New Bill Would Declassify FISC Opinions

A group of eight senators from both parties have introduced a new bill that would require the attorney general to declassify as many of the rulings of the secret Foreign Intelligence Surveillance Court as possible as a way of bringing into the sunlight much of the law and opinion that guides the government’s surveillance efforts.

After years of discussion and waiting, Mozilla has finally added Content Security Policy 1.0, a defense against some common attacks such as XSS, to its Firefox browser. CSP already has been implemented in Google Chrome and Internet Explorer and there was a limited implementation of it in Firefox previously, beginning in 2011, but this is the first time the approved 1.0 specification has been implemented in Firefox.

Google’s chief legal officer addressed a letter to Attorney General Eric Holder and FBI Director Robert Mueller contesting recent media reports regarding the breadth of the National Security Agency’s surveillance programs and requesting that his company be allowed to publish more national security request data in order to quell media speculation.

A group of people, including a former federal prosecutor and the parents of a Navy SEAL sniper killed in action, have filed a class-action law suit against the National Security Agency, Verizon and President Obama over the NSA’s collection of cell phone data. The suit says the order that enabled the surveillance program is “the broadest surveillance order to ever have been issued” and enables indiscriminate collection of data.

Java is a security headache, not just for users and Oracle, its provider, but also for other software companies that have to deal with it, as well. Microsoft has taken steps to address this problem by releasing a FixIt tool that is designed to block all of the Web-based Java attack vectors in Internet Explorer, while still leaving the desktop Java functionality intact.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.