Privacy

Blogs

Join An Online Dialogue About Encryption - Wednesday, May 25, at 13:30 UTC

What are your concerns around encryption? What questions do you have about the legal, technical and policy aspects of the increasing use of encryption? How does encryption help bring about a higher level of trust in the Internet? On Wednesday, May 25, the Internet Society and its Greater Washington, DC Chapter are hosting an "Online Dialogue About Encryption" to discuss all these questions and many more. more»

We Need You: Industry Collaboration to Improve Registration Data Services

For more than 30 years, the industry has used a service and protocol named WHOIS to access the data associated with domain name and internet address registration activities... The challenge with WHOIS is that it was designed for use at a time when the community of users and service operators was much smaller and there were fewer concerns about data privacy. more»

Writing the Next Chapter for the Historic One-Time Pad

The OTP, or One-Time Pad, also known as the Vernam cipher, is, according to the NSA, "perhaps one of the most important in the history of cryptography." If executed correctly, it provides uncrackable encryption. It has an interesting and storied history, dating back to the 1880s, when Frank Miller, a Yale graduate, invented the idea of the OTP. Communication was expensive and difficult in the age of telegrams, and few messages were easily encrypted. more»

The Importance of IPRC in Asia Pacific

I believe and strongly support Internet Principle and Right Coalition (IPRC) Charter is an important edition of document supplementing the principles and rights of individual internet users in any developing and least developed country. Especially in Asia Pacific region where the need and use of such document is immense, as there is a gap in recognition and awareness of rights of internet users. more»

DNS and Stolen Credit Card Numbers

FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more»

Is the FCC Inviting the World's Cyber Criminals into America's Living Rooms?

In October 2012, the Chairman and Ranking Member of the House Intelligence Committee issued a joint statement warning American companies that were doing business with the large Chinese telecommunications companies Huawei and ZTE to "use another vendor." The bipartisan statement explains that the Intelligence Committee's Report, "highlights the interconnectivity of U.S. critical infrastructure systems and warns of the heightened threat of cyber espionage and predatory disruption or destruction of U.S. networks if telecommunications networks are built by companies with known ties to the Chinese state, a country known to aggressively steal valuable trade secrets and other sensitive data from American companies." more»

Problems With the Burr-Feinstein Bill

What appears to be a leaked copy of the Burr-Feinstein on encryption back doors. Crypto issues aside -- I and my co-authors have written on those before -- this bill has many other disturbing features. (Note: I've heard a rumor that this is an old version. If so, I'll update this post as necessary when something is actually introduced.) One of the more amazing oddities is that the bill's definition of "communications" (page 6, line 10) includes "oral communication", as defined in 18 USC 2510. more»

Government-Industry Collaboration Is Better than Developing a Surveillance State

President Obama, in March 2016, again stressed the need for better collaboration between the tech industry and the government. He referred to his own White House initiative - this has resulted in the newly-formed US Digital Service, which is trying to recruit the tech industry to work with and for government. One of the key reasons it is so difficult to establish trustworthy, good working relationships is the extreme lack of tech understanding among most politicians and government bureaucrats. more»

Enough About Apple and Encryption: Let's Talk System Security

This week, the RightsCon Silicon Valley 2016 conference is taking place in San Francisco. Since the use of encryption in general and the Apple/FBI case in particular are likely to be debated, I want to share a perspective on system security. My phone as a system The Apple/FBI case resolves around a phone. Think of your own phone now. When I look at my own phone I have rather sensitive information on it. more»

The FBI and the iPhone: Important Unanswered Questions

As you probably know, the FBI has gotten into Syed Farook's iPhone. Many people have asked the obvious questions: how did the FBI do it, will they tell Apple, did they find anything useful, etc.? I think there are deeper questions that really get to the full import of the break. How expensive is the attack? Security - and by extension, insecurity - are not absolutes. Rather, they're only meaningful concepts if they include some notion of the cost of an attack. more»

