Friday, October 21, 2011


When I see articles like this one...
Facebook to give German state privacy exemption
October 21, 2011 by Dissent
Facebook has offered a special exemption from its data handling practices to Schleswig-Holstein after the northern German state’s data protection commissioner complained about the online social network’s popular “like” button.
Thilo Weichert, who leads the state’s data protection efforts, said in August that the site’s “like” button violated German privacy laws because it allowed Facebook to track members’ interests without their consent and sent the personal data to the United States.
But in a private meeting between Weichert and Richard Allan, Facebook’s head of privacy policy in Europe, the US internet giant offered to shield visitors to websites operated from Schleswig-Holstein from having their data sent to the United States. It also provided a full accounting of how it collects and uses users’ data, public broadcaster NDR reported on Friday.
Read more on The Local.
So Facebook will use IP addresses, and those coming from certain IP addresses will not have their data sent to the U.S., it seems.
There is something … frustrating… that German and Irish data protection authorities may be doing more to protect their citizens’ privacy than the American Congress has done.

...I have to ask what else was included in the deal? After all, nothing suggests that Facebook stops collecting the information.
When a government spies on its people: German spyware scandal; second version of spyware reported
October 21, 2011 by Dissent
The use of spyware by the government is fast becoming THE surveillance scandal of the year. In typical fashion, however, rather than deal with the substantive issues its use raises, there are those who would shoot the messenger or whistleblower. Cyrus Farivar reports:
On Tuesday, a pair of German researchers working for Kaspersky Labs, a computer security firm, discovered that there is a second, more powerful version of the Federal Trojan spyware, which can be run on more recent, 64-bit Windows computers.
It is also capable of conducting surveillance on a total of 15 applications, including Yahoo Messenger and Internet Explorer, more than the previous version.
A research paper published Thursday by the official analysis wing of the German parliament said that the CCC’s [Chaos Computer Club's] publication of the trojan and its source code may in fact violate German law.
“Overall, it appears possible that the publication of the source code of a so-called trojan state is regarded as a criminal act under Section 258 of the Criminal Code obstruction of justice,” the paper said.
Anke Spriestersbach, the BKA spokesperson, added that some of those 23 cases, were ongoing prior to the halt of the surveillance software’s use.
The BKA had previously denied using the specific version of the spyware exposed by the CCC.
Read more about this matter on Deutsche-Welle. Not surprisingly, the company that makes the software now may be in the crosshairs of litigation:
In a related case on Thursday, Dominick Boecker, a Cologne-based IT attorney, announced his intention to file a civil lawsuit against DigiTask, the company behind the spyware. Boecker is representing Wavecon, a competitor based in Fürth, outside Nuremburg, in southern Germany.
DigiTask manufactured products and sold software to law enforcement agencies [that] met the criminal definition of unauthorized interception of data,” [Interesting. Are they saying that offering the police (the state) software that is illegal, constitutes “unfair competition?” Bob] Boecker wrote in a German-language statement on his website.


Who are you? Who are you online?
You Are Not Your Name and Photo: A Call to Re-Imagine Identity
… At the Web 2.0 conference this week, Poole gave a compelling talk that mapped this complexity, and which I hope will help reframe our discussion of identity. It’s hard to summarize, but in addition to the full video, I’ll try to pull out a few of the big ideas:
  • Both Google+ (with Circles) and Facebook (with Smart Lists) misunderstand the core problem of online identity: It’s not only about who you’re sharing with, but how you represent yourself. “It’s not who you share with, but who you share as.”
  • If you’re looking to keep score between the major social media companies: Twitter handles identity better than Facebook, because it allows for handles, multiple accounts, fake accounts and other features that keep Twitter interest-driven, not identity-driven. Google, in turn, “missed a gigantic opportunity to innovate” the representation of identity online by allowing for something as rich as Circles for self-representation, not just choice of audience. “Facebook and Google do identity wrong; Twitter does it better; and I want to think about what the world would be like if we did it right.”

(Related) Perhaps they really mean “Do no evil” – perhaps not.
"After months of Google+ being unsuccessful at taking the edge over Facebook, Google announces a new plan. Google executive Vic Gundotra announced yesterday that they will be 'adding features that will "support other forms of identity,"' a major victory for security and privacy advocates. If Google+ gets rid of their 'real names' policy, they will finally be the social networking site that people will flock to when running away from Facebook."
JWZ is a skeptic; he describes as "premature victory" (and much harsher things, too) any rejoicing in the announced policy change, writing in part "My guess? I'll bet they still require you to register with your 'real' name, but then they'll graciously allow you to have a linked nickname or two, meaning they're still fully prepared to roll over on you to authoritarian governments or advertisers at the drop of a hat."

