Pro bono

Latest news on pro bono

Hilary Duff for ThinkB4YouSpeak

As mentioned before, Hilary Duff filmed a public service announcement that discourages bullying and harassment of teenagers who are gay, lesbian, bisexual or transgender. The Advertising Council, which co-ordinates public service campaigns, is introducing a series of ads meant to tackle these social issues. The campaign begins today, and was created pro bono by the [...]

TSA puts commercial pilots on no-fly and terrorist watch lists

Here are a couple of accounts of commercial airline pilots, one of whom has been put on the TSA's no-fly list and the other is on the terrorist watch-list, for reasons that no one will disclose. A Gulf War veteran and his wife say they've been unfairly placed on a federal list that limits their commercial flight access and threatens his job as a commercial pilot. To fight back, the couple, who are Muslim, filed a lawsuit today against a host of U.S. government agencies. "We don't know why they're on the list. They don't know why they're on the list. The government won't tell us why they're on the list," said Amy Foerster, an attorney with Saul Ewing, who is providing pro bono counsel and working with the American Civil Liberties Union of Pennsylvania and the Schuylkill County couple on the case, which was filed in U.S. district court... James Robinson is a retired Air National Guard brigadier general and a commercial pilot for a major airline who flies passenger planes around the country. James Robinson is a retired brigadier general and a commercial pilot. His name is on the terrorist "watch list." He has even been certified by the Transportation Security Administration to carry a weapon into the cockpit as part of the government's defense program should a terrorist try to commandeer a plane. But there's one problem: James Robinson, the pilot, has difficulty even getting to his plane because his name is on the government's terrorist "watch list." Robinson is one of many James Robinsons on the list, including a 5-year-old. Good news, though -- all you need to do to avoid the secondary screening is fly under your initials, rather than name. Better hope the terrorists never figure that out. Ho ho ho. Airline captain, lawyer, child on terror 'watch list', Grounded pilot, wife sue over 'no-fly' list (via MeFi)...

Update on China/Tibet cyberattacks (and Russia/Georgia), and call for testimonials.

Earlier today I received my first-ever bona fide piece of fake-Tibetan malware, which appears to have originated in China. Perhaps my name is on some list somewhere of journalists who've covered stories related to the Tibetan human rights movement. Screengrab at left, and click for larger size which shows the message in entirety. Also on this same day, I received an interesting update from Greg Walton, a SecDev Fellow at the Citizen Lab at the University of Toronto who also edits the Infowar Monitor. He's currently in Hong Kong doing pro bono work for the advocacy group Human Rights in China, briefing them on security issues and monitoring systems during a sensitive time -- the Olympics, recent unrest in Tibetan and Uighur regions, and other factors. Greg has been observing some interesting, troubling malware and internet-attack trends of late, related to the Tibetan independence movement. He tells Boing Boing: Later today I head to Dharamsala, India to work with the Dalai Lama's I.T. staff. Both HRIC and the Tibetans have been subjected to sophisticated targeted malware attacks via email attachments on an industrial scale, particularly this year. Attacks on the Tibetans spiked during the uprising in March (increases of 300%) and Chinese human rights NGOs have witnessed an increase in the run up to the Olympics. We've also seen defacements of websites and the injection of malicious code into Tibet.com and press freedom organisation ,Reporters sans frontières web assets in the last few days. To give you a sense of my client's day-to-day struggle with targeted attacks, I'd like to relate the details of the case I'm investigating today. Yesterday, at 1000hrs GMT, Human Rights in China released an important press release including an open letter from Beijing house church activist Hua Huiqi (???) concerning his abduction and intimidation because he wanted to attend the same church service that the Chinese government invited U.S. President George Bush and his family to attend. At 0150 GMT - 16 hours later - the following morning, a hacker circulated a slightly altered version of the press release to C-POL [an elite polsci listserver where China-watchers hang out) with a MS Word document attached, the Word document was in fact a trojan, that I identified as Trojan-Dropper.MSWord.Agent.cn [according to FSecure's database]. HRIC contacted SANS researcher, Maarten Van Horenbeeck who promptly analysed the trojan to identify the control server. Maarten found that the sample will drops a trojan that connects to the following control servers: 60.250.139.52, 210.177.225.209 and 58.147.1.42, all using HTTPS. Although we have found that in 70% of the cases the control server is located in mainland China, in this case the first server was based in Taiwan (Chunghwa Telecom), whereas the second and third were in Hong Kong and Thailand respectively. The last server, hosted in Thailand was also used in previous attacks. To date, we've kept these attacks to ourselves, but we'd now like to raise awareness about them in the wider Internet community - hence sharing this with Boing Boing. If you have any information that you think might help our investigations - we'd be very happy to hear from you. If you or your organisation find yourself under attack in this manner, plese get in touch. More updates to follow. Meanwhile, I'm coordinating monitoring of the Russia-Georgia cyberwar for IWMP. We have tech experts at the Citizen Lab verifying reports of DoS attacks and our research partners on the ground in the region are sending us hourly reports. (Thanks, Oxblood) Related: Do official Beijing 2008 Olympics screensavers contain malware?...