Policy wonk. Torontonian. Photographer. Not necessarily in that order.
I treat the Internet like a fucking asp, like a dangerous reptile – my comfort sole squashed down hard on the snakeneck … Your security is only as trustworthy as the worst person on Earth.
Security advice from ‘Tycho’, “A Teachable Moment”
What the title says, basically. I had missed this.
The warning should be heard by non-EU citizen too, with the Cloud, privacy is fucking dead. And what’s sadder is that 90% of people simply don’t care.
Unless it makes more probable for your significant other to see your transsexual porn browser history…
The EU Report is well worth a full read (available here in .pdf). Things to keep in mind that aren’t all that being well discussed:
The second point is particularly important for non-Europeans. While it’s a lesser spoken about part of the intelligence world, spooks are routinely engaged in industrial espionage on the grounds that such acts assist the nation-state’s finances. This can include the theft of foreign corporations’ information, or (in extreme cases) the deletion of the same information. It seems that FISAAA’s amendments would only permit the former, and not the latter. However, as a result of these amendments corporations should be more wary of outsourcing their document storage to US-based cloud services, content creation to US hosts and online services, or communications systems to (you guessed it!) American firms. Placing such data in the hands of the Americans is rife with potential economic harms and, no matter how much you like Dropbox, Google, or other cloud provider, they’re all likely to turn on you if the NSA comes knocking.
Source: EU citizen warned not to use US cloud services over spying fears
Privacy is not simply an individual right or civil liberty; it is a vital component of the social contract between Canadians and their government. Without privacy, without protective boundaries between government and citizens, trust begins to erode. Good governance requires mutual trust between state and citizen. Otherwise, alienation and a sense of inequality begin to spread, circumstances under which no program for public scrutiny can be tenable or effective in the long term. Where citizen trust hits a low point, in fact, such security measures may be undermined, ignored, circumvented – or in the most egregious cases – passively or actively resisted.
Office of the Privacy Commissioner of Canada, “A Matter of Trust: Integrating Privacy and Public Safety in the 21st Century”
Aaron was part of an army of citizens that believes democracy only works when the citizenry are informed, when we know about our rights—and our obligations. An army that believes we must make justice and knowledge available to all—not just the well born or those that have grabbed the reigns of power—so that we may govern ourselves more wisely.
…
When people try to restrict access to the law, or they try to collect tolls on the road to knowledge, or deny education to those without means, those people are the ones who should face the stern gaze of an outraged public prosecutor.
Carl Malamud, “Aaron’s Army”
No, really, no joke: a Japanese hacker is playing with the authorities. The latest gambit involved attaching an SD card with malware code to a cat’s collar. Authorities still have no clue who designed the software or who the individual(s) is/are.
So, the Microsoft 64GB Surface Pro will only have 23GB of usable storage at launch. This is, to be blunt, absurd. Consumers are entirely used to variations between the storage that manufacturers say will be available versus what actually is available for use, but in this case we’re talking about less than 50% of the advertised storage actually being available. Microsoft is saying that removing the recovery partition will alleviate some of this storage use, but that’s immaterial: few consumers will do this, or feel comfortable doing so. As a result, they’re going to generally have devices that have less than half of the market storage.
While Apple – and, to an extent, Google – comes under fire for announcing hardware specs and then not meeting them because of OS storage consumption, neither company has ever had such deceptive claims as Microsoft’s regarding the Surface Pro. I can entirely appreciate that the newest Microsoft OS plus applications consumes a huge amount of space. I’m OK with that. But, given this consumption, the 64GB surface shouldn’t ever be marketed (or even suggested as being) as a 64GB device; the device should be presented as being closer to the actual storage available. Don’t get me wrong, all OSes take room. But, as far as I know, no OS plus application suite has ever consumed this amount of space in competing product offerings.
For the past two months I’ve been trying to figure out what to say about something Peter Fleischer, Google’s Global Privacy Counsel, wrote about his personal email retention and deletion policies. After talking about whether people should worry about “covering their tracks” from government snooping, he writes (emphasis added):
In the meantime, as users, we all have to decide if we want to keep thousands of old emails in our inboxes in the cloud. It’s free and convenient to keep them. Statistics published by some companies seem to confirm that the risks of governments seeking access to our data are extremely remote for “normal people”. But the laws, like ECPA, that are meant to protect the privacy of our old emails are obsolete and full of holes. The choice is yours: keep or delete. I’m a pragmatist, and I’m not paranoid, but personally, I’ve gotten in the habit of deleting almost all my daily emails, except for those that I’d want to keep for the future. Like the rule at my tennis club: sweep the clay after you play.
His comments struck me as being incredibly poignant when I first read them, and remain so today. I’ve stopped archiving email. I delete email (as best I can, given cloud data retention policies and all…) on a regular basis. Over the Christmas break I removed an aggregate of about 6 GB of mail that had just…accrued…in my various accounts over the past decade. In short, his post motivated me enough to spend the better part of 3 or 4 days sifting and sorting through my digital life. Ultimately I removed an awful lot of what was there.
At some point I hope to spend more time writing about, and thinking through, some of Peter’s points. At the moment, however, I’d just recommend you think about what it means when Google’s Global Privacy Counsel – the guy who is best able to go to the mat to protect the privacy of his own inbox – chooses to routinely delete his email from the cloud. If he takes that precaution, and he has the influence that he does, shouldn’t you at least consider following his lead?
A dated, but poignant, bit of information from Bell Canada concerning Internet-based computer security threats in Canada
The actors that represent the majority of users today, stakeholders from the South, the developing world, and the non-English segments of the net, will do more to shape the future of cyberspace than any discussions at the Pentagon or in policy circles in North America and Europe. To understand how and in what ways cyberspace will be characterized in years to come we need to think beyond the beltway, beyond Silicon Valley, and into the streets of Shanghai, Nairobi, and Tehran. The contests occurring in those spaces deserve our attention today, if for no other reason than that they provide a glimpse of the types of global issues that will drive cyberspace governance in the future.
Ronald Deibert and Rafal Rohozinski, “Contesting Cyberspace and the Coming Crisis of Authority”
Excited Pixels