A Wired blog has some curious news about politics in America and how the wiretap companies are trying to evade lawsuits by lining the pockets of Congress:

Top Verizon executives, including CEO Ivan Seidenberg and President Dennis Strigl, wrote personal checks to Rockefeller totaling $23,500 in March, 2007. Prior to that apparently coordinated flurry of 29 donations, only one of those executives had ever donated to Rockefeller (at least while working for Verizon).

In fact, prior to 2007, contributions to Rockefeller from company executives at AT&T and Verizon were mostly non-existent.

But that changed around the same time that the companies began lobbying Congress to grant them retroactive immunity from lawsuits seeking billions for their alleged participation in secret, warrantless surveillance programs that targeted Americans.

The EFF has been seeking clarity around these back-room dealings:

Foundation (EFF) filed suit against the Department of Justice (DOJ) today, demanding any records of a telecom industry lobbying campaign to block lawsuits over their compliance with illegal electronic surveillance. EFF’s lawsuit comes as Congress debates letting telecommunications companies off scot-free as part of the hotly disputed “modernization” of the Foreign Intelligence Surveillance Act (FISA).

Some notable politicians are apparently in no rush to hold corporations accountable for doing a bad job at the dirty work of government. This is likely to increase in probability if the government sees “outsourcing” as the legitimately sneaky (unregulated) way to run military action and intelligence operations at home and abroad.

Someone just sent me this list of podcasts from a Masters on Information Security course at USF. Listen to them and you too may be able to get a Masters Degree, in Information Security. Thought I should share:

“OASIS Identity and Trusted Infrastructure Workshop at Catalyst
Conference Europe.”
http://podcast.burtongroup.com/

CERT’s Podcast Series: Security for Business Leaders
http://www.cert.org/podcast/

Pauldotcom Security Weekly
feed://pauldotcom.com/podcast/psw.xml

Secthis.com
feed://feeds.feedburner.com/secthis

Secure IT Live
feed://feeds.feedburner.com/SecureItWithEricGreen

CNET Security Bites
http://www.news.com/2030-11424-6052904.html

Security Now
http://www.grc.com/securitynow.htm

Security Roundtable
http://www.securityroundtable.com/

Still Secure
http://stillsecureafteralltheseyears.com/

Symantec
http://www.symantec.com/podcast/index

I’d rather see a John Stewart-like nightly newscast of security events.

Mid-day news reports that Mumbai Internet access is under heavy surveillance and supervision:

Vijay Mukhi, President of the Foundation for Information Security and Technology says, “The terrorists know that if they use machines at home, they can be caught. Cybercafes therefore give them anonymity.”

“The police needs to install programs that will capture every key stroke at regular interval screen shots, which will be sent back to a server that will log all the data.

The police can then keep track of all communication between terrorists no matter, which part of the world they operate from.This is the only way to patrol the net and this is how the police informer is going to look in the e-age,” added Mukhi.

Seems like a good theory, but as we all know the “no matter which part of the world” and “every key stroke” phrases are absolutes. Absolutes and security rarely go well together.

All cyber cafes in the city will now need a police license to keep their business going. All cafes need to register at the police headquarters and provide details on the number of computers installed, type of computers and technical details like the IP address of each machine.

They will have some trouble when they realize how IP addresses are increasingly dynamic and spoofed.

I wonder how much of this type of cafe clampdown, if successful, will push anonymous network seekers onto the weaker wireless signals in residential neighborhoods.

Will police require home users to use a grade of security to prevent intrusion, and/or to report the number of computers, type, etc. when they run wireless networks? Will home users be held liable for weak security like WEP, or the providers, or even the manufacturers? The new Snoop law in England, if it survives public concern, may help provide answers.