Category: Aside

Categories
Aside Links

How Not To Get Hacked When Renting An Airbnb Apartment

How Not To Get Hacked When Renting An Airbnb Apartment:

The problem is that, thanks to the rise of home-sharing services such as Airbnb and HomeAway, thousands of people are letting strangers into their houses and apartments, and, potentially, into their networks and routers.

That’s why, Galloway argues, we need to be careful when connecting to Wi-Fi networks in Airbnbs, and just treat them like we treat airport or Starbucks connections.
“When you’re traveling and you’re on an unfamiliar network, you should behave like it and not behave like when you’re at home,” Galloway says. “You don’t use the Airbnb toothbrush, and you should probably think twice before just jumping on their network and putting your bank credentials in there.”

If you’re a renter, Galloway says the first thing to do to stay safe is using a virtual private network, or VPN, that will encrypt and protect all your connections. (There’s a lot of easy to use options out there, such as Freedome or TunnelBear.) Another, slightly more complex precaution, is to hardcode DNS settings into their devices, switching to Google Public DNS, for example.

I don’t disagree with this advice but admit it’s only something I consider when travelling for work (in part because I do so few ‘risky’ things when vacationing and decision to mostly rely on apps which I hope – though often cannot know – are transmitting credentials over SSL). But more broadly I think that what is being argued for is out of touch with how people are generally taught to understand computing and out of touch with how most Airbnb hosts operate: guests rarely meet their host and it’s unclear how often hosts themselves ever really look in on their properties. So maybe before we insist that people be wary of landlords and Airbnb hosts we should be considering what baseline requirements for offering such services themselves should be.

Categories
Aside Links

The Security of Our Election Systems

The Security of Our Election Systems:

Government interference with foreign elections isn’t new, and in fact, that’s something the United States itself has repeatedly donein recent history. Using cyberattacks to influence elections is newer but has been done before, too ­ most notably in Latin America. Hacking of voting machines isn’t new, either. But what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it.

Last April, the Obama administration issued an executive orderoutlining how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they’re a hodgepodge of separate state-run systems, together their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy.

Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.

The effects of a decade of focusing on attack capabilities at the expense of defence is now becoming apparent. And I’d bet that we’ll see democratic governments call for heightened national ‘defence’ capabilities that entail fully inspecting packets. Which will require laws that water down communicative privacy rights. Which will themselves damage the democratic characters of our political systems.

Categories
Aside Links

Can we design sociotechnical systems that don’t suck?

Can we design sociotechnical systems that don’t suck?:

Many hard problems require you to step back and consider whether you’re solving the right problem. If your solution only mitigates the symptoms of a deeper problem, you may be calcifying that problem and making it harder to change.

Ethan’s essay is a long response to Shane Snow’s proposals for prison reform. In short, Snow is aiming to adjust conditions inside of prisons without considering whether there is a broader series of social issues that are responsible for actually leading to incarcaration. And, worse, he’s making his proposals without lived experiences of what prison itself is like.

The crux of Ethan’s argument, really, doesn’t concern the kinds of prison reform which are(n’t) appropriate so much as this: is it appropriate for a given person, or group, to solve the problem(s) in the first place? Are they capable of even identifying what are the problem(s)?

I think that this kind of attitude – of humbleness and appreciation for one’s limited perspective on the world – is something that should be taken up by more technologists, policy makers, and law makers. Too often we assume we know how to help without even knowing whether, and if so why and under what conditions, help is needed in the first place.

Categories
Aside Links

On weaponized transparency

On weaponized transparency:

Over the longer term, it’s likely that personal or sensitive data will continue to be hacked and released, and often for political purposes. This in turn raises a set of questions that we should all consider, related to all the traditional questions of openness and accountability. Weaponized transparency of private data of people in democratic institutions by unaccountable entities is destructive to our political norms, and to an open, discursive politics.

Weaponized transparency, especially when it affects the lives of ordinary persons who take an interest in the political process, is dangerous for a range of reasons. And responsible journalists – to say nothing of publishers such as Wikileaks – ought to be condemned when they fail to adequately protect the private interests of such ordinary persons.

Categories
Aside Links

From file-sharing to prison: A Megaupload programmer tells his story

The Megaupload saga has a new chapter, as the only person convicted by the US in relation to Mega’s file sharing system has broken his silence. Tänavsuu’s article is an in-depth interview with Andrew Nõmm, who did programming for the site and service. Nõmm takes strong issue with Kim Dotcom — he asserts regularly the Kim did nothing to assist Nõmm in his legal efforts — as well as with the Estonian government for their lack of support.

This is a relatively unique piece, insofar as it discusses the experiences of people within the Kim Dotcom empire, and from the perspective of someone who has directly suffered as a result of their association with the project and company. It’s worth the read, if only to understand how the US system deals with persons found guilty of significant copyright violation and some of the inner workings of the Mega projects.

Categories
Aside Links

Canada has a rape kit problem | VICE News

This piece is excellent if incredibly depressing: for funding reasons (or, more cynically, failure of predominant male politicians to raise this issue on the political agenda…) women who are assaulted are often unable to access rape kits. These kits are used to collect evidence for potential criminal investigations pertaining to the assault.

But the end of the (very long, and detailed) article ends with an important reminder for readers who have gotten to the end:

Rape kits, ultimately, are only a small piece of a bigger problem with the justice system, says Hilla Kerner, a front-line worker at Vancouver’s Rape Relief Shelter.

She said rape kits are only helpful in cases that the attacker denies any sexual contact and DNA evidence can contradict that claim. It’s rare that this is a line of defense, she said—but when it is, the evidence gathered with a rape kit is vital.

Basically, if the accused’s DNA is found on the complainant’s body, it removes the line of defence of: ‘I don’t know her, I’ve never seen her before.’

“We shouldn’t fool ourselves that a rape kit is the solution to getting more cases through the criminal justice system,” Kerner said. “There is a need for urgent reform in the criminal justice system, and rape kits are just one element of the whole transformation that needs to happen.”

In other words, though we need to improve access to forensic services, we shouldn’t imagine that such access alone will alleviate the incredibly hostile approach the criminal justic system takes towards the victims of rape and sexual assault.

Categories
Aside

2015.1.3

So…did GCHQ et al intercept and decrypt BBM messages, or were they just handed over?

Categories
Aside Links

U.S. Cyber Command investment ensures hackers targeting America face retribution

U.S. Cyber Command investment ensures hackers targeting America face retribution :

Later that summer, Marine Lt. Gen. Richard P. Mills bluntly told a conference in Baltimore that commanders under his control in Afghanistan routinely used cyberwarfare tactics to attack and disable al Qaeda and Taliban enemies.

“I can tell you that as a commander in Afghanistan in the year 2010, I was able to use my cyberoperations against my adversary with great impact,” Gen. Mills was quoted at the time as saying. “I was able to get inside his nets, infect his command and control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations.

While the military is developing the capability, the political and policy realm is struggling with the right parlance.

If that’s the language that US generals are using to explain what ‘cyber’ is then I think that the executive-class is clueless about the things that their ‘cyberwarriors’ are up to. And if they’re this clueless then how can they be relied on (or quoted in anything other than a mocking way?) to provide expert advice to policy makers, politicians, or the public?

Categories
Aside Links

Christopher Parsons weighs in on privacy concerns in Canada

A roundup of what I’ve said, to whom, and that was published this month.

Christopher Parsons weighs in on privacy concerns in Canada

Categories
Aside Humour

stopdataretention:

Who you email/txt, where you go, what sites you visit – stored by govt for 2 yrs under new laws.