President Trump Under Investigation for Obstruction of Justice

Special counsel Robert Mueller is now reportedly investigating President Trump for obstruction of justice regarding former FBI Director James Comey’s investigation into Russia. Comey said in his Senate testimony last week that he told Trump three times earlier this year that he was not personally under investigation for the alleged Russia collusion. But Trump still fired Comey, and later said that he had “that Russia thing” on his mind when doing so.

Mueller will reportedly also look at other issues in the investigation, such as possible financial crimes. Some officials from the NSA will be interviewed as early as this week.

Reposting: Don’t rule out the possibility of Trump trying to remove Mueller. This is now more relevant: https://t.co/dBEXKZWDV4 https://t.co/tIim9xqQys

— Greg Sargent (@ThePlumLineGS) June 14, 2017

Spokespeople for Mueller declined to comment after the news broke, but Trump’s team was quick to denounce it, calling the FBI’s “leaking” of information about the president “outrageous, inexcusable and illegal.” However, it’s not clear why they thought the information came from the FBI, given that no source has been released. This morning at 4 a.m., Trump commented on Twitter and called it a “phony story.”

They made up a phony collusion with the Russians story, found zero proof, so now they go for obstruction of justice on the phony story. Nice

— Donald J. Trump (@realDonaldTrump) June 15, 2017

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post RantCrush Top 5: June 15, 2017 appeared first on Law Street.

To boost recruitment, the Secret Service is altering its drug policy: now, applicants who have used marijuana at some point in their past can still be considered for a position. An initiative by newly appointed director Randolph Alles, who President Donald Trump appointed to the post at the end of April, the policy change is designed to infuse the agency with a couple thousand more officers. The policy went into effect last month.

“We need more people,” Alles said in a press conference last Thursday. “The mission has changed.” Pointing to threats like international terrorism, groups like al Qaeda and Islamic State, and homegrown actors, he added: “It’s more dynamic and way more dangerous than it has been in years past.”

According to its drug policy statement, the Secret Service “does not condone any prior unlawful drug activity by applicants, but it is recognized that some otherwise qualified applicants may have used or otherwise interacted with illegal drugs at some point in their past.” When examining an applicant’s eligibility, “any prior illegal drug activity along with various considerations associated with that activity will be weighed in that adjudication process.” the statement says.

The agency’s prior policy disqualified candidates who had used marijuana more than a certain number of times at some point in their pasts. The new policy, designed to be a “whole-person concept,” Alles said, will instead look at the time between an applicant’s last use of marijuana, and his or her application date.

For instance, if an applicant was 24-years-old or younger when he or she last used or purchased marijuana, they must wait at least a year before applying to the agency. That standard rises as the age of last use or purchase rises.

Alles, who previously led air and marine missions with Customs and and Border Protections, also underlined a non-terrorism related reality that is requiring the agency to bolster its ranks: the round-the-clock protection of Trump and his family, as well as his collection of properties, including Mar-a-Lago in Palm Beach and Trump Tower in Manhattan.

“I think between that and the fact that he has a larger family, that’s just more stress on the organization,” he said.

Alec Siegel

Alec Siegel is a staff writer at Law Street Media. When he’s not working at Law Street he’s either cooking a mediocre tofu dish or enjoying a run in the woods. His passions include: gooey chocolate chips, black coffee, mountains, the Animal Kingdom in general, and John Lennon. Baklava is his achilles heel. Contact Alec at ASiegel@LawStreetMedia.com.

The post New Secret Service Director Loosens Agency’s Drug Policy appeared first on Law Street.

Uber will start requiring its drivers to periodically snap selfies before being able to accept new rides. The company described its new move as a security measure that will prevent fraud and protect drivers’ accounts. But critics say it is just a sign that some drivers have not gone through background checks.

The tech company has long resisted more secure safety measures such as the use of fingerprints when running background checks, which are outsourced to a company called Checkr. Criticism has come from the fact that the prospective driver only has to enter all his personal information online before applying and doesn’t meet anyone from the company in real life before starting to pick up rides.

The absence of fingerprint checking leads to drivers swapping accounts with each other, according to David Sutton from a campaign run by the Taxicab, Limousine and Paratransit Association. He said to the Verge:

This is Uber acknowledging drivers share their accounts and the company’s effort to reduce this practice. Despite intense criticism of Uber’s screening process, the company is admitting there are drivers who’ve never undergone any form of background check.

One driver admitted to this practice in 2014: if you don’t want to be screened before driving for Uber, you just put your information on another driver’s account who doesn’t want to work anymore and you’re all set.

Uber chief of security Joe Sullivan explained in a blog post how the new selfie method will work. Drivers first take a selfie in the Uber app.

We then use Microsoft’s Cognitive Services to instantly compare this photo to the one corresponding with the account on file. If the two photos don’t match, the account is temporarily blocked while we look into the situation.

This is what it looks like:

Here’s how Uber drivers now have to take a selfie, to improve safety. pic.twitter.com/TevDeydtEg

— Neal Augenstein (@AugensteinWTOP) September 23, 2016

But it sounds a little risky to trust the technology that much. And what if the app doesn’t recognize a driver, even if it’s the same person in both pictures? Sullivan admitted in the blog post that there had been cases of mismatching during the pilot testing of the app service. But he said that more than 99 percent of photos were matched correctly, and the ones that weren’t were due to blurry profile pictures on the drivers’ pages. The post stated:

Given that verification takes only a few seconds to complete, this feature proactively and efficiently builds more security into the app.

Throughout the years Uber drivers have been involved in drunken driving, murder, kidnapping, killings of pedestrians, assault and sexual assault. Time will tell if the selfie security will do anything about these problems.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Uber Now Requires Drivers to Snap Selfies to Make Your Trip Safer appeared first on Law Street.

