Boing Boing 

Smart Pipe: a design fiction from the Internet of Things dystopia

11 minutes seems like a long ask for a gag video about an Internet-of-Things toilet-analyzer, but man, is it worth it.

Read the rest

EFF backs new nonprofit free certificate authority "Let's Encrypt"

It will be overseen by Internet Security Research Group with backing from EFF, Mozilla, Cisco, Akamai and others, and will offer free HTTPS certificates to all comers, making it radically easier and cheaper to encrypt the Web and make it resistant to mass surveillance.

Currently, most Internet traffic is unencrypted, meaning most interactions you have with websites leave your accounts vulnerable to eavesdropping by everyone from a minimally competent hacker to the U.S. government. The HTTPS protocol—in contrast to HTTP—encrypts your connection and verifies the authenticity of sites, protecting your data and personal information. EFF has been campaigning successfully for a number of years to spread HTTPS from payment pages and banking sites to email, social networking, and other types of sites. But there are still hundreds of millions of domains that lack this protection.

The new Let's Encrypt project aims to solve that. Let's Encrypt is a new free certificate authority, which will begin issuing server certificates in 2015. Server certificates are the anchor for any website that wants to offer HTTPS and encrypted traffic, proving that the server you are talking to is the server you intended to talk to. But these certificates have historically been expensive, as well as tricky to install and bothersome to update. The Let's Encrypt authority will offer server certificates at zero cost, supported by sophisticated new security protocols. The certificates will have automatic enrollment and renewal, and there will be publicly available records of all certificate issuance and revocation.

Let's Encrypt

New, Free Certificate Authority to Dramatically Increase Encrypted Internet Traffic [EFF]

EFF makes DoJ admit it lied in court about FBI secret warrants

Department of Justice lawyers told a judge that when the FBI gives one of its secret National Security Letters to a company, the company is allowed to reveal the NSL's existence and discuss its quality -- it lied.

Read the rest

ISPs caught sabotaging their customers' email encryption


Ever since 2013, when the Electronic Frontier Foundation started shaming email providers that did not encrypt their customers' email, more and more mail providers have turned on STARTTLS, which protects email in transit from snooping, without requiring users to take any additional steps.

Read the rest

Random Darknet Shopper: Internet art randomly spends $100/wk of Bitcoin in darknet


It's part of a Swiss gallery exhibit called The Darknet: From Memes to Onionland, where all the random junk the algorithm buys (from ecstasy to fire brigade master-keys to boxed Tolkien sets) are displayed.

Read the rest

New Firefox has a "Forget" button

It allows you to erase your browser history/cookies for 5 minutes, 2 hours, or 1 day, in case you want your browser to be able to unsee wherever it is that you've blundered into.

Read the rest

Cyberwar's hidden victims: NGOs


A new report from the storied Citizen Lab at the University of Toronto documents the advanced, persistent threats levied against civil society groups and NGOs -- threats that rival those facing any government or Fortune 100 company, but whose targets are much less well-equipped to defend themselves.

Read the rest

Expat activists and journalists leave USA for Berlin's safety

From Laura Poitras to Jacob Appelbaum to Sarah Harrison, Berlin has become a haven for American journalists, activists and whistleblowers who fear America's unlimited appetite for surveillance and put their trust in Germany's memory of the terror of the Stasi.

Read the rest

Some tickets still available for ORG Con, London, Nov 15


Ruth from Open Rights Group sez, "Tickets are selling fast for Open Rights Group's annual digital rights conference, all about debating civil liberties and the Internet: Get yours here.

Read the rest

USPS usage declines, but sloppy postal surveillance is way, way up

Surveillance requests for "postal metadata" climbed 600% in recent years, often undertaken with badly formed or expired warrants.

Read the rest

Potato-chip surveillance: once you start, you just can't stop

The ongoing revelations about UK domestic spying on political activists, continued in some case for decades, and which included an incident in which an undercover police officer fathered a child with the woman he was spying on, illustrate an important point: once you decide someone is suspicious enough to follow around, there's no evidence that you can gather to dispel that suspicion.

Read the rest

Edward Snowden interviewed by Lawrence Lessig

It's a fascinating, hour-long session in which Snowden articulates the case for blowing the whistle, the structural problems that created mass surveillance, and why it's not sufficient to stop the state from using our data -- we should also limit their ability to collect it. The Slashdot post by The Real Hocus Locus provides good timecode-based links into different parts of the talk.

CHP officer who stole and shared nude photos of traffic-stop victim claims "it's a game"

Officer Sean Harrington of Martinez California Highway Patrol says that when he stole nude photos from the cell phone of a woman he'd traffic-stopped and then shared them with other CHP officers, that he was just playing "a game" that is widespead in the force.

