Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘International’ Category

    Reuters: Internet privacy service Tor warns users it was attacked

    Thursday, July 31st, 2014

    Reuters reports that Tor, an anonymization network for online activities, told users that it had been attacked:

    Tor, the prominent system for protecting Internet privacy, said on Wednesday many of its users trying to reach hidden sites might have been identified by government-funded researchers.

    In a note on the nonprofit’s website, Tor Project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to what are known as “hidden services.”

    Dingledine said it was “likely” the attacking computers, which were removed on July 4, were operated on behalf of two researchers at the Software Engineering Institute, which is housed at Carnegie-Mellon University, but funded mainly by the U.S. Department of Defense.

    The pair had been scheduled to speak on identifying Tor users at the Black Hat security conference next month. After Tor developers complained to Carnegie-Mellon, officials there said the research had not been cleared and canceled the talk. Read more »

    Courthouse News Service: Class Claims Apple iPhones Invade Privacy and Pass Along the Info

    Wednesday, July 30th, 2014

    Courthouse News Service reports on a class-action suit filed against Apple concerning the privacy of users of its iPhones:

    SAN JOSE (CN) – Apple uses the “location service” function on iPhones to spy on customers and give their private information to third parties, including the federal government, a class action claims in Federal Court.

    Lead plaintiff Chen Ma sued Apple on behalf of roughly 100 million iPhone users, claiming Apple violated their privacy.

    “In or around September 2012, Apple released iPhone 4 which contains an iOS operating system software that enables iPhone 4 to track its users’ whereabouts down to every minute, record the duration that users stay at any given geographical point, and periodically transmit these data stored on the users’ devices to Apple’s database for future references,” according to the July 24 complaint. [...]

    She seeks class certification and an injunction preventing Apple from collecting and storing customers’ private information without giving them prior notice, and from sending their data to a third party without their permission. She also seeks compensatory and punitive damages for invasion of privacy.

    Ars Technica: Russia publicly joins war on Tor privacy with $111,000 bounty

    Tuesday, July 29th, 2014

    Ars Technica reports that Russia has posted a reward for technology that can identify the users of Tor, an anonymization network for online activities:

    In a notice on the Russian government’s procurement portal under the title “Perform research, code ‘TOR’ (Navy),” originally posted on July 11, the [Russian Ministry of Internal Affairs (MVD)] announced it was seeking proposals for researchers to ”study the possibility of obtaining technical information about users and users equipment on the Tor anonymous network.” The competition, which is open only to Russian citizens and companies, requires entrants to pay a 195,000 ruble (approximately $5,555) application fee. Proposals are due by August 13, and a winner of the contract will be chosen by August 20.

    The MVD had previously sought to ban the use of any anonymizing software. That proposal was dropped last year. However, a new “blogger law” passed in April, which goes into effect in August, requires all bloggers with an audience of over 3,000 readers to register their identity with the government—and enforcement of the law could be made difficult if bloggers use the Tor network to retain their anonymity.

    Tor has been the constant target of intelligence agencies and other entities seeking to unmask anonymous Internet users.

    Bloomberg News: Google Takedown Notices Spark Controversy: Privacy Chief

    Monday, July 28th, 2014

    Bloomberg News reports on controversy over Google’s take-down notices related to the “right to be forgotten” and privacy in Europe:

    European Union privacy regulators continued to criticize Google Inc. a day after a data-protection summit where officials demanded the company justify its decision to notify publishers when removing links to personal data.

    Google is the only company to notify websites that it is taking down links to material to comply with a court ruling that allows EU residents to erase references to personal data, said Isabelle Falque-Pierrotin, who heads a group of EU privacy regulators. [...]

    Data-protection officials in Ireland and Germany have already complained about how Google, the largest search-engine company, has handled the issue. Read more »

    Reuters: Flaws could expose users of privacy-protecting software, researchers say

    Friday, July 25th, 2014

    Reuters reports that researchers have found a flaw in privacy-protective system Invisible Internet Project:

    Researchers have found a flaw that could expose the identities of people using a privacy-oriented operating system touted by Edward Snowden, just two days after widely used anonymity service Tor acknowledged a similar problem.

    The most recent finding concerns a complex, heavily encrypted networking program called the Invisible Internet Project, or I2P. Used to send messages and run websites anonymously, I2P ships along with the specialized operating system “Tails,” which former U.S. spy contractor Snowden used to communicate with journalists in secret.

    Though a core purpose of I2P is to obscure the Internet Protocol addresses of its roughly 30,000 users, anyone who visits a booby-trapped website could have their true address revealed, making it likely that their name could be exposed as well, according to researchers at Exodus Intelligence. [...] Read more »

    ProPublica and Mashable: Meet the Online Tracking Device That is Virtually Impossible to Block

    Tuesday, July 22nd, 2014

    ProPublica and Mashable report on “canvas fingerprinting,” which is a new kind of online tracking tool. The report discusses a paper documenting canvas fingerprinting, “The Web never forgets: Persistent tracking mechanisms in the wild,” from researchers at Princeton University and KU Leuven University in Belgium. The researchers are: Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez1, Arvind Narayanan and Claudia Diaz. ProPublica and Mashable report:

    [T]his type of tracking, called canvas fingerprinting, works by instructing the visitor’s Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user’s device a number that uniquely identifies it.

    Like other tracking tools, canvas fingerprints are used to build profiles of users based on the websites they visit — profiles that shape which ads, news articles, or other types of content are displayed to them.

    But fingerprints are unusually hard to block: They can’t be prevented by using standard Web browser privacy settings or using anti-tracking tools such as AdBlock Plus. Read more »