Posts Tagged internet

Primer for Protesters and “Anti-Government Extremists”

From EFF:

Cell Phone Guide For US Protesters, Updated 2014 Edition

With major protests in the news again, we decided it’s time to update our cell phone guide for protestors. A lot has changed since we last published this report in 2011, for better and for worse. On the one hand, we’ve learned more about the massive volume of law enforcement requests for cell phone—ranging from location information to actual content—and widespread use of dedicated cell phone surveillance technologies. On the other hand, strong Supreme Court opinions have eliminated any ambiguity about the unconstitutionality of warrantless searches of phones incident to arrest, and a growing national consensus says location data, too, is private.

Protesters want to be able to communicate, to document the protests, and to share photos and video with the world. So they’ll be carrying phones, and they’ll face a complex set of considerations about the privacy of the data those phones hold. We hope this guide can help answer some questions about how to best protect that data, and what rights protesters have in the face of police demands. Read the rest of this entry »

, , , , , , , , , , , , ,

No Comments

Tech Firm Developed Spyware For Foreign Governments

From The Washington Post:

Merely by playing a YouTube video or visiting a Microsoft Live service page, for instance, an unknown number of computers around the world have been implanted with Trojan horses by government security services that siphon their communications and files. Google, which owns YouTube, and Microsoft are racing to close the vulnerability.

, , , , ,

No Comments

1.2 Billion Passwords Stolen by Gang in Russia

From USA Today:

Security researchers say a Russian crime ring has pulled off the largest known theft of confidential Internet information, including 1.2 billion username and password combinations and more than 500 million email addresses.

, , , , ,

No Comments

Possible Flaw in TOR Network

The Tor network, which allows for anonymous browsing on the internet, may have been cracked by researchers.

From Gizmodo:

Tor believes this attack came from researchers at Carnegie Mellon’s Computer Emergency Response Team, not an identity thief (or, uh, the government). CERT researchers abruptly canceled a highly anticipated talk they were going to give about the possibility of deanonymizing Tor at the Black Hat conference this year, kicking off speculation that they’d successfully pulled it off.

From Ars Technica:

The campaign exploited a previously unknown vulnerability in the Tor protocol to carry out two classes of attack that together may have been enough to uncloak people using Tor Hidden Services, an advisory published Wednesday warned. Tor officials said the characteristics of the attack resembled those discussed by a team of Carnegie Mellon University researchers who recentlycanceled a presentation at next week’s Black Hat security conference on a low-cost way to deanonymize Tor users. But the officials also speculated that an intelligence agency from a global adversary might have been able to capitalize on the exploit.

, , ,

No Comments

Italy Gives Google Privacy Ultimatum

From The Guardian:

Google has been given 18 months by the Italian data regulator to change how it handles and stores user data.

Users will now have to grant permission before the firm creates a profile on them, and Google has to honour requests to delete data within two months (although it will have an additional six months to remove the content from backups). Google will also have to explicitly inform users that the profiles it creates on them are for commercial purposes.

, , , , ,

No Comments

Possible Backdoor in iPhone OS

From The Daily Mail:

A security expert has warned Apple’s iOS software contains potentially sinister tools that could be used by governments to spy on iPhone and iPad users.

Speaking at the ‘Hackers on planet Earth’ conference in New York, Jonathan Zdziarski said that most users are unaware of the lack of protection for iPhone data.

He added files found hidden within the firm’s software contain a file-relay service that can be used to access the user’s address book, photos, voicemail and any accounts configured on the device.

However, Apple has denied the claims the backdoor was created deliberately for government or surveillance purposes.

, , , , , , , , , ,

No Comments

Chinese Hack Government Networks

From ZDNet:

According to the New York Times, senior American officials said hackers gained access to the system in March before the infiltration was detected and blocked.

The hackers appeared to be targeting files “on tens of thousands of employees who have applied for top-secret security clearances,” and data including employment records, personal information — such as drug use — and the foreign contacts of security applicants may have been placed at risk.

, , , ,

No Comments

How Governments Spy On You

From Wired:

Newly uncovered components of a digital surveillance tool used by more than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement and intelligence agencies use the tool to surreptitiously record and steal data from mobile phones.

