fraud. Steven Sammut, COO of HAUD, said: “The combination of HAUD’s technical experience and local knowledge ensured an almost immediate generation of additional messaging revenue for Vinaphone.” “Working with Vinaphone brings this market leading protection to 23m further subscribers, and continues HAUD’s expansion in the Asia-Pacific (APAC) region. With the GSMA predicting the region to grow by 600m subscribers by 2020, it is hugely important that MNOs take the necessary steps to ensure that they are protected.
Subscribers must also be protected from SMS and SS7 attacks – with recent high profile examples of compromised Facebook and WhatsApp accounts demonstrating the importance of guarding against these vulnerabilities.

Following other agreements in the region, this deal is a further vote of confidence in our monetisation and security expertise.” For further information on the services HAUD offers, visit www.HAUD.com. ENDS For media enquiries, please contact:Jamie Williamson at HAUD+356 99942342info@haud.com Notes to editors About HAUD:HAUD provides mobile network operators with a complete service to detect fraud, filter spam and protect revenues. HAUD puts operators in control of their networks with flexible solutions, unrivalled expertise and round-the-clock customer support.

The proprietary technology safeguards revenue from unsolicited and unresolved telecommunications traffic, enhancing network security and enriches customer experience. HAUD’s portfolio of modular services and solutions can be deployed in custom configurations, providing operators with flexible and robust protection to meet precise requirements. Headquartered in Malta and with offices positioned globally, HAUD offers traffic audits, system trials and various pricing models.
Visit www.haud.com for further information.

Op-Ed: Why Obama should pardon Edward Snowden

Edward Snowden speaks via video link at a news conference for the launch of a campaign calling for President Obama to pardon him on September 14.Spencer Platt / Getty Images Former NSA contractor Edward Snowden has asked President Barack Obama for a pardon, and the ACLU, which represents Snowden in the US, agrees.

The following essay by Timothy Edgar, which originally appeared on the blog Lawfare, supports that position.

Edgar is the former director of privacy and civil liberties for the Obama administration's national security staff, and is currently the academic director of law and policy at Brown University's Executive Master in Cybersecurity program, and visiting scholar at Brown University’s Watson Institute for International and Public Affairs. reader comments 62 Share this story I have signed on to the letter asking President Obama to pardon Edward Snowden that was released today.
I know this will be an unpopular position among many of my former colleagues in the national security community. My reasons for doing so are not fully captured by that letter. They are different from those who see Snowden simply as a hero and the NSA as the villain. I have concluded that a pardon for Edward Snowden, even if he does not personally deserve one, is in the broader interests of the nation. Around the time Edward Snowden got his first job in the intelligence community, I decided to leave my position as an ACLU lawyer in the hope I could make a difference by going inside America’s growing surveillance state.
Surprisingly, senior intelligence officials took a chance on hiring me in a unique new office safeguarding civil liberties and privacy.
I began work in June 2006. For the next seven years, I worked with a growing team of internal privacy watchdogs inside the intelligence community. We reviewed the most secret surveillance programs in government, including the major programs that Snowden later leaked. Our job was to ensure those programs had a firm basis in law and included protections for privacy and civil liberties. While I am proud of the work we did, it is fair to say that until Snowden stole a trove of top secret documents and gave them to reporters in 2013, we had limited success. It took a Snowden to spark meaningful change. The NSA’s operations are essential to national security and to international stability, but it is hard to reconcile them with the values of a free society. Snowden forced the NSA to become more transparent, more accountable, more protective of privacy—and more effective.

Today, the NSA’s vital surveillance operations are on a sounder footing—both legally and in the eyes of the public—than ever before. For that, the United States government has reason to say, “Thank you, Edward Snowden.” The Snowden Reforms In the last four years, there have been more significant reforms to mass surveillance than we saw in the four decades before the Snowden revelations began. Not since the post-Watergate reforms of the Ford and Carter administrations has the intelligence community faced such scrutiny. The NSA has taken painful steps to open up.