It may be the happiest place on earth, but it’s also one that needs serious security. Officials at Disney World just announced that it’s upping both visible and behind-the-scenes security measures, and other theme parks nationwide are taking similar actions.

One of the most visible new measures added to the Disney World parks located in Orlando, Florida will be metal detectors. Guests won’t be allowed to bring toy guns, including squirt guns, inside, and Disney is also stopping the sale of such products. For example, the Pirates of the Caribbean theme shop used to sell plastic guns–those will be removed from the shelves. The parks will also no longer allow anyone over the age of 14 to walk around in costumes or masks (besides, of course, employees.) Disney World has also beefed up security overall–placing additional law enforcement officials within the parks, and using dogs on patrol. Disneyland, located in California, is also upping its security. 

Disney isn’t alone in instituting new security measures. SeaWorld has also begun using metal detectors to screen entering guests, and Universal Studios is testing wand detectors. Officials at Disney and Universal have said that the new security features weren’t sparked by the actions of the San Bernardino shooters, or any other threat of terror. In fact, Universal spokesman Tom Schroder told the Orland Sentinal:

We want our guests to feel safe when they come here. We’ve long used metal detection for special events, such as Halloween Horror Nights. This test is a natural progression for us as we study best practices for security in today’s world.

Disney and Sea World spokespeople echoed similar sentiments.

However, these announcements do come right after a statement from the Department of Homeland Security that instructed Americans to expect more security and police presence at big gathering locations, stating it was: “especially concerned that terrorist-inspired individuals and homegrown violent extremists may be encouraged or inspired to target public events or places.”

It makes sense that Disney World, SeaWorld, and Universal are instituting more robust security features, and it doesn’t look like any of these new features will really affect guests’ experiences. But if anything they’re a sad reminder of the violence–particularly gun violence–that has become increasingly commonplace in the United States.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Disney World Announces an Increase in Security Features appeared first on Law Street.

In light of concerns about state-sponsored hackers going after American technology, Facebook will now warn users it believes are falling victim to these types of attacks.

The warning will take the form of a notification that pops up on Facebook. It doesn’t warn individuals that their Facebook accounts are being hacked, but rather that their computers, smartphones, tablets, or other devices have malware on them that indicate that hackers may be trying to access their accounts.

According to Facebook, the notification will prompt a user to “Please Secure Your Accounts Now” and contain the following message:

We believe your Facebook account and your other online accounts may be the target of attacks from state-sponsored actors. Turning on Login Approvals will help keep others from logging into your Facebook account. Whenever your account is accessed from a new device or browser, we’ll send a security code to your phone so that only you can log in. We recommend you also take steps to secure the accounts you use on other services.

Facebook also recommends that if possible, people who get these notifications should consider replacing or rebuilding their systems, because this type of breach is probably too strong to be wiped out by everyday anti-virus software. Facebook has also made it clear that it won’t be sending out these notifications willy-nilly, but only if there’s strong evidence that a breach is coming from a foreign government hack.

Obviously not all hacks come from state-sponsored entities, but Facebook is clear on why it is focusing on warning its users specifically about these kinds of attacks. Alex Stamos, the Chief Security Officer at Facebook, explained in the announcement about the policy change:

While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.

War waged via technological means is certainly a legitimate concern–there have been either allegations or outright evidence that unfriendly actors such as China, Russia, Iran, North Korea, and ISIL have attempted to hack American accounts.

There are some criticisms of the new alert–Tech Crunch pointed out that the phrase “state-sponsored actors” may not be in everyone’s vernacular, and could be confusing. Additionally, Maddy Crowell of Christian Science Monitor points out that we don’t know exactly how Facebook is getting the information to conclude that someone has been the victim of a state-sponsored attack. While that’s not necessarily a criticism, it is a viable inquiry about Facebook’s privacy features. 

So, essentially, you don’t want to see this notification pop up on your Facebook–it means that your information is under attack, most likely due to malware that has infected your computer. Facebook is doing right by its users by letting them know–it may be an indication of the kind of security we’ll see moving forward as cyberwar remains a serious concern.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Facebook to Warn Users of Potential State-Sponsored Hackers appeared first on Law Street.

Last Thursday, United States officials revealed that they believe Chinese hackers were responsible for the May cyber attacks on U.S. federal agencies. The attacks compromised the personal information of more than four million current and former government workers. China responded by dismissing such accusations as “groundless” and “irresponsible,” stopping just short of ensuring that China does not condone cyber attacks. “We are very firm on this,” said China’s Foreign Ministry Spokesman Hong Lei. This is just the latest incident in a back-and-forth saga between the U.S. and China when it comes to cyber crimes.

Lei’s statement may not have been completely truthful. In May 2014, Lei released a similar response to the Justice Department’s indictment of five Chinese hackers for cyber crimes against five U.S. companies and a labor union in the steel, solar, and nuclear-power industries. According to the Guardian, “China’s foreign ministry called the allegations preposterous and accused the U.S. of double standards.” But the accused in the 2014 case were members of China’s People’s Liberation Army. In other words, their attacks do represent China engaging the United States. It is evident that the U.S. must take a firm stand against China’s aggression. Nevertheless, there are numerous challenges and implications to consider on that front.

For one, China’s assertion that the U.S. resentment of Chinese attacks represents a double standard is justified. Edward Snowden’s release of NSA files unveiled a surveillance program that spanned numerous countries, including China. In March of last year, Snowden leaked another document exposing the NSA’s penetration into the networks of Chinese telecommunications giant Huawei Technologies in search of evidence that the company was involved in espionage operations for Beijing. This complicates how far the U.S. can go to condemn China’s actions in the cyber sphere.

