Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Records

Bitcoin over Tor isn’t a good idea – Paper

Paper by Alex Biryukov, Ivan Pustogarov

“Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network.
While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level of anonymity is rather low. This encourages users to connect to the Bitcoin network through anonymizers like Tor and motivates development of default Tor functionality for popular mobile SPV clients. In this paper we show that combining Tor and Bitcoin creates an attack vector for the deterministic and stealthy man-in-the-middle attacks. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user’s transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to the user and can delay or discard user’s transactions and blocks. In collusion with a powerful miner double-spending attacks become possible and a totally virtual Bitcoin reality can be created for such set of users.”

Safeguarding the Personal Information of all People – ODNI

Office of the Director of National Intelligence (ODNI) – Safeguarding the Personal Information of all People, July 2014. “As the President said in his speech on January 17, 2014, “the challenges posed by threats like terrorism, proliferation, and cyber-attacks are not going away any time soon, and for our intelligence community to be effective over theContinue Reading

Retired NSA Technical Director Explains Snowden Docs

New Data Release from Centers for Medicare and Medicaid Services

FCW.com: “A new government database that debuted Sept. 30 offers information on financial connections between doctors and teaching hospitals and pharmaceutical firms and medical device manufacturers. The open-data play by the Centers for Medicare and Medicaid Services was mandated under provisions of the 2010 health care overhaul. The inaugural data dump covers $3.5 billion in payments fromContinue Reading

A Review of Security Requirements for Local Number Portability Administration

A Review of Security Requirements for Local Number Portability Administration, The Chertoff Group, September 29, 2014: “For years, Americans have had the legal right to keep their wireless and wireline telephone numbers when switching carriers, and they frequently exercise this right. Carriers must constantly keep track of this switching of carriers in order to route telephone callsContinue Reading

Appeals Court Limits Military Surveillance of Civilian Internet Use

“The U.S. Court of Appeals for the Ninth Circuit ruled in United States v. Dreyer that an agent for the Naval Criminal Investigative Service violated Defense Department regulations and the Posse Comitatus Act when he conducted a surveillance operation in Washington state to identify civilians who might be sharing illegal files. The 1878 Act prevents the U.S.Continue Reading

New GAO Reports – Army Corps of Engineers, Bureau of Prisons, CFPB, ID Theft, Oil and Gas Transportation, Affordable Care Act

ARMY CORPS OF ENGINEERS: The Corps Needs to Take Steps to Identify All Projects and Studies Eligible for Deauthorization, GAO-14-699: Published: Aug 21, 2014. Publicly Released: Sep 22, 2014. BUREAU OF PRISONS: Management of New Prison Activations Can Be Improved, GAO-14-709: Published: Aug 22, 2014. Publicly Released: Sep 22, 2014. CONSUMER FINANCIAL PROTECTION BUREAU:Some Privacy and Security Procedures for Data CollectionsContinue Reading

The Evolution of US Government Restrictions on Using and Exporting Encryption Technologies

CIA approved for release 9/12/2014 – redacted: The Evolution of US Government Restrictions on Using and Exporting Encryption Technologies, Michael Schwartzbeck. “In the last year, several academic, commercial, and free speech advocates have seriously jeopardized the US government’s legal right to control encryption.”

FBI Says Biometric Database has Reached “Full Operational Capability”

“The FBI announced that the Next Generation Identification system, one of the largest biometric databases in the world, has reached “full operational capability.” In 2013, EPIC filed a Freedom of Information Act lawsuit about the NGI program. EPIC obtained documents that revealed an acceptance of a 20% error rate in facial recognition searches. Earlier this year, EPIC joined a coalition ofContinue Reading

A day in the life of a data mined kid – report

Adrienne Hill: “Education, like pretty much everything else in our lives these days, is driven by data. Our childrens’ data. A whole lot of it. Nearly everything they do at school can be — and often is — recorded and tracked, and parents don’t always know what information is being collected, where it’s going, or how it’sContinue Reading

Treasure Map: The NSA Breach of Telekom and Other German Firms

Spiegel Online – Andy Müller-Maguhn, Laura Poitras, Marcel Rosenbach and Michael Sontheimer:  [Treaure Map] “is the mandate for a massive raid on the digital world. It aims to map the Internet, and not just the large traffic channels, such as telecommunications cables. It also seeks to identify the devices across which our data flows, so-called routers. Furthermore, every single endContinue Reading

Libraries may digitize books without permission, EU top court rules

Loek Essers – PC World: “European libraries may digitize books and make them available at electronic reading points without first gaining consent of the copyright holder, the highest European Union court ruled Thursday. The Court of Justice of the European Union (CJEU) ruled in a case in which the Technical University of Darmstadt digitized a book published byContinue Reading