Language Selection

English French German Italian Portuguese Spanish

Pentagon Creating Student Database

Filed under
Security

The Defense Department began working yesterday with a private marketing firm to create a database of high school students ages 16 to 18 and all college students to help the military identify potential recruits in a time of dwindling enlistment in some branches.

The program is provoking a furor among privacy advocates. The new database will include personal information including birth dates, Social Security numbers, e-mail addresses, grade-point averages, ethnicity and what subjects the students are studying.

"The purpose of the system . . . is to provide a single central facility within the Department of Defense to compile, process and distribute files of individuals who meet age and minimum school requirements for military service," according to the official notice of the program.

Privacy advocates said the plan appeared to be an effort to circumvent laws that restrict the government's right to collect or hold citizen information by turning to private firms to do the work.

Recruiters have been using the information to contact students at home, angering some parents and school districts around the country.

School systems that fail to provide that information risk losing federal funds, although individual parents or students can withhold information that would be transferred to the military by their districts. John Moriarty, president of the PTA at Walter Johnson High School in Bethesda, said the issue has "generated a great deal of angst" among many parents participating in an e-mail discussion group.

The Pentagon's statements added that anyone can "opt out" of the system by providing detailed personal information that will be kept in a separate "suppression file." That file will be matched with the full database regularly to ensure that those who do not wish to be contacted are not, according to the Pentagon.

But privacy advocates said using database marketers for military recruitment is inappropriate.

Chris Jay Hoofnagle, West Coast director of the Electronic Privacy Information Center, called the system "an audacious plan to target-market kids, as young as 16, for military solicitation."

He added that collecting Social Security numbers was not only unnecessary but posed a needless risk of identity fraud. Theft of Social Security numbers and other personal information from data brokers, government agencies, financial institutions and other companies is rampant.

The Pentagon statements said the military is "acutely aware of the substantial security required to protect personal data," and that Social Security numbers will be used only to "provide a higher degree of accuracy in matching duplicate data records."

The system also gives the Pentagon the right, without notifying citizens, to share the data for numerous uses outside the military, including with law enforcement, state tax authorities and Congress. Some see the program as part of a growing encroachment of government into private lives.

"It's just typical of how voracious government is when it comes to personal information," said James W. Harper, a privacy expert with the Cato Institute, a libertarian think tank. "Defense is an area where government has a legitimate responsibility . . . but there are a lot of data fields they don't need and shouldn't be keeping. Ethnicity strikes me as particularly inappropriate."

Yesterday, the New York Times reported that the Social Security Administration relaxed its privacy policies and provided data on citizens to the FBI in connection with terrorism investigations.

Full Story.

More in Tux Machines

Networking and Security

  • FAQ: What's so special about 802.11ad Wi-Fi?
    Here are the broad strokes about 802.11ad, the wireless technology that’s just starting to hit the market.
  • 2.5 and 5 Gigabit Ethernet Now Official Standards
    In 2014, multiple groups started efforts to create new mid-tier Ethernet speeds with the NBASE-T Alliance starting in October 2014 and MGBASE-T Alliance getting started a few months later in December 2014. While those groups started out on different paths, the final 802.3bz standard represents a unified protocol that is interoperable across multiple vendors. The promise of 2.5 and 5 Gbps Ethernet is that they can work over existing Cat5 cabling, which to date has only been able to support 1 Gbps. Now with the 802.3bz standard, organizations do not need to rip and replace cabling to get Ethernet that is up to five times faster. "Now, the 1000BASE-T uplink from the wireless to wired network is no longer sufficient, and users are searching for ways to tap into higher data rates without having to overhaul the 70 billion meters of Cat5e / Cat6 wiring already sold," David Chalupsky, board of directors of the Ethernet Alliance and Intel principal engineer, said in a statement. "IEEE 802.3bz is an elegant solution that not only addresses the demand for faster access to rapidly rising data volumes, but also capitalizes on previous infrastructure investments, thereby extending their life and maximizing value."
  • A quick fix for stupid password reset questions
    It didn’t take 500 million hacked Yahoo accounts to make me hate, hate, hate password reset questions (otherwise known as knowledge-based authentication or KBA). It didn't help when I heard that password reset questions and answers -- which are often identical, required, and reused on other websites -- were compromised in that massive hack, too. Is there any security person or respected security guidance that likes them? They are so last century. What is your mother’s maiden name? What is your favorite color? What was your first pet’s name?
  • French hosting provider hit by DDoS close to 1TBps
    A hosting provider in France has been hit by a distributed denial of service attack that went close to one terabyte per second. Concurrent attacks against OVH clocked in at 990GBps. The attack vector is said to be the same Internet-of-Things botnet of 152,464 devices that brought down the website of security expert Brian Krebs. OVH chief technology officer Octave Klaba tweeted that the network was capable of attacks up to 1.5TBps.
  • Latest IoT DDoS Attack Dwarfs Krebs Takedown At Nearly 1Tbps Driven By 150K Devices
    If you thought that the massive DDoS attack earlier this month on Brian Krebs’ security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via network of over 152,000 IoT devices. According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these types devices' network settings are improperly configured, which leaves them ripe for the picking for hackers that would love to use them to carry our destructive attacks.

