3 of 20Image
Amid NSA scandal, the collapse of journalism
The U.S. government leaks were bad enough, but the early reporting on the emerging NSA scandal was just as dire.
With the release of the first slides on PRISM, the two newspaper giants The Guardian and The Washington Post were behind the breaking stories. But The Post, which was playing catch-up with its British journalistic counterparts, reported something that was not strictly true — even if it's what the leaked documents said or even alluded to.
Despite being the one and only source on the matter, the newspapers failed to "vet" him properly.
Claiming that the NSA had "direct access" to servers of Silicon Valley giants led The Post to eventually withdraw the vast majority of its story without explaining exactly what or why. It was a mess that led to harsh critique of the publication.
The Post went on to accurately report further leaks supplied by the former U.S. government contractor.
Image: Ed Bott/ZDNet
Java zero-day exploit led to spate of Silicon Valley hacking
While the NSA was not able (that we know of... yet) to gain "direct access" to Silicon Valley servers — with the exception of Google and Yahoo, hackers successfully infiltrated the internal networks of Apple, Facebook, Microsoft, and Twitter.
The story broke at the start of the year in a tale of two parts. Hackers had rigged a popular iPhone development site with malware. When developers at the named companies accessed the site from a work machine, an unpatched Java zero-day exploit allowed attackers into their internal networks.
While no company data was taken, with Microsoft et al admitting that only a few machines were affected, it came at a time where many companies were on their guard from a recent spate of China and Syria-based hackers.
Even the U.S. Dept. of Homeland Security warned users to disable or uninstall Java as a result of the flaw, which ultimately went on to affect hundreds of millions of Windows, Mac, and Linux machines — including mobile devices, embedded systems, Web applications, and servers.
Image: ZDNet/Internet Archive
Controversial cyber-security data sharing law passes the U.S. House
The Cyber Intelligence Sharing and Protection Act, commonly referred to as CISPA, was a controversial security bill that eventually passed the U.S. Senate, despite being scrapped more than a year earlier.
Many considered the bill to be a major threat to Fourth Amendment rights, which protect against unreasonable searches and seizures. It would have allowed private sector firms to search personal and sensitive user data of ordinary U.S. residents to identify "threat information," which can then be shared with other opt-in firms and the U.S. government without the need for a court-ordered warrant.
It was hoped that the data could be used in real time to stop cyberattacks in their tracks, or even trace back to the source of the attack.
Despite the uproar and the concern by many, the fact that senators still passed the bill — even if it failed in the House — represented a disaster for citizen representation, as hundreds of thousands protested the bill.