What Does DHS Know About You? A lot. [more inside]
posted by chunking express on Oct 5, 2009 - 50 comments

Gone Forever: What Does It Take to Really Disappear?
posted by homunculus on Aug 17, 2009 - 98 comments

Neurosecurity: security and privacy for neural devices. "An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
posted by homunculus on Jul 8, 2009 - 22 comments

ACLU Watch List Counter: U.S. Terror List Now Exceeds 900,000 Names. That's an awful lot of terrorists. More Privacy and Surveillance Filter: Bruce Schneier on The Myth of the 'Transparent Society', Glenn Greenwald on The Banality of the Surveillance State, and Stephen Colbert on AT & Treason. [more inside]
posted by homunculus on Mar 8, 2008 - 46 comments

The Anonymity Experiment. Is it possible to hide in plain sight? Privacy-minded people have long warned of a world in which an individual’s every action leaves a trace, in which corporations and governments can peer at will into your life with a few keystrokes on a computer. Now one of the people in charge of information-gathering for the U.S. government says, essentially, that such a world has arrived.
posted by amyms on Feb 16, 2008 - 44 comments

Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. [more inside]
posted by ikkyu2 on Jan 3, 2008 - 70 comments

This is an ironic tale of the consequences of inept application of cryptographic tools. Or is it? Dan Egerstad, a Swedish hacker, gained access to hundreds of computer network accounts around the world, belonging to various embassies, corporations and other organizations. How did he do it? Very easily: by sniffing exit traffic on his Tor nodes. [more inside]
posted by Anything on Dec 4, 2007 - 27 comments

The U.S. Department of Homeland Security is proposing new rules regarding passenger pre-screening both domestically and internationally. Interestingly, this includes flights that overfly the continental US without ever touching the ground. [more inside]
posted by never used baby shoes on Oct 12, 2007 - 40 comments

This is what happens when paranoia overwhelms common sense. A high school in NY state banned backpacks and bags from the student body. The whole situation reached a critical mass when a security guard pulled a young woman out of class because she had a small purse. He asked her if she was on her period. Way to humiliate teenagers. [more inside]
posted by wuwei on Oct 7, 2007 - 78 comments

The Age of Disaster Capitalism [more inside]
posted by y2karl on Sep 12, 2007 - 124 comments

Using a computer set to auto-screencast, The Consumerist catches a Geek Squad technician copying porn from a client's computer to a thumbdrive, and they've got video and logfiles (CSV) to prove it. Also, the Geek Squad CEO responds, and an anonymous Geek Squad tech confesses that this is not an uncommon practice: "stealing customers' nudie pics was an easter egg hunt." Consumerist users suggest that this practice might not be limited to Geek Squad. Via.
posted by charmston on Jul 6, 2007 - 73 comments

George Orwell, Big Brother is watching your house. With CCTV. Perhaps the Surveillance Camera Players could put on a performance there. It looks like Britain really is becoming a surveillance society. [Via Digg.]
posted by homunculus on Apr 2, 2007 - 44 comments

FTC imposes $10M fine against ChoicePoint for data breach The U.S. Federal Trade Commission has fined ChoicePoint $10 million for a data breach that allowed identity thieves posing as legitimate businesses to steal social security numbers, credit reports, and other data from nearly 140,000 people. This is the largest fine ever levied by the FTC. ChoicePoint also has to set up a 'trust fund' for people victimized by identity thieves. From the article: 'As part of its agreement with the FTC, ChoicePoint will also have to submit to comprehensive security audits every two years for the next 20 years.'" BusinessWeek has additional info. Perhaps there might be hope for individual privacy after all. Let's all keep our fingers crossed.
posted by mk1gti on Jan 26, 2006 - 22 comments

Private Mail--Not. ...Goodman, an 81-year-old retired University of Kansas history professor, received a letter from his friend in the Philippines that had been opened and resealed with a strip of dark green tape bearing the words “by Border Protection” and carrying the official Homeland Security seal. ...the agency can, will and does open mail coming to U.S. citizens that originates from a foreign country whenever it’s deemed necessary. ...
posted by amberglow on Jan 6, 2006 - 54 comments

Federal surveillance of over a hundred homes, businesses, mosques, warehouses and other sites has been conducted without warrants, according to a new USNews report. Indications are that the persons so targeted were US citizens. "In numerous cases, the monitoring required investigators to go on to the property under surveillance, although no search warrants or court orders were ever obtained, according to those with knowledge of the program. Some participants were threatened with loss of their jobs when they questioned the legality of the operation, according to these accounts."
posted by darkstar on Dec 23, 2005 - 131 comments

Echelon This is what we know--or do not know--about NSA prgram called Echelon, from 60 Minute show (TV) in 2000. If we assume this what had been going on and there were some sort of restraints for internal spying, then what is going on now? This evening I had heard on radio that the White House claimed that only calls going in and out of the country might be monitored. But this early interview suggests that such calls were monitored previous to the "new" approach. Why were legal restraints put in place calling for judicial hearings? Because of spying abuse done under Nixon. Those restraints are now removed.
posted by Postroad on Dec 19, 2005 - 158 comments

