The FBI raided the home of Mateo D’Amato, a renowned computer scientist specializing in cryptography and anonymity technologies, and seized several electronic devices. D’Amato has since vanished, becoming incommunicado with colleagues and family. His university profile has been removed, and the institution refuses to comment, further deepening the mystery surrounding his disappearance and the reason for the FBI's interest. D’Amato's research focused on areas with potential national security implications, but no details regarding the investigation have been released.
Pressure is mounting on the UK Parliament's Intelligence and Security Committee (ISC) to hold its hearing on Apple's data privacy practices in public. The ISC plans to examine claims made in a recent report that Apple's data extraction policies could compromise national security and aid authoritarian regimes. Privacy advocates and legal experts argue a public hearing is essential for transparency and accountability, especially given the significant implications for user privacy. The ISC typically operates in secrecy, but critics contend this case warrants an open session due to the broad public interest and potential impact of its findings.
HN commenters largely agree that Apple's argument for a closed-door hearing regarding data privacy doesn't hold water. Several highlight the irony of Apple's public stance on privacy conflicting with their desire for secrecy in this legal proceeding. Some express skepticism about the sincerity of Apple's privacy concerns, suggesting it's more about competitive advantage. A few commenters suggest the closed hearing might be justified due to legitimate technical details or competitive sensitivities, but this view is in the minority. Others point out the inherent conflict between national security and individual privacy, noting that this case touches upon that tension. A few express cynicism about government overreach in general.
Apple has removed its iCloud Advanced Data Protection feature, which offers end-to-end encryption for almost all iCloud data, from its beta software in the UK. This follows reported concerns from the UK's National Cyber Security Centre (NCSC) that the enhanced security measures would hinder law enforcement's ability to access data for investigations. Apple maintains that the feature will be available to UK users eventually, but hasn't provided a clear timeline for its reintroduction. While the feature remains available in other countries, this move raises questions about the balance between privacy and government access to data.
HN commenters largely agree that Apple's decision to pull its child safety features, specifically the client-side scanning of photos, is a positive outcome. Some believe Apple was pressured by the UK government's proposed changes to the Investigatory Powers Act, which would compel companies to disable security features if deemed a national security risk. Others suggest Apple abandoned the plan due to widespread criticism and technical challenges. A few express disappointment, feeling the feature had potential if implemented carefully, and worry about the implications for future child safety initiatives. The prevalence of false positives and the potential for governments to abuse the system were cited as major concerns. Some skepticism towards the UK government's motivations is also evident.
This FBI file release details Kevin Mitnik's activities and the subsequent investigation leading to his 1995 arrest. It documents alleged computer intrusions, theft of software and electronic documents, and wire fraud, primarily targeting various telecommunications companies and universities. The file includes warrants, investigative reports, and correspondence outlining Mitnik's methods, the damage caused, and the extensive resources employed to track and apprehend him. It paints a picture of Mitnik as a skilled and determined hacker who posed a significant threat to national security and corporate interests at the time.
HN users discuss Mitnick's portrayal in the media versus the reality presented in the released FBI files. Some commenters express skepticism about the severity of Mitnick's crimes, suggesting they were exaggerated by the media and law enforcement, particularly during the pre-internet era when public understanding of computer systems was limited. Others point out the significant resources expended on his pursuit, questioning whether it was proportionate to his actual offenses. Several users note the apparent lack of evidence for financial gain from Mitnick's activities, framing him more as a curious explorer than a malicious actor. The overall sentiment leans towards viewing Mitnick as less of a criminal mastermind and more of a skilled hacker who became a scapegoat and media sensation due to public fear and misunderstanding of early computer technology.
An Oregon woman discovered her private nude photos had been widely shared in her small town, tracing the source back to the local district attorney, Marco Bocci, and a sheriff's deputy. The photos were taken from her phone while it was in police custody as evidence. Despite the woman's distress and the clear breach of privacy, both Bocci and the deputy are shielded from liability by qualified immunity (QI), preventing her from pursuing legal action against them. The woman, who had reported a stalking incident, now feels further victimized by law enforcement. An independent investigation confirmed the photo sharing but resulted in no disciplinary action.
HN commenters largely discuss qualified immunity (QI), expressing frustration with the legal doctrine that shields government officials from liability. Some argue that QI protects bad actors and prevents accountability for misconduct, particularly in cases like this where the alleged actions seem clearly inappropriate. A few commenters question the factual accuracy of the article or suggest alternative explanations for how the photos were disseminated, but the dominant sentiment is critical of QI and its potential to obstruct justice in this specific instance and more broadly. Several also highlight the power imbalance between citizens and law enforcement, noting the difficulty individuals face when challenging authority.
Bipartisan U.S. lawmakers are expressing concern over a proposed U.K. surveillance law that would compel tech companies like Apple to compromise the security of their encrypted messaging systems. They argue that creating a "back door" for U.K. law enforcement would weaken security globally, putting Americans' data at risk and setting a dangerous precedent for other countries to demand similar access. This, they claim, would ultimately undermine encryption, a crucial tool for protecting sensitive information from criminals and hostile governments, and empower authoritarian regimes.
HN commenters are skeptical of the "threat to Americans" angle, pointing out that the UK and US already share significant intelligence data, and that a UK backdoor would likely be accessible to the US as well. Some suggest the real issue is Apple resisting government access to data, and that the article frames this as a UK vs. US issue to garner more attention. Others question the technical feasibility and security implications of such a backdoor, arguing it would create a significant vulnerability exploitable by malicious actors. Several highlight the hypocrisy of US lawmakers complaining about a UK backdoor while simultaneously pushing for similar capabilities themselves. Finally, some commenters express broader concerns about the erosion of privacy and the increasing surveillance powers of governments.
The UK government is pushing for a new law, the Investigatory Powers Act, that would compel tech companies like Apple to remove security features, including end-to-end encryption, if deemed necessary for national security investigations. This would effectively create a backdoor, allowing government access to user data without their knowledge or consent. Apple argues that this undermines user privacy and security, making everyone more vulnerable to hackers and authoritarian regimes. The law faces strong opposition from privacy advocates and tech experts who warn of its potential for abuse and chilling effects on free speech.
HN commenters express skepticism about the UK government's claims regarding the necessity of this order for national security, with several pointing out the hypocrisy of demanding backdoors while simultaneously promoting end-to-end encryption for their own communications. Some suggest this move is a dangerous precedent that could embolden other authoritarian regimes. Technical feasibility is also questioned, with some arguing that creating such a backdoor is impossible without compromising security for everyone. Others discuss the potential legal challenges Apple might pursue and the broader implications for user privacy globally. A few commenters raise concerns about the chilling effect this could have on whistleblowers and journalists.
Thailand has disrupted utilities to a Myanmar border town notorious for housing online scam operations. The targeted area, Shwe Kokko, is reportedly a hub for Chinese-run criminal enterprises involved in various illicit activities, including online gambling, fraud, and human trafficking. By cutting off electricity and internet access, Thai authorities aim to hinder these operations and pressure Myanmar to address the issue. This action follows reports of thousands of people being trafficked to the area and forced to work in these scams.
Hacker News commenters are skeptical of the stated efficacy of Thailand cutting power and internet to Myanmar border towns to combat scam operations. Several suggest that the gangs are likely mobile and adaptable, easily relocating or using alternative power and internet sources like generators and satellite connections. Some highlight the collateral damage inflicted on innocent civilians and legitimate businesses in the affected areas. Others discuss the complexity of the situation, mentioning the involvement of corrupt officials and the difficulty of definitively attributing the outages to Thailand. The overall sentiment leans towards the action being a performative, ineffective measure rather than a genuine solution.
The FBI and Dutch police have disrupted the "Manipulaters," a large phishing-as-a-service operation responsible for stealing millions of dollars. The group sold phishing kits and provided infrastructure like bulletproof hosting, allowing customers to easily deploy and manage phishing campaigns targeting various organizations, including banks and online retailers. Law enforcement seized 14 domains used by the gang and arrested two individuals suspected of operating the service. The investigation involved collaboration with several private sector partners and focused on dismantling the criminal infrastructure enabling widespread phishing attacks.
Hacker News commenters largely praised the collaborative international effort to dismantle the Manipulaters phishing gang. Several pointed out the significance of seizing infrastructure like domain names and bulletproof hosting providers, noting this is more effective than simply arresting individuals. Some discussed the technical aspects of the operation, like the use of TOX for communication and the efficacy of taking down such a large network. A few expressed skepticism about the long-term impact, predicting that the criminals would likely resurface with new infrastructure. There was also interest in the Dutch police's practice of sending SMS messages to potential victims, alerting them to the compromise and urging them to change passwords. Finally, several users criticized the lack of detail in the article about how the gang was ultimately disrupted, expressing a desire to understand the specific techniques employed by law enforcement.
A new report reveals California law enforcement misused state databases over 7,000 times in 2023, a significant increase from previous years. These violations, documented by the California Department of Justice, ranged from unauthorized access for personal reasons to sharing information improperly with third parties. The most frequent abuses involved accessing driver's license information and criminal histories, raising concerns about privacy and potential discrimination. While the report highlights increased reporting and accountability measures, the sheer volume of violations underscores the need for continued oversight and stricter enforcement to prevent future misuse of sensitive personal data.
Hacker News users discuss the implications of California law enforcement's misuse of state databases. Several express concern over the lack of meaningful consequences for officers, suggesting the fines are too small to deter future abuse. Some highlight the potential chilling effect on reporting crimes, particularly domestic violence, if victims fear their information will be improperly accessed. Others call for greater transparency and public access to the audit data, along with stricter penalties for offenders, including termination and criminal charges. The need for stronger oversight and systemic changes within law enforcement agencies is a recurring theme. A few commenters question the scope of permissible searches and the definition of "misuse," suggesting further clarification is needed.
The Nevada Supreme Court closed a loophole that allowed police to circumvent state law protections against civil asset forfeiture. Previously, law enforcement would seize property under federal law, even for violations of state law, bypassing Nevada's stricter requirements for forfeiture. The court ruled this practice unconstitutional, reaffirming that state law governs forfeitures based on state law violations, even when federal agencies are involved. This decision strengthens protections for property owners in Nevada and makes it harder for law enforcement to seize assets without proper due process under state law.
HN commenters largely applaud the Nevada Supreme Court decision limiting "equitable sharing," viewing it as a positive step against abusive civil forfeiture practices. Several highlight the perverse incentives created by allowing law enforcement to bypass state restrictions by collaborating with federal agencies. Some express concern that federal agencies might simply choose not to pursue cases in states with stronger protections, thus hindering the prosecution of actual criminals. One commenter offers personal experience of successfully challenging a similar seizure, emphasizing the difficulty and expense involved even when ultimately victorious. Others call for further reforms to civil forfeiture laws at the federal level.
A 19-year-old, Zachary Lee Morgenstern, pleaded guilty to swatting-for-hire charges, potentially facing up to 20 years in prison. He admitted to placing hoax emergency calls to schools, businesses, and individuals across the US between 2020 and 2022, sometimes receiving payment for these actions through online platforms. Morgenstern's activities disrupted communities and triggered large-scale law enforcement responses, including a SWAT team deployment to a university. He is scheduled for sentencing in March 2025.
Hacker News commenters generally express disgust at the swatter's actions, noting the potential for tragedy and wasted resources. Some discuss the apparent ease with which swatting is carried out and question the 20-year potential sentence, suggesting it seems excessive compared to other crimes. A few highlight the absurdity of swatting stemming from online gaming disputes, and the immaturity of those involved. Several users point out the role of readily available personal information online, enabling such harassment, and question the security practices of the targeted individuals. There's also some debate about the practicality and effectiveness of legal deterrents like harsh sentencing in preventing this type of crime.
Summary of Comments ( 159 )
https://news.ycombinator.com/item?id=43527001
Hacker News users discussed the implications of the FBI raid and subsequent disappearance of the computer scientist, expressing concern over the lack of public information and potential chilling effects on academic research. Some speculated about the reasons behind the raid, ranging from national security concerns to more mundane possibilities like grant fraud or data mismanagement. Several commenters questioned the university's swift removal of the scientist's webpage, viewing it as an overreaction and potentially damaging to his reputation. Others pointed out the difficulty of drawing conclusions without knowing the specifics of the investigation, advocating for cautious observation until more information emerges. The overall sentiment leaned towards concern for the scientist's well-being and apprehension about the precedent this sets for academic freedom.
The Hacker News post titled "FBI raids home of prominent computer scientist who has gone incommunicado" (linking to an Ars Technica article about the disappearance of Dr. Yingying (Jennifer) Chen) has generated a significant number of comments discussing various aspects of the situation. Many commenters express concern over the lack of information and the chilling effect this kind of action could have on academic research and international collaboration.
Several commenters focus on the potential implications of the FBI raid and Chen's subsequent disappearance. Some speculate about possible reasons, ranging from intellectual property theft to espionage, while acknowledging the absence of publicly available evidence. Others caution against jumping to conclusions and emphasize the importance of due process and the presumption of innocence until proven guilty. The secrecy surrounding the case fuels speculation and anxieties.
A recurring theme in the comments is the potential damage to academic freedom and international collaboration. Commenters worry that incidents like this could deter foreign researchers from working in the US or collaborating with American institutions. Some express concerns that the incident could exacerbate existing tensions between the US and China.
Some commenters question the proportionality of the FBI's response, particularly given the lack of publicly disclosed information about the nature of the alleged wrongdoing. They highlight the potential for such raids to disrupt research, damage reputations, and cause significant personal distress even if the individual is ultimately exonerated.
A few commenters offer alternative perspectives, suggesting that the lack of public information might indicate the sensitivity or complexity of the investigation. They argue that it's premature to criticize the FBI's actions without a clearer understanding of the circumstances.
Many comments dissect the Ars Technica article itself, pointing out what they perceive as journalistic shortcomings, such as the reliance on anonymous sources and the lack of concrete details. Some commenters express frustration with the article's focus on speculation rather than verifiable facts.
Finally, several commenters offer practical advice and support, sharing information about legal resources and expressing solidarity with Chen and her family. There's a palpable sense of concern within the community for Chen's well-being and the broader implications of her disappearance. The comments reflect a desire for transparency and a cautious approach to judgment in the absence of confirmed information.