The potential costs of engaging China in cyber warfare are massive. Cyber attacks can threaten the control systems of dams, water-treatment plants, and power grids, compromise sensitive information stored on government networks, and access video surveillance cameras. Electronic door locks, elevators, and even life-sustaining medical devices are vulnerable to cyber attacks. While the U.S. rarely has to worry about war in its territory, in the cyber realm, physical boundaries are irrelevant. The statistics regarding the cost of cyber crimes are staggering. The Center for Strategic and International Studies estimates the annual cost of cybercrime and economic espionage to the world economy at $375-575 billion. Telecommunications giant IBM claims that there were 1.5 million monitored cyber attacks in the United States in 2013 alone. In a “60 Minutes” interview, FBI Director James Comey said, “There are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese, and those who don’t know they’ve been hacked by the Chinese.”

Political action is fraught with challenges, too. China, with its massive population and rapidly developing economy, lends itself to lucrative opportunities for American corporations. Consequently, the Chinese and U.S. economies are closely intertwined. According to the CIA World Factbook, China ships 17 percent of its exports to the U.S. and is the largest foreign holder of U.S. Treasury bills, bonds, and notes. So, the government response to Chinese cyber attacks cannot deter China from doing business with American corporations. Germany’s cancellation of its longstanding contract with Verizon following Snowden’s NSA leaks serves as a cautionary tale, and the fact that most major Chinese corporations are government owned only further complicates the issue.

So, the U.S. government is left with few options. One thing it can do is encourage the development of cyber technology. The government should support programs such as the DARPA Cyber Grand Challenge, a competition aimed towards creating an automated cyber defense system, and incentivize the best cyber experts to work with the government by providing resources and appropriate compensation.

More importantly, the government needs to send the message that attacks on American networks will not be tolerated. This could mean under-the-table threats of retaliation to avoid negative media attention. Fear of retaliation should deter Chinese attacks, and if attacks persist, the government can deny visas to Chinese citizens, limit military ties, or implement economic sanctions. It is important to keep the campaign low-key and ensure that economic sanctions do not incite an aggressive Chinese response.

Examples of the United States asserting itself following a breach of security are littered throughout history; the U.S. defeat of Japan following Pearl Harbor and the assassination of Osama bin Laden following 9/11 demonstrated that we are not afraid to track down and engage our enemies. It is time to assert our status as the world’s leading superpower once again.

Hyunjae Ham

Hyunjae Ham is a member of the University of Maryland Class of 2015 and a Law Street Media Fellow for the Summer of 2015. Contact Hyunjae at staff@LawStreetMedia.com.

The post The U.S. Needs to Take a Firm Stand Against China on Cyber Attacks appeared first on Law Street.

Multiple public and private agencies make up the child welfare systems across the country. Although the primary responsibility falls on the shoulders of state governments, the federal government supports the states through funding, program development, and legislative initiatives. Both state and federal governments are essential to the process. The child welfare system’s mission is to create safe and permanent environments for children and to strengthen family units. It is an immense and complex project. So immense and complex, however, that important aspects of child safety fall through the cracks. Oversights are often devastating. Read on to learn more about the challenges that abate the U.S. Child Welfare Systems’ mission.

Overview of Child Welfare Systems

Child welfare systems generally do the following:

Receive and investigate reports of possible child abuse and neglect, provide services to families that need assistance in the protection and care of their children, arrange for children to live with kin or with foster families when they are not safe at home, and arrange for reunification, adoption, or other permanent family connections for children leaving foster care.

Public and private agencies also work to provide services such as “in-home family preservation services, foster care, residential treatment, mental health care, substance abuse treatment, parenting skills classes, domestic violence services, employment assistance, and financial or housing assistance.”

The Children’s Bureau, part of the Department of Health and Human Services (HHS), is the primary federal institution working with state and local agencies to implement federal child and family legislation. Collaboratively, they create programs that prevent child abuse and neglect. Such efforts are authorized by the Child Abuse and Treatment Act (CAPTA) of 1974. CAPTA provides “federal funding to states in support of prevention, assessment, investigation, prosecution, and treatment activities” and awards “grants to public agencies and nonprofit organizations for demonstration programs and projects.”

The Process

First, a concerned person reports suspected child abuse or neglect. More often than not, this person is a “mandatory reporter,” a person required by law to submit a report if he or she suspects child abuse or neglect. Mandatory reporters include individuals who have regular contact with children such as social workers, school personnel, healthcare workers, mental health professionals, child care providers, medical examiners or coroners, and law enforcement officers. Approximately 48 states and other territories have mandatory reporter laws. In many states, every person, regardless of occupation, is legally required to make such a report.

After a report is submitted, it is either “screened in” or “screened out” depending on the amount of information and sufficiency of evidence. If a report is screened in, a Child Protective Services Caseworker will come in and assess the situation. He or she will talk to the child and relatives. If a child is suspected of being in immediate danger, then the child will be brought to a shelter, foster home, or relative’s house while the investigation plays out. At the end of the investigation, the case worker will typically either find the case unsubstantiated or substantiated depending on the evidence. The agency can then initiate a court action if it feels the authority of juvenile court is required during the trial in order to remove the child from the home. In substantiated cases where there has been child abuse or neglect, the threat is labeled as low, moderate, or high. Depending on the severity of the case, the caseworker may recommend community-based resources and service systems, or recommend complete removal of the child from the home. Low-risk parents are often provided support or treatment services, while high-risk parents may be indicted on criminal charges.

Child Welfare System Challenges

Many of the most severe challenges in the Child Welfare System lie in the Foster Care System. Nearly 400,000 children in the United States are living in the foster care system without permanent families.

