“The good news is that there are solutions. The weakness of mass surveillance is that it can very easily be made much more expensive through changes in technical standards: pervasive end-to-end encryption can quickly make indiscriminate surveillance impossible on a cost-effective basis. The result is that governments are likely to fall back to traditional, targeted surveillance founded upon an individualized suspicion. Governments cannot risk the discovery of their exploits by simply throwing attacks at every “endpoint,” or computer processor on the end of a network connection, in the world. Mass surveillance, passive surveillance, relies upon unencrypted or weakly encrypted communications at the global network level.
Edward Snowden submits written testimony to an EU committee investigating mass surveillance, and answers questions.
The testimony takes place 3 days ahead of his highly anticipated SXSW appearance, to take place later today. Snowden is expected to speak about privacy, security, mass surveillance programs, free speech and whistle-blowing in a rare remote video appearance before a live audience.
Kansas Congressman Mike Pompeo finds this “deeply troubling” in a letter he's sent to the organizers of the conference.
Meanwhile, people who wish to #asksnowden questions can use the hashtag on Twitter. The talk is to take place at 12pm PT, today.
posted by fantodstic
on Mar 10, 2014 -
"In 1967, The Public Interest
, then a leading venue for highbrow policy debate, published a provocative essay by Paul Baran
, one of the fathers of the data transmission method known as packet switching [and agent of RAND
]. Titled “The Future Computer Utility,"
the essay speculated that someday a few big, centralized computers would provide 'information processing … the same way one now buys electricity. Highly sensitive personal and important business information will be stored in many of the contemplated systems … At present, nothing more than trust—or, at best, a lack of technical sophistication—stands in the way of a would-be eavesdropper.' To read Baran’s essay (just one of the many on utility computing published at the time) is to realize that our contemporary privacy problem is not contemporary. It’s not just a consequence of Mark Zuckerberg’s selling his soul and our profiles to the NSA. The problem was recognized early on, and little was done about it... It’s not enough for a website to prompt us to decide who should see our data. Instead it should reawaken our own imaginations. Designed right, sites would not nudge citizens to either guard or share their private information but would reveal the hidden political dimensions to various acts of information sharing." -- MIT Technology Review on The Real Privacy Problem
posted by Potomac Avenue
on Nov 12, 2013 -
But that didn't prevent
On the Media producer Sarah Abdurrahman and several members of her family and friends from being detained at a Canadian-US border while on the way home from a wedding. The story is all the more frightening as it details Sarah's inability to get any answers about policy from the Border Patrol, including the name of the officers who held her.
posted by Eyeveex
on Sep 23, 2013 -
Practical Ethics: Enlightened Surveillance?
Surrendering on surveillance might be the least bad option – of all likely civil liberty encroachments, this seemed the less damaging and hardest to resist. But that’s an overly defensive way of phrasing it – if ubiquitous surveillance and lack of privacy are the trends of the future, we shouldn’t just begrudgingly accept them, but demand that society gets the most possible out of them. [more inside]
posted by the man of twists and turns
on Apr 18, 2013 -
It is June 2, 2010 and Mark Zuckerberg is sweating. He’s wearing his hoodie—he’s always wearing his hoodie—and he’s on stage and either the lights or the questions are too hot. … “Do you want to take off the hoodie?” asks Kara Swisher.
“I never take off the hoodie.”
The varied cultural resonances of an unassuming garment
posted by the mad poster!
on Jan 29, 2013 -
Why Privacy Matters, Even If You Have Nothing To Hide
, by Daniel J. Solove
The nothing-to-hide argument pervades discussions about privacy. The data-security expert Bruce Schneier calls it the "most common retort against privacy advocates." ... To evaluate the nothing-to-hide argument, we should begin by looking at how its adherents understand privacy. Nearly every law or policy involving privacy depends upon a particular understanding of what privacy is. The way problems are conceived has a tremendous impact on the legal and policy solutions used to solve them. [more inside]
posted by the man of twists and turns
on Dec 9, 2012 -
An anonymous hacking outfit called "Gnosis" has infiltrated Gawker Media
, hijacking the front page
and leaking the company's internal chat logs, source code, and content databases along with the usernames, email addresses, and passwords of over 1.3 million users
(including Gawker staff). The attack, which was motivated by what the group describes as the "outright arrogance"
with which the company's bloggers taunted anonymous imageboard 4chan (semi-previously)
, affects every site in the Gawker network, including Gizmodo, Kotaku, Lifehacker, Jezebel, Deadspin, Jalopnik, and io9. While most of the leaked passwords are encrypted, more than 200,000 of the simpler ones in the torrent file have been cracked, and the links between account names and email addresses are in plaintext for all to see. Since the integrity of Gawker's encryption methods remains in doubt
, it is recommended that anyone who has ever registered an account on any Gawker property change their passwords immediately, especially if the same log-in information is used for other services.
posted by Rhaomi
on Dec 12, 2010 -
Nov. 24 is National Opt-out Day from airport back-scatter scanners
Time to call BS on TSA's kabuki theater of airport security:
"As public anger grows over the TSA's body scanners and intrusive new airport pat-down procedure, a Web site is urging travelers to "opt out" from the body scanners and instead choose to have a pat-down in public view, so that everyone can "see for themselves how the government treats law-abiding citizens."
declares November 24 to be the day when air travelers should refuse to submit to a full body scan and choose the enhanced pat-down -- an option many travelers have described as little short of a molestation."
posted by TDIpod
on Nov 10, 2010 -
Neurosecurity: security and privacy for neural devices.
