The EFF's Year End Review The ACLU's This Year in Civil Liberties Amnesty International's Anual Report (video) [more inside]
Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. [more inside]
FBI's CIPAV nabs first victim: Former Timberline High School student is the first (known) person to be caught by the FBI's secret spyware program, known as CIPAV (Computer and Internet Protocol Address Verifier). Wired broke the story Wednesday, then received a form letter from the FBI in response to a few key questions. (more inside)
"To tell the truth ... I'm sorta surprised they haven't caught me yet," The Washington Post ran an interesting interview with a botmaster, a young man who made serveral thousands of dollars a month installing XXX spyware on machines that he controlled. He installed the software on the machines of people he did not know by hacking into them remotely. The lenghty article included a partial photo of the botmaster along with vauge descriptions of the small midwestern town where the man lives, and was published with the understanding that the man's identity would be kept secret. Someone should have told that to the person that manages photos at the Washington Post. An estute reader over at Slashdot was able to locate some extra information stored in the picture's metadata including the photographer and the location the picture was taken, Roland, Oklahoma, a town of less than 3000 people. Whoops.
Hollings privacy bill really a trojan horse for spyware and data miners? But Hollings' bill should outrage Internet users just as much as Brilliant Digital's spyware. For while it talks a good game about protecting "sensitive" information, the truth is that it would place a congressional stamp of approval on precisely the kinds of practices that purveyors of spyware are eager to engage in.
Law enforcement and intelligence agencies now have access to software that can remotely record every keystroke and see every file on a target PC.
Law enforcement and intelligence agencies now have access to software that can remotely record every keystroke and see every file on a target PC. Data Interception by Remote Transmission (D.I.R.T.), developed by Codex Data Systems (you need a username and password to get past the opening screen) can supposedly see through PGP, firewalls, whatever you throw at it apparently. Only works against Win95 so far, but that won't last. Is this hogwash or something crucial?
Excellent, in-depth analysis of "spyware" used by insidious and horrible software entities such as RealPlayer. Written by my hero and yours, Steve Gibson.
Forget about privacy on the net. If you thought that being tracked by Doubleclick was a grosse invasion of privacy, imagine what it would be like if your employer was given open access to your home computer.