Boing Boing 

Chrome update turns browsers into covert listening tools


The default behavior of hotword, a new, black-box module in Chrome (and its free/open cousin, Chromium) causes it to silently switch on your computer's microphone and send whatever it hears to Google.

Read the rest

Telescreen watch: Vizio adds spyware to its TVs


If you own a Vizio TV that's updated recently, beware: its firmware adds "Smart Interactivity," a cute name for spyware that records your viewing choices and inserts additional "bonus features" (ads) into your viewing.

Read the rest

Companies should never try to intercept their users' encrypted traffic

Lenovo's disgraceful use of Superfish to compromise its users' security is just the tip of the iceberg: everywhere we look, companies have decided that it's a good idea to sneakily subvert their users' encryption.

Read the rest

Canada's spying bill is PATROIT Act fanfic

Madeline Ashby writes, "I wrote this column about Canada's Bill C-51, which would allow Canada's spy agency CSIS to detain people for simply 'promoting' terrorism, promises it can wipe terrorist content from the Internet, expands no-fly lists, and is basically a piece of Patriot Act fanfic. I thought you guys might like to know that years after Bush left office, his fans are trying to keep the tradition alive."

Read the rest

FBI secretly seeking legal power to hack any computer, anywhere


The Bureau is seeking a rule-change from the Administrative Office of the US Courts that would give it the power to distribute malware, hack, and trick any computer, anywhere in the world, in the course of investigations; it's the biggest expansion of FBI spying power in its history and they're hoping to grab it without an act of Congress or any public scrutiny or debate.

Read the rest

USPS usage declines, but sloppy postal surveillance is way, way up

Surveillance requests for "postal metadata" climbed 600% in recent years, often undertaken with badly formed or expired warrants.

Read the rest

Nate Anderson's "The Internet Police" -- now in paperback

I reviewed it when it was released in August 2013, calling it "brisk, eminently readable, and important history of the relationship between law, law enforcement, and the net, and as you'd expect, it's excellent" ($13 for the paperback)

Read the rest

Apple adds privacy-protecting MAC spoofing (when Aaron Swartz did it, it was evidence of criminality)

Apple has announced that it will spoof the MAC addresses emitted by its wireless devices as an anti-tracking measure, a change that, while welcome, is "an umbrella in a hurricane" according to a good technical explainer by the Electronic Frontier Foundation's Jeremy Gillula and Seth Schoen.

Read the rest

EFF on the White House's Big Data report: what about privacy and surveillance?

Last week, I wrote about danah boyd's analysis of the White House's Big Data report [PDF]. Now, the Electronic Frontier Foundation has added its analysis to the discussion. EFF finds much to like about the report, but raises two very important points:

* The report assumes that you won't be able to opt out of leaving behind personal information and implicitly dismisses the value of privacy tools like ad blockers, Do Not Track, Tor, etc

* The report is strangely silent on the relationship between Big Data and mass surveillance, except to the extent that it equates whistleblowers like Chelsea Manning and Edward Snowden with the Fort Hood shooter, lumping them all in as "internal threats"

Read the rest

Hacker Hymn [Jasmina Tesanovic]

Recently I saw a movie on the life and death of Aaron Swartz, who is nowadays often called a martyr for the freedom of the Internet.

People, nations and governments like martyrs. They love them, they need them. Martyrs are part of our bipolar, black and white society constructed from good and bad guys, who always do good and bad deeds. Martyrs are those who have escaped our human condition, of being judged by people as people. Martyrs are beyond judgement, they become the scapegoats for our biggest failures, for the banality of evil, as Hannah Arendt phrased it.

Read the rest

Spyware increasingly a part of domestic violence

Australian Simon Gittany murdered his girlfriend, Lisa Harnum, after an abusive relationship that involved his surveillance of her electronic communications using off-the-shelf spyware marketed for purposes ranging from keeping your kids safe to spotting dishonest employees. As Rachel Olding writes in The Age, surveillance technology is increasingly a factor in domestic violence, offering abusive partners new, thoroughgoing ways of invading their spouses' privacy and controlling them.

The spyware industry relies upon computers -- laptops, mobile devices, and soon, cars and TVs and thermostats -- being insecure. In this, it has the same goals as the NSA and GCHQ, whose BULLRUN/EDGEHILL program sought to weaken the security of widely used operating systems, algorithms and programs. Every weakness created at taxpayer expense was a weakness that spyware vendors could exploit for their products.

