A really good example of how services can, and should, warn users about how to respond to the Heartbleed OpenSSL vulnerability.
Categories
Author: Christopher Parsons
Policy wonk. Torontonian. Photographer. Not necessarily in that order.
Researchers have discovered a serious security flaw known as the “Heartbleed” bug in the software commonly used by thousands of Websites to encrypt and secure sensitive data being transmitted across the Internet
This was an absolute gift to intelligence agencies all over the world. And one that was – and is – being widely exploited in the wild by criminals and other unauthorized third-parties.
Source: Heartbleed bug found in key encryption technology risks exposing private data
Soon, there will be no way to escape the boss’ urgent email, even if you’re on a plane, as Air Canada announces deal to bring Wi-Fi to the skies.
Not only will you not be able to evade your boss but, given that Air Canada has partnered with GoGo, you’ll also be subject to unnecessarily broad state interception technologies. Air Canada: fly for the high prices, stay for the corporate-enabled excessive state surveillance!
Canadian spy agency head John Forster fielded questions from MPs, and says organization’s focus is foreign intelligence collection, not domestic
Takeaway from the article? CSEC boss “can’t really disclose” what kinds of access it could have to data flowing through Bell, Rogers and Telus.
Back in December, documents revealed the NSA had been using Google’s ad-tracking cookies to follow browsers across the web, effectively coopting ad networks into surveillance networks. A new paper from computer scientists at Princeton breaks down exactly how easy it is, even without the resources and access of the NSA.
Source: How advertising cookies let observers follow you across the web
The two associations representing police chiefs in B.C. should be subject to freedom of information laws, according to B.C. Privacy and Information Commissioner Elizabeth Denham.
After years spent covering the issue, journalist Rob Wipond is finally getting some transparency into how police chief organizations operate in BC!
Categories
Surveillance Whakery
More surveilance whakery. Gotta thank the republicans and democrats for taking away our privacy.
The second image is terrific!
The border agency says that in 2012, only 25 of its 19,000 requests were refused by the telecoms, and only 13 customers were notified that the government had sought their records. Aspects of the handovers seem to happen automatically – with the telecoms typically charging only $1 to $3 for a “BSI” request and the answers usually coming back within three business days.
Every other federal investigative agency says it cannot or will not publicly provide such precise details of their relationships with the telecoms.
…
In this context, the CBSA disclosure is important and unprecedented, say digital privacy experts, who argue that the agency’s numbers suggest many more exchanges are occurring between the telecoms and other government agencies as well.
“It makes me wonder what other structures and costs are in place,” said Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab. He pointed out that the Mounties and Canada’s intelligence agencies failed to release data.
Though CBSA is being pilloried at the moment for the number of times that it accessed telecommunications data (18,849 times in 2012), the agency should be congratulated as comprehensively responding to MP Borg’s questions. Only the Transportation Safety Board provided a comparable degree of accountability to the Parliamentarian. While I’d like CBSA to go further – we shouldn’t depend on a Parliamentarian’s curiosity to learn about state surveillance practices – the agency has, ultimately, created the model that other federal institutions ought to be forced to follow.
Source: Border agency asked for Canadians’ telecom info 18,849 times in one year
…Justice Canada says the proposed legal shield against liability offers nothing new. “This protection already existed under the jurisprudence,” said spokeswoman Carole Saindon in an e-mail responding to Globe questions. She added that the “language in the bill is not a substantive change.”
Privacy advocates are not reassured by any of this.
The “unaccountability is absolutely unacceptable,” blogged Chris Parsons, a researcher for the University of Toronto Citizen Lab on Thursday. “And it’s made worse by the fact that the currently proposed lawful-access legislation, C–13, would indemnify [Internet Service Providers] for sharing even more information with state authorities while not requiring these authorities to report on how often, and to what extent, they ‘request’ such information.”
Needless to say, I fundamentally disagree with Justice Canada’s position that they sufficiently account for federal agencies’ surveillance programs. And if the liability shield that is being introduced in C-13 isn’t needed and the language not a substantive change then the government should be happy to remove it when the lawful access bill goes to committee.
I’ve been busy parsing a nice hefty government document that documents a lot of federal agencies’ surveillance practices the past few days, and my post on “Accountability and Government Surveillance” is the result. It’s admittedly long but is fairly interesting. Go read!
Excited Pixels 