In U.S. prisons, tablets open window to the outside world

Inmate Steven Goff connects his JPay tablet device to a kiosk inside the East Jersey State Prison in Rahway, New Jersey, U.S., July 12, 2018. REUTERS/Brendan McDermid

By Diana Kruzman

RAHWAY, N.J. (Reuters) – Marvin Worthy, confined to a New Jersey state prison since 2004, cannot watch his son play basketball or visit him in college. But for the past three years, a tablet computer has kept their relationship alive.

Eight years after Apple introduced the iPad, specially designed tablets are reaching thousands of prisoners in state and county lock-ups around the United States. In the last year alone, at least 19 states have made tablets available to inmates, saying they reduce violence while providing education and job training.

“We talk about school, what he does every day,” said Worthy, 37, who is serving the last 13 years of his sentence in East Jersey State Prison in Rahway. A picture of his son on prom night glowed on the small screen in his hands.

The tablets, which are tamper-proof and unable to access the internet, allow inmates to exchange emails with people on an approved list of contacts. But some advocacy groups say their charges are too high and fear they may be used to replace family visits.

“Having tablets to help people in prisons use email and technology is a good thing,” said Caroline Hsu, an attorney at the Prisoners’ Rights Project. “But I’m worried about these services being considered replacements and not additions.”

In some states including Colorado, New York and Virginia, companies provide the tablets for free. But in all cases, inmates have to pay for the services they use, which include email, video calls, and downloads of games, music, movies and books from a limited selection. They can also file prison grievances, access a law library or take job training courses.

All messages are limited in length and screened for security to prevent any unauthorized contact with the outside world.

Inmate Ignacio Rodriguez shows his JPay tablet device inside the East Jersey State Prison in Rahway, New Jersey, U.S., July 12, 2018. REUTERS/Brendan McDermid

Inmate Ignacio Rodriguez shows his JPay tablet device inside the East Jersey State Prison in Rahway, New Jersey, U.S., July 12, 2018. REUTERS/Brendan McDermid

Two of the big players in the field are Global Tel Link (GTL), a tablet provider based in Reston, Virginia, and Dallas-based Securus Technologies and its JPay unit, which have long sold other prison services such as pay-phone calls and money transfers.

The privately-owned companies design their own tablets and software and sell them to inmates or facilities through contracts with correctional departments.

JPay and GTL told Reuters they factor in the high cost of creating a closed network for emails when setting prices. They said they do not encourage facilities to cut in-person education, visits or physical mail.

‘CAPTIVE CONSUMER BASE’

About 30 states say they offer tablets to all prisoners, along with numerous county jails. Many say the computers keep inmates occupied, lowering the risk of fighting, while email and video-calling cuts the cost of hiring staff to sort mail or screen visitors.

Tablets are especially useful for inmates whose families are unable to travel to see them, said Brian Peters, a vice president at GTL. And family contact reduces the chance inmates will commit crimes after being released, according to studies from the nonprofit Vera Institute of Justice.

But because many states sign exclusive contracts with one company, tablet providers can freely set prices.

Inmate Ignacio Rodriguez poses while using his JPay tablet device inside the East Jersey State Prison in Rahway, New Jersey, U.S., July 12, 2018. REUTERS/Brendan McDermid

Inmate Ignacio Rodriguez poses while using his JPay tablet device inside the East Jersey State Prison in Rahway, New Jersey, U.S., July 12, 2018. REUTERS/Brendan McDermid

“These vendors have specialized in making money off of people in prison and their families,” said Hsu. “They have a literally captive consumer base.”

She said New York’s contract with JPay, which will provide tablets for some 50,000 prisoners, does not allow prisoners to send free or confidential emails to attorneys. JPay confirmed that was correct.

Each email costs 40 to 50 cents to send, as much as five hours of work for New York inmates, according to 2017 data from the nonprofit Prison Policy Initiative.

“This is just a means to monetize human contact,” said Paul Wright, executive director of the Human Rights Defense Center, a nonprofit that campaigns on behalf of prisoner rights.

Ignacio Rodriguez, 32, who has been incarcerated at East Jersey State Prison since 2014, said he had to choose “between writing emails and purchasing food or other essentials from the commissary.”

“At times the cost can be a burden,” he said.

