Fake Online Locksmiths May Be Out to Pick Your Pocket, Too

[Note:  This item comes from reader Randall Head.  DLH]

Fake Online Locksmiths May Be Out to Pick Your Pocket, Too
Odds are good that when you search Google for someone
to help you get into your home or car, results will include
poorly trained subcontractors who will squeeze you for cash.
By DAVID SEGAL
Jan 30 2016
<http://www.nytimes.com/2016/01/31/business/fake-online-locksmiths-may-be-out-to-pick-your-pocket-too.html>

Maybe this has happened to you.

Locked out of your car or home, you pull out your phone and type “locksmith” into Google. Up pops a list of names, the most promising of which appear beneath the paid ads, in space reserved for local service companies.

You might assume that the search engine’s algorithm has instantly sifted through the possibilities and presented those that are near you and that have earned good customer reviews. Some listings will certainly fit that description. But odds are good that your results include locksmiths that are not locksmiths at all.

They are call centers — often out of state, sometimes in a different country — that use a high-tech ruse to trick Google into presenting them as physical stores in your neighborhood. These operations, known as lead generators, or lead gens for short, keep a group of poorly trained subcontractors on call. After your details are forwarded, usually via text, one of those subcontractors jumps in a car and heads to your vehicle or home. That is when the trouble starts.

The goal of lead gens is to wrest as much money as possible from every customer, according to lawsuits. The typical approach is for a phone representative to offer an estimate in the range of $35 to $90. On site, the subcontractor demands three or four times that sum, often claiming that the work was more complicated than expected. Most consumers simply blanch and pay up, in part because they are eager to get into their homes or cars.

“It was very late, and it was very cold,” said Anna Pietro, recalling an evening last January when she called Allen Emergency, the nearest locksmith to her home in a Dallas suburb, according to a Google Maps search on her iPhone. “This guy shows up and says he needs to drill my door lock, which will cost $350, about seven times the estimate I’d been given on the phone. And he demanded cash.”

The phone number at Allen Emergency is now disconnected.

It is a classic bait-and-switch. And it has quietly become an epidemic in America, among the fastest-growing sources of consumer complaints, according to the Consumer Federation of America.

Lead gens have their deepest roots in locksmithing, but the model has migrated to an array of services, including garage door repair, carpet cleaning, moving and home security. Basically, they surface in any business where consumers need someone in the vicinity to swing by and clean, fix, relocate or install something.

“I’m not exaggerating when I say these guys have people in every large and midsize city in the United States,” said John Ware, an assistant United States attorney in St. Louis, speaking of lead-gen locksmiths.

[snip]

License plate readers a double-edged sword for NY village

[Note:  This item comes from friend Paul Pangaro.  DLH]

License plate readers a double-edged sword for NY village
By MICHAEL BALSAMO
Feb 7 2016
<http://www.apnewsarchive.com/2016/A-New-York-village-that-installed-a-ring-of-license-plate-scanning-cameras-in-hopes-of-improving-policing-has-found-the-monitors-have-become-something-of-a-double-edged-sword/id-e2a4f70d272840b690f0e1ad9822856d>

FREEPORT, N.Y. (AP) — When this Long Island village switched on its “ring of steel” last fall, it knew it was getting a potent policing tool. The system of 27 cameras would scan the license plate of every single vehicle that rolled into town. If a wanted criminal drove through, the system would sound an alert. If someone burglarized a house, the data could be mined to see who was on the road at the time.

Police weren’t prepared, though, for the firehose of less-valuable intelligence generated by the $750,000 system.

Since the scanners went live Nov. 2, they have been triggering an average of 700 alarms a day, mainly about cars on the road with expired or suspended registration stickers. Officers have impounded 500 vehicles. They’ve written more than 2,000 court summonses, mostly for minor violations.

“It is a tremendous amount of workload that has been increased due to this new technology,” said Miguel Bermudez, police chief in the town of Freeport.

Mayor Robert Kennedy dismissed any notion that the system may be diverting the department’s attention from more serious offenses while Bermudez noted that it quickly became clear his 95 officers would be unable to respond to every ping signaling an infraction. After overtime expenses jumped at least 20 percent, the department has lately adjusted its approach, responding only to higher priority alarms.

But the chief is still talking about hiring another six to eight officers who would be dedicated solely to traffic duties and responding to license plate scanner alerts, in part because there have been some major successes.

In January, an officer responding to an alert about a stolen car discovered that the man behind the wheel, Tremain Williams, was wanted for killing a man in Norfolk, Virginia. Police found an M-4 assault rifle in the trunk. Williams has pleaded not guilty; his attorney declined to comment.

In its first 90 days of operation, 15 stolen cars were spotted and returned to their rightful owners.

About two dozen other crime suspects have been arrested, including two men suspected in a series of armed robberies who were in a stolen car as well as a man wanted for allegedly burglarizing local churches.

Kennedy would not say how much money has been generated through the village system, noting that it has only been up and running for about 90 days and it isn’t possible to determine what the cost has been beyond the installation fee.

