FBI secretly seeking legal power to hack any computer, anywhere


The Bureau is seeking a rule-change from the Administrative Office of the US Courts that would give it the power to distribute malware, hack, and trick any computer, anywhere in the world, in the course of investigations; it's the biggest expansion of FBI spying power in its history and they're hoping to grab it without an act of Congress or any public scrutiny or debate.

Read the rest

USPS usage declines, but sloppy postal surveillance is way, way up

Surveillance requests for "postal metadata" climbed 600% in recent years, often undertaken with badly formed or expired warrants.

Read the rest

Nate Anderson's "The Internet Police" -- now in paperback

I reviewed it when it was released in August 2013, calling it "brisk, eminently readable, and important history of the relationship between law, law enforcement, and the net, and as you'd expect, it's excellent" ($13 for the paperback)

Read the rest

Apple adds privacy-protecting MAC spoofing (when Aaron Swartz did it, it was evidence of criminality)

Apple has announced that it will spoof the MAC addresses emitted by its wireless devices as an anti-tracking measure, a change that, while welcome, is "an umbrella in a hurricane" according to a good technical explainer by the Electronic Frontier Foundation's Jeremy Gillula and Seth Schoen.

Read the rest

EFF on the White House's Big Data report: what about privacy and surveillance?

Last week, I wrote about danah boyd's analysis of the White House's Big Data report [PDF]. Now, the Electronic Frontier Foundation has added its analysis to the discussion. EFF finds much to like about the report, but raises two very important points:

* The report assumes that you won't be able to opt out of leaving behind personal information and implicitly dismisses the value of privacy tools like ad blockers, Do Not Track, Tor, etc

* The report is strangely silent on the relationship between Big Data and mass surveillance, except to the extent that it equates whistleblowers like Chelsea Manning and Edward Snowden with the Fort Hood shooter, lumping them all in as "internal threats"

Read the rest

Hacker Hymn [Jasmina Tesanovic]

Recently I saw a movie on the life and death of Aaron Swartz, who is nowadays often called a martyr for the freedom of the Internet.

People, nations and governments like martyrs. They love them, they need them. Martyrs are part of our bipolar, black and white society constructed from good and bad guys, who always do good and bad deeds. Martyrs are those who have escaped our human condition, of being judged by people as people. Martyrs are beyond judgement, they become the scapegoats for our biggest failures, for the banality of evil, as Hannah Arendt phrased it.

Read the rest

Spyware increasingly a part of domestic violence

Australian Simon Gittany murdered his girlfriend, Lisa Harnum, after an abusive relationship that involved his surveillance of her electronic communications using off-the-shelf spyware marketed for purposes ranging from keeping your kids safe to spotting dishonest employees. As Rachel Olding writes in The Age, surveillance technology is increasingly a factor in domestic violence, offering abusive partners new, thoroughgoing ways of invading their spouses' privacy and controlling them.

The spyware industry relies upon computers -- laptops, mobile devices, and soon, cars and TVs and thermostats -- being insecure. In this, it has the same goals as the NSA and GCHQ, whose BULLRUN/EDGEHILL program sought to weaken the security of widely used operating systems, algorithms and programs. Every weakness created at taxpayer expense was a weakness that spyware vendors could exploit for their products.

Likewise, the entertainment industry wants devices that are capable of running code that users can't terminate or inspect, so that they can stop you from killing the programs that stop you from saving Netflix streams, running unapproved apps, or hooking unapproved devices to your cable box.

And Ratters, the creeps who hijack peoples' webcams in order to spy on them and blackmail them into sexual performances, also want computers that can run code that users can't stop. And so do identity thieves, who want to run keyloggers on your computer to get your banking passwords. And so do cops, who want new powers to insert malware into criminals' computers.

There are a lot of ways to slice the political spectrum -- left/right, authoritarian/anti-authoritarian, centralist/decentralist. But increasingly, the 21st century is being defined by the split between people who think your computer should do what you tell it, and people who think that you can't be trusted to control your own computer, and so they should be able to run code on it against your will, without your knowledge, and to your detriment.

Pick a side.