Android Leftovers

  • Goodbye QWERTY: BlackBerry stops making hardware
    BlackBerry CEO John Chen has been hinting at this move for almost a year now: today BlackBerry announced it will no longer design hardware. Say goodbye to all the crazy hardware QWERTY devices, ultra-wide phones, and unique slider designs. Speaking to investors, BlackBerry CEO John Chen described the move as a "pivot to software," saying, "The company plans to end all internal hardware development and will outsource that function to partners. This allows us to reduce capital requirements and enhance return on invested capital." The "Outsourcing to partners" plan is something we've already seen with the "BlackBerry" DTEK50, which was just a rebranded Alcatel Idol 4. Chen is now betting the future of the company on software, saying, "In Q2, we more than doubled our software revenue year over year and delivered the highest gross margin in the company's history. We also completed initial shipments of BlackBerry Radar, an end-to-end asset tracking system, and signed a strategic licensing agreement to drive global growth in our BBM consumer business." BlackBerry never effectively responded to the 2007 launch of the iPhone and the resulting transition to modern touchscreen smartphones. BlackBerry took swings with devices like the BlackBerry Storm in 2008, its first touchscreen phone; and the BlackBerry Z10 in 2013, the first BlackBerry phone with an OS designed for touch, but neither caught on. BlackBerry's first viable competitor to the iPhone didn't arrive until it finally switched to Android in 2015 with the BlackBerry Priv. It was the first decent BlackBerry phone in some time, but the high price and subpar hardware led to poor sales.
  • Oracle's 'Gamechanger' Evidence Really Just Evidence Of Oracle Lawyers Failing To Read
    Then on to the main show: Oracle's claim that Google hid the plans to make Android apps work on Chrome OS. Google had revealed to Oracle its "App Runtime for Chrome" (ARC) setup, and it was discussed by Oracle's experts, but at Google I/O, Google revealed new plans for apps to run in Chrome OS that were not using ARC, but rather a brand new setup, which Google internally referred to as ARC++. Oracle argued that Google only revealed to them ARC, but not ARC++ and that was super relevant to the fair use argument, because it showed that Android was replacing more than just the mobile device market for Java. But, here's Oracle's big problem: Google had actually revealed to Oracle the plans for ARC++. It appears that Oracle's lawyers just missed that fact. Ouch.
  • Understanding Android's balance between openness and security
    At the 2016 Structure Security conference, Google's Adrian Ludwig talked about the balance between keeping Android as open as possible, while also keeping it secure.
  • Google's Nougat Android update hits the sweet spot: Software 'isn't flashy, but still pretty handy'
    Nougat, Google's latest update of its Android smartphone software, isn't particularly flashy; you might not even notice what's different about it at first. But it offers a number of practical time-saving features, plus a few that could save money — and perhaps even your life. Nougat is starting to appear on phones, including new ones expected from Google next week.
  • How to change the home screen launcher on Android
  • Andromeda: Chrome OS and Android will merge
  • Sale of Kodi 'fully-loaded' streaming boxes faces legal test
  • Android boxes: Middlesbrough man to be first to be prosecuted for selling streaming kits

Endless OS 3.0 is out!

So our latest and greatest Endless OS is out with the new 3.0 version series! The shiny new things include the use of Flatpak to manage the applications; a new app center (GNOME Software); a new icon set; a new Windows installer that gives you the possibility of installing Endless OS in dual-boot; and many bug fixes. Read more

Expandable, outdoor IoT gateway runs Android on i.MX6

VIA’s “Artigo A830” IoT gateway runs Android on an i.MX6 DualLite SoC and offers HDMI, GbE, microSD, numerous serial and USB ports, plus -20 to 60° operation. As the name suggests, the VIA Technologies Artigo A830 Streetwise IoT Platform is designed for outdoor Internet of Things gateway applications. These are said to include smart lockers, vending machines, information kiosks, and signage devices that run “intensive multimedia shopping, entertainment, and navigation applications.” The outdoors focus is supported with an extended -20 to 60°C operating range, as well as surge and ESD protection for surviving challenges such as a nearby lightning strike. Read more