New Internet-Privacy Bill to address Ad Tracking or Online-Data Collection

digital-ad industry says that if it passes it could mean ‘Facebook won’t be free’

Tennessee Congresswoman Martha Blackburn says she wants to give consumers control of their internet experience.

She’s introduced a bill — the “BROWSER Act” — that would require internet users to actively opt in to say yes to any sort of ad tracking or online-data collection.

“Facebook won’t be free,” said Scott Howe, CEO of the data company Acxiom. Acxiom collects consumer data on millions of Americans — where they live and the kinds of things they shop for — that marketers and media companies use to target consumers and deliver more-relevant ads. So it’s looking out for any legislation in this realm closely.
Continue reading New Internet-Privacy Bill to address Ad Tracking or Online-Data Collection

Advertisements

Bringing down the Net?

Security expert Bruce Schneier recently talked about how someone is learning how to take down the internet. We have seen lots of companies talk about attacks on their infrastructure, breaches, hacking and stealing accounts, etc. As per the companies, it seems name of the attacks are made out to seem like probing for ways to get into networks and do harm.

It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
– Bruce Schneier

Continue reading Bringing down the Net?

Researchers find over 100 spying Tor nodes

Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites

When it comes to accessing public websites, Tor has an intrinsic security problem: though the nodes between your computer and the public internet are unable to see where the traffic is coming from or going to, the final hop in the network (known as an exit node) gets to know what webserver you are connecting to. Continue reading Researchers find over 100 spying Tor nodes

How to Encrypt an Android Device

Privacy, Security; two words that you hear a lot these days after the Snowden Incidents and with all the Govt snooping, corporate data mining and all those data leaks like Target and Home Depot. More than ever, protecting your data and privacy should be a top priority to each and every one of us. With new tactics being employed all the time, we have to keep up with the game and encrypting your devices is one way to do just that.

What is Encryption

TechTarget has an awesome article on this.

Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties. The word encryption comes from the Greek word kryptos, meaning hidden or secret. The use of encryption is nearly as old as the art of communication itself. As early as 1900 BC, an Egyptian scribe used non-standard hieroglyphs to hide the meaning of an inscription. In a time when most people couldn’t read, simply writing a message was often enough, but encryption schemes soon developed to convert messages into unreadable groups of figures to protect the message’s secrecy while it was carried from one place to another. The contents of a message were reordered (transposition) or replaced (substitution) with other characters, symbols, numbers or pictures in order to conceal its meaning.

Why Encrypt your phone

As described above, encryption scrambles all data on your phone in an unreadable format so if you loose your phone your data will remain secure. The basics of how this works is that at boot time you will have to enter a password or pin to unscramble (un-encrypt) your phone. If someone does not know your password or pin they cannot access your device nor data. An attacker won’t be able to access the data without the encryption key. with that in mind; if someone really wanted access to your data, they could employ the freezer attack. This basically employs freezing your device’s ram so it takes longer for the encryption key to be erased from RAM. 

If you recall Snowden made light of a little project called Prism, where Verizon and the Govt were working together to allow data mining. That is, they have been going through the call records of Verizon’s approximately 99 million users looking for, well, anything! and if you think that Verizon is the only place this has been happening then I got bad news for you. 

 Some recent legal rulings have suggested that encryption can protect against warantless searches. The California Supreme Court has ruled that police officers can lawfully search your cell phone without a warrant if it’s taken from you during arrest – but they would require a warrant if it was encrypted. A Canadian court has also ruled that phones can be searched without a warrant as long as they’re unencrypted. You may want to do your own searches to better understand these legal items or contact your attorney if you have one.

How do I encrypt my Android

You should have at least a pin, password or swipe pattern or even face or voice recognition setup right? If you are using any lock screen widgets, disable them ASAP; they can disclose your location and other sensitive information about you.

Before we continue

Some forewarning before we proceed.

  • Encrypting will cause your device to work a bit slower, not by too much tho. However, depending on your actual device it may be noticeable. Most newer devices shouldn’t make that much difference.
  • Encryption is one-way so if you loose your key or would like to go back to using a non-encrypted device then you will have to wipe your phone and restore to factory settings.

The encryption process should take about an hour or more depending on how much data is on your device. So, let’s start:

  • Go to Settings
  • Click Security
  • From the options, choose Encrypt Device or Encrypt Phone
    • Note that in the Security settings screen you can also choose to encrypt an SD card.
  • Enter your password (must be at least 6 characters with 1 number)

You’ll see a progress indicator appear. After it’s done, your device’s storage will be encrypted. You’ll have to enter the PIN or password each time you boot your phone or its storage will be unreadable, so don’t forget the password! Android uses dm-crypt, which is the standard disk encryption system in the Linux kernel. It’s the same technology used by a variety of Linux distributions.