The most secret of the government’s secret agencies will never be a model of transparency.
Still, it has never been more transparent than it is today. Before Snowden, basic information like the number of targets of the NSA’s mass surveillance operations affected by court-ordered surveillance was a closely-guarded secret.

Today, the head of the intelligence community publishes an annual transparency report that provides these and other details. Before Snowden, the NSA used a secret interpretation of the Patriot Act to amass a nationwide database of American telephone records.

Congress has nowreplaced this program of bulk collection with an alternative program that leaves the data with telephone companies. Before Snowden, the secret court that authorizes intelligence surveillance never heard more than the government’s side of the argument. Now, outside lawyersroutinely appear to argue the case for privacy. Before Snowden, there was no written order, directive or policy that gave any consideration to the privacy of foreigners outside the United States. When intelligence officials asked lawyers like me about privacy, it went without saying that we were talking about American citizens and residents.

Today, for the first time in history, a presidential directive requires privacy rules for surveillance programs that affect foreigners outside the United States. In an agreement with the European Union, the American government has been forced to adopt new protections for foreign data.
In the next few years, the NSA’s partners in the United Kingdom will have to justify the surveillance practices of both countries in court against human rights challenges. In 2017, Congress will review PRISM—a program leaked by Snowden that allows the NSA to obtain e-mails and other communications from American technology companies.

The law that provides authority for PRISM expires at the end of the year.

The law also gives the NSA access to the internet backbone facilities of American telecommunications companies, in a program called “upstream collection.” Until Snowden leaked details about PRISM and upstream collection, little was known about how the law worked.

Thanks to Snowden, the debate over whether and how these programs should continue will be one in which the public is reasonably well informed – unlike the debates in Congress over the Patriot Act in 2001, 2005, 2009, and 2011, over the Protect America Act in 2007, over the FISA Amendments Act in 2008 and 2012, and over the constitutionality of the FISA Amendments Act in the Supreme Court in 2013. The NSA’s new transparency about its surveillance operations showed that they were designed not to bring about a dystopian society where privacy would be abolished, but to collect intelligence vital to the national security.

To be sure, Snowden’s trove of documents and the investigations that followed showed some programs were more effective than others.  The same privacy board that reviewed PRISM said that the NSA’s bulk collection of American telephone records had “minimal value.” The board could find “no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.” Still, there has been remarkably little evidence of intentional abuse of the NSA’s sweeping powers for improper purposes unrelated to intelligence. None was revealed by Snowden. In response to inquiries from Congress in the fall of 2013, the NSA itself disclosed that itsinspector general had uncovered a dozen incidents over ten years in which analysts used overseas collection to spy on ex-girlfriends. As a result, the programs Snowden exposed have all survived in some form.
In the case of telephone records, the NSA says that the privacy reforms adopted by Congress have actually resulted “access to a greater volume of call records” than before. Many of the NSA’s other mass surveillance programs also enjoy greater public support and legitimacy than they did before Snowden came along.

As Jack Goldsmith observes wryly, “These are but some of the public services for which the U.S. government has Snowden to thank.” A Failure of Leadership Edward Snowden’s actions caused great damage to national security. They should not have been necessary to achieve the sensible reforms of the past four years.

That they were represents a failure of leadership by the intelligence community and the national security teams of the previous two administrations.

For me, that failure is at least in part a personal one. As a privacy and civil liberties official inside the intelligence community, and later at the White House, my job was precisely to provide top officials with confidential advice about how to ensure that intelligence programs were protective of our liberties.
In doing so, I made just the sort of arguments that many have said Snowden should have raised internally instead of compromising classified information. Unlike Snowden, I had direct access to the officials that could have made surveillance reform a reality—and who did so, after the Snowden leaks forced their hand.

There is no way a junior NSA contractor could have accomplished more. Snowden’s critics argue that he should have made his concerns about privacy known through official channels without disclosing secrets and without breaking the law.