Security, the TSA, and the No-Fly List You would think that our National Security apparatus would be like the TV series "24", with the most ingenious and sophisticated technology available. You would be wrong. Disclaimer: TSA is not an intelligent intelligence agency. Here's a blurb from the resume of the designer(Kenneth Mack) of the application the airline industry uses for *PDF* managing their employee data and the cross-checking them with the no-fly list:

- Sr. Developer: Developed a program [for Goddard Technologies] that uses the "No-Fly List" Excel spreadsheet, provided by the FAA and the database of badged employees to permute the name combinations. It takes into consideration multiple first and middle names, with Soundex and the various "initial" combinations. This program reduced the time for comparison from 3 days to 10 minutes.

The scary yet interesting part of all of this is that the No-Fly List is nothing more than a password-protected spreadsheet (see this PDF). One would guess our Government's geeks would know that it's a bad idea to send email attachments containing social security numbers and dates of birth, unencrypted, over the internets, even if they might be terrorists.
posted by rzklkng on Jul 15, 2005 - 30 comments

Who is watching Big Brother? Last week, the Australian Privacy Foundation held its annual Big Brother Awards, with biometric passports winning the prestigious "Orwell" for the most invasive technology (other countries' Big Brother Awards here). Not long before, Privacy International and the Electronic Privacy Information Center released their 7th Annual Survey on the state of privacy in sixty countries, claiming that threats to personal privacy have reached a level that is dangerous to fundamental human rights. Are we edging closer to Room 101?
posted by UbuRoivas on Nov 29, 2004 - 6 comments

Identity theft is epidemic.
posted by semmi on Oct 25, 2004 - 17 comments

E-mail snooping is legal. A U.S. federal appeals court set an unsettling precedent last week by ruling (PDF) that an e-mail provider did not break the law when he copied and read e-mail messages sent to customers through his server.
posted by homunculus on Jul 7, 2004 - 15 comments

We've discussed it before, but RFID, that fun-loving little radio transmitter that can be attached to everything from that stereo system to a carton of milk, is plowing ahead faster than you can say "unregulated." Earlier this year, Wal-Mart issued a mandate that required its top 100 suppliers to include RFIDs on their merchandise by 2005, bringing new meaning to the phrase "panties in a bunch." (Incidentally, Wal-Mart was also the benign corporation that ushered in bar codes for mass consumption in the late 70s and early 80s.) With no regulations on the table, the New York Times reports that the Defense Department plans to issue a statement requiring all suppliers to use RFID. Hitachi has even offered to put it in your currency. Imagine a store a few years from now that can track all of the objects in your cart, and that, thanks to a microscopic RFID stuck to your shoe when you slide through the doors, can determine how many seconds you or your children react to a display. Imagine a world that tracks exactly where each one of your dollar bills go. (So much for the anonymity of johns and porn enthusiasts.) Is this the kind of world we want to abdicate to large retail corporations? Is this the kind of information that governments or private institutions are entitled to know? Discuss.
posted by ed on Sep 29, 2003 - 96 comments

RFID tagging and tracking plans (mirror 1, mirror 2) With the tag line "Identify Any Object Anywhere Automatically", this group (the MIT Auto-ID Center) is leading the way into our bold new future of total tracking. {Originally uncovered by CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering)}
posted by Irontom on Jul 8, 2003 - 18 comments

Nominate the world's stupidest security procedure. UK-based watchdog group, Privacy International, is accepting nominations until March 15th from the general public about the most annoying and invasive security measures with the lowest effectiveness in protecting individual safety. What would you nominate?
posted by jonp72 on Mar 6, 2003 - 19 comments

At InfoSecuity 2002, an annual corporate security conference, new "computer forensics" software is on display, including software "that allows corporate IT folks to research employees' criminal histories, credit information, financial asset details, friends and associates. "

The software is called Red Alert 2.0, and more specifically the research software is an optional subscription based add-on called Intelligent Information Dossier plus. Isn't this tantamount to your employer spying on your private life, in real time?

As I work for a very large military contractor myself, I could easily see something like this being used where I work. Would you feel comfortable working for a company that uses this sort of intrusive software?
posted by SweetJesus on Dec 13, 2002 - 21 comments

A Mac user scorned is a dangerous thing... Gotta hand it to this guy: persistence pays off. After being scammed with $3000 in forged cashier checques in an eBay transaction, this seller took matters into his own hands. How secure do you feel making transaction over eBay and related services? What kinds of internet fraud have you faced or fear? And most interesting of all, to what extent have you gone to correct evils done to you?
posted by tgrundke on Dec 12, 2002 - 51 comments

The Mark of the Beast? After the quick FDA approval of implantable human chips , Applied Digital Solutions , the manufacturer of the chips, has already launched a national campaign with the tagline "Get Chipped", and people are lining up. Other's are afraid, for one reason or another.
posted by Espoo2 on Oct 25, 2002 - 28 comments

