In A Public Service, activist/trainer Tim Schwartz presents the clearest-ever guide to securely blowing the whistle, explaining how to exfiltrate sensitive information from a corrupt employer -- ranging from governments to private firms -- and get it into the hands of a journalist or public interest group in a way that maximizes your chances of making a difference (and minimizes your chances of getting caught).

Hong Kong joins the ranks of other autocratic nations that have banned face coverings in the name of national security: Sri Lanka, France, the Netherlands, Canada, etc (such bans have also been proposed in the UK, Australia, the USA). Read the rest

Machine learning systems are pretty good at finding hidden correlations in data and using them to infer potentially compromising information about the people who generate that data: for example, researchers fed an ML system a bunch of Google Play reviews by reviewers whose locations were explicitly given in their Google Plus reviews; based on this, the model was able to predict the locations of other Google Play reviewers with about 44% accuracy. Read the rest

For years, libraries across America have paid to subscribe to lynda.com for online learning content; four years ago, lynda.com became a division of Linkedin, and this year, the company has informed libraries that they're migrating all lynda.com users to Linkedin Learning, which would be fine, except Linkedin only allows you to access Linkedin Learning if you create and connect a Linkedin profile to the system. Read the rest

I've never been able to get into Doctor Who, but I loves me some David Tennant. His performances in Broadchurch (Not that crappy American Gracepoint remake nonsense, mind you), Jessica Jones and, most recently, Good Omens, have been absolutely amazing. There's something about him that draws the eye and makes you believe in what he's selling on-screen. He doesn't oversell his characters and its rare to see him steal authority from those working a scene with him. His craft's earned him a huge amount of celebrity in recent years--a fact that he hasn't always been comfortable with.

In this candid interview, Tennant talks about his having to come to terms with being 'public property,' and how celebrity can change one's life for both better and worse.

Image via Wikipedia Read the rest

In a new paper for IEEE Security, a trio of researchers (two from Cambridge, one from private industry) identify a de-anonymizing attack on Iphones that exploits minute differences in sensor calibration: an Iphone user who visits a webpage running the attack code can have their phone uniquely identified in less than a second, through queries to the sensors made through automated background processes running on the page. Read the rest

Cryptocurrencies and Tor hidden services ushered in a new golden age for markets in illegal goods, especially banned or circumscribed drugs: Bitcoin was widely (and incorrectly) viewed as intrinsically anonymous, while the marketplaces themselves were significantly safer and more reliable than traditional criminal markets, and as sellers realized real savings in losses due to law enforcement and related risks, the prices of their merchandise plummeted, while their profits soared. Read the rest

Sumana writes, "SecureDrop (previously) (originally coded by Aaron Swartz) is an open source whistleblower submission system that media organizations can install to securely accept documents from anonymous sources. Its parent nonprofit, the Freedom of the Press Foundation (previously), is hiring a Senior Software Engineer to join the team and:" Read the rest

Getting all your data to flow through the Tor network can be tricky -- the desktop Tor Browser only tunnels your web-traffic through the privacy-protecting service, and the mobile apps can be tricky and uncertain. Read the rest

Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies won the Distinguished Paper prize at this year's Usenix Security Conference; its authors, researchers at Belgium's Catholic University in Leuven, revealed a host of devastating, never-seen tracking techniques for identifying web-users who were using privacy tools supplied by browser-vendors and third-party tracking-blocking tools. Read the rest

This week, I sat down for an hour-long interview with the Yale Privacy Lab's Sean O'Brien (MP3); Sean is a frequent Boing Boing contributor and I was honored that he invited me to be his guest on the very first episode of the Lab's new podcast. Read the rest

A presentation today at Defcon from Drexel computer science prof Rachel Greenstadt and GWU computer sicence prof Aylin Caliskan builds on the pair's earlier work in identifying the authors of software and shows that they can, with a high degree of accuracy, identify the anonymous author of software, whether in source-code or binary form. Read the rest

Ben Wallach is Theresa May's security minister; he has proposed that the UK follow China's example and require that any place providing internet access use bank-account verification to affirmatively identify all the people who use the internet so they can be punished for bullying. Read the rest

Uganda's social media tax may be an unenforceable mess, but that doesn't make it harmless (it opens the door to selective enforcement and invites programs of censorship and mass surveillance in the name of fighting "tax evasion") but that's only half of dictator Yoweri Museveni's plan to control the internet. Read the rest

In An Empirical Analysis of Traceability in the Monero Blockchain, a group of eminent computer scientists analyze a longstanding privacy defect in the Monero cryptocurrency, and reveal a new, subtle flaw, both of which can be used to potentially reveal the details of transactions and identify their parties. Read the rest

Last week, we celebrated Data Privacy day. Everything we do online—whether on a computer or on a mobile device—is being tracked, traced, compiled, crunched, bought and sold by familiar tech-titans like Google, Facebook, Verizon and hundreds of lesser known data brokers who help advertisers build frighteningly detailed digital profiles of users by harvesting data from a variety of sources, including customer databases and online platforms. After I lecture to my students on this topic, rattling off a dozen mechanisms by which corporations and governments can spy and pry on us, threating both anonymity and privacy, their reaction is usually either indifference (because, you know, they think they have nothing to hide) or for those that I’ve convinced they should care, some measure of despair.

The New York Times is now available as an "Onion Service" on the Tor network, at the address https://www.nytimes3xbfgragh.onion/ -- meaning that anyone with Tor access can securely and privately access the Times without giving away any information about what they're looking at, even to state-level actors who control the ISPs. Read the rest