(Reporting by Diana Kruzman, Editing by Frank McGurty and Rosalba O’Brien)

Spam campaign targets Google users with malicious link

A security guard keeps watch as he walks past a logo of Google in Shanghai, China, April 21, 2016. REUTERS/Aly Song/File Photo

By Jim Finkle and Alastair Sharp

(Reuters) – Alphabet Inc <GOOGL.O> warned its users to beware of emails from known contacts asking them to click on a link to Google Docs after a large number of people turned to social media to complain that their accounts had been hacked.

Google said on Wednesday that it had taken steps to protect users from the attacks by disabling offending accounts and removing malicious pages.

The attack used a relatively novel approach to phishing, a hacking technique designed to trick users into giving away sensitive information, by gaining access to user accounts without needing to obtain their passwords. They did that by getting an already logged-in user to grant access to a malicious application posing as Google Docs.

“This is the future of phishing,” said Aaron Higbee, chief technology officer at PhishMe Inc. “It gets attackers to their goal … without having to go through the pain of putting malware on a device.”

He said the hackers had also pointed some users to another site, since taken down, that sought to capture their passwords.

Google said its abuse team “is working to prevent this kind of spoofing from happening again.”

Anybody who granted access to the malicious app unknowingly also gave hackers access to their Google account data including emails, contacts and online documents, according to security experts who reviewed the scheme.

“This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.

Cappos said he received seven of those malicious emails in three hours on Wednesday afternoon, an indication that the hackers were using an automated system to perpetuate the attacks.

He said he did not know the objective, but noted that compromised accounts could be used to reset passwords for online banking accounts or provide access to sensitive financial and personal data.

(Reporting by Alastair Sharp and Jim Finkle in Toronto; editing by Grant McCool)

Dozens of U.S. lawmakers request briefing on Yahoo email scanning

Yahoo Mail logo

By Dustin Volz

WASHINGTON (Reuters) – A bipartisan group of 48 lawmakers in the U.S. House of Representatives on Friday asked the Obama administration to brief Congress “as soon as possible” about a 2015 Yahoo <YHOO.O> program to scan all of its users’ incoming email at the behest of the government.

The request comes amid scrutiny by privacy advocates and civil liberties groups about the legal authority and technical nature of the surveillance program, first revealed by Reuters last week. Custom software was installed to search messages to hundreds of millions of accounts under an order issued by the secretive Foreign Intelligence Surveillance Court.

“As legislators, it is our responsibility to have accurate information about the intelligence activities conducted by the federal government,” according to the letter, organized by Republican Representative Justin Amash of Michigan and Democratic Representative Ted Lieu of California.

“Accordingly, we request information and a briefing as soon as possible for all members of Congress to resolve the issues raised by these reports.”

Investigators searched for messages that contained a single piece of digital content linked to a foreign state sponsor of terrorism, sources have told Reuters, though the nature of the content remains unclear.

Intelligence officials said Yahoo modified existing systems used to stop child pornography and filter spam messages on its email service.

But three former Yahoo employees told Reuters the court-ordered search was done by a module buried deep near the core of the company’s email server operation system, far below where mail sorting was handled.

The Senate and House intelligence committees were given a copy of the order when it was issued last year, sources said, but other members of Congress have express concern at the scope of the email scanning.

Some legal experts have questioned the breadth of the court order and whether it runs afoul of the U.S. Constitution’s Fourth Amendment protections against unreasonable searches.

Half of registered U.S. voters believe the Yahoo program violated the privacy of customers, according to a poll of 1,989 people conducted last week by Morning Consult, a polling and media company.

Twenty-five percent were supportive of the program because of its potential to stop criminal acts, the survey found, while another quarter did not know or had no opinion.

The congressional letter is addressed to Attorney General Loretta Lynch and Director of National Intelligence James Clapper.

(Additional reporting by Mark Hosenball and Joseph Menn; Editing by Jeffrey Benkoe)

Behind Democrats’ email leak, U.S. experts see a Russian subplot

By Mark Hosenball and Arshad Mohammed

WASHINGTON (Reuters) – If the Russian government is behind the theft and release of embarrassing emails from the Democratic Party, as U.S. officials have suggested, it may reflect less a love of Donald Trump or enmity for Hillary Clinton than a desire to discredit the U.S. political system.

A U.S. official who is taking part in the investigation said that intelligence collected on the hacking of Democratic National Committee (DNC) emails released by Wikileaks on Friday “indicates beyond a reasonable doubt that it originated in Russia.”