The use of license plate scanners has been proliferating at law enforcement agencies nationwide.

A 2012 study by the Police Executive Research Forum, a research and policy group, found that about 7 in 10 law enforcement agencies nationwide have at least some access to the technology.

[snip]

Increased water stored on land has slowed sea level rise by 20%, study finds

Increased water stored on land has slowed sea level rise by 20%, study finds
By John Upton
Feb 11 2016
<http://mashable.com/2016/02/11/slowed-sea-level-rise/>

Vast volumes of water falling as rain and snow have stayed on land in recent years, slowing the rise of the seas, new research has revealed.

Water is constantly evaporating from oceans and moving to land, where it’s stored fleetingly in lakes, snowpacks, soil and tree canopies, before flowing back again.

“The land “has been taking up water,” said NASA Jet Propulsion Laboratory scientist John Reager, who led the study published Thursday in Science. “That’s been slowing the rate of sea level rise.”
The effect may have been temporary, and it has not been enough to protect coastal residents from profound shoreline changes triggered by global warming.

The new study relied on NASA gravity data from 2002 to 2014 to track the changes in the amount of water stored on land. The finding excluded water stored in glaciers, which continued to decline as warming temperatures caused them to melt.

Because of global warming, high tides are lapping an average of 8 inches higher than they were in the 1800s, causing routine flooding along the East and Gulf coasts. Several feet or more of additional sea level rise is anticipated this century, threatening roads, pipelines, buildings and residents around the world.

Seas have been rising about 3.2 millimeters (one-eighth of an inch) yearly since the early 1990s. The rate is projected to pick up pace as more water melts from glaciersand ice sheets, and as warming oceans continue to expand.

Because of the high amounts of water being trapped on land, the rate fell to 2.4 millimeters from 2002 to 2014, slowing sea level rise by a quarter, according to the findings from the study.
During the 12-year period studied, Reager said it’s enough water to fill Lake Huron — which between Michigan and Ontario is one of the world’s biggest lakes — was drawn out of the oceans and stored on land.

One of the lesser-known causes of sea level rise is the pumping of groundwater out of aquifers for irrigation and other uses, which eventually ends up in the oceans. The researchers discovered that twice as much water was trapped on land from 2002 to 2014 than was pumped out of aquifers.

[snip]

There’s an app for young Iranians to avoid the morality police, but its makers are worried

[Note:  This item comes from friend Steve Goldstein.  DLH]

There’s an app for young Iranians to avoid the morality police, but its makers are worried
By Adam Taylor
Feb 11 2016
<https://www.washingtonpost.com/news/worldviews/wp/2016/02/11/theres-an-app-for-young-iranians-to-avoid-the-morality-police-but-its-makers-are-worried/>

In modern Iran, morality watchdogs are a part of life. Under the orders of Iran’s Ministry of Culture and Islamic Guidance, officials censor or sideline those seen as violating Iran’s conservative Islamic codes.

Iranian women have often faced the most scrutiny. Morality squads — under the direction of the powerful Revolutionary Guard — may give warnings or even take women to court for how they act or dress. (Since the Islamic Revolution in 1979, Iranian women have been required to wear the hijab, a Muslim head covering, as well as loose fitting coats or cloaks.) Morality vigilantes have even taken aim at the sale of Barbie dolls.

Over the past few years, the situation has seesawed amid wider battles between conservatives and more liberal forces. Authorities have stepped up pressures in other directions, including monitoring perceived dissent on the Web.

Within Iran, the actions of morality overseers have long been controversial. And many — including its large and well-educated population of young people — increasingly challenge codes imposed by officials. For instance, women have continued to test limits with shorter and tighter coverings.

And this week, a group of Iranians came up with a plan to help people avoid the eyes of authorities: a smartphone app.

Gershad — a play on the name given to the morality overseers in Iran, Ershad — was released this week on Google’s Android system. The way it works is simple: Users can mark on a map of Tehran where people are being stopped for the way they dress or act, allowing other users to avoid those spots. The app updates after six hours to show which reports of morality watchdogs are old and which are new. In effect, it’s not dissimilar to the popular navigation and traffic app Waze, which allows users to mark traffic and other obstacles for other drivers.

This screenshot from Nima Akbarpour of the BBC’s Persian-language service shows the app in action:

[snip]

Upgraded LIGO detectors spot gravitational waves

Upgraded LIGO detectors spot gravitational waves
First direct confirmation of a century-old prediction of general relativity.
By John Timmer
Feb 11 2016
<http://arstechnica.com/science/2016/02/upgraded-ligo-detectors-spot-gravitational-waves/>

LIVINGSTON, Louisiana—In a large press event today, the scientists behind the LIGO experiment announced the first direct detection of gravitational waves, ripples in the fabric of space-time generated by strong gravitational interactions. The news, following weeks of rumors, confirms a major prediction of general relativity, and comes a century after Einstein first formulated the theory.

The waves, produced in the final moments of a black hole merger, arrived precisely at 5:51 in the morning (US Eastern) on September 14th last year, and were picked up by both LIGO detectors—one in Louisiana, one in Washington. Since the Louisiana detector picked up the signal a few milliseconds sooner, the event that produced the gravitational waves occurred in the Southern Hemisphere.

