How can you tell when a politician is
lying? His lips move. (Pre-historic joke)
Personal
data routinely leaked from Obama and Romney websites
November 5, 2012 by Dissent
Both the Barack
Obama and Mitt Romney campaigns swear that their websites don’t
collect personally identifiable information from visitors, but a new
report reveals that neither candidate can really back that claim up.
Responding to the
New York Times for an article published just this week,
representatives from both presidential contenders say no private
information that could reveal their website visitors’ identity is
offered to third-parties, with the paper even reporting, “both
campaigns emphasize that such data collection is ‘anonymous’”
since companies use code numbers — not names — to track site
visitors. Jonathan Mayer of the Stanford Center for Internet Society
didn’t seem convinced, though, and took it upon himself to
investigate the truth.
Read more on RT.com
[From the article:
Although the campaigns are largely
correct by saying data collected off their sites are never directly
linked to a specific person, the alleged anonymity that they swear by
hardly protects any identities. While the data is tied to a code
number in lieu of a name, the data that is collected could easily be
used to find out almost anything about a visitor of the site, Mayer
writes.
(Related) Toys & Tools for whoever
gets elected. Kind of a fluf piece but interesting how many involve
drones...
7
Technologies That Will Make It Easier for the Next President to Hunt
and Kill You
Is it still war if we spell it:
“e-War?”
U.S.
panel labels China largest cyberspace threat, report says
China poses the largest threat in
cyberspace, with its hackers increasingly targeting U.S military
computers and defense contractors, according to a draft of a
Congressional report obtained by Bloomberg.
The report, produced by the U.S.-
China Economic and Security Review Commission, found that China's
persistence and its advances in hacking activities over the past year
poses an increasing threat to information systems and users.
Another example of really bad
reporting? It looks like the police suspected Mendoza, went on his
property, found the marijuana plants and then set up the cameras to
see who came to tend/harvest them. Not stated is why they
suspected him or his property.
Court
OKs warrantless use of hidden surveillance cameras
November 5, 2012 by Dissent
Declan McCullagh reports:
Police are allowed
in some circumstances to install hidden surveillance cameras on
private property without obtaining a search warrant, a federal judge
said yesterday.
CNET has learned
that U.S. District Judge William Griesbach ruled that it was
reasonable for Drug Enforcement Administration agents to enter rural
property without permission — and without a warrant — to install
multiple “covert digital surveillance cameras” in
hopes of uncovering evidence that 30 to 40 marijuana plants were
being grown. [Okay, that isn't correct. They had already discovered
more than 1000 plants. Bob]
Read more on CNET.
[From the article:
"The Supreme Court has upheld the
use of technology as a substitute for ordinary police surveillance,"
Callahan wrote. [“susbtitute” as in “equal
to?” So the Courst would have Okayed a 24/7 police presence? Bob]
Two defendants in the case, Manuel
Mendoza and Marco Magana of Green Bay, Wis., have been charged with
federal drug crimes after DEA agent Steven Curran
claimed to have discovered more than 1,000 marijuana plants grown on
the property... [Discovered using the camera or as justification for
using the camera? Bob]
[The Order:
Since they broadcast, you have no way
to know if or how often someone reads your data.
Smart
meters not so clever about privacy, researchers find
November 5, 2012 by Dissent
Martyn Williams reports:
Researchers at the
University of South Carolina have discovered that some
types of electricity meter are broadcasting unencrypted information
that, with the right software, would enable eavesdroppers to
determine whether you’re at home.
The meters, called
AMR (automatic meter reading) in the utility industry, are a
first-generation smart meter technology and they are
installed in one third of American homes and businesses. [Somehow, I
doubt that Bob] They are intended to make it easy for
utilities to collect meter readings. Instead of requiring access to
your home, workers need simply drive or walk by a house with a
handheld terminal and the current meter reading can be received.
Read more on Computerworld.
Click through to find inks to other
papers as well...
Event:
Friday, Nov. 9: Harvard Law Review Symposium on Privacy &
Technology
November 6, 2012 by Dissent
Daniel Solove writes:
This Friday,
November 9th, I will be introducing and participating in the Harvard
Law Review’s symposium on privacy and technology. The
symposium is open to the public, and is from 8:30 AM
to 4:30 PM at Harvard Law School (Langdell South).
I have posted a
draft of
my symposium essay on SSRN, where it can be downloaded for free.
The essay will be published in the Harvard Law Review in 2013. My
essay is entitled Privacy
Self-Management and the Consent Paradox, and I discuss what
I call the “privacy self-management model,” which is the current
regulatory approach for protecting privacy — the law provides
people with a set of rights to enable them to decide for themselves
about how to weigh the costs and benefits of the collection, use, or
disclosure of their data.
For more details on the symposium,
including the list of presenters, see Dan’s post on Concurring
Opinions.
Take a really smart person and let them
think about a topic for several years and you wind up with “words
worth listening to.”
Article:
Privacy by Design and the Emerging Personal Data Ecosystem
November 5, 2012 by Dissent
A paper by Ann Cavoukian, PhD, the
Information & Privacy Commissioner of Ontario, describes the
systems and initiatives driving the Personal Data
Ecosystem and how they seek to address the challenge of
protecting and promoting privacy, while at the same time, encouraging
the socio-economic opportunities and benefits of personal
information as a new asset class. The paper features case
studies of the Personal Data Vault and platform at Washington-based
Personal Inc.,
and the personal data network belonging to San Francisco-based
Respect Network,
plus invaluable market data on the emerging PDE provided by
Ctrl-Shift of
London:
Questions from Google's Privacy
lawyer...