That would have achieved nothing—even in an imaginary world in which the agency had a perfect system for protecting whistleblowers.
Snowden’s concerns were not those of a traditional whistleblower. Snowden’s complaint was not that the NSA was violating its rules, but that its aggressive pursuit of its mission—even as it largely adhered to its existing rules – posed a serious risk to privacy in the digital age. If Snowden was wrong about mass surveillance being an “architecture of oppression,” he was certainly right about that, as many government officials have now acknowledged. There is an inherent tension between the values of a free society and mass surveillance. For Snowden and his supporters, the answer is easy. End mass surveillance—which is to say, most of what the NSA does.

Those of us who believe that the NSA’s far-flung operations are essential to national security and global stability have the harder task of keeping mass surveillance under control. If Snowden deserves our thanks for both this round of surveillance reform and the next, it is only because the laws and institutions we created to control surveillance had become so obsolete.
Intelligence agencies should not need the shock of massively damaging leak to abandon programs that are not working and refine and improve those that are.

Disclosing details of classified programs should not be the most effective way to force change. What Do We Do With Snowden? It makes no sense for the United States government to pursue Snowden like a digital age Inspector Javert while at the same time admitting that his actions strengthened both our civil liberties and our national security.

This is especially true because it was the intelligence community’s own shortcomings that made his reckless leak the only effective way to achieve reform. If Snowden returned to the United States today, of course, he would have to stand trial for disclosing classification communications intelligence, among other serious crimes.

This will never happen.
Snowden’s lawyers know he would likely be convicted and would face a lengthy prison term.  Under federal sentencing guidelines, an offender with no criminal history who is convicted of disclosing “Top Secret” communications information under 18 U.S.C. § 793(d) faces a prison term in the range of 168-210 months, or 14 to 17.5 years. See U.S.S.G.M. § 2M3.2. Snowden might face a considerably longer sentence if convicted of additional charges, or as a result of sentencing enhancements. Naturally, Snowden prefers to stay abroad. The law does not allow the public interest defense that Snowden says he wants, nor should it. Permitting such a defense would encourage copycats. A Snowden wannabe might hope his lawyer could convince a credulous jury that his leaks also had some positive outcome, even if the benefits were scant. The Snowden disclosures were a unique watershed event, resulting in historic reforms.
It is highly unlikely a future leak of classified surveillance information would produce such positive change. While Snowden might be enticed to return if offered a favorable plea agreement, negotiating such a deal would create poor incentives. One idea, favored by the top lawyer for the intelligence community, was for Snowden to plead guilty to a single felony charge and serve three to five years in exchange for his help undoing the damage he caused.

Through his lawyer, Snowden has said he would never plead guilty to a felony.
If a plea deal was ever really on the table, Snowden has less to offer every day, as the information he leaked becomes stale and the intelligence community moves on.
In any event, the Justice Department rightly objects to negotiating plea agreements with fugitives, to avoid giving those who flee prosecution an advantage over those that do not. The Status Quo Nevertheless, the status quo is clearly not in American interests.
Snowden’s exile in Russia is a continuing embarrassment.
Snowden has become a potent symbol for privacy and civil liberties, human rights, and an open internet in which surveillance operations are controlled by law. His presence in Moscow is a gift to Vladimir Putin, allowing the Russian president to cynically pose as a defender of digital human rights. Every time Snowden makes a virtual appearance before his admirers, the unspoken message is that he has been forced to seek asylum because the United States opposes these values. The message is no less effective for being false and unfair. By contrast with a trial or a plea agreement, a pardon is an unreviewable act of discretion by the president. Presidents have used them not only to correct injustices, but also when the broader interests of the nation outweigh the importance of punishing a crime even where some punishment is clearly deserved. Gerald Ford pardoned Richard Nixon to help the country move beyond Watergate. Jimmy Carter pardoned draft dodgers to close the chapter on the Vietnam War. Pardons are exceedingly rare.

A pardon sets no precedent and so creates no incentives. Future leakers could not count on one.

Even if Snowden does not deserve a pardon for what former Attorney General Eric Holder called his act of “public service,” we should give him one and move on. We are the good guys. It is time for the world to know it again.

How the feds used Internet searches to find 5 child pornography...