The Second Machine Age Calls for Vision and Leadership

This post I've been pondering on for a long time, but never found the right angle and perhaps I still haven't. Basically I have these observations, thoughts, ideas and a truckload of questions. Where to start? With the future prospects of us all. Thomas Picketty showed us the rise of inequality. He was recently joined by Robert J. Gordon who not only joins Picketty, but adds that we live in a period of stagnation, for decades already. "All great inventions lie over 40 years and more behind us", he points out. more»

Reflections on Joe Cannataci's First Report

Joseph Cannataci recently submitted his first report as UN Special Rapporteur on the right to privacy - a brand new position, created in July 2015 in the wake of the German-Brazilian initiative for a UN resolution on privacy in the digital age. The report includes a description of Cannataci's working methods, a general overview of privacy-relevant topics, and a 'Ten point action plan' - described as a to-do list for the post holder, rather than a mere wish list. more»

What Your ISP (Probably) Knows About You

Earlier this week, I came across a working paper from Professor Peter Swire - a highly respected attorney, professor, and policy expert. Swire's paper, entitled "Online Privacy and ISPs", argues that ISPs have limited capability to monitor users' online activity. The paper argues that ISPs have limited visibility into users' online activity for three reasons: (1) users are increasingly using many devices and connections, so any single ISP is the conduit of only a fraction of a typical user's activity; (2) end-to-end encryption is becoming more pervasive, which limits ISPs' ability to glean information about user activity; and (3) users are increasingly shifting to VPNs to send traffic. more»

Three Reasons Why Apple Didn't Have to Unlock a Phone

The US government is demanding Apple unlock iPhones in about a dozen cases beside the San Bernardino one. In a strikingly similar case, Judge James Orenstein in Brooklyn rejected the government's request for three separate reasons. In the decision the judge refers several times to the San Bernardino case, and it is clear he expects this decision to be an important precedent for that one. more»

Apple vs FBI: Apple and Others to Argue on the Hill

Tomorrow afternoon at 1pm EST Apple will be giving testimony to the House Judiciary Committee. The session that Apple and others will be taking part in is aptly named, The Encryption Tightrope: Balancing Americans' Security and Privacy In common with other hearings the various witnesses called to speak have already submitted their written testimony, so we can already look at it and analyse it. more»

News Briefs

Brazil Judge Orders 72-Hour Ban on WhatsApp

U.S. House of Representatives Passes H.R. 699, the Email Privacy Act

Bill Gates: No One Was An "Absolutist" on Either Side of the Digital Privacy Debate

White House Taking Hands-Off Approach to Encryption Bill Debate

FBI, Apple Hearing Over iPhone Encryption Halted

Google Launches Project to Track Encryption Efforts - Both Internally and at Other Popular Sites

Head of UK Intelligence Agency Says Tech Companies Should Provide a Way Around Encryption

UK's Proposed Spy Law Can Force Apple to Bypass Security, Plus a Gag Order

Google, Facebook, Twitter and Other Tech Companies Join Forces to Support Apple in FBI Case

Facebook's Chief Sympathetic to Apple's Position in Clash with FBI

Internet Society Responds to FBI vs Apple Encryption Debate

Companies and Organizations Around the World Ask Leaders to Support Strong Encryption

Proposed UK Bill Will Make it Criminal Offence for Tech Firms to Warn Users of Government Spying

WhatsApp Suspension Called 'Sad day for Brazil' by Facebook

China Calls for Global "Governance System" to Regulate Internet, Activist Warn Threat to Free Speech

French Police Pushing to Outlaw Anonymous Web Browsing

China Seeking to Construct Its Own Uncrackable Smartphones

Internet Activity in Britain Stored for a Year Under New Surveillance Law

New Bill Bans Internet Companies From Offering Unbreakable Encryption

EU Parliament Says Citizens Rights Still in Danger, Calls for Immediate Measures

Most Viewed

Do Not Enter - It's XXX

Help! My Domain Name Has Been Hijacked!

Whois Privacy vs. Anonymity

Adult-Related TLDs Considered Dangerous

Examining Two Well-Known Attacks on VoIP

Most Commented

Conflict of Opinion

DPI is Not a Four-Letter Word!

Hunting Unicorns: Myths and Realities of the Net Neutrality Debate

Whither DNS?

The Anti-Phishing Consumer Protection Act of 2008

Industry Updates

Participants – Random Selection