The timing on the eve of Clinton’s formal nomination this week for the Nov. 8 presidential election has raised questions about whether Russia may have been trying to hurt her, to help Trump, her Republican rival, or to fan populist sentiment against establishment politicians as it has sought to do across Europe in recent years.

“Certainly Russia has become a master at manipulating information for their strategic goals: Witness the information bubble they have created for their threatening behavior in the Crimea, the Ukraine and elsewhere,” said former CIA and National Security Agency director Michael Hayden. “A step like this, however, would be really upping their game.”

The emails showed that DNC officials explored ways to undermine U.S. Senator Bernie Sanders’ presidential campaign against Clinton and raised questions about whether Sanders, who is Jewish, was really an atheist.

The disclosures confirmed Sanders’ frequent charge that the party played favorites against him and clouded a party convention Clinton hoped would signal unity, not division.

PUTIN’S COUNTERPUNCH?

Two U.S. intelligence officials, speaking on condition of anonymity, said the hack could be part of a broader campaign by Russian President Vladimir Putin to push back against what he thinks is an effort by the European Union and NATO, a military alliance of European and North American democracies, to encircle and weaken Russia.

One of the officials called the fear “a hangover” from Putin’s service in the KGB, the Soviet intelligence agency.

“Time and again, we’re seeing Russia push back at what Putin considers Russia’s mortal enemies,” said the other official. “He’s been actively attacking the U.S.-backed rebels in Syria, buzzing ships and planes in the Black Sea and the Baltic, not to mention invading Ukraine and seizing Crimea. This fits the pattern.”

Despite Clinton’s short-lived attempt as secretary of state to “reset” U.S.-Russian relations after U.S. President Barack Obama took office in 2009, the leaked emails could damage a candidate the Kremlin may consider hostile and benefit her opponent, who has been friendlier.

Putin accused Clinton of stirring up protests against his rule after a December 2011 Russian parliamentary election that was marred by allegations of fraud, saying she had encouraged “mercenary” Kremlin foes by criticizing the vote.

“She set the tone for some opposition activists, gave them a signal, they heard this signal and started active work,” Putin told supporters.

Asked about claims that Russian intelligence had hacked the DNC to obtain the emails, Wikileaks founder Julian Assange told NBC News’ Richard Engel “there is no proof of that whatsoever” and said “this is a diversion” pushed by the Clinton campaign.

TRUMP’S WARMER TONEAnalysts said Russia’s goal may be much broader than simply meddling in the U.S. presidential election.

“It’s a gross oversimplification to suggest that the Russian government is all-in for Donald Trump,” said Andrew Weiss, a Russia analyst at the Carnegie Endowment for International Peace, a Washington-based think tank.

“It’s in Russia’s interest … to portray the United States as riven with popular discontent, xenophobia and high-level political corruption,” Weiss said. “It fits nicely with the Kremlin’s standard narrative … that the White House rushes to criticize others without getting its own house in order.”

The Russian leader may well have been encouraged by Trump’s comments to The New York Times last week that with him in the White House, NATO might not automatically defend the Baltic states that were once a part of the Russian-led Soviet Union.

Despite public Trump-Putin exchanges of praise, Eugene Rumer, a former national intelligence officer for Russia and Eurasia, warned against reaching any quick conclusions about Putin’s view of Trump.

“We can say with some degree of confidence that they don’t like Hillary,” Rumer said. “It’s less clear that they like Trump, although over the years the Russians have said they prefer to deal with the Republicans – (that) they are kind of hard-line but they can do deals.”

A diplomat with experience working on Russia said the Kremlin also might be betting that Clinton will win and is sending a shot across her bow.

“Messing with her like this now puts her on notice that these are tough guys that she’s got to be really careful with,” said the diplomat, who spoke on condition of anonymity.

A U.S. intelligence official who is reviewing the emails as part of the investigation into their origin said that those emails describing the privileges the Democratic National Committee showers on its wealthiest donors bolster the Russian narrative of an American political system rigged by the wealthy and riddled with corruption.

“In addition to countering the U.S. narrative that the Russian government is a corrupt oligarchy, leaking these emails fits rather conveniently with Trump’s charges about a rigged system and ‘crooked Hillary’,” said the official, who spoke on condition of anonymity to discuss domestic politics.