Enlarge / Postal inspectors routinely investigate child pornography cases in the US.Joshua Lot/Getty Images reader comments 27 Share this story "[Rev.

Dr.] Jim [Parkhurst] plays guitar, sings in a symphony chorus, loves to hike, does crossword puzzles, and is an avid reader. He enjoys spoiling his twin nephews on annual trips to our national parks in the west." -Post announcing Parkhurst's new job, January 2015 In 2013, federal agents investigating the child pornography collection of one David S.

Engle—who was later sentenced in Washington state to 25 years in prison—came across a new set of eight images.

The pictures showed five boys, ranging in age from around seven to 15, urinating outdoors, shaving their pubic hair, and posing naked in bathtubs. According to an affidavit from Postal Inspector Maureen O'Sullivan, who helped investigate the images, the photo set was "emerging and being widely distributed and traded by child pornography collectors on a national and international scale." Being new and uncatalogued, the images were forwarded to the National Center for Missing and Exploited Children (NCMEC), which maintains a vast database on prohibited images for use in investigations and image blacklists. While law enforcement generally focuses on finding those who create and/or trade child pornography, a simultaneous effort is made to identify—and if necessary to secure—the victims.

At the federal level, this task is centralized within NCMEC at the Child Victim Identification Program (CVIP)—and this new image set wound up at CVIP accordingly.

The investigation of the pictures, which took three years to complete, opens a rare window into the world of digital detectives who specialize in tracing some of the world's most horrific imagery. An Embassy Suites hotel room—but which one? It turns out that federal agents largely run an investigation the way most of us would: on the public Internet. CVIP took the obvious first step and pulled all the Exchangeable Image File (EXIF) metadata from the photos.

Amazingly, this data had never been scrubbed (even Facebook scrubs EXIF metadata from uploaded photos for security and privacy reasons).

Though the images were not tagged with GPS locations, they did have dates attached.

This would become a crucial clue. Without names and dates, finding the photos' creator would be difficult.

Even if one could identify a particular hotel used in a photo, the huge number of possible dates would make guest check-in registries nearly worthless.

But with a date, identifying a particular hotel might solve the case immediately. To that end, CVIP agents looked through a subset of the pictures that had been taken in a hotel room on August 20, 2010.

Background items suggested a location in Colorado, while the décor of the room hinted at an Embassy Suites hotel.

To find out which hotel, CVIP "compared rooms in the images to online photos of hotel rooms in all of the Embassy Suites in the area." (This sounds like either a Google image search or a careful look at the Embassy Suites website.) The team decided that the location was the Embassy Suites in Denver. The information was sent back to the postal inspectors, who fired off a subpoena to Embassy Suites for everyone registered at a "small subset of the hotel's rooms" on the date in question. However, the registry turned up no clear leads.

The trail went cold. Let me Google that for you In February 2015, CVIP came back to the postal inspectors with new data. Unrelated investigations around the country had turned up additional images from the set, showing the same boys in Western locations, many of them outdoors. James Parkhurst UMC EXIF data revealed that these photos were taken two days earlier than the others, and one additional boy was now pictured. More importantly, "a particular landmark" in the new photos offered a specific location: a cabin within the Antero Hot Springs cabins in Salida, Colorado. In March 2015, the owner of the cabins sent postal inspectors information on guest rentals from the time. On the day the photos there had been taken, the cabin in question had been rented to "James Parkhurst" and three guests. Rather than delving into some super-secret law enforcement database, agents turned to Google and Facebook to ID Parkhurst. Quick searches revealed a 55-year-old man with the same name who lived in Portland and was working as the Executive Director of Camp and Retreat Ministries for the United Methodist Church's Oregon-Idaho Conference. A search of Facebook pages belonging to Parkhurst and his family members showed conversations about trips to national parks—along with names and (non-sexual) photos of the five boys in the prohibited image series. Three of the boys, it turned out, were sons of Parkhurst's cousin.

