A Lot More than a Pen Register, and Less than a Wiretap

In June 2013, through an unauthorized disclosure to the media by ex-NSA contractor Edward Snowden, the public learned that the NSA, since 2006, had been collecting nearly all domestic phone call detail records and other telephony metadata pursuant to a controversial, classified interpretation of Section 215 of the USA PATRIOT Act. Prior to the Snowden disclosure, the existence of this intelligence program had been kept secret from the general public, though some members of Congress knew both of its existence and of the statutory interpretation the government was using to justify the bulk collection. Unfortunately, the classified nature of the Section 215 metadata program prevented them from alerting the public directly, so they were left to convey their criticisms of the program directly to certain federal agencies as part of a non-public oversight process. The efficacy of an oversight regime burdened by such strict secrecy is now the subject of justifiably intense debate. In the context of that debate, this Article examines a very different surveillance technology—one that has been used by federal, state and local law enforcement agencies for more than two decades without invoking even the muted scrutiny Congress applied to the Section 215 metadata program. During that time, this technology has steadily and significantly expanded the government’s surveillance capabilities in a manner and to a degree to date largely unnoticed and unregulated. Indeed, it has never been explicitly authorized by Congress for law enforcement use. This technology, commonly called the StingRay, the most well-known brand name of a family of surveillance devices, enables the government, directly and in real-time, to intercept communications data and detailed location information of cellular phones—data that it would otherwise be unable to obtain without the assistance of a wireless carrier. Drawing from the lessons of the StingRay, this Article argues that if statutory authorities regulating law enforcement surveillance technologies and methods are to have any hope of keeping pace with technology, some formalized mechanism must be established through which complete, reliable and timely information about new government surveillance methods and technologies can be brought to the attention of Congress

Outlaw Community Innovations

Recent studies of outlaw communities provide qualitative evidence of their existence and the organisation of the underlying innovation processes. We provide descriptive results from a large scale survey of two online outlaw communities focussing on Microsoft's XBox. In line with previous findings, we identify two types of participants in outlaw communities - user innovators and adopters. Based on 2,256 responses, we find that users modify their XBox mainly to be able to increase the set of available functions of their XBox. Users are also motivated to modify their XBox for the sake of having fun and to conduct pirate behaviour. Finally, the results from our survey suggest that user innovators are largely intrinsically motivated by fun and the intellectual stimulation of writing code for homebrew software

CAge: Taming Certificate Authorities by Inferring Restricted Scopes

Abstract. The existing HTTPS public-key infrastructure (PKI) uses a coarse-grained trust model: either a certificate authority (CA) is trusted by browsers to vouch for the identity of any domain or it is not trusted at all. More than 1200 root and intermediate CAs can currently sign certificates for any domain and be trusted by popular browsers. This violates the principle of least privilege and creates an excessively large attack surface, as highlighted by recent CA compromises. In this paper, we present CAge, a mechanism that browser makers can apply to drastically reduce the excessive trust placed in CAs without fundamentally altering the CA ecosystem or breaking existing practice. CAge works by imposing restrictions on the set of top-level domains (TLDs) under which each CA is trusted to sign certs. Our key observation, based on an Internet-wide survey of TLS certs, is that CAs commonly sign for sites in only a handful of TLDs. We show that it is possible to algorithmically infer reasonable restrictions on CAs ’ trusted scopes based on this behavior, and we present evidence that browser-enforced inferred scopes would be a durable and effective way to reduce the attack surface of the HTTPS PKI. We find that simple inference rules can reduce the attack surface by nearly a factor of ten without hindering 99 % of CA activity over a 6 month period.

Preparing for Ebola Virus Disease in West African countries not yet affected: perspectives from Ghanaian health professionals

Background The current Ebola Virus Disease (EVD) epidemic has ravaged the social fabric of three West African countries and affected people worldwide. We report key themes from an agenda-setting, multi-disciplinary roundtable convened to examine experiences and implications for health systems in Ghana, a nation without cases but where risk for spread is high and the economic, social and political impact of the impending threat is already felt. Discussion Participants’ personal stories and the broader debates to define fundamental issues and opportunities for preparedness focused on three inter-related themes. First, the dangers of the fear response itself were highlighted as a threat to the integrity and continuity of quality care. Second, healthcare workers’ fears were compounded by a demonstrable lack of societal and personal protections for infection prevention and control in communities and healthcare facilities, as evidenced by an ongoing cholera epidemic affecting over 20,000 patients in the capital Accra alone since June 2014. Third, a lack of coherent messaging and direction from leadership seems to have limited coordination and reinforced a level of mistrust in the government’s ability and commitment to mobilize an adequate response. Initial recommendations include urgent investment in the needed supplies and infrastructure for basic, routine infection control in communities and healthcare facilities, provision of assurances with securities for frontline healthcare workers, establishment of a multi-sector, “all-hazards” outbreak surveillance system, and engaging directly with key community groups to co-produce contextually relevant educational messages that will help decrease stigma, fear, and the demoralizing perception that the disease defies remedy or control. Summary The EVD epidemic provides an unprecedented opportunity for West African countries not yet affected by EVD cases to make progress on tackling long-standing health systems weaknesses. This roundtable discussion emphasized the urgent need to strengthen capacity for infection control, occupational health and safety, and leadership coordination. Significant commitment is needed to raise standards of hygiene in communities and health facilities, build mechanisms for collaboration across sectors, and engage community stakeholders in creating the needed solutions. It would be both devastating and irresponsible to waste the opportunity

