Morning Security Brief: Overdose Calls, Drones that Eavesdrop, Internet Data Retention, and More
New York offers immunity to people who call 911 for overdose victims. A drone that can pretend to be your cell phone carrier. Government agencies to recruit at Defcon. And more.
►New York became the latest state to pass a 'Good Samaritan' law to help curb deaths from drug overdoses. The law prohibits arrest or prosecution for possession of drugs, paraphernalia, or underage drinking when someone calls for help to save the life of an overdose victim. “Most overdoses occur in the presence of other people and take several hours to cause death. But research finds that in up to half of cases, no one calls for help,” Time reports. Advocates of the new law hope that it will help stop the number of deaths from drug overdose as people feel safer to come forward when a person is in crisis.
►Last August, Mike Tassey and Richard Perkins unveiled an unmanned aerial vehicle (UAV), or drone, that could crack WiFi and cell phone networks. Now, they will reveal how they did it and the developments they’ve been able to add to the drone in the last year. Their Wireless Aerial Surveillance Platform (WASP) was built from a retired Army drone and retrofitted with an HD camera, and a Linux computer loaded with network hacking tools. Originally, the WASP could only crack WiFi networks. Now it can also impersonate GSM cell phone towers, tricking phones into connecting to the plane instead of their cell phone carrier. The WASP can record 35 gigabytes of phone conversation or text message data. The creators wanted to “demonstrate the vulnerability of government and corporate facilities to a nimble eavesdropping machine that can cover large distances and circle above a target,” Forbes reports. They will present their new information at a how-to session at Defcon 19, this week.
►Also at Defcon, U.S. government agencies will be on deck looking for the best and the brightest. “An alphabet soup of federal agencies -- DOD, DHS, NASA, NSA” will be there looking to add to their ranks, News Daily reports. The NSA is looking to hire around 1,500 cyberexperts by September 30 and another 1,500 next year.
►In one state in Australia, 144 security firms failed to meet new requirements introduced in April that make it mandatory for Queensland security firms to be members of approved industry bodies. The firms face losing their licenses for noncompliance. They were also required to increase their identification procedures and background screening of personnel. The rules apply to crowd controllers, bodyguards, and other security operations, Sunshine Coast reports. In April, Queensland state government introduced stricter regulations which included mandatory fingerprinting and a requirement for personnel to continually retrain to update their skills. In 2010-2011, 23,600 background checks were performed on security personnel.
►In other news, Canadian officials are reviewing security procedures at a mental health facility in Alberta where in the past nine months, 27 patients – one every ten days, has escaped, the Edmonton Sun reports. ⇒The House of Representatives Judiciary Committee approved a bill that would require Internet providers to retain customer data-- including customer names, addresses, phone records, and credit card numbers--and also allow the government to track customers. ⇒ Facebook is offering $500 to anyone who can find security bugs in its network, as long as the company is given time to fix any bug before it is made public.