UK's Investigatory Powers Tribunal says GHCQ illegally spied for 17 years

The independent tribunal ruled on a case brought by Privacy International, concluding that the UK spy agency GCHQ was acting illegally for 17 years while it amassed huge databases of "bulk collection" data of cellphone location and call-data -- a practice revealed by the Edward Snowden docs. Read the rest

Social media surveillance software used by cops faces backlash

Geofeedia bills itself as a way for marketers to reach potential customers through geotagged "hashtag listening," but they also sell it to police departments for "predicting, analyzing and acting on social media conversations," like, say, peaceful protests. Read the rest

Massive report details the surveillance powers of 12 Central and South American nations

Unblinking Eye, EFF's giant, deep research report (available in Spanish, English and Portuguese) on the state of surveillance law in latinamerica, reveals an alarming patchwork of overbroad powers given to police forces and government agencies. Read the rest

Yahoo didn't install an NSA email scanner, it was a "buggy" NSA "rootkit"

Ex-Yahoo employees have spoken anonymously to Motherboard about the news that Yahoo had built an "email scanner" for a US security agency, likely the FBI or the NSA. These sources -- at least one of whom worked on the security team -- say that in actuality, the NSA or FBI had secretly installed a "rootkit" on Yahoo's mail servers and that this was discovered by the Yahoo security team (who had not been apprised of it), who, believing the company had been hacked, sounded the alarm, only to have the company executives tell them that the US government had installed the tool. Read the rest

Hundreds of cops misuse databases yearly, says report

An investigation by the Associated Press found 675 police officers were jailed or disciplined for misusing police databases from 2013 to 2015, and that's just the ones who were caught.

Read the rest

Yahoo says hack of 500 million users "state-sponsored," but a security firm calls bullshit

So, that huge hack of 500 million Yahoo user accounts last week that Yahoo blamed on a "state-sponsored actor"? A private internet security firm is calling bullshit on the "state-sponsored" part.

Read the rest

I have found a secret tunnel that runs underneath the phone companies and emerges in paradise

Calyx is a famous, heroic, radical ISP that has been involved in groundbreaking litigation -- they were the first company to ever get a secret Patriot Act warrant unsealed, fighting for 11 years to overturn the gag order. Read the rest

Snowden on Allo: It's “Google Surveillance,” so “Don't use” messaging and personal assistant app

Edward Snowden's take on Allo is “Nope.” Google's decision to back off a previously promised privacy feature for Allo earned it a thumbs-down from the NSA whistleblower, who received asylum from Russia after exposing the NSA's secret domestic surveillance programs. Allo, a personal messaging and assistance app which lacks previously promised security safeguards, amounts to “Google Surveillance,” Snowden tweeted Wednesday. So “Don't use Allo.”

Read the rest

Xiaomi phones are pre-backdoored; your apps can be silently overwritten

Thijs Broenink audited the AnalyticsCore.apk app that ships pre-installed on all Xiaomi phones (Xiaomi has their own Android fork with a different set of preinstalled apps) and discovered that the app, which seemingly serves no useful purpose, allows the manufacturer to silently install other code on your phone, with unlimited privileges and access. Read the rest

Join me at EFF's 25th Pioneer Awards in San Francisco next Wednesday

Nicole from EFF writes, "The Electronic Frontier Foundation is excited to host the 2016 Pioneer Awards in San Francisco next Wednesday, September 21 at Delancey Street’s Town Hall Room." Read the rest

Edward Snowden sets out the moral case for a pardon from Obama

Whistleblower Edward Snowden, exiled in Moscow, has asked the outgoing US president Barack Obama to give him an official pardon before leaving office. Read the rest

Class action suit: smart sex toys spy on their owners and transmit their masturbation habits

An anonymous woman has filed a class action suit against Standard Innovation, a company that makes We-Vibe "smart" sex toys that record exactly how their owners masturbate and transmit detailed dossiers, along with personally identifying information, back to the company. Read the rest

Leaked Stingray manual shows how easy warrantless mass surveillance can be!

The Intercept has got hold of a set of Harris's super-secretive manuals for their even-more-secret Stingray devices: fake cellular towers used to spy indiscriminately on whole populations by hacking their cellphones into giving up identifying information and more. Read the rest

Watch: leaked demo of malware offered to spying governments

Someone captured and leaked a live presentation by an RCS sales tech, demonstrating his company's cyber-weapon for spying on dissidents, criminals, and whomever else the customer wanted to infect. Read the rest

How surveillance capitalism tracks you without cookies

Princeton computer science researchers Steven Englehardt and Arvind Narayanan (previously) have just published a new paper, Online tracking: A 1-million-site measurement and analysis, which documents the state of online tracking beyond mere cookies -- sneaky and often illegal techniques used to "fingerprint" your browsers and devices as you move from site to site, tracking you even when you explicitly demand not to be track and take countermeasures to prevent this. Read the rest

The privacy wars have been a disaster and they're about to get a LOT worse

In my latest Locus column, The Privacy Wars Are About to Get A Whole Lot Worse, I describe the history of the privacy wars to date, and the way that the fiction of "notice and consent" has provided cover for a reckless, deadly form of viral surveillance capitalism. Read the rest

How To Be At War Forever

If you were the government and wanted to maintain a state of perpetual war, how would you go about it? Read the rest

More posts