“The description of this observation is beautifully described in the Einstein theory of general relativity formulated 100 years ago,” said MIT professor Rainer Weiss, part of the team that first proposed LIGO. He said it “comprises the first test of the theory in strong gravitation.”

Gravitational waves are a consequence of general relativity. They’re generated when two massive bodies are in close orbit around each other. Rather than entering a stable orbit, their interactions produce gravitational waves, ripples in the fabric of space. These waves carry energy away from the system, allowing the orbits to decay, eventually leading to a merger of the system.

General relativity makes some rather precise predictions about how quickly gravitational energy should radiate away from systems like this. We’ve discovered a number of binary systems over the years composed of massive, compact objects like neutron stars (the first such discovery was awarded a Nobel Prize). And, in each case, the behavior of these systems was consistent with the predictions of general relativity.

But the gravitational waves were still missing in action. Attempts to find them, including an earlier iteration of LIGO, came up empty. And a general search for their influence on astronomical objects also turned up nothing.

But the agreement between Einstein’s predictions and observations provided a strong motivation to keep looking. It was enough to get the National Science Foundation to foot the bill for LIGO’s upgrade. And the NSF’s bet has clearly paid off.

Based on the details of the signal detected, the LIGO team estimates that the event that generated the gravitational waves occurred 1.3 billion years ago. That’s when two black holes, one 29 times the mass of the Sun, the second 36 times, spiraled into each other. When the collision took place, the equivalent of three times the mass of the Sun was converted directly to energy and released in the form of gravitational waves. For a brief fraction of a second, this single event produced more power than the entire rest of the visible Universe combined.

[snip]

New report contends mandatory crypto backdoors would be futile

New report contends mandatory crypto backdoors would be futile
With two-thirds of crypto developed abroad, crooks have plenty of non-US alternatives.
By Dan Goodin
Feb 11 2016
<http://arstechnica.com/tech-policy/2016/02/new-report-contends-mandatory-crypto-backdoors-would-be-futile/>

An estimated 63 percent of the encryption products available today are developed outside US borders, according to a new report that takes a firm stance against the kinds of mandated backdoors some federal officials have contended are crucial to ensuring national security.

The report, prepared by security researchers Bruce Schneier, Kathleen Seidel, and Saranya Vijayakumar, identified 865 hardware or software products from 55 countries that incorporate encryption. Of them, 546 originated from outside the US. The most common non-US country was Germany, a country that has publicly disavowed the kinds of backdoors advocated by FBI Director James Comey and other US officials. Although the Obama administration is no longer asking Congress for legislation requiring them, it continues to lobby private industry to include ways law-enforcement agencies can decrypt encrypted data sent or stored by criminal or terrorism suspects.

The authors said that they found no reason to believe the quality of encryption products developed abroad are any better or worse than their counterparts in the US or in the UK or France, whose officials have also hinted they favor encryption backdoors. The conclusion of their survey—which the researchers said represents the lower bound of the number of encryption products available worldwide—was that criminals or terrorists who are savvy enough to use encryption would also be smart enough to choose a product that isn’t subject to mandatory backdoor laws. The result, the authors argued, is that US competitiveness would be harmed with little benefit to national security.

In the report, they wrote:

Currently in the US, UK, and other countries, there are policy discussions about mandatory backdoors in encryption products. Law enforcement is the impetus behind these discussions; they claim that they are “going dark” and unable to decrypt either communications or data in storage. Security researchers have long argued that such backdoors are impossible to implement securely, and will result in substandard security for everyone. Others argue that going dark is the wrong metaphor, and that many avenues for surveillance remain.

Our research points to a different argument. Proposed mandatory backdoors have always been about modifying the encryption products used by everyone to eavesdrop on the few bad guys. That is, the FBI wants Apple—for example—to ensure that everyone’s iPhone can be decrypted on demand so the FBI can decrypt the phones of the very few users under FBI investigation.

For this to be effective, those people using encryption to evade law enforcement must use Apple products. If they are able to use alternative encryption products, especially products created and distributed in countries that are not subject to US law, they will naturally switch to those products if Apple’s security weaknesses become known.

Our survey demonstrates that such switching is easy. Anyone who wants to evade an encryption backdoor in US or UK encryption products has a wide variety of foreign products they can use instead: to encrypt their hard drives, voice conversations, chat sessions, VPN links, and everything else. Any mandatory backdoor will be ineffective simply because the marketplace is so international. Yes, it will catch criminals who are too stupid to realize that their security products have been backdoored or too lazy to switch to an alternative, but those criminals are likely to make all sorts of other mistakes in their security and be catchable anyway. The smart criminals that any mandatory backdoors are supposed to catch—terrorists, organized crime, and so on—will easily be able to evade those backdoors. Even if a criminal has to use, for example, a US encryption product for communicating with the world at large, it is easy for him to also use a non-US non-backdoored encryption product for communicating with his compatriots.

[snip]