Over-Institutionalization of Children

You don’t need to be a licensed therapist to know that a positive family dynamic is essential to a child’s well being and mental health. Today, a disturbing amount of children in the child welfare system are placed in institutions rather than homes. Approximately 57, 000 children are living in group placements. The Annie E. Casey Foundation, a children’s advocacy group, recently published a report on this serious issue, advocating that “secure attachments provided by nurturing caregivers are vital to a child’s healthy physical, social, emotional and psychological development throughout his life.”

Children in group placements are at greater risk of abuse and arrest. One in seven children in the child welfare system lives in group placements and 40 percent of those children do not have “documented behavioral or medical need that would warrant placement in such a restrictive setting.” Young people stay in group placements for an average of eight months, although research recommends a stay of three-to-six months for those who require residential treatment. Kids in group placements also suffer from an inappropriate mixing of ages. According to the Society of Research in Child Development, young adults are more susceptible to peer influence. Younger children can suffer from being placed with older kids with behavioral health problems.

Insufficient Background Checks

A major source of controversy in the child welfare system is adequate background checks performed by case workers. There is an overload of cases of foster parents with a criminal background taking in children. For example, Oklahoma is currently under investigation for child abuse and neglect in its foster care system. A recent report, conducted after the death of a 20-month-old boy in foster care, showed that less than 5 percent of the 125 cases investigated for abuse in Oklahoma contained criminal background checks for foster parents.

Caseloads

Caseworkers across all child welfare systems consistently have extensive caseloads. The more cases, the less time and effort a caseworker can devote to each individual child. It also minimizes the ability for a child and caseworker to develop a meaningful relationship, and caseworkers are sometimes blamed for child abuse or neglect in foster homes under their supervision. For example, Catherine Davis, a family services agency caseworker in New Jersey, was suspended after seven-year-old Faheem Williams was found starved to death in his home. His two brothers were also malnourished and burned. Davis had somewhere between 99 and 107 cases. The Child Welfare League of America recommends that “workers carrying ongoing in-home protective services cases…carry no more than 15-17 families.”

Aging Out

When foster children turn 18, they age out of the child welfare system. Many of these children move forward with very little or no support at all. In 2012, 23, 396 foster children aged out of the system. Almost 40 percent were homeless or couch surfing, and 48 percent were unemployed. Fifty percent experienced issues with substance abuse, while 60 percent of the young men had been criminally charged. Nearly a quarter of those aging out did not obtain a high school diploma or GED, and only six percent had graduated with a two or four-year degree.

Case Study: Active Class-Action Suit MD. vs Perry

On behalf of the children in the Texas child welfare system, the Children’s Rights Law Firm of New York, along with co-counsel Haynes & Boone, Yetter Coleman and Canales & Simonson, filed suit against the state of Texas  for “violations of plaintiff children’s constitutional rights, including their right not to be harmed while in state custody and their right to familial association.”

M.D. is one representative of the plaintiff children. She entered foster care at the age of eight. Although initially sent to live with relatives, she returned to state custody after sexual abuse occurred in the home. She moved to multiple placements, including group institutions, where her mental health suffered. When the original complaint was filed, M.D. “lived in a restrictive short-term therapeutic placement with no visitors or basic privileges.”

The main focus of Children’s Rights in this suit is to give children in the Texas welfare care system permanency, whether obtained from reunification with relatives or adoption. Children’s Rights primarily looked at cases where the child had been in foster care for a minimum of 12-18 months, as after a year to a year and a half, foster children’s success rates plummet. Chances for emotional and psychological distress increase and they often act out and exhibit unruly behavior, severely ruining their chances for adoption/permanency. Children without a permanent home age-out without any kind of safety net.

The suit was filed March 29, 2011 and is currently in progress. Children’s Rights is currently in litigation with eight other states as well.

Conclusion

Child welfare systems are broken and reform is inevitable. Travesties occur way too often and are not publicized enough. We need to give foster children a fighting chance to survive on their own after 18. That starts with creating a safe and permanent environment for them while in the welfare system. Turning 18, after a lifetime of struggle and little support, does not make an adult. Fortunately, there are multiple advocacy groups across the country on a mission for reform.

Sources

Primary

Child Welfare Information Gateway: How the Child Welfare System Works

Additional

AFSCME: Caseloads

Annie E. Casey Foundation: Too Many Kids in U.S. Child Welfare Systems Not Living in Families

CCAI: Facts and Statistics

Children’s Rights: In Oklahoma, Asking a Few Questions Might Have Prevented a Boy’s Tragic Death

Child Welfare Information Gateway: Mandatory Reporters of Child Abuse and Neglect

The New York Times: Caseworkers Say Overload Makes it Risky For Children

Society of Research in Child Development: The Detrimental Effects of Group Placements/Services For Youth With Behavioral Health Problems

Jessica McLaughlin

Jessica McLaughlin is a graduate of the University of Maryland with a degree in English Literature and Spanish. She works in the publishing industry and recently moved back to the DC area after living in NYC. Contact Jessica at staff@LawStreetMedia.com.

The post The Child Welfare System: Kids Falling Through the Cracks appeared first on Law Street.

For people choosing to travel via air, security on the plane is of the utmost importance. That is why news of a security researcher claiming he was able hack into the computer systems of several airplanes while aboard is really scaring some air travelers, and setting law enforcement on edge.

#CyberSecurity Researcher Hacks and Controls Plane – Hero or Villain? http://t.co/4eKMmkJAdb pic.twitter.com/K32kB5g0I4

— vpnforus (@vpnforus) May 18, 2015

Wired magazine reported that Chris Roberts, a security researcher with One World Labs, first told the FBI in February that he was able to hack the in-flight entertainment system (IFE) and control parts of the plane while aboard various airlines. Roberts claims that he conducted the research in order to expose the potential vulnerabilities in in-flight software. In an FBI search warrant application for Robert’s digital devices and data FBI Special Agent Mark Hurley details Roberts’ previous hacking attempts, writing:

He [Roberts] stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.

