This week, the US Army issued a directive ordering soldiers to not use DJI drones and other UAVs due to cyber vulnerabilities and the potential for spying by the devices on the battlefield. DJI is shocked by the move without consultation. What would be the threat? Leo says that drones have radios and GPS, and often have internet connectivity. So it's possible that drones could be taken over by a third party and used for spying, especially for mapping terrain. But Leo says it's also likely there's could be a certain amount of paranoia at work here.
Most of the exploits and listening techniques reported by the information from Wikileaks Vault 7 indicate that the CIA can use to eavesdrop are mostly targeted tools, and not the blanket surveillance hacks that were originally reported.
Citizenfour is an Academy Award winning documentary on the story of Edward Snowden. He was a contractor for the NSA as a systems administrator working out of Hawaii, and that's how he was able to obtain information. What he did with that information is what became so controversial. He went to Hong Kong, and contacted journalists to give them this information he had collected, but didn't want anything released that would risk the lives of government operatives. Instead, he wanted journalists to tell the world, Americans in particular, what the NSA had been up to.
The most recent leak from Edward Snowden is about an NSA program called "Quantum." The Intercept, a publication created to release this information, claims that this quantum tool weaponizes the internet. It is a malware tool that can infect machines at an industrial scale exploitation. The agency has malware tools that could infect millions of computers worldwide that allows them to eavesdrop on the computer's owner. It can covertly record audio from the computer microphone and take pictures from the computer webcam.
Po isn't thrilled about the trend of surveillance in this country and how easy it could be for them to listen in on cellphones. Leo says that the courts have held that metadata (where he is or who he's calling) isn't subject to a warrant. So the government can make a request for a "pen register," pay a fee and then they can know someone's exact whereabouts.
The latest coming out of the NSA spying scandal is that the feds are spending $750 Million a year to subvert private encryption. They clearly have the desire to get rid of privacy, but Steve Gibson says they aren't anywhere near getting to the point where they can crack a back door into encryption. They can, however, pressure companies like Microsoft to put one in. Which is why open source encryption is the way to go.
Steve Gibson joins the show to talk about the latest revelations that the NSA is spending millions to break conventional encryption as they spy on us. Steve says that while the news is concerning, it only means that they're merely trying to do this. He says that the press all too often creates inflammatory headlines to sell content. There's no foundation to the rumor that the NSA has done all that. Encryption is still strong. They're just focusing on the weakest link in the chain.
Pat has a Hotmail account and she's concerned that Microsoft is moving her to Outlook.com. What concerns her is that everywhere she goes online, they know her email address and they put ads in her email. Leo says that's the curse of a free email account. So Pat will have to pay for email to avoid that. What about anti spam utilities? Leo says that also will scan her email for key words to block certain messages. Pat shouldn't fear that someone is reading her mail. The NSA is reading all of our mail anyway. It's all done electronically.
Word broke this week by Greg Greenwald that the NSA was spying on all Americans by combing through all emails, phone conversations, text messages and more, searching for keywords that could lead to terrorism. Some feared that it means the government has a 'back door' to companies like Google, Apple, Facebook and others. Leo says that isn't really what is happening. What is being set up is a secure server with which the Feds can access data in a 'dropbox' fashion that has been provided by court order and by law.
No, Apple doesn't allow this. She could jailbreak the phone and use a third party app from Cydia, but that will make the phone less secure and more unstable.
Leo’s not much a fan of spying on kids, but he has used Find My iPhone to make sure his kids are where they say they are. But he believes that talking to your kids, being plugged in, and letting them know you can access their phone at any moment is a better way to go.
The iPhone also has pretty good parental controls, so that’s another way to make sure your kids aren’t going where they shouldn’t online.