That’s it, go enjoy your newly encrypted and secured Android phone.

Richard Stallman discusses Copyright at UofC

Richard Stallman lecturing about copyright at University of Calgary on 2009-02-03. Free/Libre formats & raw footage can be found here, as per Stallman’s request. (Transcode-SR1 contains wireless mic audio.)

Links

The singularity – Will it Happen?

What is the singularity?

I honestly was not aware of this topic so I set out to do some research to open my mind and man was my mind blown. Basically what I understand is that the singularity is a point in time when technology will surpass human intelligence and humans will start to become the minority in intelligence.

Vernor Vinge introduced the term Technological Singularity in his science fiction novel Marooned in Realtime(1986) and later developed the concept in his essay the Coming Technological Singularity (1993). His definition of Singularity is widely known as the event horizon thesis and in essence says that trans or post-human minds will imply a weirder future than we can imagine:

“Within thirty years, we will have the technological means to create superhuman intelligence. Shortly after, the human era will be ended. […] I think it’s fair to call this event a singularity. It is a point where our models must be discarded and a new reality rules. As we move closer and closer to this point, it will loom vaster and vaster over human affairs till the notion becomes a commonplace. Yet when it finally happens it may still be a great surprise and a greater unknown.” (1)

Continue reading The singularity – Will it Happen?

How to encrypt your Android Device

WARNING:

  • Once Encrypted you CANNOT go back to unencrypted status.
  • You may also notice a slight performance hit as your device will be using extra resources to encrypt and decrypt your data as needed.
  • If you interrupt the process you WILL lose some or all of the data on your device so let it finish before doing anything.

Basically, encrypting you device scrambles up all your files on your device and makes them unreadable unless you unlock your device with your password or pin; without these your device is unusable and your data is fully locked from anyone.

Some recent legal rulings have suggested that encryption can protect against warrantless searches. The California Supreme Court has ruled that police officers can lawfully search your cell phone without a warrant if it’s taken from you during arrest – but they would require a warrant if it was encrypted. A Canadian court has also ruled that phones can be searched without a warrant as long as they’re unencrypted.

Continue reading How to encrypt your Android Device

Identity and privacy at risk on new internet

Boil it all down and last week’s Black Hat conference in Las Vegas discussed just two things – identity and privacy in cyberspace. Both are at risk as the internet enters a period of massive expansion.

IT managers need to deal with these issues in the light of the increasing volume and subtlety of attacks by ill-intentioned people.

Identity and privacy are two sides of the same coin. For the internet to work, everything connected to it requires a unique identifier, known as an internet address or uniform resource locator (URL). This allows network routers, which act as postmasters, to direct messages to the right address.

The internet was designed to be flexible. This makes it possible for people to pretend to own someone else’s address and thus to divert traffic elsewhere, or even to take over the address.

In addition, many people want to hide their identities and activities on the internet for both legitimate and illegitimate reasons. Continue reading Identity and privacy at risk on new internet

Over a Billion Internet Passwords Hacked

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”

Websites inside Russia had been hacked, too, and Mr. Holden said he saw no connection between the hackers and the Russian government. He said he planned to alert law enforcement after making the research public, though the Russian government has not historically pursued accused hackers.

So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work.

Big Data Is Just a Big Scam

The newly emergent “big data” meme has never been defined in any meaningful and definitive way. It’s the most amorphous new buzz-term that I’ve seen for a decade. It’s one of those “eye of the beholder” terms used to liven up a seminar and eventually soak investors.

Let’s start by asking what does big data mean? Lots of data? More data than you can handle? Amorphous data? Out of control data? Useful data for analysis? Useless data? Information overload?

If you read enough about big data, it is all of the above and more. The key is not the data, but the challenge of how to handle the data and what to do with the data itself.

In other words, how can we make this huge pile of data, that we have managed to accumulate, be useful in new and profitable ways? The data pools can come from anywhere via various computing mechanisms such as Facebook posts, NSA logs, mailing lists, customers, etc.

I would argue that most readers of this column are themselves repositories of big data. I just bought a 3 Terabyte drive for backup. I have a lot of data to back up! Big data!

From what I can tell, what Big Data does best is spy on individuals.

A useful tool I can imagine would be a big data analysis tool that the police could use to find you guilty of some random crime by going through your files. Or at least find something that would embarrass you. Big data!

This all harkens back to a comment made by a former CEO of American Express, who told an audience that if the company wanted to (and this applies to all credit card companies) it could use your personal buying habits and tendencies to put together a complete dossier and definitely tell if you are having an affair or not. Big data!

None of this sounds good or healthy for the society. Jumping to conclusions, making assumptions, acting on false assumptions. Hounding the public with useless advertisements.

Full Article