Florida Man Enters the Encryption Wars

Just three months into the Trump administration's promised crackdown on immigration to the United States, Immigrations and Customs Enforcement now has a $30 million contract with Palantir to build a “near-real time” surveillance platform called ImmigrationOS that would track information about people self-deporting (electing to leave the US). Meanwhile, the Department of Homeland Security has been sending aggressive emails telling people with temporary legal status to leave the US. It is unclear who has actually been sent the messages, though, given that a number of people who are US-born citizens have reported receiving them.

The US Cybersecurity and Infrastructure Security Agency briefly seemed poised this week to cancel funding for the critical software vulnerability tracking project known as the CVE Program. CISA eventually came through with the funding, but some members of the CVE Program's governing board are planning to make the project into an independent nonprofit.

A lawsuit over the Trump administration’s Houthi Signal group chat is revealing details on steps that federal departments did—and did not—take to preserve the messages per records laws.

WIRED took a look at the most dangerous hackers you've never heard of, diving deep on the unrelenting and two-faced Russian intelligence group Gamaredon; the incredibly prolific Chinese Smishing Triad text message scammers; the dangerous members of fallen ransomware giant Black Basta; the Iranian critical infrastructure hackers known as CyberAv3ngers; the TraderTraitor North Korean cryptocurrency hackers responsible for a staggering number of massive heists; and the notorious, longtime Chinese criminal and state-backed crossover hackers known as Brass Typhoon.

On top of all of that, a suspected 4chan hack may have devastating consequences for the controversial image board. The AI company Massive Blue is helping cops generate AI-powered social media bots to pose as sympathetic figures and talk to people of interest. And the New Jersey attorney general is suing Discord, claiming that the platform doesn't have adequate safeguards in place to protect children under 13 from sexual predators and harmful content.

But wait, there's more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.

A draft bill in the state of Florida would require social media companies to provide law enforcement with encryption backdoors so cops could access users’ accounts. The bill advanced unanimously from committee this week and will now go to the state Senate for a vote. If passed, the Social Media Use by Minors bill, which is sponsored by state senator Blaise Ingoglia, would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.” The bill would also ban disappearing messages in accounts designed for children and would require social media companies to create a mechanism for parents or guardians to access children's accounts. Experts have long warned that encryption backdoors make everyone less secure, including those they are intended to help. Yet waves of attacks on encryption have repeatedly emerged over the years, including a recent trend in the European Union and United Kingdom.

A Nevada district judge said this week that the practice of “tower dumps,” in which law enforcement pulls vast quantities of personal caller data from cell towers, violates the Fourth Amendment and is, thus, unconstitutional. Cell towers collect large quantities of information about users, including phone numbers and phone locations, so when cops request data from a tower during a specific time period, they often receive information on thousands of devices or more. In spite of the decision this week, though, Judge Miranda M. Du said that law enforcement could still use the evidence they had collected through a tower dump in their case.

China claimed this week that the US National Security Agency perpetrated “advanced” cyberattacks against critical industries in February during the Asian Winter Games. Law enforcement from the northeastern city of Harbin put three alleged NSA agents—Katheryn A. Wilson, Robert J. Snelling, and Stephen W. Johnson—on a wanted list and claimed that the University of California and Virginia Tech were involved in the attacks. “We urge the US to take a responsible attitude on the issue of cyber security and … stop unprovoked smears and attacks on China,” ministry spokesperson Lin Jian said during a news briefing about multiple topics, according to Reuters. The US government frequently calls out Chinese state-backed hacking and names individual alleged perpetrators, but China has been less consistent about such statements. The move this week comes amid escalating tensions between the two countries, including the Trump's administration's trade war.

CBP is using multiple artificial intelligence tools to scan social media and identify people of interest online, according to information from the agency and marketing materials reviewed by 404 Media from the contractors. CBP released information about the platforms this week in parallel to the US Department of Homeland Security’s announcement that it will “begin screening aliens’ social media activity for Antisemitism.” That statement also says that US Citizenship and Immigration Services is conducting “antisemitism” social media searches. CBP told 404 Media in an email that “neither tool is used for vetting or travel application processing,” referring to Dataminr and Onyx, but did not elaborate beyond that. The platforms use AI to parse large troves of data and can be used to develop leads on people who may be in violation of US immigration laws.