Policy wonk. Torontonian. Photographer. Not necessarily in that order.
“Travel “naked” as one encryption expert told me. If any government wants your information, they will get it no matter what,” she adds.
Something has gone terribly awry if this is the advice that journalists working for international news outlets are giving to those entering or exiting the United States.
After receiving requests from UK police and the FBI in September 2009 and April 2010, Yahoo created several “snapshots” of the email account, preserving its contents at the time—and revealing the messages. But the defense alleges there should have been nothing for law enforcement to find.
Yahoo’s explanation is that the recovered emails were copies created by the email service’s “auto-save” feature, which saves data in case of a loss of connectivity, for example. The company has filed several declarations from a number of its staff, but the defense said some of those contradicted each other, and it wants more information.
The question of when, and for whom, data has been deleted or made inaccessible is often based on power and knowledge. And end-users tend to lack both.
But there’s nothing smooth about this hack, said sources, which became known in August when an infamous cybercriminal named “Peace” claimed on a website that he was selling credentials of 200 million Yahoo users from 2012 on the dark web for just over $1,800. The data allegedly included user names, easily decrypted passwords and personal information like birth dates and other email addresses.
It will be curious (and worrying) to see whether this was a one-off breach or persistent. And, if persistent, whether the data also includes information from users of services like Tumblr.
Adding encryption you control inside an iMessage transmission can provide more assurances that your messages remain unreadable to others, but there a whole lot of provisos you need to consider before accepting this as a higher level of security.
It’s nice to see reviewers of applications present the concerns, first, before what might be nice about new ‘security’ apps. Namely that crypto is hard to do, not all crypto is the same, and there are basic questions concerning the reliability of the companies providing the security assurance.
More broadly, that applications can route double-encrypted messages through Apple Messages will not necessarily enhance security but, instead, mean that comunications are only as secure as the application applying the second layer of security. Apple is a great big target that everyone wants to penetrate and so Apple hires terrific technical and legal staff to keep government and others at bay. Can we expect that app developers selling encryption apps for a dollar or two will possess an equivalent commitment and competency?
CBC:
Both groups had significant improvements in body composition, fitness, physical activity and diet, with no significant difference between groups, they said.
In total, 75 per cent of participants completed the study.
Estimated average weights for the group wearing trackers were 212 pounds at study entry and 205 pounds at 24 months, resulting in an average weight loss of about 7.7 pounds.
In comparison, those in the website group started out at 210 pounds when the study began and weighed in at 197 pounds at 24 months, for an average loss of 13 pounds.
Still, Jakicic said in an email: “We should not send the message that these wearable technologies do not help with weight loss — there were some in our study for whom it made a difference.
I would argue that the ‘advantage’ that the trackers offer is to motivate people who otherwise might be less mindful on a regular basis to increase their daily activity. The headline of the article directly contradicts the point made by the study’s author: that the message should not be that wearables do not help with weight loss.
Perhaps one of the broader issues is that weight loss is predominantly associated with dietary changes. Fitness trackers focus on activity. As such, meeting fitness tracker goals (absent food monitoring) can lead to reduced weight losses as compared to those engaged in more comprehensive health and diet tracking.
From Ars Technica:
The New York City Police Department takes in millions of dollars in cash each year as evidence, often keeping the money through a procedure called civil forfeiture. But as New York City lawmakers pressed for greater transparency into how much was being seized and from whom, a department official claimed providing that information would be nearly impossible—because querying the 4-year old computer system that tracks evidence and property for the data would “lead to system crashes.”
…
Even with the system, however, the NYPD’s Assistant Deputy Commissioner Robert Messner told the New York City Council’s Public Safety Committee that the department had no idea how much money it took in as evidence, nor did it have a way of reporting how much was seized through civil forfeiture proceedings—where property and money is taken from people suspected of involvement in a crime through a civil filing, and the individuals whom it is seized from are put in the position of proving that the property was not involved in the crime of which they were accused.
So NYPD has spend millions on an expensive database that prevents them from conducting accountability queries on seized evidence? That’s an interesting design choice.
This is one of the most amazing websites that I’ve come across: for those of us who routinely work from coffee shops, it lists whether or not there are plentiful power outlets as well as passwords for wifi.
Hanjin accounts for about 3 percent of shipping containers globally. It’s big enough that U.S. retailers are worried that delays will shorten the busy holiday shopping season as they wait for goods to arrive. And U.S. exporters now anticipate a 50 percent hike in shipping fees, according to Peter Friedmann, executive director of the U.S. Agricultural Transportation Coalition.
There are lots of reasons for the bankruptcy – including lots of extra ships being in the water right now and a slowdown in the global economy – but this should be cause for concern if only because it showcases the magitude of some of the world’s economic issues right now.
IMSI Catcher Report Calls for Transparency, Proportionality, and Minimization Policies:
The Citizen Lab and CIPPIC are releasing a report, Gone Opaque? An Analysis of Hypothetical IMSI Catcher Overuse in Canada, which examines the use of devices that are commonly referred to as ‘cell site simulators’, ‘IMSI Catchers’, ‘Digital Analyzers’, or ‘Mobile Device Identifiers’, and under brand names such as ‘Stingray’, DRTBOX, and ‘Hailstorm’. IMSI Catchers are a class of of surveillance devices used by Canadian state agencies. They enable state agencies to intercept communications from mobile devices and are principally used to identify otherwise anonymous individuals associated with a mobile device and track them.
Though these devices are not new, the ubiquity of contemporary mobile devices, coupled with the decreasing costs of IMSI Catchers themselves, has led to an increase in the frequency and scope of these devices’ use. Their intrusive nature, as combined with surreptitious and uncontrolled uses, pose an insidious threat to privacy.
This report investigates the surveillance capabilities of IMSI Catchers, efforts by states to prevent information relating to IMSI Catchers from entering the public record, and the legal and policy frameworks that govern the use of these devices. The report principally focuses on Canadian agencies but, to do so, draws comparative examples from other jurisdictions. The report concludes with a series of recommended transparency and control mechanisms that are designed to properly contain the use of the devices and temper their more intrusive features.
I’m not going to lie: after working on this with my colleague, Tamir Israel, for 12 months it was absolutely amazing to publicly release this report. What started as a 1,500 word blog post meant to put defense lawyers on notice of some new legislation transmogrified into a 130 page report that is the most comprehensive legal analysis of these devices that’s been done to date. It’s going to be interesting to see what the effects of it are for cases currently being litigated in Canada and around the world!
The Toronto Star:
Lawful access is “a real thorny issue,” said University of Ottawa law professor Craig Forcese, a national security law expert, in an interview with the Star.
“For years I’ve been saying we’ve got to deal with it, and you can’t deal with it without investing people in a discussion, because the best-organized civil liberties organizations in Canada right now are privacy groups,” said Forcese.
“And if you go ahead unilaterally and start tabling stuff in Parliament, you’re going to have a replay of the disaster of the last decade in Parliament where nothing ever got passed, except the cyberbullying bill which didn’t address all the issues.”
Parliament did a lot over the last decade. Including passing lawful access legislation following more than 10 years of public debate that included numerous public consultations (i.e. not just with civil liberties organizations).
That civil liberties groups – which by definition argue hard against infringements of constitutional rights – did their jobs is to be congratulated not smeared.
Excited Pixels