Read the rest

Wouldn't it be great if a billboard could actually read your mind?

Said no one, ever. Except, apparently not: the "data scientists" of Posterscope are excited that EE -- a joint venture of T-Mobile and Orange -- will spy on all their users' mobile data to "give profound insights...that were never possible before"

Read the rest

Which crowdfunded privacy routers are worthy of your trust?


After the spectacular rise and fall of Anonabox, a kickstarted $45 router that was supposed to protect your privacy but had its campaign yanked for not being entirely forthright with backers, a spate of shady, silly, and even serious projects have sprung up to fill the demand that Anonabox's $615,000 Kickstarter near-win demonstrated.

Read the rest

EFF launches a new version of Surveillance Self-Defense


Hugh from the Electronic Frontier Foundation writes, "We're thrilled to announce the relaunch of Surveillance Self-Defense (SSD), our guide to defending yourself and your friends from digital surveillance by using encryption tools and developing appropriate privacy and security practices. The site launches today in English, Arabic, and Spanish, with more languages coming soon."

Surveillance Self-Defense (Thanks, Hugh!)

Tor Browser goes 4.0

The 4.0 version of the secure, anonymized, private browser disables SSL3 (in deference to the POODLE attack) and uses new transports that are intended to defeat the Great Firewall of China and other extremely restrictive firewalls.

Read the rest

FBI chief demands an end to cellphone security

If your phone is designed to be secure against thieves, voyeurs, and hackers, it'll also stop spies and cops. So the FBI has demanded that device makers redesign their products so that they -- and anyone who can impersonate them -- can break into them at will.

Read the rest

If you think you've anonymized a data set, you're probably wrong

Using some clever computing, Atockar took the NYC Taxicab Dataset and not only calculated the annual income of every hack in New York, but also figured out who goes to strip clubs, what celebrities' home addresses were, and how they tipped.

Read the rest

Adobe responds to scandalous news of secretly spying on readers (not really)

A week ago, Adobe was caught spying on people's reading habits -- they index all your books and send a full dossier to themselves, in the clear. Now, they've responded to the American Library Association (whose members are the major customers for this terrible stuff) by saying they'll say something next week. (Thanks, Jay!)

Glenn Greenwald explains privacy

Alan writes, "Why privacy matters' is Glenn Greenwald's talk to TED in which he makes the argument that we are not obligated to make ourselves harmless; rather, we need to be able to express ourselves unwatched."

Librarians on the vanguard of the anti-surveillance movement

The American Library Association's code of ethics demands that library professionals "protect each library user's right to privacy and confidentiality" and they've been taking that duty seriously since the first days of the Patriot Act.

Read the rest

There's no back door that only works for good guys

My latest Guardian column, Crypto wars redux: why the FBI's desire to unlock your private life must be resisted, explains why the US government's push to mandate insecure back-doors in all our devices is such a terrible idea -- the antithesis of "cyber-security."

Read the rest

Help wanted: crypto-usability research director & ops manager

Simply Secure, a nonprofit developing usable, free, open interfaces for cryptographic communications tools like OTR, is hiring!

Read the rest

Twitter sues U.S. Justice Department for right to reveal government surveillance requests

20142617331326734_20

In a blog post titled “Taking the fight for #transparency to court,” Twitter today announced it is suing the Department of Justice for the right to report “the actual scope of surveillance of Twitter users by the U.S. government.”

Read the rest

Dutch IT contractor lays out the case for spying on everyone's wearables, always

A promo video from Pinkroccade, a prominent IT contractor to Dutch local governments, makes the case for spying on wearables (if your heart-rate rises because you're about to be mugged, the police could be alerted, and get GPS from your phone, find nearby phones belonging to people with criminal records, check the view from your Google Glass, and respond -- case closed).

Read the rest

NSA conducts massive surveillance without ANY Congressional oversight


An ACLU Freedom of Information request reveals that the NSA considers Reagan's "Executive Order 12333" (previously) its "primary source" of spying authority -- and so it conducts this surveillance without reporting to Congress on it.

Read the rest

Tickets for the UK ORGCon on sale now!


Ruth from the Open Rights Group says, "We are really proud of the amazing people Open Rights Group are bringing you as speakers at this year's national digital rights conference."

Read the rest

Mobile malware infections race through Hong Kong's Umbrella Revolution


The protesters are dependent on mobile apps to coordinate their huge, seemingly unstoppable uprising, and someone -- maybe the Politburo, maybe a contractor -- has released virulent Ios and Android malware into their cohort, and the pathogens are blazing through their electronic ecosystem.

Read the rest