The FBI wants “near real-time” access to US license plate readers

A former Phoenix police officer who owns a company that provides firearms training to Immigration and Customs Enforcement was involved in six shootings, four of which were fatal, a WIRED investigation found this week. Meanwhile, an NYPD officer’s attorney has been banned from Madison Square Garden amid a lawsuit filed by the cop over injuries he sustained during a boxing match at an MSG location.

The Take It Down Law went into effect in the US this week, allowing people to ask websites and other platforms to remove their nude photos without their consent. WIRED has reached out to more than a dozen companies to provide a rundown on how to take action. If you are trying to opt out of the collection of your data by data brokers and other companies, the process may not be so simple. New research claims that many major companies have used manipulative tactics to prevent people from quitting.

This week, the Federal Trade Commission announced a settlement with three marketing companies, not because they sold “active listening” technology to serve targeted ads, but because the technology didn’t work as claimed.

A bipartisan pair of US lawmakers this week made an initial attempt at cracking down on automatic license plate readers, or ALPRs. Their legislation would have effectively prevented state and local governments from using surveillance technology to track police.

GitHub, the popular code repository owned by Microsoft, suffered a data breach this week. The attack is part of an unprecedented series of similar breaches carried out by cybercrime group TeamPCP.

Finally, with the increasing entanglement between the Trump administration and American technology companies, European countries are looking for alternatives free from the United States, and France is at the forefront of this mission.

And that’s not all. Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.

While US lawmakers surreptitiously proposed banning the use of automated license plate readers across the country this week, it was also revealed that the FBI plans to purchase access to nationwide cameras and access to “near real-time” data on vehicle movements.

First reported by 404 Media, recently published procurement records for the FBI’s Intelligence Directorate show the agency is preparing to pay millions for access to data captured by ALPR roadside data. These cameras take photos of each passing vehicle, and add its license plate, location, time and information to searchable databases that are often accessed by local law enforcement and some federal agencies.

“The FBI has a critical need for accessible LPRs to provide a diverse and reliable collection of collections throughout the United States,” the business statement says. “This data must be available across major highways and in a range of locations for maximum law enforcement benefit.” Other documents stated that access to the data should be provided “in near real time.”

This week, Google revealed a working proof-of-concept of the unpatched vulnerability in Chromium, the open source code base that powers Chrome, Microsoft Edge, Brave, Opera, Vivaldi, and Arc, according to Ars Technica. The flaw was originally reported to the company 42 months ago by independent researcher Lyra Rebane, who initially assumed that Wednesday’s posting on the project’s bug tracker meant the patch had finally shipped. It didn’t happen. Google retracted the disclosure after the bug became apparent, but the exploit code is already reflected on archive sites.

The bug misuses the Browser Fetch API, a feature meant to handle large background downloads, allowing any website the target visits to run a persistent service worker on the device. The resulting connection can be used to monitor browsing activity, route traffic through a victim’s device, or drag the device into a DDoS proxy network — connections that remain even after a browser restart and, in some cases, a reboot. On the edge, the warning signs are minimal. Chrome users may see a drop-down list of gratuitous downloads.