(Reporting by Mark Hosenball, Arshad Mohammed and John Walcott.; Additional reporting by Jonathan Landay; Writing by Arshad Mohammed; Editing by John Walcott and Howard Goller)

Push to expand FBI surveillance authority threatens email privacy bill

A lock icon, signifying an encrypted Internet

By Dustin Volz

WASHINGTON (Reuters) – An effort in the U.S. Senate to expand the Federal Bureau of Investigation’s authority to use a secretive surveillance order has delayed a vote on a popular email privacy bill, casting further doubt on whether the legislation will become law this year.

The Senate Judiciary Committee on Thursday postponed consideration of a measure that would require government authorities to obtain a search warrant before asking technology companies, such as Microsoft and Alphabet Inc’s Google , to hand over old emails. A version of the Senate bill unanimously passed the House last month.

Currently, federal agencies do not need a warrant to access emails or other digital communications more than 180 days old due to a provision in a 1986 law that considers them abandoned by the owner.

But Republican party senators offered amendments Thursday that privacy advocates argued contravened the purpose of the underlying bill and would likely sink its chances of becoming law.

Those amendments include one by Senator John Cornyn, the second ranking Republican in the Senate, that would broaden the FBI’s authority to deploy an administrative subpoena known as a National Security Letter to include electronic communications transaction records such as the times tamps of emails and their senders and recipients.

Senators Patrick Leahy and Mike Lee, the Democratic and Republican authors of the email privacy bill, agreed to postpone the vote to give time to lawmakers to review the amendments and other provisions of the bill that have prompted disagreement.

NSLs do not require a warrant and are almost always accompanied by a gag order preventing the service provider from sharing the request with a targeted user.

The letters have existed since the 1970s, though the scope and frequency of their use expanded greatly after the Sept. 11, 2001 attacks on the United States.

In 2015 requests for customer records via NSLs increased nearly 50 percent to 48,642 requests, up from 33,024 in 2014, according to a U.S. government transparency report.

The Obama administration has for years lobbied for a change to how NSLs can be used, after a 2008 legal memo from the Justice Department said the law limits them largely to phone billing records. FBI Director James Comey has said the change needed essentially corrects a typo.

The Senate Intelligence Committee this week passed a bill to fund the U.S. intelligence community that contains a similar provision that would allow NSLs to be used to gather email records.

Senator Ron Wyden, an Oregon Democrat, voted against the proposal and said it “takes a hatchet to important protections for Americans’ liberty.”

(Reporting by Dustin Volz; Editing by Alan Crosby)

Intelligence Officials Admit China Has Hacked Obama Administration Emails Since 2010

Senior U.S. Intelligence officials are confirming that China has been hacking the emails of Obama Administration officials since 2010.

The National Security Agency (NSA) has confirmed the intrusions were first detected in April 2010 and that the hacking of various accounts is still taking place.  The NSA official said that all top national security and trade officials have been targeted by the attack including Joint Chiefs of Staff Chairman Adm. Mike Mullen and Chief of Naval Operations Adm. Gary Roughead.

Gmail accounts were specifically mentioned by the NSA official but other email providers were also confirmed to have violated by the attack.

NBC reported the hacks were first code-named Dancing Pandaand then Legion Amethyst.

“There’s no effective defense against these attacks and, as we’ve seen, there’s also no effective deterrence,” geopolitical expert Ian Bremmer told Business Insider in June.

“China isn’t trying to engage in ‘integrity’ attacks against the US they don’t want to destroy American institutions and architecture as, after all, they’re hugely invested in American economic success,” he added.

Russia Accused in Hacking of Joint Chiefs of Staff

Investigations into a hacking attack on the email system for the Joint Chiefs of Staff has revealed that Russia is behind the cyberassault that shut down their system for 11 days.

The hackers broke into an unclassified email network using malware or “phishing” attempts, meaning an email recipient had to open an infected attachment to an e-mail to allow the malicious programs to access the system.

An official with the joint chiefs called the attack the “most sophisticated” attack on their network.

Another official told CBS News that the attack impacted the 4,000 personnel who work for the Chairman of the Joint Chiefs.  Most of those personnel are military members.

Pentagon officials repeatedly stated that the classified email network was not impacted and said the Joint Chiefs were given an alternative method to send unclassified emails while the system was shut down to clear out the malicious software.

The attack is the latest in several high-profile attacks on the U.S. Government’s email systems this year.  Previous attacks were attributed to Chinese hackers.