The other two were twins, both adopted from Vietnam by Parkhurst's brother. The full Facebook This discovery led to an August 2015 search warrant for the Facebook accounts of Parkhurst, the five boys, and their parents.

Cross-referencing the conversations and pictures returned by the social network with the prohibited images and their EXIF data, investigators sketched out specific dates and times during which Parkhurst appeared to be on trips alone with the boys in locations matching those in the prohibited photos. For instance, the earliest photos dated to August 2008, when Parkhurst allegedly took all five boys on a trip to Las Vegas, the Hoover Dam, and Yosemite National Park.

As part of that trip, the group stopped at Travertine Hot Springs and Buckeye Hot Springs.
Inspectors found references to both places on a public website devoted to naturism ("nudity is commonplace").

Another stop, at El Dorado Hot Springs, was listed on a separate site as one of the "best places for nude camping in Arizona." With another prohibited image, investigators used "public search engines" to identify a particular hotel in Mariposa, California.

As confirmation of the location, traveler pictures on a "hotel review website" matched the bathroom amenities and décor in the prohibited photo.
Still more images were identified based on "landmarks that are searchable on Google" or by matching one pond to "an online image of the Olympic Hot Springs in Olympic Park, Washington." Travertine Hot Springs in California. gastondog Revenge of the thumbnail Several of the photos from the set were circulating among child pornography collectors in cropped versions, with the pictures usually altered to remove an adult or to focus attention on the genitals. But the crops didn't hide the original image completely.
Investigators found that several of the image files still held thumbnail versions of the original image. One of these smaller but un-cropped images showed, in O'Sullivan's words, "Parkhurst nude next to [one of the boys]." Secret databases Assembling the case against Parkhurst eventually moved beyond open source information. Law enforcement periodically busts allegedly "legitimate" businesses selling things like "naturist films from around the world" that are actually child pornography. When that happens, investigators seize and archive all sales records for future investigations. For instance, in 2006, postal inspectors and the Los Angeles police raided Insider Video Club, which dealt in "DVDs, VHS tapes, and still images of nude men and boys;" the company's database was then seized.

And in October 2010, Toronto police shut down Azov Films, which specialized in this material, and they sent a copy of the sales database to the US. As part of the Parkhurst investigation, postal inspectors ran his name against these kinds of sales databases—and found hits at both Azov and Insider Video Club. Parkhurst had allegedly ordered Swim Party for $24.95 back in 1997 and Boys in the Mud in 2005 for $45.95.

Each video showed nude young boys and contained "no meaningful dialogue or storyline." Each video had been sent directly to Parkhurst's address. Federal Judge Youlee Yim You. But it was a third "ping" against a sensitive database that appears to have kicked the investigation into urgent mode. Postal inspectors plugged away on the Parkhurst case all the way through to July 2016, when they realized that Parkhurst had ongoing contact with the boys in the images—he had another trip coming up. A law enforcement sensitive database revealed that Parkhurst had booked tickets for himself and one of the boys—a senior in high school living near Chicago—to Greece, Italy, and Sweden.

The trip would begin on August 3. On August 1, Postal Inspector O'Sullivan took a search warrant to Federal Judge Youlee Yim You in Portland, had it signed, and assembled her team.

They raided Parkhurst's home the next morning, one day before the trip. According to O'Sullivan, the search team found some of the prohibited images on "one or more" of Parkhurst's digital devices. Parkhurst then agreed to speak to investigators. He allegedly admitted that he had taken the photos, acknowledged masturbating to at least some of them, but denied that he engaged in sexual activity with the boys. Parkhurst also suggested that his collection of nude images would not "qualify as child pornography." (US child pornography law actually includes a clause banning "lascivious exhibition of the genitals or pubic area" as a way to short-circuit any "but I didn't actually touch them!" defense.) Parkhurst was arrested.

According to the Oregonian, he resigned from his job and surrendered his ministerial credentials a few days later. He was eventually transferred to Denver, where he will stand trial. He had his first court appearance there this week. Creative searching While the Internet has enabled an explosion in child pornography—an issue that was largely under control in the analog era, thanks to the difficulty and expense of finding, creating, printing, and distributing it—it at least makes investigations simpler, too. Even though law enforcement has access to expensive or secret databases, many of the Parkhurst investigation leads were based on EXIF data and publicly available Internet pages.

