It's been nearly three weeks since the publication of Efail, a critical set of attacks against PGP/GPG-encrypted emails that was so hard to mitigate that EFF's recommendation was to stop using it for mail altogether until a solution could be worked out. Read the rest
The FBI has been trying to ban working cryptography since the Clinton years, a losing battle whose stakes go up with each passing day as the number of devices that depend on working crypto to secure them and their users goes up and up and up. Read the rest
Every three years, the US Copyright Office asks America about the problems with Section 1201 of the DMCA, which bans breaking DRM even for legal reasons, and America gets to answer with requests for exemptions to this rule. Read the rest
Every three years, the US Copyright Office asks America about the problems with Section 1201 of the DMCA, which bans breaking DRM even for legal reasons, and America gets to answer with requests for exemptions to this rule. Read the rest
Back in 2014, a patent troll called Personal Audio LLC embarked on a campaign to shake down podcasters large and small for millions, but then they made the mistake of tangling with the Electronic Frontier Foundation. Read the rest
A group of researchers have published a paper and associated website describing a clever attack on encrypted email that potentially allows an attacker to read encrypted emails sent in the past as well as current and future emails; EFF has recommended switching off PGP-based email encryption for now, to prevent attackers from tricking your email client into decrypting old emails and sending them to adversaries. Read the rest
Back in 2014, the Supreme Court ruled in Riley v California, holding that border guards do not have unlimited authority to search our personal electronic devices when we cross the border, requiring individualized criminal suspicion before a search can take place. Read the rest
When Georgia's legislature passed SB 315, a horribly misguided cybersecurity bill that criminalized routine security research, thus allowing bad guys to get much worse, everyone pinned their hopes on Governor Nathan Deal vetoing it. Read the rest
The Electronic Frontier Foundation's Jamie Williams and Lena Gunn have drawn up an annotated five-point list of questions to ask yourself before using a machine-learning algorithm to make predictions and guide outcomes. Read the rest
The looming deadline for the EU General Data Protection Plan means that companies have a duty to be extremely clear about what data they're collecting on you and what they're doing with it, and give you a chance to refuse -- they've already had a duty to do this for a very long time under both EU law and California law, but the difference this time around is that the GDPR has large, terrifying teeth: companies that fail to comply can be fined 4% of their annual global turnover. Read the rest
EFF has just published an update to its Catalog of Missing Devices (a catalog of things that don’t exist thanks to the chilling effects of Section 1201 of the DMCA): a trio of ads for future artificial pancreas firmwares that illustrate the way that control over devices can magnify or correct power imbalances.
EFF supporter Benjamin McLean was kind enough to send along his "Mashup Maker" as a new entry to EFF Catalog of Missing Devices, a tour through some of the legitimate, useful and missing gadgets, tools and services that don't exist but should. They're technologies whose chance to exist was snuffed out by Section 1201 of the Digital Millennium Copyright Act of 1998, which makes tampering with "Digital Rights Management" into a legal no-go zone, scaring off toolsmiths, entrepreneurs, and tinkerers. Read the rest
Join me, EFF attorney Kit Walsh and iFixit's Kyle Wiens -- along with special guests! -- in a Reddit Ask Me Anything session tomorrow (Thursday) from 11AM-3PM Pacific; we'll be talking about the upcoming Copyright Office hearings on creating exceptions to the DMCA to make room for independent repair and security research. We'll be live here at 11AM tomorrow! Pass it on. Read the rest
Update: due to popular demand, we've moved to a bigger space! We'll be at UCLA Moore Hall, Room 3340 (Reading Room), 457 Portola Plaza, Los Angeles, CA 90095. There's 20 new spaces open: RSVP today!
A law intended to stop people from making off-brand DVD players now means that security researchers can’t warn you about dangers from the cameras in your bedroom; that mechanics can’t fix your car; and that your printer won’t take third party ink. Read the rest
As our Cory Doctorow points out, the tools to protect yourself from non-consensual online tracking are already out there. He uses and recommends the EFF's free Privacy Badger browser plug-in to keep his online data to himself and out of the hands of creeps like Facebook, Google and Cambridge Analytica.
If you're a Firefox user who wants to keep using Facebook, but worried about the sort of nonsense that the service has been getting up to of late, Mozilla has launched a new browser extension that's designed to provide users with more control of what sort of personal data everyone's favorite social media problem child is capable of getting its hands on. It's called the Facebook Container Extension.
From Mozilla:
Read the restThis extension helps you control more of your web activity from Facebook by isolating your identity into a separate container. This makes it harder for Facebook to track your activity on other websites via third-party cookies.
Rather than stop using a service you find valuable and miss out on those adorable photos of your nephew, we think you should have tools to limit what data others can collect about you. That includes us: Mozilla does not collect data from your use of the Facebook Container extension. We only know the number of times the extension is installed or removed.
When you install this extension it will delete your Facebook cookies and log you out of Facebook. The next time you visit Facebook it will open in a new blue-colored browser tab (aka “container tab”).
The Electronic Frontier Foundation is running an excellent series on the potential and pitfalls of secure messaging app -- this is very timely given the ramping up of state surveillance and identity theft, not to mention anyone looking to #DeleteFacebook and transition away from Facebook Messenger. Read the rest