Spyware's role in domestic violence [Rachel Olding/The Age]

(via Geek Feminism)

Detailed analysis of Syria's network censorship with logs from Blue Coat's surveillance boxes


In Censorship in the Wild: Analyzing Web Filtering in Syria [PDF], researchers from INRIA, NICTA and University College London parse through 600GB worth of leaked logfiles from seven Blue Coat SG-9000 proxies used by the Syrian government to censor and surveil its national Internet connections. They find that the Assad regime's censorship is more subtle and targeted than that of China and Iran, with heavy censorship of instant messaging, but lighter blocking of social media. They also report on Syrians' use of proxies, Tor, and Bittorrent to evade national censorship. It's the first comprehensive public look at the network censorship practiced in Syria.

Censorship in the Wild: Analyzing Web Filtering in Syria [PDF] (Thanks, Gary!)

European Court of Human Rights will hear case about GCHQ spying


This is huge news: the European Court of Human Rights has agreed to hear a challenge to bulk Internet surveillance by the UK spy agency GCHQ. The case was brought by Big Brother Watch, the Open Rights Group and English PEN, and German Internet activist Constanze Kurz. This is a rare instance of "impact litigation" in the UK, where a bad law or practice can be ended swiftly and decisively by having a court hear a test-case about the law and rule on its constitutionality. This tactic has been incredibly effective in the US -- EFF's famous Bernstein victory, which legalized strong cryptography, is a good example -- but has been less available to UK activists.

Read the rest

Scoring Obama's NSA reforms (spoiler: it's not good)


Earlier this week, EFF published a scorecard for rating Obama's NSA reforms. Now that the reforms have been announced, it's time to measure them up. They don't fare well, I'm afraid. Here's a roundup of commentary from privacy leaders around the world, expressing disappointment (if not surprise) at Obama's half-hearted reining in of the surveillance state.

Read the rest

Hackers vs the NSA in 1986

Emmanuel Goldstein from 2600 Magazine sez, "It shouldn't be that surprising, but Volume Three of The Hacker Digest contains all kinds of news items and articles concerning the National Security Agency, its attempts to control encryption, and the threat of surveillance. This was the hacker world of 1986."

Read the rest

Explaining why dragnet surveillance is terrible, and why you should rally against it

A spectacular PSA from the Electronic Frontier Foundation calls on Americans to join in a rally against mass surveillance on Oct 26, featuring everyone from Phil Donahue and John Cusak to Molly Crabapple and David Segal, as well as Congressmen like John Conyers, prominent whistleblowers like Daniel Ellsberg, Mark Klein, Thomas Drake, and a many others, making the case for limiting government surveillance. It's a spectacular video, and I'd take it as a personal favor if you'd tell your friends about it and show it around.

A Rally Against Mass Surveillance

Mass anti-surveillance demonstration in DC on Oct 26

Rainey from EFF sez, "On the weekend of October 26 -- the 12th anniversary of the signing of the USA PATRIOT Act -- thousands of people from across the political spectrum will unite in Washington, D.C. to take a stand against unconstitutional surveillance. Groups like EFF, ACLU and reddit are using the event to pressure Congress to stop mass spying -- and dropping off a petition with over 500,000 signatures to show they're serious. There will be speakers, privacy experts, and lots of music - including YACHT, the indie pop duo that's sweeping the nation with its new song, 'Party at the NSA.'" (Thanks, Rainey!)

Model crowdsources name-and-shame for lecherous airline seatmate

Our Avram takes to Making Light to tell the remarkable story of a model who found herself sitting next to a lecherous married man on an airplane, and who crowdsourced a name-and-shame campaign for him on Twitter that uncovered his identity. Avram makes the point that this is more science fictional than most science fiction:

Ms Stetten is a twenty-something model living in New York (though possibly not a native). Yesterday she was on a plane when the fellow sitting next to her, wearing a wedding ring, tried hitting on her. She turned him down, and tweeted about it. He kept at it.

Over the course of the conversation, Brian mentioned not just his first name, but also that he’s an actor, and born in Oklahoma. Eventually he brought up that he’d just been working on a project with Matthew McConaughey, and that’s all it takes nowadays. Inside a minute, one of Stetten’s followers had found him on the IMDB.

Things got worse for Brian from there — lied about his marriage, turned out to be lying about being “clean and sober”, etc. The story’s been picked up by a Hollywood gossip site, so I imagine he’s got some ’splainin’ to do back home. I’m interested in this not so much for the sake of schadenfreude about some actor I’d never heard of (although it is fun) as for the implications for science fiction. How much have you read recently that gives you that glimpse of the possibilities of heavily networked societies? How many authors (other than Charlie Stross) are really writing about the possibilities of a crowd-sourced panopticon? And how many are still living in the ’70s?

A little bird tells me…