Even if you block cookies, many sites still track you with "browser fingerprinting," that use the unique combination of your screen resolution, browser and OS version, installed fonts and plugins, and other data that allows you to be reliably identified between sessions and across sites. Read the rest “Firefox is getting more browser fingerprinting protection courtesy of Tor Browser's "letterboxing" technique”

Move over Wikileaks. A new leak site, Distributed Denial of Secrets (Tor), co-founded by "transparency activist" Emma Best, says they will leak hundreds of thousands of emails tomorrow, according to The Daily Beast. And many of them will be from Russia.

“Stuff from politicians, journalists, bankers, folks in oligarch and religious circles, nationalists, separatists, terrorists operating in Ukraine,” said Best, a national-security journalist and transparency activist. “Hundreds of thousands of emails, Skype and Facebook messages, along with lots of docs.”

Distributed Denial of Secrets, or DDoS, is a volunteer effort that launched last month. Its objective is to provide researchers and journalists with a central repository where they can find the terabytes of hacked and leaked documents that are appearing on the internet with growing regularity. The site is a kind of academic library or a museum for leak scholars, housing such diverse artifacts as the files North Korea stole from Sony in 2014, and a leak from the Special State Protection Service of Azerbaijan.

The site’s Russia section already includes a leak from Russia’s Ministry of the Interior, portions of which detailed the deployment of Russian troops to Ukraine at a time when the Kremlin was denying a military presence there. Though some material from that leak was published in 2014, about half of it wasn’t, and WikiLeaks reportedly rejected a request to host the files two years later, at a time when Julian Assange was focused on exposing Democratic Party documents passed to WikiLeaks by Kremlin hackers.

You can find more details on their Twitter account @DDoSecrets. Read the rest “An alternative to Wikileaks, new website says it'll leak Russian oligarch and Kremlin emails and documents tomorrow”

Getting all your data to flow through the Tor network can be tricky -- the desktop Tor Browser only tunnels your web-traffic through the privacy-protecting service, and the mobile apps can be tricky and uncertain. Read the rest “Indie UK mobile carrier announces a Tor-only SIM that blocks unencrypted data”

The so-called dark web is now so big that mapping efforts are afoot. It feels a bit like the web in the 1990s! The creators explain:

The Dark Web Map is a visualization of the structure of Tor's onion services, a.k.a. hidden services, a.k.a. the dark web. The map consist of 6,608 dark web sites crawled during January 2018. Each site is represented in the map as a screenshot, and sites with structural similarity are connected with a line. Groups of sites that are all similar to each other are arranged into clusters. You can move around the map and zoom in to areas of interest.

Cloudflare has terminated service to Sci-Hub, the site that provides paywall-free access to virtually all scholarly work, citing Aaron Swartz as inspiration -- Cloudflare previously serviced the sci-hub.la, sci-hub.tv, and sci-hub.tw domains, but in response to an injunction obtained by the American Chemical Society, they will no longer provide that service. Read the rest “Cloudflare terminate Sci-Hub domains, declining to challenge court order”

The New York Times is now available as an "Onion Service" on the Tor network, at the address https://www.nytimes3xbfgragh.onion/ -- meaning that anyone with Tor access can securely and privately access the Times without giving away any information about what they're looking at, even to state-level actors who control the ISPs. Read the rest “The New York Times is now a Tor onion service”

Zerodium is a cyber-arms dealer that produces hacking tools for governments by buying up newly discovered defects in widely used systems, weaponizing them and then selling them to be used against criminals, activists, journalists and other targets of state surveillance. Read the rest “Cyber-arms dealer offers $1m for zero-day Tor hacks”

Security researcher Sarah Jamie Lewis wanted to demonstrate that the horrific stories of insecure networked sex-toys (and other Internet of Things devices) was the result of manufacturers' negligence, not the intrinsic limitations of information security. Read the rest “Securing the IoT: a tele-dildo controlled through the Tor network”

If you're using an anonymity tool -- Tor or something like it -- to be anonymous on the internet, it's really easy to screw it up and do something that would allow an adversary of varying degrees of power (up to and including powerful governments) to unmask you. Read the rest “What not to do when you're anonymous, if you want to stay that way”

Despite his widely read criticism of Tor, The Gruqq -- a legendary, pseudonymous security expert -- uses it as first and last line of defense in keeping your secret, activist Twitter account a secret. Read the rest “How to keep your secret activist Twitter account a secret”

Xnet, a wonderful Spanish activist group, has created the Anti-Corruption Complaint Box, a whistleblowing platform for the city of Barcelona that allows people to file anonymous claims in a Globalleaks repository, with their anonymity protected by Tor. Read the rest “Barcelona government officially endorses Tor-based whistleblower platform”

The Tor Project's "Ten Principles for User Protection in Hostile States" is both thoughtful and thought-provoking -- it's a list that excites my interest as someone who cares about the use of technology in improving lives and organizing political movements (principle 1 is "Do not rely on the law to protect systems or users" -- a call to technologists -- while number 7 is aimed at companies, "Invest in cryptographic R&D to replace non-cryptographic systems" and principle 2 says "Prepare policy commentary for quick response to crisis," which suggests that the law, while not reliable, can't be ignored); and also as a science fiction writer (check out those tags! "Acausal trade," "Pluralistic singularity" and "Golden path"! Yowza!) Read the rest “Ten principles for user-protection in hostile states”

Calyx is a famous, heroic, radical ISP that has been involved in groundbreaking litigation -- they were the first company to ever get a secret Patriot Act warrant unsealed, fighting for 11 years to overturn the gag order. Read the rest “I have found a secret tunnel that runs underneath the phone companies and emerges in paradise”

I first encountered the idea of "social contracts" for software projects in Neal Stephenson's seminal essay In the Beginning Was the Command Line, which endorsed the Debian project on the strength of its social contract: "As far as I know, Debian is the only Linux distribution that has its own constitution." Read the rest “The Tor Project's social contract: we will not backdoor Tor”

This summer, DoJ Cybercrime Lab director Ovie Carroll presented at a Federal Judicial Seminar in San Diego, attended by over 100 US federal judges, where he recommended that the judges should use Tor -- The Onion Router, subject of much handwringing and serious technological assaults from the US government, but which is also primarily funded by the USG -- to protect their personal information while using their home and work computers. Read the rest “DoJ to judges: use Tor to protect your internet connection”

When it comes to accessing public websites, Tor has an intrinsic security problem: though the nodes between your computer and the public internet are unable to see where the traffic is coming from or going to, the final hop in the network (known as an exit node) gets to know what webserver you are connecting to. Read the rest “Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites”

“The U.S. government wants to use an obscure procedure—amending a federal rule known as Rule 41— to radically expand their authority to hack,” the EFF says. “The changes to Rule 41 would make it easier for them to break into our computers, take data, and engage in remote surveillance. Read the rest “Don't let the government hack your computer. Tell Congress to stop changes to #Rule41.”