"An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
posted by homunculus
on Jul 8, 2009 -
The Anonymity Experiment
. Is it possible to hide in plain sight? Privacy-minded people have long warned of a world in which an individual’s every action leaves a trace, in which corporations and governments can peer at will into your life with a few keystrokes on a computer. Now one of the people in charge of information-gathering for the U.S. government says, essentially, that such a world has arrived.
posted by amyms
on Feb 16, 2008 -
Online communities to become more 'all-encompassing.'
If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better
: you can only view the true TOS once the proxy has already been installed. [more inside]
posted by ikkyu2
on Jan 3, 2008 -
This is an ironic tale of the consequences of inept application of cryptographic tools. Or is it?
Dan Egerstad, a Swedish hacker, gained access to hundreds of computer network accounts around the world, belonging to various embassies, corporations and other organizations. How did he do it? Very easily:
by sniffing exit traffic on his Tor
nodes. [more inside]
posted by Anything
on Dec 4, 2007 -
FTC imposes $10M fine against ChoicePoint for data breach
The U.S. Federal Trade Commission has fined ChoicePoint $10 million for a data breach that allowed identity thieves posing as legitimate businesses to steal social security numbers, credit reports, and other data from nearly 140,000 people. This is the largest fine ever levied by the FTC. ChoicePoint also has to set up a 'trust fund' for people victimized by identity thieves. From the article: 'As part of its agreement with the FTC, ChoicePoint will also have to submit to comprehensive security audits every two years for the next 20 years.'" BusinessWeek has additional info.
Perhaps there might be hope for individual privacy after all. Let's all keep our fingers crossed.
posted by mk1gti
on Jan 26, 2006 -
Private Mail--Not. ...Goodman, an 81-year-old retired University of Kansas history professor, received a letter from his friend in the Philippines that had been opened and resealed with a strip of dark green tape bearing the words “by Border Protection” and carrying the official Homeland Security seal. ...the agency can, will and does open mail coming to U.S. citizens that originates from a foreign country whenever it’s deemed necessary. ...
posted by amberglow
on Jan 6, 2006 -
of over a hundred homes, businesses, mosques, warehouses and other sites has been conducted without warrants, according to a new USNews report. Indications are that the persons so targeted were US citizens. "In numerous cases, the monitoring required investigators to go on to the property under surveillance, although no search warrants or court orders were ever obtained, according to those with knowledge of the program. Some participants were threatened with loss of their jobs when they questioned the legality of the operation, according to these accounts."
posted by darkstar
on Dec 23, 2005 -
This is what we know--or do not know--about NSA prgram called Echelon, from 60 Minute show (TV) in 2000. If we assume this what had been going on and there were some sort of restraints for internal spying, then what is going on now? This evening I had heard on radio that the White House claimed that only calls going in and out of the country might be monitored. But this early interview suggests that such calls were monitored previous to the "new" approach. Why were legal restraints put in place calling for judicial hearings? Because of spying abuse done under Nixon. Those restraints are now removed.
posted by Postroad
on Dec 19, 2005 -
We've discussed it before
, but RFID
, that fun-loving little radio transmitter that can be attached to everything from that stereo system to a carton of milk, is plowing ahead faster than you can say "unregulated." Earlier this year, Wal-Mart issued a mandate
that required its top 100 suppliers to include RFIDs on their merchandise by 2005, bringing new meaning to the phrase "panties in a bunch."
(Incidentally, Wal-Mart was also the benign corporation that ushered in bar codes for mass consumption in the late 70s and early 80s
.) With no regulations on the table, the New York Times
reports that the Defense Department plans to issue a statement requiring all suppliers to use RFID
. Hitachi has even offered to put it in your currency.
Imagine a store a few years from now that can track all of the objects in your cart, and that, thanks to a microscopic RFID stuck to your shoe when you slide through the doors, can determine how many seconds you or your children react to a display. Imagine a world that tracks exactly where each one of your dollar bills go. (So much for the anonymity of johns and porn enthusiasts.) Is this the kind of world we want to abdicate to large retail corporations? Is this the kind of information that governments or private institutions are entitled to know? Discuss.
posted by ed
on Sep 29, 2003 -
Nominate the world's stupidest security procedure.
UK-based watchdog group, Privacy International, is accepting nominations until March 15th from the general public about the most annoying and invasive security measures with the lowest effectiveness in protecting individual safety. What would you nominate?
posted by jonp72
on Mar 6, 2003 -
At InfoSecuity 2002,
an annual corporate security conference, new "computer forensics" software is on display, including software "that allows corporate IT folks to research employees' criminal histories, credit information, financial asset details, friends and associates. "
The software is called Red Alert 2.0
, and more specifically the research software is an optional subscription based add-on called Intelligent Information Dossier plus. Isn't this tantamount to your employer spying on your private life, in real time?
As I work for a very large military contractor
myself, I could easily see something like this being used where I work. Would you feel comfortable working for a company that uses this sort of intrusive software?
posted by SweetJesus
on Dec 13, 2002 -