Google, Facebook, hotel review and naturist websites, online maps, and image searches—it's all grist for the mill. Once a hotel or cabin has been located, once a person has been ID'd on Facebook, once a trip is suspected, then it's time for the subpoena, the warrant, or the secret database. Still, with all of the tech, search, and monitoring tools available to authorities today, one of the most useful investigative skills remains the ability to use the public Internet creatively.

Censorship row: Facebook reinstates iconic “napalm girl” photo [Updated]

Enlarge / Kim Phuc is the girl pictured in an iconic picture—censored by Facebook—that was taken by photographer Nick Ut during a napalm strike in the Vietnam war.Eric Lalmand/AFP/Getty Images reader comments 92 Share this story Update, 8.43pm GMT: Facebook has reinstated posts containing the photograph of Kim Phuc—the naked girl captured in the iconic "napalm girl" photograph. The free content ad network issued a lengthy statement to justify its volte-face, after it had earlier removed the Norwegian PM's post from her Facebook account.

Erna Solberg had posted the image as the row against Facebook's censorship escalated. Facebook said late on Friday that it "looked again" at how its rules had been applied to the image by photographer Nick Ut. "An image of a naked child would normally be presumed to violate our Community Standards, and in some countries might even qualify as child pornography," it said. "In this case, we recognise the history and global importance of this image in documenting a particular moment in time.

Because of its status as an iconic image of historical importance, the value of permitting sharing outweighs the value of protecting the community by removal, so we have decided to reinstate the image on Facebook where we are aware it has been removed." It's worth parsing the final bit of that sentence: "we are aware" is Facebook trying its best, once again, to avoid any suggestion that it is directly editing the content. The company, continuing with its hands-off theme, added: We will also adjust our review mechanisms to permit sharing of the image going forward.
It will take some time to adjust these systems but the photo should be available for sharing in the coming days. We are always looking to improve our policies to make sure they both promote free expression and keep our community safe, and we will be engaging with publishers and other members of our global community on these important questions going forward. Original Story Facebook has been accused of censorship by Norway's prime minister, Erna Solberg, in a growing spat about the free content ad network's removal of a post featuring the Pulitzer Prize-winning historic Vietnam War image of "napalm girl." The social media network deleted a post made by the Norwegian newspaper Aftenposten based on the fact that the image contained child nudity. On Friday morning, the editor-in-chief of the paper published an open letter to Mark Zuckerberg, in which he described the Facebook chief as "the world's most powerful editor"—a sticky note increasingly being slapped on the multibillionaire's back, even as he continues to refuse to accept any such tag. Just last week, Zuckerberg wryly said at a Facebook event in Germany: "we're a tech company, we're not a media company." Nick Ut's harrowing image of a naked child fleeing from a napalm explosion, however, has bluntly been deemed inappropriate by Facebook because it displays nudity.

The row first began some weeks ago, when Norwegian author Tom Egeland posted the picture on Facebook, only to have it removed for violating the firm's rules. Facebook told Ars: While we recognise that this photo is iconic, it’s difficult to create a distinction between allowing a photograph of a nude child in one instance and not others. We try to find the right balance between enabling people to express themselves while maintaining a safe and respectful experience for our global community. Our solutions won’t always be perfect, but we will continue to try to improve our policies and the ways in which we apply them. In other words, Facebook doesn't want to be seen as a publisher editing content on its ad-stuffed service because it would then be exposed to strict libel laws.
Instead, it claims to rely on a global community of users to report content that violates its stringent rules.

The company has repeatedly come under fire for removing posts featuring nude images, such as pictures of breast-feeding mums. Norwegian PM Solberg reportedly posted Ut's photo on her Facebook account on Thursday when she accused Zuckerberg's company of censorship. Her "napalm girl" post has since disappeared. This post originated on Ars Technica UK