The search warrant was filed after Roberts was removed from a United Airlines flight from Denver  after sending out a tweet while aboard, joking about hacking the plane and setting off the emergency oxygen masks.

According to CNN, FBI agents tracked down his plane after being informed of the tweet and “found signs of tampering and damage to electronic control boxes that connect to in-flight entertainment systems.” The boxes tampered with just so happened to be under where Roberts was sitting and the seat in front of him. Despite this, Roberts insists he did not hack that particular flight.

At the time FBI agents also seized two laptop computers and several hard drives and USB sticks from Roberts without a search warrant, telling Roberts that a warrant was pending. It’s the information in that newly obtained warrant that is cause for concern.

In the warrant, Roberts is quoted as telling the FBI that he accessed the in-flight networks more than a dozen times between 2011 and 2014 and had briefly commandeered a plane during one of those flights. This contradicts an interview he had previously given to Wired, where he claimed he had only explored the networks and observed data traffic.

However, some aircraft experts seriously doubt Roberts was able to hack IFEs in order to commandeer a plane. Business Insider reports that industry expert Peter Lemme told “Runway Girl Network” blogger Mary Kirby that  “the IFE ARINC 429 interfaces are not capable of changing automatic flight control modes” and “the claim that the Thrust Management System mode was changed without a command from the pilot through the mode control panel, or while coupled to the Flight Management System is inconceivable.” Boeing has issued statements saying that its entertainment systems are isolated from flight and navigation systems. CNN writes,

It is worth noting that Boeing airplanes have more than one navigational system available to pilots. No changes to the flight plans loaded into the airplane systems can take place without pilot review and approval. In addition, other systems, multiple security measures, and flight deck operating procedures help ensure safe and secure airplane operations.

If Roberts is not exaggerating his hacking claims, these IFEs do pose a very plausible threat to aircraft security that needs to be addressed. So far no charges have been filed against Roberts, but he could end up in some serious trouble for conducting these unauthorized tests. If he did hack those planes with passengers aboard, and in one instance even tilt the plane, he was irresponsibly putting numerous lives at stake.

Alexis Evans

Alexis Evans is an Assistant Editor at Law Street and a Buckeye State native. She has a Bachelor’s Degree in Journalism and a minor in Business from Ohio University. Contact Alexis at aevans@LawStreetMedia.com.

The post Security Researcher Sparks Fear With This Plane Security Hack appeared first on Law Street.

What’s the worst thing you’ve ever accidentally left in a bathroom? A cell phone? Purse? Credit card? How about a Glock pistol?

If you were lucky enough to find the missing item, who returned it to you? A co-worker? Boss? Janitor? Perhaps an eight-year-old child?

Here’s the situation: you are a member of House Speaker John Boehner’s police detail. You are protecting your charge when suddenly, nature calls. You answer this call in a lavatory at the Capitol. As you walk back to your post, you do not notice that you left your gun inside the restroom, in plain sight.

The firearm, a loaded Glock, was found by a child who was visiting the Capitol with his parents.

Courtesy of Giphy.com.

You might think to yourself, “How could I have done that!? The gun did not even have a safety on it. I hope no one else ever does what I just did. Come to think of it, I wonder how many times something like this has happened before. I’ve heard of instances where housekeepers or janitors have found unattended guns, but never one where a kid found one. Oh dear. Well, at least Capitol Police are not required to disclose any details about this incident.”

^^But of course, these are all just hypothetical thoughts, and no one knows the true identity of the individual who left his gun in the Capitol restroom. The only thing the public knows about the absent-minded individual is that he got suspended for six days without pay, and could potentially be fired.

Corinne Fitamant

Corinne Fitamant is a graduate of Fordham College at Lincoln Center where she received a Bachelors degree in Communications and a minor in Theatre Arts. When she isn’t pondering issues of social justice and/or celebrity culture, she can be found playing the guitar and eating chocolate. Contact Corinne at staff@LawStreetMedia.com.

The post This is Probably the Worst Way to Forget Your Glock appeared first on Law Street.

Airline security is a huge pain for most of us. From having to walk shoe-less across the airport floor, to anxiously checking whether or not that small lotion bottle is under three ounces, it’s an annoying but understandable reality of a post-9/11 world. But for Roger Vanderklok, an architect and runner, it turned into more than just an annoying step to get from point A to point B. He was arrested and detained for 20 hours in the Philadelphia International Airport in 2013 and is now suing the Transportation Security Administration (TSA), as well as the Philadelphia Police Department, and Department of Homeland Security, alleging that his civil liberties were violated.

Vanderklok, a Philadelphia resident, was attempting to fly to Miami to participate in a half marathon on January 26, 2013. In his luggage he had a watch and energy bars, and they were in a PVC pipe to make sure they were protected during his travel. Technically, electronics, organic materials, and a PVC pipe could be used to make a pipe bomb, but not necessarily watches or PowerBars.

After the PVC pipe and its contents showed up on the bag scanners, his bag was searched and he was questioned about the contents. According to his suit, he was asked if his bag contained any organic matter. Given that PowerBars aren’t organic matter in the traditional sense, like fruit or vegetables, he said no. The agents however thought he was lying, because they defined organic matter as any kind of food.

What exactly happened next is unclear. Vanderklok claims that he was arrested after he questioned what was happening to him, and asked to file some sort of complaint. He was then taken to a cell where he wasn’t given the opportunity to call anyone or be questioned. He was then released after being charged with “threatening the placement of a bomb” and making “terrorist threats.” His wife, who understandably panicked and called 911 after not hearing from him, had to bail him out. Those charges were later dismissed by a judge after hearing more information.

