Government contractor monitors U.S. internet providers

Cybersecurity Update – Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and The DorobekInsider with Chris Dorobek (3-7 p.m.). Listen live at or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • A semi-secret government contractor that calls itself Project Vigilant has surfaced with a series of revelations: that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its “volunteers” to inform the federal government about the alleged source of a controversial video leaked to Wikileaks, reports Forbes. The Wikileaks revelation released over the weekend at Defcon is one of the first public statements from the semi-secret effort. Chet Uber, the director of Fort Pierce, Fl.-based Project Vigilant, says the 600-person “volunteer” organization functions as a government contractor bridging public and private sector security efforts.
  • Was it a case of profit over privacy? After a vigorous internal debate, Microsoft launched its Internet Explorer 8 browser with privacy controls turned off. It requires users to actively turn them on if they want to avoid being tracked online. Product planners wanted it the opposite way. But Microsoft executives, according to the Wall Street Journal, said automatically-on privacy controls would hurt the company’s ability to profit from online advertising, much of which depends on individual users’ browsing habits. A British consultant said the original privacy plans would have been industry-leading. But Microsoft General Counsel Brad Smith says the final product balances privacy interests with the need for revenue and advertising content.
  • A computer security researcher has built a device that can intercept and record some kinds of cell phone calls. Chris Paget told the DefCon conference in Las Vegas Saturday that he built the device for $1,500 from parts found on the Internet. Paget’s device tricks nearby cell phones into thinking it’s a cell phone tower and routing calls through it. It exploits a weakness on GSM, a cellular technology that’s one of the most widely used. Paget says smart phones that use 3G networks and Blackberries that use encryption are not vulnerable to the device. However, he says phones that don’t specify a network type can be vulnerable.

Check out all of Federal News Radio’s coverage of cybersecurity issues here.