Presentation, management, and outcome of snake-bite in two district hospitals in Ghana

Introduction: the burden of disease represented by snakebites is widely underestimated and often neglected public health problem in the tropics. There is insufficient epidemiological data to guide distribution of antivenin and proper management of venomous snakebites. We describe the presentation, management and outcome of snakebites in two district hospitals in Ghana. Methods: using data collection sheet, we prospectively documented information on all snakebite victims presenting at two Ghanaian district hospitals from 1st January 2011 to 31st December 2011. Results: 163 snakebites representing incidence of 92/100,000 were recorded with mean age of 24 (16SD) years. 62.0% were males and 41.7% were farmers. Most bites occurred in April (14.3%), June (12.4%) and November (12.4%) and had occurred when victims were involved in farm-related activities (50.3%). Average time of presentation after snakebite was 3.6 (1.0 SD) hours and commonest clinical presentations were pain (93.0%), swelling (84.0%) and bleeding (51%). Of the total cases 76.7% were given antivenon, 96.3% were given antibiotics, 91.4% corticosteroids and 58.3% antihistamines. No mortality was recorded. Conclusion: provision of protocols and their strict adherence in the management of snakebites is required to limit unwarranted use of antibiotics and steroids in the management of snakebite. We recommend evaluation of all antivenins imported for management of snakebites to ascertain their effectiveness so as to reduce morbidity and mortality associated with snakebites in this region

Presentation, management, and outcome of snake-bites in two districts hospitals in Ghana

Introduction: the burden of disease represented by snakebites is widely underestimated and often neglected public health problem in the tropics. There is insufficient epidemiological data to guide distribution of antivenin and proper management of venomous snakebites. We describe the presentation, management and outcome of snakebites in two district hospitals in Ghana. Methods: using data collection sheet, we prospectively documented information on all snakebite victims presenting at two Ghanaian district hospitals from 1st January 2011 to 31st December 2011.Results: 163 snakebites representing incidence of 92/100,000 were recorded with mean age of 24 (16SD) years. 62.0% were males and 41.7% were farmers. Most bites occurred in April (14.3%), June (12.4%) and November (12.4%) and had occurred when victims were involved in farm- related activities (50.3%). Average time of presentation after snakebite was 3.6 (1.0 SD) hours and commonest clinical  presentations were pain (93.0%), swelling (84.0%) and bleeding (51%). Of the total cases 76.7% were given antivenon, 96.3% were given antibiotics, 91.4% corticosteroids and 58.3% antihistamines. No mortality was recorded. Conclusion: provision of protocols and their strict adherence in the management of snakebites is required to limit unwarranted use of antibiotics and steroids in the management of snakebite. We  recommend evaluation of all antivenins imported for management of snakebites to ascertain their effectiveness so as to reduce morbidity and mortality associated with snakebites in this region.Key words: Antivenon, envenomation, snakebites, epidemiology, sub-Saharan Afric

The Differentiation and Protective Function of Cytolytic CD4 T Cells in influenza infection

CD4 T cells that recognize peptide antigen in the context of class II MHC can differentiate into various subsets that are characterized by their helper functions. However, increasing evidence indicates that CD4 cells with direct cytolytic activity (CD4 CTL) play a role in chronic as well as acute infections, such as influenza A virus (IAV) infection. In the last couple of decades, techniques to measure the frequency and activity of these cytolytic cells has demonstrated their abundance in infections, such as human immunodeficiency virus, mouse pox, murine gamma herpes virus, cytomegalovirus, Epstein–Barr virus, and influenza among others. We now appreciate a greater role for CD4 CTL as direct effectors in viral infections and antitumor immunity through their ability to acquire perforin-mediated cytolytic activity and contribution to lysis of virally infected targets or tumors. As early as the 1980s, CD4 T cell clones with cytolytic potential were identified after influenza virus infection, yet much of this early work was dependent on in vitro culture and little was known about the physiological relevance of CD4 CTL. Here, we discuss the direct role CD4 CTL play in protection against lethal IAV infection and the factors that drive the generation of perforin-mediated lytic activity in CD4 cells in vivo during IAV infection. While focusing on CD4 CTL generated during IAV infection, we pull comparisons from the literature in other antiviral and antitumor systems. Further, we highlight what is currently known about CD4 CTL secondary and memory responses, as well as vaccination strategies to induce these potent killer cells that provide an extra layer of cell-mediated immune protection against heterosubtypic IAV infection