Endpoint

1/12/2018
11:48 AM
50%
50%

House Passes Bill to Renew NSA's Warrantless Surveillance Program

The bill passed without an amendment which would require a warrant to analyze Americans' incidentally collected data.

The US House of Representatives passed a bill, Thursday, renewing the warrantless Internet surveillance program conducted by the National Security Agency (NSA). The legislation, which passed 256-164, faced objections from privacy and civil liberties advocates.

The NSA's surveillance program was initially created in secret after Sept. 11, 2001 and was later made legal by Section 702 of the Foreign Intelligence Surveillance Act (FISA). This bill would extend the program for six years with minimal changes, Reuters reports.

Democrats and some Republicans fought to include more privacy protections in the bill, specifically an amendment which would require intelligence agencies to obtain a warrant to analyze communications from an American whose information was incidentally collected. The bill ultimately failed to include this amendment and many believe it grants the NSA even more surveillance power.

This marks a setback for privacy supporters who posed the question of what might happen to the information of Americans whose data was collected as part of the program. Most lawmakers expect the bill to become law. It still requires approval from the Senate and from President Trump.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
1/12/2018 | 1:36:47 PM
Why worry?
If not the government, then North Korea can find all of our data and if not them, just hack Equifax again.  Never lose trust that somebody, somewhere, HAS EVERYTHING ABOUT YOU and there is not a DAMN thing you can do about it.

Depressing?  Yes.

True? Also Yes.

Who's buying the next round at the bar tonight? 
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11354
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2018-11355
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
CVE-2018-11356
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-11357
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-11358
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.