Category Archives: Personal security

FBI director James Comey thinks FBI’s own online safety tips should be illegal

originally published in ConsumerAffairs

Q: What does FBI director James Comey have in common with your average computer hacker?

A: They both really, really hate the idea of secure encrypted data.

When Apple launched its iPhone 6 in September, it bragged about the phone’s strong security features, including automatic data encryption. Which made Comey, who’s been the FBI director since September 2013, predict that encrypted communications could lead to a “very dark place” and criticize “companies marketing something expressly to allow people to place themselves beyond the law” — as opposed to, say, “Marketing something expressly so people know hackers can’t steal photographs and other personal data off their phones.”

On the contrary. According to Comey, the people most likely to benefit by encrypted phones include kidnappers, terrorists and pedophiles: “The notion that people have devices… that with court orders, based on a showing of probable cause in a case involving kidnapping or child exploitation or terrorism, we could never open that phone? My sense is that we’ve gone too far when we’ve gone there,” Comey said in a televised interview.

Which does indeed sound terrible, except that (as CNN’s Jose Pagliery pointed out) it’s not true. Even with encryption, police and the FBI can still get data off your phone —they just can’t do it without your knowledge:

The FBI can still get your phone data. Now, they can’t do it secretly by going to Apple or Google. Agents must knock on your front door with a warrant in hand — the way it’s always been.

If you don’t give the FBI access to your phone, it can ask a federal judge to force you. If you refuse, the government can throw you in jail and hold you in contempt of court.

Make it illegal

Pagliery also pointed out a rather more obvious problem: if data remains unencrypted, thus granting government the ability to remotely get it without your knowledge, that means hackers also have the ability to get your data without your knowledge.

Despite this, Comey has gone so far as to suggest Congress make data encryption illegal, via rewriting the 20-year-old Communications Assistance in Law Enforcement Act to make it cover apps and other technologies which didn’t exist back in 1994.

Specifically: since CALEA requires telecom companies to give police access to communications, Comey thinks CALEA should also apply to, for example, the new iPhone 6 – except that, if the phone is encrypted, Apple itself can’t get the data on it, and therefore can’t hand it over to law enforcement. Only if the data remains unencrypted can Apple or any other phone provider (or a clever hacker) take data off it and give it to police (or an identity thief) without your knowledge.

Easier for hackers

In light of Comey’s remarks, it seems safe to say “The FBI, at least under James Comey’s aegis, wants all of your private communications and data to stay at risk of being hacked, since that will also make it easier for tech companies and the government to look at that data without your knowing about it.”

But the FBI didn’t always have this attitude. On October 12, 2012 – almost exactly two years before Comey’s ominous grumblings about the “very dark place” encryption will surely lead us – the FBI’s “New E-Scams and Warnings” website published an article warning “Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise,” including a bullet-pointed list of “Safety tips to protect your mobile device.” And the second tip on the list says this: “Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.”

But James Comey doesn’t like it, because it also means that if the police, FBI, NSA or any other government authority wants to read that personal data, they’ll need to visit a judge, get a search warrant and physically take possession of the phone. And so, two years after the FBI shared this anti-hacker safety technique with the American people, the FBI director wants Congress to make it illegal.

Apple’s “warrant canary” died; did Patriot Act spy activities kill it?

originally published on ConsumerAffairs

Photo: Library of Congress

There’s possible bad news for privacy advocates and Apple customers alike: a sharp-eyed look at Apple’s two most recent Transparency Reports (more specifically, what’s not in them) suggests that, despite the company’s recent announcements affirming its strong commitment to protecting customers’ privacy, it might have been forced to secretly spy on people

Continue Reading

Woman loses $150,000 in online dating scam

originally published in ConsumerAffairs

You already know to be wary whenever you go online, so you don’t fall prey to the various types of scammers, thieves, con artists, hackers, malware-writers and other threats that proliferate on the Internet.

And if you’re looking for love in an online dating site you must be extra-careful, because looking for love already leaves you … Continue Reading

The Walmart MoneyCard hacker strikes again: Cardholders from across the U.S. see their hacked cards drained at NYC Target stores

originally published at ConsumerAffairs

UPDATE, Oct. 15: Walmart and Green Dot have responded; their statements are at the end of this article.

Something criminally strange seems to be going on with Walmart MoneyCards, especially in New York City and its immediate suburbs, though any MoneyCard holder in America is apparently at risk.

Ever since September 2013, ConsumerAffairs has had … Continue Reading

Jobseekers beware: don’t fall prey to this advance fee scam

Originally published on ConsumerAffairs

If you’re looking for work in this economy you know you must be careful, because there exist plenty of scammers, thieves, and con artists using fake job offers or help-wanted postings as bait to hook new victims. A California man named Ryan recently wrote us about a close call he had when he applied for a … Continue Reading

Like-farming Facebook scams: look before you “like”

Originally published in ConsumerAffairs

If you’re a regular Facebook user, you’re pretty much guaranteed to run across lots of “like-farming” scammers – maybe without ever even realizing it.

At best, these like-farming pages clutter your friends’ feeds, crowding out content they actually want to see (and possibly making them annoyed with you, for drowning their feeds in such noise); at

Continue Reading