Likewise, the entertainment industry wants devices that are capable of running code that users can't terminate or inspect, so that they can stop you from killing the programs that stop you from saving Netflix streams, running unapproved apps, or hooking unapproved devices to your cable box.

And Ratters, the creeps who hijack peoples' webcams in order to spy on them and blackmail them into sexual performances, also want computers that can run code that users can't stop. And so do identity thieves, who want to run keyloggers on your computer to get your banking passwords. And so do cops, who want new powers to insert malware into criminals' computers.

There are a lot of ways to slice the political spectrum -- left/right, authoritarian/anti-authoritarian, centralist/decentralist. But increasingly, the 21st century is being defined by the split between people who think your computer should do what you tell it, and people who think that you can't be trusted to control your own computer, and so they should be able to run code on it against your will, without your knowledge, and to your detriment.

Pick a side.

Spyware's role in domestic violence [Rachel Olding/The Age]

(via Geek Feminism)

Detailed analysis of Syria's network censorship with logs from Blue Coat's surveillance boxes


In Censorship in the Wild: Analyzing Web Filtering in Syria [PDF], researchers from INRIA, NICTA and University College London parse through 600GB worth of leaked logfiles from seven Blue Coat SG-9000 proxies used by the Syrian government to censor and surveil its national Internet connections. They find that the Assad regime's censorship is more subtle and targeted than that of China and Iran, with heavy censorship of instant messaging, but lighter blocking of social media. They also report on Syrians' use of proxies, Tor, and Bittorrent to evade national censorship. It's the first comprehensive public look at the network censorship practiced in Syria.

Censorship in the Wild: Analyzing Web Filtering in Syria [PDF] (Thanks, Gary!)

European Court of Human Rights will hear case about GCHQ spying


This is huge news: the European Court of Human Rights has agreed to hear a challenge to bulk Internet surveillance by the UK spy agency GCHQ. The case was brought by Big Brother Watch, the Open Rights Group and English PEN, and German Internet activist Constanze Kurz. This is a rare instance of "impact litigation" in the UK, where a bad law or practice can be ended swiftly and decisively by having a court hear a test-case about the law and rule on its constitutionality. This tactic has been incredibly effective in the US -- EFF's famous Bernstein victory, which legalized strong cryptography, is a good example -- but has been less available to UK activists.

Read the rest

Scoring Obama's NSA reforms (spoiler: it's not good)


Earlier this week, EFF published a scorecard for rating Obama's NSA reforms. Now that the reforms have been announced, it's time to measure them up. They don't fare well, I'm afraid. Here's a roundup of commentary from privacy leaders around the world, expressing disappointment (if not surprise) at Obama's half-hearted reining in of the surveillance state.

Read the rest

Hackers vs the NSA in 1986

Emmanuel Goldstein from 2600 Magazine sez, "It shouldn't be that surprising, but Volume Three of The Hacker Digest contains all kinds of news items and articles concerning the National Security Agency, its attempts to control encryption, and the threat of surveillance. This was the hacker world of 1986."

Read the rest

Explaining why dragnet surveillance is terrible, and why you should rally against it

A spectacular PSA from the Electronic Frontier Foundation calls on Americans to join in a rally against mass surveillance on Oct 26, featuring everyone from Phil Donahue and John Cusak to Molly Crabapple and David Segal, as well as Congressmen like John Conyers, prominent whistleblowers like Daniel Ellsberg, Mark Klein, Thomas Drake, and a many others, making the case for limiting government surveillance. It's a spectacular video, and I'd take it as a personal favor if you'd tell your friends about it and show it around.

A Rally Against Mass Surveillance

Mass anti-surveillance demonstration in DC on Oct 26

Rainey from EFF sez, "On the weekend of October 26 -- the 12th anniversary of the signing of the USA PATRIOT Act -- thousands of people from across the political spectrum will unite in Washington, D.C. to take a stand against unconstitutional surveillance. Groups like EFF, ACLU and reddit are using the event to pressure Congress to stop mass spying -- and dropping off a petition with over 500,000 signatures to show they're serious. There will be speakers, privacy experts, and lots of music - including YACHT, the indie pop duo that's sweeping the nation with its new song, 'Party at the NSA.'" (Thanks, Rainey!)