The TSA supervisor in question, Charles Kieser, disagrees with Vanderklok’s story. He testified at the hearing that Vanderklok threatened him. According to WPXI News:

Kieser testified an agitated Vanderklok raised his hands and repeatedly pointed a finger at his face.

‘The passenger made a bomb threat to me,’ Kieser testified, according to a transcript. “‘He said) I’ll bring a bomb through here any day that I want … and you’ll never find it.’

However, the video surveillance from the scene seems to contradict Kieser’s story, if only because Vanderklok’s body movements never show him raising his hands or pointing a finger.

Based on the way he was treated, and the fact that he believes Kieser lied, Vanderklok filed the lawsuit.

There have been plenty of stories of TSA taking really strange actions in recent years. In 2009, college student Nicholas George was detained, also in the Philly airport, after it was discovered he was carrying Arabic flashcards. They contained words like “terrorist” and “bomb” on them, but George explained he was studying Middle Eastern studies at Pomona College in California. He was detained for five hours.

On a less serious and more commonplace note, I’ve seen many silly stories about babies being put on no-fly lists, or people with licenses from Washington, D.C. being turned away from their flights because D.C. isn’t technically a state. The agents involved are, at face value, following policies. But the ways in which the polices are being enacted transcend common sense.

The dissemination of those policies at the ground level sometimes leads to noticeable problems. If Vanderklok is truthful about what happened to him, the actions taken by those particular agents were unacceptable. The policies that are supposed to guarantee our freedom shouldn’t have to infringe on said freedom to do so.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Philly Man Sues TSA After Being Detained for 20 Hours appeared first on Law Street.

Fingerprint technology has long been hailed as the next great frontier in security features. Whether that’s because pretty much every spy movie includes a fingerprint scan scene, or because of all the hubbub over various tech companies like Apple releasing fingerprint technology for their new devices, it’s hard to tell. But for a long time a lot of us have believed that fingerprints are so unique that they would make for safe security features. Unfortunately, that may not actually be the case. According to a German hacker, it may be pretty simple to copy fingerprints…and all you need is a camera and some luck.

Hacker Jan Krissler (alias “Starbug”) of the hacking group Chaos Computer Club (CCC) in Hamburg, Germany, presented his fingerprint-stealing theory at a conference earlier this week. Krissler chose German Defense Minister Ursula von der Leyen as his example target. He used high resolution photographs that had been taken of von der Leyen–and he had a lot to choose from, given that she’s a pretty high profile figure in Germany. The photographs were all able to be zoomed in on to see her fingers. Then, using a readily available app called VeriFinger, he processed and reproduced her fingerprint.

CCC, which says that it’s the largest hacking group in Europe, has long tried to show how relatively unsafe fingerprint technology is. When Apple released the iPhone 5s last year with fingerprint scan technology included, CCC claimed that it was able to easily bypass Apple’s security system. Taking a photograph of a fingerprint and then making a wax-model of it allowed them to break into iPhones.

Krissler personally has long rallied against this technology that’s supposed to keep our devices and information safer. It’s not just fingerprint technology–he also has a serious problem with computers and other devices that unlock based on facial recognition, explaining that that kind of technology can be hacked by using a photo of a person. He also explained another probably less probable security concern with our current device mechanisms: “Reading a user’s PIN code from reflections in their pupils while taking selfies.”

The chances that these hacks are actually used in practice don’t seem very likely. I mean, how often do you have very high resolution photographs taken of your fingertips? Furthermore, in order to actually break into a technological device with a copy, you’d need said device.

This is not me saying that we all need to go off the grid and live in a cave to protect our information–I would fare horribly in a cave, as there probably aren’t many caves with good access to Netflix. However, I think the point that Krissler makes–that we rely too much on technology at face value–is a point well taken.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post German Hacker: Fingerprint Scans Can be Hacked appeared first on Law Street.

I walked off the Woodley Metro yesterday at 5:30 pm and was kind of surprised to see Connecticut Avenue completely deserted at the height of rush hour.  All cars had been cleared from the street. No traffic. No parked cars. Completely quiet.

What in the world was happening?

Word soon was out: President Obama would be passing through.

Last summer, President Obama exulted in his ideal-for-the-evening-newscasts forays beyond the White House. Ice cream. Starbucks. “The Bear is loose!” But things are different now. Fence jumpers. Ottawa shootings. This is what it looks like when The Bear is loose today. Clear the streets. Eerie quiet at the height of rush hour. Nobody moves.

The President drove up and back yesterday afternoon to a private $32,400-a-seat fundraiser at the estate of Sen. Jay Rockefeller (D-WV) and his wife, Sharon. The Rockefeller estate is a little bit north of Woodley, at 2121 Park Road adjacent to Rock Creek Park. Press was excluded from this event, and no info was listed on the official White House daily schedule.

I decided to stay put and wait to see how the Presidential motorcade was rolling now, a day after the killings in Ottawa and the ongoing White House fence jumpings.

The answer: These days the Bear rolls very quietly, in a traffic-free bubble.

I took this cell-phone video:

Here is the order of the motorcade:
9 DC cops on motorcycles.  Followed by…
1 DC cop car.  Followed by…
1 Secret Service SUV…
The Presidential limo, aka “Cadillac One”…
1 back-up limo traveling alongside Cadillac One…
3 more Secret Service SUVs…
The Secret Service “War Wagon” housing a counter-assault SWAT team…
2 more Secret Service Vans…
Another Secret Service SUV
1 DC Fire Department ambulance (only Obama gets this; not Biden)…
And finally…
2 more DC cop cars.

About 10 minutes after the motorcade passed, presumably after the Bear was back at the White House, ordinary citizens were once again allowed on Connecticut Avenue.
—

John A. Jenkins (@JenkinsAuthor) is Founder and CEO of Law Street Media.

