background preloader

Your Privacy Online - What They Know

Your Privacy Online - What They Know

There is no such thing as anonymous online tracking A 1993 New Yorker cartoon famously proclaimed, "On the Internet, nobody knows you're a dog." The Web is a very different place today; you now leave countless footprints online. You log into websites. You share stuff on social networks. You search for information about yourself and your friends, family, and colleagues. In the language of computer science, clickstreams — browsing histories that companies collect — are not anonymous at all; rather, they are pseudonymous. Will tracking companies actually take steps to identify or deanonymize users? Regardless, what I will show you is that if they’re not doing it, it’s not because there are any technical barriers. Here are five concrete ways in which your identity can be attached to data that was initially collected without identifying information. 1. Most of the companies with the biggest reach in terms of third-party tracking, such as Google and Facebook, are also companies that users have a first-party relationship with. 2. 3. 4. 5.

Web 2.0 Suicide Machine - Meet your Real Neighbours again! - Sign out forever! Biosphere 2: How a Sci-Fi Stunt Turned Into the World's Biggest Earth Science Lab Flickr: Image If you were born after 1980 or so, then you probably most closely associate the concept of a manmade biosphere with Pauly Shore and fart jokes you didn't even think were funny when you were eleven. But unlike the Biodome, the Biosphere was an actual thing. And it was almost as disastrous as the movie. In 1991, an apocalypse-fearing oil billionaire named Ed Bass poured $150 million into building the Biosphere 2, a 3-acre-wide complex of glass and steel. The completely sealed-off habitat encompassed five different biomes, and was ostensibly designed to be deployed off-planet in order to kick start otherworldly colonies. The New York Times' new documentary about the Biosphere 2 splashes the spotlight back on the once-ambitious effort to build a self-sustaining space station in the Arizona desert. The structure was built by Peter Pearce, an erstwhile associate of the famed Buckminister Fuller, the futurist who patented the geodesic dome. Image: Flickr Image: Flickr

Who is Neustar? Brad Stone at the New York Times reports on an industry group working on a new platform for portable digital movie downloads: The [Digital Entertainment Content Ecosystem or DECE] is setting out to create a common digital standard that would let consumers buy or rent a digital video once and then play it on any device... Under the proposed system, proof of digital purchases would be stored online in a so-called rights locker, and consumers would be permitted to play the movies they bought or rented on any DECE-compatible device. Most consumers have likely never heard of Neustar, yet the firm plays an important role in the telecommunications industry, and has built a highly profitable business faciliating the disclosure of information regarding consumers' communications to law enforcement and intelligence agencies. How many times a year does Neustar hand over information on individuals to law enforcement and intelligence agencies? On the firm's website, Neustar describes its LEAP service:

The Intimate Social Graph October 14, 2010, 11:02 AM — For a number of years I have had a privacy concern that is just now beginning to peep into view on the Internet at large. Around 2001 I spent some time in a casual multiuser game hosted by PopCap. It featured a way that two players could chat in a private space while playing the game. The game was centrally hosted: each user's local Java applet talked with a PopCap server, so every keystroke typed in those private conversations was sent up to the server and back out to the other party's client. I wondered at the time: were those conversations being stored? The privacy of one-to-one communications in Facebook messages, LinkedIn InMail and Twitter direct messages is protected mainly under the Electronic Communications Privacy Act (ECPA). Fast-forward to 2010. Of course the privacy of social networking data is dependent on security. Users of Facebook and LinkedIn can choose which information appears on their public pages for all the world to see.

How to Build a Secret Facebook The NSA's Utah data center near Bluffdale, Utah. Via Google Street View Since retiring from a three-decade career at the NSA in 2001, a mathematician named William Binney has been telling anyone who will listen about a vast data-gathering operation being conducted by his former employers. The invasive spying program Binney described—one that could build a "social graph" of nearly any user of the American Internet, like some massive, secret Facebook—was in the works, he says, when he left the agency. But now we know more about one aspect of the US's surveillance arsenal. Agencies like the FBI, which itself has been quietly pushing for a "back door" system like this, call it crucial for national security. This was not the kind of reality that Binney, like Snowden and other recent espionage whistleblowers, signed up to build. William Binney in Laura Poitras's "The Program," 2012. Edward Snowden in a video for the Guardian by Laura Poitras As J. Technology was already well ahead of the law.

UltraViolet shines light on locker in the cloud UltraViolet is the consumer brand for an ambitious initiative from the Digital Entertainment Content Ecosystem, a cross-industry consortium including major media companies, consumer electronics manufacturers and digital rights management providers. It aims to provide a system to allow consumers to share digital media they purchase in a controlled manner. UltraViolet will provide a centralized licence locker that grants access to material on compatible devices registered to a household account. It sounds fine in principle but there could be problems in practice. The UltraViolet licensing programme for media, technology and service providers has now opened. The technical specifications include a common file format for downloads, designed to work with multiple digital rights management systems. The centralized UltraViolet license broker will be developed and operated by Neustar, a directory and registry operator for telephony and internet services.

Thoughts on the DOJ wikileaks/twitter court order The world's media has jumped on the news that the US Department of Justice has sought, and obtained a court order seeking to compel Twitter to reveal account information associated with several of its users who are associated with Wikileaks. Communications privacy law is exceedingly complex, and unfortunately, none of the legal experts who actually specialize in this area (people like Orin Kerr, Paul Ohm, Jennifer Granick and Kevin Bankston) have yet to chime in with their thoughts. As such, many commentators and journalists are completely botching their analysis of this interesting event. While I'm not a lawyer, the topic of government requests to Internet companies is the focus of my dissertation, so I'm going to try to provide a bit of useful analysis. However, as always, I'm not a lawyer, so take this with a grain of salt. A quick introduction to the law The order to twitter It is the second part of the order that is more interesting. Reading between the lines 1. 2. 3. 4. 5.

The Revolution Will Be Live-Mapped: A Brief History of Protest Maptivism The revolution may not be televised, but it will be Google-mapped with crowdsourced data from social media networks. Modern-day digital cartography is transforming the ancient art of protest—with live tactical maps built by cyberactivists using Google Maps, Umaps, or the open source world map open street map, and updated in real-time with tips from the ground sent via social media. The maps help activists avoid police, find shelter, medical help, food and other protest groups, and stay mobile to avoid arrest or violence. This kind of maptivism was instrumental during the Arab Spring two years ago. Now, as Turks in Instanbul protest the authoritarian rule of Prime Minister Tayyip, live maps and social media are again playing a crucial role—enough to compel Tayyip to call Twitter "the worst menace to society." Savvy Turks created a Google map on June 1 to track police movement near Taksim Square. Not long after Libya, people starting rising up in Syria. - Google+ and Privacy: A Roundup July 3, 2011 at 7:04 pm By all accounts, Google has done a great job with Plus, both on privacy and on the closely related goal of better capturing real-life social nuances. [1] This article will summarize the privacy discussions I’ve had in the first few days of using the service and the news I’ve come across. The origin of Circles “Circles,” as you’re probably aware, is the big privacy-enhancing feature. But Adams defected to Facebook a few months later, which lead to speculation that it was the end of whatever plans Google may have had for the concept. Meanwhile, Facebook introduced a friend-lists feature but it was DOA. Why are circles effective? I did an informal poll to see if people are taking advantage of Circles to organize their friend groups. One obvious explanation is that Circles captures real-life boundaries, and this is what users have been waiting for all along. There are several other UI features that contribute to the success of Circles. The resharing bug

The Motherboard Guide to Avoiding the NSA If you've been reading the headlines about the NSA mining intelligence data from the world's largest data mongers, and haven't already burnt down your house with everything you own in it and set sail for a libertarian expat community in Chile, then there are some less dramatic suggestions in store for you. Evading the NSA's comprehensive surveillance system is no simple task, especially as we only know snippets of the agency's capabilities. But we're going to try our best. First, it's time to take an inventory of anything you own or are borrowing that can be traced. Phones, credit cards, cars, e-mail addresses, bank accounts, social media profiles, wi-fi coffee machines, residences, P.O. boxes, and so on—any piece of property where there is more than a handwritten cash receipt proving more than purchase price should either be ditched or reengineered to steer clear of the NSA's radars. Cash Image via Flickr Prepaid Credit Cards Image via Flickr Bitcoin Illustration by the author Phone Image Via

Android phones keep location cache, too, but it's harder to access After this week's disturbing revelation that iPhones and 3G iPads keep a log of location data based on cell tower and WiFi base station triangulation, developer Magnus Eriksson set out to demonstrate that Android smartphones store the exact same type of data for its location services. While the data is harder to access for the average user, it's as trivial to access for a knowledgeable hacker or forensics expert. On Wednesday, security researchers Alasdair Allan and Pete Warden revealed their findings that 3G-capable iOS devices keep a database of location data based on cell tower triangulation and WiFi basestation proximity in a file called "consolidated.db." The iPhone, as well as 3G-equipped iPads, generate this cache even if you don't explicitly use location-based services. This data is also backed up to your computer every time it is synced with iTunes. Eriksson suspected that his Android device collected similar information.

DOJ Wants to Know Who’s Rejecting Your Friend Requests In the latest turn in our Freedom of Information Act (FOIA) lawsuit for records related to the government’s use of social networking websites , the Department of Justice finally agreed to release almost 100 pages of new records. These include draft search warrants and affidavits for Facebook and MySpace and several PowerPoint presentations and articles on how to use social networking sites for investigations. (For more on what we've learned from the documents so far, see our earlier blog posts here , here , here , here , here , and here .) The draft search warrants are particularly interesting because they show the full extent of data the government regularly requests on a person it’s investigating. As of December 2009, Facebook is technically limited in its ability to provide complete IP logs ( , IP logs that contain content and transactional information, in addition to login IPs). See the documents linked below for more ( ). - Facebook Warrant, Affidavit, and Usage Notes