Thursday, July 18, 2013

We can, therefore we must! Does this surprise anyone? Wait until you see what your cable box knows about you. (Can I get this information to prove I was somewhere else when a crime happened?)
ACLU – Police Documents on License Plate Scanners Reveal Mass Tracking
By Catherine Crump, Staff Attorney, ACLU Speech, Privacy and Technology Project: “Automatic license plate readers are the most widespread location tracking technology you’ve probably never heard of. Mounted on patrol cars or stationary objects like bridges, they snap photos of every passing car, recording their plate numbers, times, and locations. At first the captured plate data was used just to check against lists of cars law enforcement hoped to locate for various reasons (to act on arrest warrants, find stolen cars, etc.). But increasingly, all of this data is being fed into massive databases that contain the location information of many millions of innocent Americans stretching back for months or even years.”

(Related)
A lengthy piece by Hamden Rice on Daily Kos will be unpopular with those who don’t want to hear that the NSA programs disclosed by Edward Snowden are constitutional, but is well worth reading.


It's not as abstract as you might think...
From the Office of the Information and Privacy Commissioner:
Since the recent revelations of the NSA’s sweeping surveillance of the public’s metadata, the term “metadata” has been regularly used in the media, frequently without any explanation of its meaning. Metadata’s reach can be extensive – including information that reveals the time and duration of a communication, the particular devices used, email addresses, or numbers contacted, which kinds of communications services were used, and at what geolocations. And since virtually every device we use has a unique identifying number, our communications and Internet activities may be linked and traced with relative ease – ultimately back to the individuals involved.
All this metadata is collected and retained by communications service providers for varying periods of time and, for legitimate business purposes. Key questions arise, however, including who else has access to all this information, and for what purposes? Senior U.S. government officials have been defending their sweeping and systemic seizure of the public’s personal communications on the basis that it is “only metadata.” They say it is neither sensitive nor privacy-invasive since it does not access any of the content contained in the associated communications.
A Primer on Metadata: Separating Fact from Fiction, explains that metadata can actually be more revealing than accessing the content of our communications. The paper aims to provide a clear understanding of metadata and disputes popular claims that the information being captured is neither sensitive, nor privacy-invasive, since it does not access any content. Given the implications for privacy and freedom, it is critical that we all question the dated, but ever-so prevalent either/or, zero-sum mindset to privacy vs. security. Instead, what is needed are proactive measures designed to provide for both security and privacy, in an accountable and transparent manner.
So Canada gets it. Now why can’t our Congress do something to protect our privacy from this bulk collection?


I've been tracking 'do not track'
EPIC: Working Group Rejects Industry Do Not Track Proposal
“The World Wide Web Consortium has rejected a Do Not Track standard proposed by the online advertising industry. The industry proposal would have allowed advertising companies to continue to collect data about the browsing activities of consumers, but would have limited the way companies could characterize users based on that data. The group stated that industry’s proposal was “less protective of privacy and user choice than their earlier initiatives.” Senator Rockefeller, the Commerce Committee Chairman, has introduced legislation to regulate the commercial surveillance of consumers online. EPIC has previously recommended to Congress that an effective Do Not Track initiative would need to ensure that a consumer’s decision is “enforceable, persistent, transparent, and simple.” For more information, see EPIC: Online Tracking and Behavioral Profiling.”


Only 63?
Group of tech giants to demand greater NSA transparency
… Apple, Google, Facebook, and Microsoft are part of an alliance signing a letter to be published Thursday that calls on President Barack Obama and Congress to allow Internet and telecommunications companies to offer more details about U.S. government requests for user information, according to an AllThingsD report. The alliance, which reportedly includes 63 companies, investors, and trade groups, will request greater latitude in regularly reporting information about the number of requests they receive; the number of individuals, accounts, or devices; and the number of requests received for communications content or subscriber information, according to the report.


Speaking of the NSA... (8 will get you 10 this will be retracted)
The NSA Admits It Analyzes More People's Data Than Previously Revealed
As an aside during testimony on Capitol Hill today, a National Security Agency representative rather casually indicated that the government looks at data from a universe of far, far more people than previously indicated.
Chris Inglis, the agency's deputy director...
… Analysts look "two or three hops" from terror suspects when evaluating terror activity, Inglis revealed. Previously, the limit of how surveillance was extended had been described as two hops.
… For a sense of scale, researchers at the University of Milan found in 2011 that everyone on the Internet was, on average, 4.74 steps away from anyone else.
… Inglis' admission didn't register among the members of Congress present, [Only people with 'above room tempreture IQs' Bob] but immediately resonated with privacy advocates online.


Even Maxwell Smart could have caught these guys. Maybe they should watch a few more of those banned spy movies. Read the article to see what passes for being sneaky in North Korea.
How Panama found a missile and a couple of fighter jets in a North Korean freighter
This may be the most important tweet in the history of arms control:
Panamá capturo barco de bandera Norcoreana proveniente de cuba con cargamento bélico no declarado pic.twitter.com/MdWGfbXvVJ
That’s Panama’s President Ricardo Martinelli revealing missile parts concealed beneath a cargo of Cuban sugar. The compartment was discovered in the North Korean freighter Chong Chon Gang, homeward bound from Cuba. Law enforcement seized the vessel as it traversed the Panama Canal, subdued a rambunctious crew and a captain who reportedly preferred suicide to capture, and discovered a load of what Cuba calls “obsolete weapons“—two anti-aircraft batteries, nine disassembled rockets, and two MiG-21 aircraft,” apparently heading to North Korea for repair. The sugar, some theorized, was a payment for the work.


For my Computer Security students
Cyber-crime, securities markets and systemic risk
Cyber-crime, securities markets and systemic risk. Joint Staff Working Paper of the IOSCO Research Department and World Federation of Exchanges. Author: Rohini Tendulkar (IOSCO Research Department). Survey: Grégoire Naacke (World Federation of Exchanges Office) and Rohini Tendulkar.
“This report and survey is intended as part of a series exploring perspectives and experiences with cyber-crime across different groups of securitiesmarket actors. The purpose of the series is predominantly to : (1) deepen understanding around the extent of the cyber-crime threat in securities markets; (2) highlight potential systemic risk concerns that could be considered by securities market regulators and market participants; and (3) capture and synthesize into one document some of the key issues in terms of cyber-crime and securities markets in order to increase general understanding and awareness.”


Something for my Statistics students? Maybe my Data Analytics students too?
Plugging data into a spreadsheet is simple. It might be a little tedious, and it is certainly not fun, but it’s a job anyone can figure out how to do in a relatively short amount of time. However, generating meaningful insights from that data is a much more difficult thing to do. There is always plenty of information that can be extrapolated from data, but just looking at it and trying to find correlations is tough.
That’s where the website Statwing comes into play. It looks at data uploaded and find useful correlations from it.
To use Statwing, all you need to do is upload a spreadsheet or csv, and it will scan the data for you.

No comments: