The Internet of Things, or IoT, Connected Devices, Smart devices whatever you want to call them have become a fixture in most homes. It has gotten to the point where you have to look hard to find a device that is not “Smart”. Manufacturers love to push the marketing term smart onto the consumer as it becomes a value add proposal; hey this can do all of this and you can control it using your phone from anywhere. What they do not disclose is exactly how insecure these devices are and how much privacy you can end up giving up just by having them in your home.
In the last week the world saw what appeared to be another attempt to violate privacy by government law enforcement. In this case the FBI opened a “pilot” program to capture iris imprints for a searchable database. To date they have captured more than 400,000 of these imprints. The major concern here is that there was (and remains) no public debate, or oversight on the program. The program stands on its own outside the many restrictions that protect privacy and also other rights that people have. Well at least that is how things look on the surface. We took a little bit of a deeper look and tried to peel away some of the FUD and hype over the collection.
Law Enforcement surveillance is a necessary thing. It really is, but what is not necessary is when the agencies in question decide to get lazy or feel their powers extend to a larger group of people than their intended targets. This is when things get messy and from a legal stand point ugly. Over the last ten or so years law enforcement in general has made the decision to extend their surveillance programs into mass collection of data.
Tor has pushed out a new version of its privacy enhancing Tor Browser Bundle. We are up to 5.5 now and, according to the Tor Project it is a full stable release. The update fixes a laundry list of bugs and also covers some usability issues that have been plaguing the software for some time. One interesting note is that they are finally working on blocking ways of fingerprinting users through different mechanisms (resolution, keyboard type etc.).
The world of copyright and patents is one of ignorance, greed and just plain stupidity. This is, sadly, on just about all sides of the game. From the people complaining all the way to the judges asked to decide these cases. We have already talked (at length) about the fantasy math the copyright holders use in determining damage and the massive impacts on privacy that they want to further their causes, but now we area in a situation where they have “won” something that no one every should have even considered.
You would think that in 2016 the people in power would either understand technology, or would have been replaced by someone that does. Sadly, this is not the case in… well just about every place there is an elected official. Over the past few years we have seen some very stupid bit of technical legislation come over the wire. Everything from kill switches in smartphones to backdoors in software and encryption standards. All of the legislation proposed read like they were written by someone that has no clue about technology, but might watch a lot of TV… and bad TV at that.
Cybersecurity is a fairly common buzz word used in Washington these days. It is tossed around to scare people that are ignorant of the way computer systems work so that legislation that is exceptionally pro-corporate friendly and anti-consumer can be pushed through. The latest of these is the Cybersecurity Information Sharing Act. This handy little bit of law just passed through the US senate on the 28th (74 to 21) and allow corporations to share customer data with the US government and other companies without any consequences for doing so. This effectively removes any recourse customers or users have about the sharing of their personal information.
The term privacy has come to mean a great many things in the last few years. To some the idea of privacy is being able to do or say certain things without the fear of anyone finding out. Most people like to know that what they do on their own time is their business. Where things get a little muddy is when people liken the desire for privacy with a desire to hide wrongdoing. This belief couldn’t be farther from the truth . It is not just that it is wrong, but it is also dangerous. To imply that anyone that wants to have privacy is somehow hiding something illegal sets a dangerous precedent. Keeping this mentality alive will allow for a further erosion of peoples’ rights and grants very worrying powers to agencies that are there to protect, not to oppress.
If you have been following news about piracy, copyright, or indeed almost anything you will know that the copyright industry often employs some rather shady methods to get their way. One of the shadiest methods is the demand letter. If you are not familiar with this term let us explain (if you are bear with us): a demand letter is when a legal firm tries to tie IP addresses they have identified to actual ISP subscribers. They send large numbers of subpoenas to ISPs asking that they put the two together so that they (the law firm) can then send a settlement letter demanding money from the alleged pirate.
There are many things that people take for granted in the world. Some of them are more than a little naïve while others are quite understandable. One of them is that the things we say or do in conversation are somewhat confidential. We do not expect our mail, phone or personal conversations to be listened to and by extension we feel that our online conversation are equally private. Sadly this is simply not the case and, in reality, it never has been.