Submit a link Features Reviews Podcasts Video Forums More ▾

Stickonspy: sticker-reminder that the NSA likes to fool around with your webcam


Stickonspy sells die-cut stickers that go around your laptop's webcam to remind yourself -- and others -- that spooks from western governments have made a practice of using spyware that allows them to covertly switch on laptop and mobile phone cameras and microphones to spy on their owners. $3 for one, $10 for 6. We used to sell a variation on these in the old Boing Boing Bazaar. Just remember to trim away enough of the sticker that you can see if the webcam light is lit, which will prevent some of the less-subtle attacks, and also inadvertent embarrassment.

Stickonspy (Thanks, Bradley!)

Anti-security company VUPEN claims to have broken Windows 8 & Explorer 10, will sell exploits to cops, governments & wiretapping vendors

VUPEN is an anti-security company that roots out vulnerabilities in common operating systems and programs and sells these vulnerabilities to governments, police forces and others who want to use them to build malicious software to let them spy on people (we've written about them before). Now they claim to have found vulnerabilities in Windows 8 and Internet Explorer 10, and have put these up for sale to customers who want to use them to hijack other peoples' computers.

Security firm VUPEN claims to have hacked Windows 8 and IE10 (via /.)

Canada's warrantless surveillance bill is back, and bigger than ever, with surveillance powers for US gov't, too

Bill C30, the sweeping Canadian warrantless Internet surveillance bill, is back from the dead. Public Safety Minister Vic Toews (who declared that opposition to his bill was tantamount to support for pedophiles) has been working behind the scenes to resurrect his legislation, joining forces with the US government in the name of "perimeter security." This proposed deal would expand the warrantless surveillance to US authorities, who could also access Canadians' private information.

OpenMedia.ca has been rounding up the names of Canadian MPs who oppose C-30, compiling a master list of the politicians who'll stand with Canadians against this kind of wholesale, international surveillance of their data. They want Canadians to pressure their MPs into taking the pledge.

Vic Toews, far from backing down, is pushing for a renewed multi-faceted scheme to erode Canadians’ online privacy rights: Toews has been working on a deal with the U.S. known as “Perimeter Security”, which could lead to the U.S. government having access to your private data.2 Additionally, the Federal Budget for this year includes a plan to cut funding to the watchdog responsible for overseeing Canada's spy agency, CSIS.3

All in all, Toews’ actions could lead Canada to become a large, recklessly-governed surveillance society.

But we have momentum now, with nearly two-thirds of opposition MPs on our side. You got us this far, now take a moment to get your friends, family, co-workers—everyone you know—to speak out about the costly scheme to collect your private online information at any time, without a warrant.

Letter to Supporters: Who's on your side?

Hilary Clinton to world governments: the world will divide into "open" and "closed" societies based on their Internet policies

US Secretary of State Hillary Clinton has repeated her view that the world's governments should respect Internet freedom, telling the Brasilia Open Government Summit that the world is dividing into "open" and "closed" societies characterized by their attitude towards net freedom. It's a laudable sentiment, but as they say, "We know you love freedom, we just wish you'd share." After all, America is one of the world's leading exporters of Internet censorship and surveillance laws (in the form of its intervention into copyright laws, as well as instigating unaccountable, secret copyright treaty negotiations like ACTA and TPP. They're also the world's leading exporter of Internet surveillance and censorship technology, thanks first to the US national requirement that telcoms companies buy equipment that allows for direct police surveillance, and the aggressive sale of this surveillance and control technology to the world's dictatorship by US firms.

​Speaking at the inaugural meeting of the Open Government Partnership in Brasilia, she said countries could only become more secure and peaceful if they were open. "In the 21st century, the US is convinced that one of the most significant divisions between nations will be not between east or west, nor over religion, so much as between open and closed societies," she said.

​"We believe those governments that hide from public view and dismiss ideas of openness and the aspirations of their people for greater freedom will find it increasingly difficult to create a secure society."

It's particularly galling that Secretary Clinton made these remarks even as the US Congress is poised to pass CISPA, which establishes a national US regime of censorship and warrantless surveillance.

Open or closed society is key dividing line of 21st century, says Hillary Clinton

(Image: Clinton Rally 90, a Creative Commons Attribution Share-Alike (2.0) image from kakissel's photostream)

Canada's warrantless spying bill is coming back, and it's worse than before

Michael Geist writes in with news of Canada's bill C-30, the insane, overreaching warrantless spying bill that collapsed earlier this year on a wave of public disapprobation. As you might have suspected, it's back. Michael sez, "The Canadian government has placed Bill C-30, the lawful access/online surveillance bill on hold, but there is no reason to believe it is going away. In fact, a recent report Standing Committee on Justice and Human Rights suggests that the changes coming to the bill may not address public concern but rather expand lawful access requirements even further. The committee report on the State of Organized Crime that includes recommendations that reinforce Bill C-30's mandatory warrantless disclosure of subscriber information and envision going beyond the bill by requiring both telecom companies and device manufacturers to assist in the decryption of encrypted communications as well as exploring mandatory verification of the identity of cellphone users. Moreover, Canadians shouldn't be looking to the telcos for help. A Bell spokesperson stated 'our primary concern in this area has always been the capacity of industry to implement any new requirements and who bears the cost.' That is a troubling position for many Canadians who rightly expect their telecom companies to also be concerned with the privacy of their customers." Cory

Canada's spying bill also allows appointed "inspectors" unlimited access to ISP data

Criticism of C-30, Canada's proposed domestic spying law, has focused on the fact that the police could access certain kinds of ISP subscriber information without a warrant. But as Terry Milewski writes on the CBC, the bill also gives the government the power to appoint special inspectors who can monitor and copy all information that passes through an ISP, also without a warrant.