Featured image courtesy of [Joe Crimmings via Flickr]

John A. Jenkins

John A. Jenkins is Founder & CEO of Law Street Media. Contact John at jjenkins@LawStreetMedia.com.

The post How the Bear Rolls Now appeared first on Law Street.

December was a bad month for anyone who didn’t want their personal information leaked to hackers or other third-party sources.

Retail giant Target had a problem about two weeks ago when 40 million customer records were stolen. The information contained on the records included names, credit and debit numbers, expiration dates, and security codes. The hackers with that information could easily use it to make fraudulent purchases on customers’ cards.

Popular messaging application Snapchat released that several million of their users’ usernames and corresponding phone numbers were leaked late on New Year’s Eve. There’s actually a site to check if your username was leaked, and it provides tips on how to handle it if it was. If your username was breached, it means that your phone number could be given to spammers or the like.

Skype was also recently breached by the Syrian Electronic Army, a hacking group. Skype has reported, however, that no user information was stolen or lost.

Obviously a breach involving credit card information and a breach involving usernames and phone numbers seem very different, but the truth is that they’re both notably problematic. They indicate a reliance we have on technology that is utterly new to our time, and because that reliance is new, ways to steal from us have also evolved. Everything can be done online, from banking to applying to college to planning a trip. And it’s easy to do those things, it’s easy to trust a site when they say they are secure. But we have to remember that every time we provide our information, there is the possibility that it makes its way into the wrong hands. And retailers have to realize that storing information online can be just as dangerous for them as for a teenager using Snapchat.

The types of breaches that we saw this month definitely aren’t new, and they aren’t the worst in recent history. TJ Maxx Corporation actually had a similar incident in 2006, but instead of 40 million customer records lost, it totaled about 90 million. And in 2009, Heartland, a credit card processing system, had 130 million records stolen.

The former chief security officer of Heartland, Steven M. Elefant, made an important point about security breaches and theft propagated through the internet. He stated, “it’s a game of cat and mouse. We’re dealing with sophisticated bad guys that have many ways to attack.” New security features can be installed and developed. But for every new feature that is developed, a hacker will probably be able to find a way around it. It might take time and effort, but it’s possible.

There are some solutions that could be put in place, but they might be logistically complicated. In Europe, smart chip technology is used. The United States use magnetic strips to hold information, but European cards usually little chips that are much harder to counterfeit. Since the smart-chips were implemented in Europe, fraud and theft have declined. The JobsUnited States seems to be stuck in a time warp. Most of our allies and trading partners use smart-chip cards, but we use the strip cards that were invented in the 1960s. As a result, by October 2015, new chip card standards will be put into place by most major credit card companies, like Visa and MasterCard. While this won’t completely eliminate fraud, it should make some impact.

—

Anneliese Mahoney (@AMahoney8672) is Lead Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

Featured image courtesy of [Brian Klug via Flickr]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post A December of Hackers appeared first on Law Street.

Let’s assume that you, our beloved reader, are of a common variety these days—you’re in the market for a new job. You’ve followed the posts of some of my colleagues at Law Street who have written extensively about The Search, and now you’re faced with a most enticing proposition, say… an interview! And more enticing still is the letter of intent now sitting on your table after having passed that interview (with flying colors, no less). You quickly sign your LOI and all the other forms handed to you as part of the initiation process. But, in your haste to ascend into the promised land of full-time employment, you’ve accidentally just ceded one of your constitutional rights. At least, that’s what say the opponents of E-Verify, the online protocol used by employers to determine worker eligibility.

Originally created for federal employers under the Illegal Immigration Reform and Immigrant Responsibility Act of 1996, there are now 5 states that have mandated the use of E-Verify across both public and private sectors. They are Alabama, Arizona, Mississippi, South Carolina and Utah. In addition to information on I-9 forms, the system also asks for an applicant’s social security number and photo ID. The information is then run through a Department of Homeland Security database to make sure it checks out.

Like most states, Arizona legislators implemented mandatory E-Verify as part of an effort to curb illegal immigrants in the work place. But their efforts did not go unchallenged. Shortly thereafter, myriad plaintiffs across the business and civil rights sectors sued the state officials responsible for Legal Arizona Workers Act, alleging that the law should be preempted by the federal Immigration Reform and Control Act (IRCA) of 1986, and, as a result, null. The case eventually made its way up to the Supreme Court in 2011 in The Chamber of Commerce of The United States of America vs Whiting. However, in a 5-3 decision, the Court upheld the decision of the lower courts. They affirmed that, in this case, the Supremacy Clause did not apply. According to the court opinion, states are allowed to mandate the use of the electronic verification system as they see fit.

But as Congress duels over how to reform our national immigration system, the role of government enforcement in the workplace has once again come under review. The most successful piece of legislation thus far, the Border Security and Responsibility Act of 2013, now awaits House approval. If it becomes law (an unlikely feat given current political clout), it would bump from 5 to 50, the number of states that currently use the system.

Jim Harper, writing in response to a New York Times op-ed for the CATO institute, calls the questions raised by opponents of E-verify, “the natural consequence of dragooning the productive into enforcing maladjusted laws against free movement of people from a particular ethnic category to where their labor is most productive.”

Harper has come out against the program in the past; he famously referred to it as “Frank Kafka’s solution to illegal immigration.” Mind you, long before the 2013 global surveillance disclosures, Harper said that the expansion of the system “would cause law-abiding American citizens to lose more of their privacy as government records about them grew and were converted to untold new purposes.”

Furthermore, some say that instituting mandatory electronic verification would eschew the presumption of innocence which is so fundamental to 5th, 6th, and 14th amendments. By asking all prospective employees, who are mostly US citizens, to provide evidence to the effect that they are not guilty of illegal immigration is to incriminate a swath of people never before accused of wrongdoing.