Does privacy have a place in society anymore? Or is it incompatible with a crowded and technologically-advanced world? If we must submit to constant surveillance, who should we trust to watch?
posted by rushmc on May 23, 2002 - 21 comments

SafeWeb not so safe? It was pitched as a "web anonymizer." It was supposedly even "CIA proof." Now some holes have been found.
posted by yesster on Feb 12, 2002 - 13 comments

Ashcroft issues new policy on FOIA requests that rescinds a 1993 policy that made it somewhat harder for federal agencies to refuse requests for public records. No surprise, especially given the current situation, but the interesting part is the rationale: Ashcroft cites national security, the effectiveness of law enforcement and protecting sensitive business information. "I encourage your agency to carefully consider the protection of all such values and interests when making disclosure determinations under the FOIA." (via Politechbot)
posted by thescoop on Oct 18, 2001 - 5 comments

Not embedded in your hand, just your credit card. Your Providian VISA with Smart Chip Technology comes with a smart chip that's embedded on the front of the credit card. Soon, a smart chip will let you store information and applications that make shopping easier and more secure. Anyone here a little leary of this kind of "smart"ness? Thoughts?
posted by thunder on Jul 3, 2001 - 23 comments

Beyond the bar code: Tags on retail products will send radio signals to their manufacturers, collecting information about consumer habits -- and raising privacy concerns. Radio tag technology is already here, used in fields such in livestock, freight-train cargo and highway tolls. The only barrier to widespread use is consumer products is price. When they can be made for a penny, expect to see them everywhere. From the March issue of MIT Technology Review.
posted by jhiggy on Feb 20, 2001 - 13 comments

FTC ends investigation of DoubleClick and finds no evidence of wrongdoing. I don't know about you, but I feel cheated. Don't forget to opt out of their cookie-bending racket.
posted by mathowie on Jan 23, 2001 - 16 comments

Linux no longer foolproof? And a smile descened upon Redmond...
posted by mecawilson on Jan 22, 2001 - 21 comments

Contact information viewable with Alexa toolbar? Disturbing. Anyone with the Alexa toolbar installed can apparently see your address and telephone number, along with helpful information like maps to your home. This information is in the public record, but providing it instantly can only lead to more stalking incidents. You may want to follow Leia's advice and visit Alexa.com's site editor to make sure you're protected.
posted by jmcnally on Jan 11, 2001 - 16 comments

Judiciary Seeks Public Comment on Internet Access to Court Documents "As federal courts make the transition from paper to electronic case files, the Judicial Conference of the United States is studying the privacy and security implications of vastly wider public access to court documents via the Internet. Public comment is sought."

Further down they tell you that it'll cost 7 cents a page, even online. From the same folks who waited years to put up Supreme Court dockets and opinions on the official site.
posted by thescoop on Nov 15, 2000 - 6 comments

Excellent, in-depth analysis of "spyware" used by insidious and horrible software entities such as RealPlayer. Written by my hero and yours, Steve Gibson.
posted by Succa on Oct 16, 2000 - 14 comments

Another innovation from Digital Convergence:
In addition to having a pretty much useless product, CueCat's product-release-to-privacy-violation rate is spectacular! To quote their email:

Dear :CueCat member,
We've been alerted to a security breach in our system that may have exposed certain members' names and email addresses. As one of the members who may be susceptible, we want to explain to you how you may be affected and what we are doing to rectify the situation. (more...)
posted by anildash on Sep 17, 2000 - 1 comment

Western Union's site is down, as hackers have accessed their "secure" database. Western Union's only suggestion so far is to tell all customers to cancel their credit card accounts. Is anything really secure on the internet? Do you trust amazon to hold your credit card numbers, Wells Fargo to keep your checking account private, and Kozmo employees not to pilfer your credit card numbers for fun?
posted by mathowie on Sep 10, 2000 - 8 comments

Does Amazon deserve my statistics? I knew this was coming but I was hoping that it would all turn out for the better and Amazon would come to their senses. So the question is, are Wish Lists worth my data? Will ownership of my spending habits, phone number, address, credit card, browsing habits, and email address become the new price for using the Internet as a consumer?
posted by Brilliantcrank on Sep 5, 2000 - 3 comments

Does it bug anyone else that if you have a MetaFilter account with cookies enabled, it automatically enters your password (which can be read in view source)???
Personally I think this is a very bad thing, as I've visited metafilter at the library a few times..
posted by Bane on Jun 28, 2000 - 15 comments

Identity swapping makes life relative

Do any of you do the Safeway Card Shuffle? I think I probably would, but then again the level of tracking where I live is currently negligible, so it isn't yet an issue. How about where you live?

And how does this tie in to online privacy, like advertising cookies and programs like RealPlayer and GoZilla that track and report where you've been and what you've been doing?
posted by lia on Jun 8, 2000 - 8 comments

Forget about privacy on the net. If you thought that being tracked by Doubleclick was a grosse invasion of privacy, imagine what it would be like if your employer was given open access to your home computer.
posted by Ms Snit on Mar 22, 2000 - 0 comments