The inspector, says the bill, may "examine any document, information or thing found in the place and open or cause to be opened any container or other thing." He or she may also "use, or cause to be used, any computer system in the place to search and examine any information contained in or available to the system."

You read that right. The inspector gets to see "any" information that's in or "available to the system." Yours, mine, and everyone else's emails, phone calls, web surfing, shopping, you name it. But, if that sounds breath-taking enough, don't quit now because the section is still not done.

The inspector — remember, this is anyone the minister chooses — is also empowered to copy anything that strikes his or her fancy. The inspector may "reproduce, or cause to be reproduced, any information in the form of a printout, or other intelligible output, and remove the printout, or other output, for examination or copying."

Oh, and he can even use the ISP's own computers and connections to copy it or to email it to himself. He can "use, or cause to be used, any copying equipment or means of telecommunication at the place."

In short, there's nothing the inspector cannot see or copy. "Any" information is up for grabs. And you thought the new airport body scanners were intrusive?

Online surveillance bill opens door for Big Brother (Thanks, Craig!)

Newspaper claims Vikileaks Twitter account traced back to House of Commons

The @Vikileaks30 account on Twitter has been publishing embarrassing personal information about Canada's Public Safety Minister Vic Toews, who is pushing for a domestic spying law that would require ISPs to gather and retain your personal information and turn it over to police without a warrant. The Vikileaks account kicked off with excerpts from the affidavits from Toews's very ugly divorce, including his ex-wife's allegations about his abuse of his official government expense accounts. The account created a nationwide stir over the domestic spying proposal, and has caused a rare (and possibly strategic*) climbdown from the majority Conservative government.

Now The Ottawa Citizen newspaper has tricked the person behind the anonymous account into visiting a website that it controls, and have traced back the IP address used in the trap to the House of Commons, suggesting that Toews's nemesis works for the federal government. The Citizen claims that the IP address has also been used to "frequently" edit Wikipedia "[give] them what appears to be a pro-NDP bias" (the New Democratic Party is the left-leaning opposition party in Parliament).

While it's impossible to say who is actually the using the address without a full-scale investigation undertaken by the House of Commons, a trace of the IP address shows it is also used by an employee of the House to post comments on a website for fans of the musician Paul Simon.

When reached by phone, the employee said that while he frequents the Paul Simon website he has nothing to do with the Vikileaks30 Twitter account.

A spokeswoman for the Speaker of the House of Commons said she is not aware of any investigation into whether any House IP addresses are behind the Vikileaks30 account. In order for an official government investigation to begin a complaint would have to be filed by a Member of Parliament.

Vikileaks30 linked to House of Commons IP address

* "Possibly strategic" because it looks like they're rushing this to committee, which is likely to go closed-door, exclude skeptical expert testimony, and speedily conclude that the bill is just fine as-is while maintaining a low public profile (Thanks, Colin!)

Involuntary transparency for Canada's spying-bill MP

Vic Toews is the controversial Canadian Minister of Public Safety whose spying bill will require ISPs to log and retain an enormous amount of your online activity, and then make that available to police without a warrant. Yesterday, Toews drew criticism when he said that opponents of his bill "stand with child pornographers." Today an anonymous party has created a Vikileaks Twitter account that is publishing embarrassing personal details culled from affidavits filed in Mr Toews's divorce, saying, "Vic wants to know about you. Let's get to know about Vic." It's not clear to me whether these affidavits were under seal, or part of the public record (they seem to come from this case: FEHR, LORRAINE K. vs TOEWS, VICTOR E. (FD08-01-86932) Mantioba Queen's Court of Queens Bench). This is an awfully ugly tactic and will likely be counterproductive. It does demonstrate that once material is stored, it is likely to leak, and that the best way to protect private information is to refrain from gathering and aggregating it in the first place. Update: looks like publishing court records is kosher in Manitoba. Cory

Canadian MP: if you oppose warrantless snooping, you "stand with child pornographers"

Vic Toews, the Canadian Tory MP pushing for the new spying bill says that people who oppose him are "standing with child pornographers." Mr Toews's bill will require ISPs to record all your online activity and give police access to those logs without a warrant. Ontario police recently busted a huge child-porn ring without needing any further spying power. In fact, no one can find any police investigation that has failed for lack of snooping powers. A leaked memo from the Canadian Association of Chiefs of Police shows that Canada's law enforcement has been scouring its records for evidence supporting the need for this bill, without luck. (Thanks, Wild Rumpus!) Cory