(Related) This logic can be understood easily if you remember their perspective is: “I'm a politician so everyone is hanging on my every word. Anonymity won't win me any votes!”
"A Parliamentary Committee in the UK has suggested that sites should be protected against libel claims against contributors — as long as those contributors are identified. Anonymous postings should be taken down if someone complains of libel in them, in a set of proposals which online community groups have described as 'chilling.'"


For my Ethical Hackers: I would call this a hack, but since “there's an App for that” I'll just remind you that an App IS a hack...
Plan B: Cool Lost Mobile Tracking Application [Android]
People normally take precautions by installing mobile tracking applications on their phone. But what if your phone is already lost and you do not have such an app installed on it? The solution to that problem is an Android application called Plan B.
You start by remotely installing the app from the Android Marketplace. Then the app will automatically start, turn on the phone’s GPS, and email your phone’s location to your Gmail account. To keep a track of your phone simply text “locate” to your lost phone and its position will be communicated to you.
Similar tools: Puntalo, BuddyWay, BlueRetriever and iTag.
Also read related articles:


Is this part of Obama's jobs bill? Let's hire everyone who is currently unemployed to watch everyone else? Note that this would not have caught Tim McVeigh. He never drove his truck on a highway, nor would he have been required to use a weigh station...
"TSA is expanding its presence to the American road system. As part of its Visible Intermodal Prevention and Response (VIPR) program, TSA agents are now working at 5 weigh stations and two bus stations in Tennessee. They are randomly checking trucks with 'drug and bomb sniffing dogs', and encouraging truck drivers to join their First Observer Highway Security Program an report anything suspicious that they see to authorities. VIPR is allegedly not a response to any particular threat." [I suspect it isn't a “response” to any conceivable threat Bob]

(Related) Another case of politicians looking for a easy quick fix for a problem with no consideration of further implications. (This is the home of Forrest Gump, isn't it?)
"Lousiana has passed a law that says people may no longer use cash for second hand transactions. The idea is to make all transactions traceable, thus foiling copper theft, etc. This move has profound implications that range from constitutional rights to Bitcoin, Craigslist and so forth; I wonder if there are any Slashdotters at all that support such a move."
On the list of exceptions: people who deal in used goods or "junk" less frequently than once per month, and (drumroll, please) pawn shops. That means a pretty big chunk of the population who post in online classified ads in Louisiana are probably already in violation.


Is this a real problem or a “competitive kerfuffle?”
Google Apps Not Cutting It for LA’s Finest
Two years after the City of Los Angeles approved a $7.25 million deal to move its e-mail and productivity infrastructure to Google Apps, the migration has still not been completed because the Los Angeles Police Department and other agencies are unsatisfied with Google’s security related to the handling of criminal history data.
… Beyond the LAPD, the proposed amendment also demands a refund for the Fire Department Arson Investigators, City Attorney Criminal Branch, and several other “City entities that access criminal history data.” Further credits are also demanded because “e-Discovery will not be implemented.”
… Both CSC and Google released statements this week. According to Network World, CSC said it has “successfully migrated all of the City of Los Angeles’s employees, except those with the City law enforcement agencies, to the new Google Apps cloud computing solution,” and “subsequent to the award of the original contract, the City identified significant new security requirements for the Police Department. CSC and Google worked closely with the City to evaluate and eventually implement the additional data security requirements, which are related to criminal justice services information, and we’re still working together on one final security requirement.”
… Google, meanwhile, called out Consumer Watchdog for working with Google competitors, presumably Microsoft...
… The City has acknowledged Google Apps is more secure than its current system. Along the way, they’ve introduced new requirements which require work to implement in a cloud-computing environment, and we’ve presented a plan to meet them at no additional cost.”


Well, I find it interesting.
October 20, 2011
Pew: As learning goes mobile - slides
"Lee Rainie, Director of the Pew Research Center’s Internet & American Life Project, spoke about As learning goes mobile at the Educause 2011 annual conference. He described the Project’s latest findings about how people (especially young adults) use mobile devices, including smartphones and tablet computers. He discussed how the mobile revolution has combined with the social networking revolution to produce new kinds of learning and knowledge-sharing environments and described the challenges and opportunities this presents to colleges and teachers. Technology has enabled students to become different kinds of learners and Lee will explore what that means."


Hacking with “the Google”...
Now You Can Find Out Your IP Address Using Google


So far, just a list – but could be the start of something useful.
As we know, Google offers a lot of free products and services for a wide variety of purposes. Have you ever wondered just how many there are? Or where you can find them all? If so, Peter Beens has compiled a list of them all. The list can be found in this public Google Document.

No comments: