Shibuya to Roppongi Nighttime Bus Service Starts, Preps Tokyo for 24/7 Public Transportation

The Japan Times on Shubuya to Roppongi nighttime bus service having started on December 21:

Around 1 a.m. Dec. 21, a line was waiting in front of Tokyu Plaza at JR Shibuya Station for the launch of the all-night bus service to Roppongi. Run by the Tokyo Metropolitan Government, the bus will allow people to travel between two of Tokyo’s most popular nightlife spots once an hour for ¥400, double the usual fare.

The all-night bus service is aimed at making nighttime travel more affordable and convenient, and at boosting Tokyo’s profile ahead of the 2020 Olympics, according to the Transportation Bureau. For now, it is being offered only in the early hours of Saturday to gauge interest and demand.

The service got off to a festive start at 1:10 a.m. as the bus, packed with well over 40 passengers ranging from partygoers to talkative university students and slightly drunk office workers, headed out to great fanfare. The jovial mood prevailed during the roughly 20-minute ride.

Hopefully this puts Tokyo one step closer to 24/7 bus and train service ahead of the upcoming 2020 Tokyo Olympics. Having the ability to hop on a train at any time after hours and get back home to the outskirts of Tokyo would be a godsend.

This post is part of the thread: Japan – an ongoing story on this site. View the thread timeline for more context on this post.

House Intelligence Committee Chairman Mike Rogers Heads to TV to Spread Blatant Lies about Snowden’s Motives for Whistle-blowing

NBC News Politics on comments House Intelligence Committee Chairman Mike Rogers made during an interview to be aired Sunday on Meet the Press:

In an interview to be aired Sunday on NBC’s Meet the Press, Rogers said that rather Snowden being a crusader for Americans’ privacy, “the vast majority” of what Snowden stole “had nothing to do with privacy. Our Army, Navy, Air Force, Marines have been incredibly harmed by the data that he has taken with him and we believe now is in the hands of nation states.”

The Michigan Republican added that there are still “certain questions that we have to get answered” about who helped Snowden remove data from the NSA and later make it public in newspapers in the United States and Britain.

“He was stealing information that had to do with how we operate overseas to collect information to keep Americans safe…. And some of the things he did were beyond his technical capabilities” — a fact which Rogers said “raises more questions. How he arranged travel before he left. How he was ready to go, he had a go bag, if you will.”

Rogers added that he believes “there’s a reason he ended up in the hands, the loving arms, of an FSB (Russian security service) agent in Moscow. I don’t think that’s a coincidence….I don’t think it was a gee-whiz luck event that he ended up in Moscow under the handling of the FSB.”

What an utter joke. I don’t even know where to begin.

That has got to be one of the weakest arguments I have ever read about Snowden and his motivation for blowing the whistle on NSA activities. If Mike Rogers, who has a penchant for lying about anything he dislikes, truly believes Snowden had help from the Russians in copying sensitive documents off of NSA file servers then the U.S. intelligence apparatus has more to be concerned with than the mere disclosure of secrets.

How would Mike Rogers, a Congressman who has absolutely no clue about technology, have any clue about what technical capabilities Snowden wields, much less how easy it is to copy data from file servers to USB thumb drives if you are a systems administrator?

It’s not like this is rocket science: to move necessary operating system and security patches from the internet to other networks, USB drives are a necessity, and the only personnel authorized to use them are those with elevated privileges so they can perform their job functions. This is expressly why Snowden was able to do what he did; his position of trust allowed him special access, and he abused it in the pursuit of whistle-blowing.

I suggest the questions Mike Rogers, as the ostensible House Intelligence Committee Chairman, should be focused on getting answers to are the following:

  1. Why is the NSA violating the privacy of American citizens when these programs have been proven ineffective?
  2. Why has the NSA failed to provide straightforward answers to questions to Congress so they do not have to seek the consultation of private citizens to understand the context of the Snowden disclosures?
  3. Why has the Director of National Intelligence James Clapper been allowed to lie to Congress without any repercussions whatsoever?
  4. Why does the intelligence apparatus always get a free pass from illegal behavior while ordinary citizens who are not doing anything illegal get terrorized with false accusations and threats of long-term incarceration for seemingly petty charges?

Lastly, it is rather apparent Representative Rogers forgot it was the United States government who revoked Snowden’s passport while he was mid-air, which left him stranded in a Russian airport for weeks before finally being granted temporary asylum in Russia.

How we, as Americans, allow ourselves to be represented by blatant liars like Mike Rogers is unfathomable. Of course, President Obama remains one of the worst acts of lying in recent history, campaigning against everything he has done while in office. People like these two – which admittedly is the majority of our elected officials – need to be voted off the island and removed from office forever.