, , , , , , , ,

No Comments

What The Snowden Leaks Have Revealed

From the EFF:

It’s been one year since the Guardian first published the Foreign Intelligence Surveillance Court order, leaked by former NSA contractor Edward Snowden, that demonstrated that the NSA was conducting dragnet surveillance on millions of innocent people. Since then, the onslaught of disturbing revelations, from disclosures, admissions from government officials, Freedom of Information Act requests, and lawsuits, has been nonstop. On the anniversary of that first leak, here are 65 things we know about NSA spying that we did not know a year ago:

1. We saw an example of the court orders that authorize the NSA to collect virtually every phone call record in the United States—that’s who you call, who calls you, when, for how long, and sometimes where.

2. We saw NSA Powerpoint slides documenting how the NSA conducts “upstream” collection, gathering intelligence information directly from the infrastructure of telecommunications providers.

Full Article

, , , , , , ,

No Comments

A Prize Is Needed For Easy Encryption

From the Electronic Frontier Foundation:

In an era when email and messaging services are being regularly subject to attacks, surveillance, and compelled disclosure of user data, we know that many people around the world need secure end-to-end encrypted communications tools so that service providers and governments cannot read their messages. Unfortunately, the software that has traditionally been used for these purposes, such as PGP and OTR, suffers from numerous usability problems that make it impractical for many of the journalists, activists and others around the world whose lives and liberty depend on their ability to communicate confidentially. Read the rest of this entry »

, , , , , , , ,

No Comments

EFF Calls On Companies To Enhance Security

From the Electronic Frontier Foundation:

How to Protect Your Users from NSA Backdoors: An Open Letter to Technology Companies

As security researchers, technologists, and digital rights advocates, we are deeply concerned about collaboration between government agencies and technology companies in undermining users’ security. Among other examples, we are alarmed by recent allegations that RSA, Inc. accepted $10 million from NSA to keep a compromised algorithm in the default setting of a security product long after its faults were revealed. We believe that covert collusion with spy agencies poses a grave threat to users and must be mitigated with commitment to the following best practices to protect users from illegal surveillance: Read the rest of this entry »

, , , , ,

No Comments

You Can Have Privacy on the Net

Two members of the Electronic Frontier Foundation talk about how it is possible over at Slate:

Despite all of the awareness-raising around surveillance that has taken place over the last year, many individuals feel disempowered, helpless to fight back. Efforts such as the February 11 initiative the Day We Fight Back aim to empower individuals to lobby their representatives for better regulation of mass surveillance. But legislation and policy are only part of the solution. In order to successfully protect our privacy, we must take an approach that looks at the whole picture: our behavior, the potential risks we face in disclosing data, and the person or entity posing those risks, whether a government or company. And in order to successfully fight off the feeling of futility, we must understand the threats we face.

, , , ,

No Comments

Britain “Inadvertently” Censors the Web

From: Ars Technica

Your government has inadvertently censored the Web, but it’s working on a “fix”

Two days after Internet porn-blocking campaigner MP Claire Perry announced ISP filters were not overblocking content, the government has announced it is.

In fact it’s such a problem the government is creating a whitelist of sites that should be protected, as well as a system anyone can use to directly report the inadvertent blocking of their site to ISPs or check if their site is affected.

more

No Comments

BitTorrent Creates More Secure Chat Program

From BitTorrent:

First, a few words on Chat’s origins. Here at BitTorrent, we value privacy. With the news this year reminding us all of the susceptibility of the communications platforms we rely on to snooping, we found ourselves wanting something new, something secure, something private. We ultimately realized that we were uniquely qualified to build this platform.

, , , , ,

No Comments

Press Release: Dark Mail Alliance

Today at the Inbox Love conference in Mountain View, CA, Silent Circle along with Ladar Levision, Founder of Lavabit officially announced the creation of the Dark Mail Alliance.

Silent Circle and Lavabit, as privacy innovators have partnered to lead the charge to replace email as we know it today – fundamentally broken from a privacy perspective – we have collaborated in developing a private, next-generation, end-to-end encrypted alternative. Read the rest of this entry »

, , , , , , , ,

No Comments