If we are to allow DHS security checks in the workplace, where will it stop? And perhaps more alarming: where will it lead? The supermarket? The movies? Your home?

But alas, to the newly employed, and, more importantly, eligible US worker, these concerns are irrelevant. So congratulations on the new job! But don’t forget, next week are mandatory drug tests… hope you don’t mind.

[Oyez]

—

Featured image courtesy of [Bram Cymet via Flickr]

Jimmy Hoover

Jimmy Hoover is a graduate of the University of Maryland College Park and formerly an intern at Law Street Media. Contact Jimmy at staff@LawStreetMedia.com.

The post Would a Nationally Imposed E-Verify System Infringe on Your Constitutional Rights? appeared first on Law Street.

Drones: depending on whom you ask, drones are either the military instruments of the future, or the machines that will incite humanity’s destruction. But no matter how you feel about drones, unmanned aerial vehicles in various forms have been used in combat for years.

The United States may have to answer for their use of drones in the weeks to come. Two United Nations experts by the names of Christof Heyns and Ben Emmerson, have released large UN reports on the overall use of drones. The crux of these reports is a demand for greater transparency from countries who use drones—and for the United States to release more robust data on their use of drones.

According to the United Nations, 33 different drone strikes have been detected that have resulted in the death of civilians. According to the government of Pakistan, since 2004 there have been about 330 drone strikes in the northwest territory of Pakistan. These strikes have supposedly resulted in the deaths of 2200 people, 400 of which have been civilians. Emmerson has stated that in Yemen, up to 58 civilians may have been killed by drones.

In the United States, the CIA is inextricably linked to the use of drones. As a result, much of the information about US drone use is classified.  In his report, Emmerson slams this, stating that it creates, “an almost insurmountable obstacle to transparency.” Emmerson claims that the United States does not accurately self report the civilian casualties caused by drone strikes.

There are serious international law issues tied in with the killing of civilians. International law is a somewhat vague and grey field; although the International Criminal Court, the International Court of Justice, and various tribunals exist, international law still remains a very abstract idea.

At the risk of over-simplifying a very complicated topic, a brief discussion of international law on the topic of civilian killings can be had. This topic falls under the category of International Humanitarian Law, sometimes referred to by its Latin name jus in bello, used to regulate actions during war. The Geneva Convention amendment Protocol I specifically deals with protections afforded to countries involved in international armed conflicts. The Geneva Convention amendment Protocol I does contain protections for civilians, but the United States has not ratified it.

The United Nation’s implications that US actions may violate international law unfortunately fall on mostly deaf ears. The United States is not going to be brought before a tribunal or a court, at best the United Nations can condemn US drone actions, but there really isn’t any action they can take that will show any sort of teeth. The question of the future of drones and their applicability to conflict, will not be answered with these United Nations reports.

[The Guardian]

—

Featured image courtesy of [Don McCullough via Flickr]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post The United Nations and Drones appeared first on Law Street.

For most Americans, large chunks of our lives play out online. We have numerous social media sites, we check our bank accounts through “secured” websites, and we use email for almost all we do—work, social plans, and everything in between. It’s sad, but I can say without a doubt that there have been days where I have interacted with people over email more than in person. And every day, we’re reminded that our Internet lives are lulled into a false sense of security. Yet we still make our email password the name of our dog combined with the year we were born, and assume digital theft will never happen to us.

In 2004, Texas-based Ladar Levison created Lavabit, a highly encrypted email host that aimed to fix these Internet security problems for anyone who wanted it. Characterizing Lavabit as highly encrypted is actually a gross understatement—Lavabit encryption was viewed as uncrackable for even government intelligence agencies. There were free and paid versions of Lavabit’s email services. As of August 2013, Lavabit counted about 410,000 users.

One of these users was the now infamous Edward Snowden; his Lavabit email address was discovered this July. The Federal Government almost immediately obtained a search warrant commanding that Lavabit allow the government access to its system.

Because of the way this request was phrased—the government wanted access to the entire Lavabit system, not just Snowden’s account—Levison refused to cooperate. Levison was first instructed to hand over the “SSL” keys to his site (essentially a way to allow the government to view all the information contained in Lavabit accounts). Levison first responded to this order by handing over the SSL keys on paper in tiny font, rendering them almost unusable.  Finally he handed over the SSL keys digitally—he will pay a $10,000 fine for that delay—but shut down the site.

No one is completely sure exactly why Levison suspended the site, given that he is now under gag order. He has said that he is banned from sharing some information even with his lawyer. He has also said that he could be arrested for closing down Lavabit instead of just releasing the SSL keys. He is currently filing an appeal with the United State Court of Appeals for the Fourth Circuit. His appeal is based on the Fourth Amendment, which prevents unreasonable search and seizure. He has also claimed that the government cannot ask a company to do something that will go directly against the purpose of their business. His lawyers likened it to “commanding the City of Richmond to give the police a key to every house within the city limits. To comply with the government’s subpoena would have either required Lavabit to perpetrate a fraud on its customer base or shut it own entirely.”

Lavabit did actually go back online very briefly for 72 hours starting the evening of October 14^th so that users could download any emails they needed that remained on the site. As of yet, there are no plans for Lavabit to reopen.

This shutdown offers ramifications for any other sites that offer completely encrypted email services. Silent Circle, one of Lavabit’s competitors, shut down its silent email software right after Lavabit went dark.

Levison’s appeal will be interesting to watch. In a modern world that is inundated with fast, online, communication, privacy is always at issue. Online identity should be a concern for everyone. Can companies create services that allow us to hide those online communications from Big Brother? The results of Levison’s appeal will answer that question, for better or for worse.

[Forbes]

—

Featured image courtesy of [IGregma via Flickr]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post The New Frontier of Privacy: Lavabit’s Encrypted Email No More appeared first on Law Street.