The
Marketplace of Privacy Compliance Programs
November 5, 2012 by Dissent
Peter Fleischer writes:
The data
protection establishment, worldwide, has been inventing
a lot of new privacy compliance programs. All these
different, well-intentioned initiatives are meant to serve the same
purpose: improve privacy protections. All of them are, or likely
will soon be, mandatory for most big companies. I can hardly keep
track of all the different initiatives, but here are the ones I have
struggled to understand:
- Accountability
- Privacy by Design
- Privacy Impact Assessments
- Consent Decrees
- Audits (internal and external)
- Regulatory reviews
- Data Processing Documentation
- Database notifications/registrations
- Binding Corporate Rules
- Safe Harbor Compliance programs
Lots of my
acquaintances in the privacy field have asked me what I think about
all this: Are these programs meant to run independently, even if
they overlap and cover the same ground? Does anyone have a clue how
much all this will cost? Where do you turn for help to implement
these programs? Can one solid privacy compliance program be
implemented to meet all of these goals? Clearly, all of us privacy
professionals are struggling to understand this.
Read more on Peter
Fleischer: Privacy…?
Can you “un-release” documents
after everyone on the Internet has made at lest one copy?
ICE
Releases Documents Detailing Electronic Surveillance Problems . . .
and then Demands Them Back a Year Later
November 6, 2012 by Dissent
Jennifer Lynch writes:
This is a first
for us in all of EFF’s history of Freedom of Information Act (FOIA)
litigation—Immigrations and Customs Enforcement (ICE) has demanded
we return records it gave us more than a year ago. The release of
these documents doesn’t endanger national security or create a risk
to an ongoing law enforcement investigation. Instead, it seems that
ICE simply wants to stymie further FOIA requests from EFF as we try
to get answers about the government’s electronic surveillance
procedures.
Read more on EFF.
I hope that EFF’s amazing lawyers are writing a suitable response
incorporating such legalistic phrases as “barn door… horse” and
“snowball… hell.”
[From the EFF article:
The problem for ICE is, these records
have already been in the public’s hands for over six months—we
filed them as an exhibit
(pdf) in our FOIA
litigation (pdf) in March 2012, and they’re readily available
on the PACER
docket for the case (or from the Internet
Archive).
“We want to tax online sales but we
also want to make it impossible to sell online.”
Apple
leads legal battle over e-commerce vs. privacy rights in California
Supreme Court
November 5, 2012 by Dissent
Howard Mintz reports:
Parked at the
computer and want to use your credit card to buy the latest Lil Wayne
song or a cool app on iTunes? Arrange the perfect date on eHarmony?
Buy a ticket to a 49ers game on StubHub?
Chances are those
online merchants will ask for your personal information to close the
deal. And they may just be violating a two-decade-old California
law designed to restrict the amount of personal information consumers
must provide to make a credit card purchase.
On Wednesday, the
California Supreme Court will tackle the unprecedented question of
whether that state law applies to online commerce in a legal
challenge led by Apple and backed by a host of retailers ranging from
Walmart to eBay.
Read more on Mercury
News.
For my Crypto geeks...
"Side-channel
attacks against cryptography keys have, until now, been limited
to physical machines. Researchers have long made accurate
determinations about crypto keys by studying anything from variations
in power consumption to measuring how long it takes for a computation
to complete. A team of researchers from the University of North
Carolina, University of Wisconsin, and RSA Security has ramped up the
stakes, having proved
in controlled conditions (PDF) that it's possible to steal
a crypto key from a virtual machine. The implications for
sensitive transactions carried out on public cloud infrastructures
could be severe should an attacker land his malicious virtual machine
on the same physical host as the victim. Research has already been
conducted on how to map a cloud infrastructure and identify where a
target virtual machine is likely to be."
An interesting way to always win at
Hide-and-Seek!
The system consists of a handheld
transmitter and tiny receivers that look like something out of a 60s
spy movie. The little receivers are about the size of a quarter and
are black. To use the system you stick one of the little receivers
to whatever it is you tend to lose be it a smartphone, your keys, or
your glasses.
For my gaming friends...
EA and DICE have announced something
special for fans of the Battlefield franchise. To celebrate the
10-year anniversary of the original Battlefield 1942, EA and DICE are
giving away a free PC download the full version of
Battlefield 1942. The game is available exclusively on
http://store.origin.com/.
We live in a sick, sick world.
http://www.eonline.com/news/360213/justin-bieber-sex-doll-blows-up-at-online-adult-store-see-the-pic
Justin
Bieber Sex Doll Blows Up at Online Adult Store—See the Pic
… An enterprising adult store now
wants to make sure you get every last inch of him.
Naughty Beliebers, behold: the Justin
Bieber blow-up sex doll!
Or, rather—cough, cough—it's
the "Just-in Beaver Love Doll," which bears an uncanny
resemblance to the pop star, minus his trademark tattoos and plus,
well, a whole lot more.
… We've reached out to Biebs' camp
for comment, but you can bet the product won't stay on shelves for
long: It comes from the same folks who created a similar Miley
Cyrus-inspired sex doll, which was quickly, ahem,
yanked.
No comments:
Post a Comment