It is time for our government to get back to being one of the people, working for the people, rather than one only interested in maintaining the status quo and pushing the boundaries of constitutionally acceptable behavior because terrorism.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

Banking Security Disaster Waiting to Happen As Most ATM’s Are Still Running Windows XP

Bloomberg Businessweek on the banking industry’s failure to upgrade ATM’s to Windows XP:

When ATMs were introduced more than 40 years ago, they were considered advanced technology. Today, not so much. There are 420,000 ATMs in the U.S., and on April 8, a deadline looms for nearly all of them that underscores how sluggishly the nation’s cash delivery system moves forward. That’s the day Microsoft (MSFT) cuts off tech support for Windows XP, meaning that ATMs running the software will no longer receive regular security patches and won’t be in compliance with industry standards. Most machines that get upgraded will shift to Windows 7, an operating system that became available in October 2009. (Some companies get a bit of a reprieve: For ATMs using a stripped-down version of XP known as Windows XP Embedded, which is less susceptible to viruses, Microsoft support lasts until early 2016.)

This is why a solid defense-in-depth strategy is vitally important. Using a defensive tool like application whitelisting can prevent most of the more dangerous types of malware from executing, and monitors RAM for buffer overflow-type exploits, even if the operating system has unpatched vulnerabilities.

The chances of the banks having employed a solid endpoint protection strategy for their ATM’s is pretty low.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

Malware Authors Abusing Chrome’s Extension Auto-Update Feature to Silently Install Adware

Ars Technica on malware authors buying chrome extensions to infect them with their virulent code:

A first-hand account of this, which was first spotted by OMGChrome, was given by Amit Agarwal, developer of the “Add to Feedly” extension. One morning, Agarwal got an e-mail offering “4 figures” for the sale of his Chrome extension. The extension was only about an hour’s worth of work, so Agarwal agreed to the deal, the money was sent over PayPal, and he transferred ownership of the extension to another Google account. A month later, the new extension owners released their first (and so far only) update, which injected adware on all webpages and started redirecting links. Chrome’s extension auto-update mechanism silently pushed out the update to all 30,000 Add to Feedly users, and the ad revenue likely started rolling in. While Agarwal had no idea what the buyer’s intention was when the deal was made, he later learned that he ended up selling his users to the wolves. The buyer was not after the Chrome extension, they were just looking for an easy attack vector in the extension’s user base.

With the good comes the bad.

The Chrome auto-update feature for extensions is generally viewed as a positive move for security. But unfortunately, there will always be unscrupulous people looking to abuse the system for a multitude of reasons, especially if it can make them a quick buck. It’s an unfortunate part of how the world, and the security world in particular, works.

Staying away from unnecessary Chrome extensions, and plugins in general, is the best prevention to this kind of attack.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

Japanese Bridegrooms Thrown Downhill as Part of Northern Japan Ritual

BBC News on a custom in Niigata, Japan where bridegrooms are thrown downhill to celebrate the lunar new year:

Three men were tossed down a hill in Matsunoyama, Niigata Prefecture, as part of the a festival to celebrate the lunar new year, the Mainichi Shimbun newspaper.

The men were carefully selected from a pool of applicants, the paper says, quoting one who had been one of the throwers for the past seven years. “Finally, it’s my turn to be thrown!” he told the paper, completely covered in snow after rolling down the 16ft hill.

The festival could be anything between 300 and 600 years old, and is believed to have been started by village youths enacting revenge against other men for “stealing their young women”.

Japan does not have a monopoly on the weird but this certainly is a bit different.

This post is part of the thread: Japan – an ongoing story on this site. View the thread timeline for more context on this post.

Obama Announces “Changes” That Do Absolutely Nothing to Curb Unnecessary, Overly Broad Data Collection on U.S. Citizens

The New York Times on a speech by Obama earlier today announcing changes to NSA’s bulk collection of U.S. citizen’s data:

“The most interesting part of this speech was not how the president weighed individual privacy against the N.S.A.,” said Fred H. Cate, the director of the Center of Applied Cybersecurity Research at Indiana University, “but that he said little about what to do about the agency’s practice of vacuuming up everything it can get its hands on.”

Professor Cate, who also advises the Department of Homeland Security on cyber issues, noted that Mr. Obama “took a report that had 46 recommendations, and touched on three or four of them.”

In fact, he did more than that: Mr. Obama reminded the country that it was not only the government that was monitoring users of the web, it was also companies like Apple, Facebook, Twitter and Yahoo that had complained so loudly, as members of an industry group called Reform Government Surveillance.

Is anyone really surprised President Obama would try and equate the unnecessary, unwarranted, and undesired NSA encroachment upon civil liberties through bulk data collection in just about every way imaginable, with American citizens handing over information to corporations like Apple, Facebook, and Twitter in exchange for services rendered?

Yes, the President of the United States of America believes the American public is so stupid that we are unable to see through his – and the out of control intelligence apparatus’ – subterfuge.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

Apparently My High School Was Tame Compared to What Happens in Classrooms Across the Country Nowadays

This reddit thread on what is the most horrible thing you caught a classmate doing in school discusses some things happening in high schools that I never encountered. Some are funny, others are crazy, but far too many are horrific.

My high school was not in the best part of town so I probably experienced more violence than any of these types of peculiarities. I cannot, for the life of me, fathom anyone in any of my classes doing anything witnessed by many of the people in the aforementioned reddit thread. Maybe I should be thanking my lucky stars.

Hat tip to Bruce for the find!

Bruce Schneier Briefs Congress on NSA Activities Because True Intelligence Community Oversight Does Not Exist and Probably Never Will

Security expert Bruce Schneier on having briefed Congress on NSA capabilities:

This morning I spent an hour in a closed room with six Members of Congress: Rep. Logfren, Rep. Sensenbrenner, Rep. Scott, Rep. Goodlate, Rep Thompson, and Rep. Amash. No staffers, no public: just them. Lofgren asked me to brief her and a few Representatives on the NSA. She said that the NSA wasn’t forthcoming about their activities, and they wanted me — as someone with access to the Snowden documents — to explain to them what the NSA was doing. Of course I’m not going to give details on the meeting, except to say that it was candid and interesting. And that it’s extremely freaky that Congress has such a difficult time getting information out of the NSA that they have to ask me. I really want oversight to work better in this country.

How amazing is it that Congress has to ask a private citizen – one without a security clearance yet who is familiar with and understands the NSA capabilities thanks to the Snowden disclosures – about NSA activities rather than hearing the answers from NSA Director, General Keith Alexander?

This is not supposed to happen in the United States. Soviet Russia maybe, but not in America. If you still think what the NSA is doing is ok, and necessary to keep America safe, I suggest you reevaluate your stance after reading all the available information released since the first Snowden revelation.

If this meeting is not evidence enough of an intelligence agency run amok then I don’t know what is.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

NSA Collecting Millions of Text Messages Daily in Untargeted Global Sweep

The Guardian on yet another NSA revelation, Dishfire, a program bulk collecting millions of global text messages daily:

The NSA program, codenamed Dishfire, collects “pretty much everything it can”, according to GCHQ documents, rather than merely storing the communications of existing surveillance targets.

The NSA has made extensive use of its vast text message database to extract information on people’s travel plans, contact books, financial transactions and more – including of individuals under no suspicion of illegal activity.

An agency presentation from 2011 – subtitled “SMS Text Messages: A Goldmine to Exploit” – reveals the program collected an average of 194 million text messages a day in April of that year. In addition to storing the messages themselves, a further program known as “Prefer” conducted automated analysis on the untargeted communications.

I am fascinated each time a new story is published based on documents from the Snowden disclosure treasure trove. However, lately, I rarely find myself surprised. Instead, I shake my head and think, this is pretty damn obvious and seems like a capability I would expect the NSA to wield.

What scares me more than anything is how blind and inconsiderate the NSA is to the dangerous rabbit hole they’ve taken the United States down. The NSA seems to think they’re being chivalrous when in fact it’s quite the opposite.

This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.

Chocolatory, The Worlds First Kit Kat Store Opens Today in Ikebukuro

Kotaku on the worlds first Kit Kat store opening in Japan:

Japan is famous for its Kit Kats. The country has a slew of unique flavors that simply aren’t available elsewhere. On this month, it will get the first Kit Kat specialty store on Earth.P

Called Kit Kat Chocolatory, the store will open on January 17 at the Seibu Department Store in Tokyo’s Ikebukuro. It will be located in Seibu’s basement, along with the department store’s other food sellers (In Japanese department stores, the basement is typically home to amazing and delicious food vendors.)P

According to IT Media, the Kit Kat Chocolatory will offer special Kit Kats that are aimed at adult tastebuds and suit each season. The specialty shop is teaming up with sweet shop Le Patissier Takagi for its gourmet Kit Kat store, with pastry chef Yasumasa Takagai overseeing and developing new Kit Kats.

I would expect the lines at Kit Kat Chocolatory to be unreal, and probably worse than waiting for Splash Mountain at Disneyland in August.

This post is part of the thread: Japan – an ongoing story on this site. View the thread timeline for more context on this post.