In the next stage of the copyright wars in Canada, Voltage is moving forward with its efforts to use a reverse class-action lawsuit to reveal the identities of thousands of people the company alleges have infringed on Voltage’s copyright. If the company is successful it will open up a new way for companies to access information about subscribers while simultaneously indicating the relative weakness of the privacy protections baked into Canada’s recent copyright legislation.
Category: Links
Cybercrime Overtakes Traditional Crime in UK:
The NCA’s Cyber Crime Assessment 2016, released July 7, 2016, highlights the need for stronger law enforcement and business partnership to fight cybercrime. According to the NCA, cybercrime emerged as the largest proportion of total crime in the U.K., with “cyber enabled fraud” making up 36 percent of all crime reported, and “computer misuse” accounting for 17 percent.
…
“The ONS estimated that there were 2.46 million cyber incidents and 2.11 million victims of cyber crime in the U.K. in 2015,” the report’s authors wrote. “These figures highlight the clear shortfall in established reporting, with only 16,349 cyber dependent and approximately 700,000 cyber-enabled incidents reported to Action Fraud over the same period.”
While there is a persistent issue associated with counting ‘cyber’ events, that UK organizations are highlighting this kind of fraud and espionage so prominently does indicate a real problem is being faced by organizations.
Russia has passed legislation which functionally adopts many of the worst — and largely discredited — surveillance provisions that Europe adopted in the past and is now abandoning. Specifically, Russian telecoms will be required to retain data traffic information for 6 months, as well as assist government agencies decrypt information. The law will also (further) penalize those who support terrorist activities or engage in other types of social disturbances: the problem is that such accusations are increasingly used to target those disliked by the government as opposed to those whom are actually supporting terrorism or the destruction of Russian society.
It will be particularly interesting to see what, if any, effect the EU has on Russia’s new law. Will the law, which flagrantly violates human rights, inhibit Russia’s ability to trade with EU member nations or will the infringement be ignored? Or will the EU be so consumed by the Brexit that it cannot — or will not — turn its attention to one of its largest trading partners?
Meet Moxie Marlinspike, the Anarchist Bringing Encryption to All of Us:
In March, Brazilian police briefly jailed a Facebook exec after WhatsApp failed to comply with a surveillance order in a drug investigation. The same month, The New York Times revealed that WhatsApp had received a wiretap order from the US Justice Department. The company couldn’t have complied in either case, even if it wanted to. Marlinspike’s crypto is designed to scramble communications in such a way that no one but the people on either end of the conversation can decrypt them (see sidebar). “Moxie has brought us a world-class, state-of-the-art, end-to-end encryption system,” WhatsApp cofounder Brian Acton says. “I want to emphasize: world-class.”
For Marlinspike, a failed wiretap can mean a small victory. A few days after Snowden’s first leaks, Marlinspike posted an essay to his blog titled “We Should All Have Something to Hide,” emphasizing that privacy allows people to experiment with lawbreaking as a precursor for social progress. “Imagine if there were an alternate dystopian reality where law enforcement was 100 percent effective, such that any potential offenders knew they would be immediately identified, apprehended, and jailed,” he wrote. “How could people have decided that marijuana should be legal, if nobody had ever used it? How could states decide that same-sex marriage should be permitted?”
We live in a world where mass surveillance is a point of fact, not a fear linked with dystopic science fiction novels. Moxie’s work doesn’t blind the watchers but it has let massive portions of the world shield the content of their communications – if not the fact they are communicating in the first place – from third-parties seeking to access those communications. Now unauthorized parties such a government agencies are increasingly being forced to target specific devices, instead of the communications networks writ large, which may have the effects of shifting state surveillance from that which is mass to that which is targeted. Such a consequence would be a major victory for all persons, regardless of whether they live in a democratic state or not.
Policy – Privacy Paranoia: Is Your Smartphone Spying On You?:
Privacy alarmism is one act in a bigger spectacle. In alarmists’ minds, something could go terribly wrong, and although it never has nor is it likely to happen, we should change the world and imposed new political and bureaucratic order to prepare for it. Privacy concerns in general are fertile breeders of this pattern, and have already inflicted on us useless and expensive laws like HIPPA and FERPA. Now, privacy alarmism has set its sights on the biggest prize: the shrinking of Big Data.
While I’m glad that the author has apparently never suffered an issue linked to a privacy infringement, the same cannot be said for an enormous percentage of the world’s population. Mass intrusion, with and without consent, into communications privacy is a prominent issue internationally because of how private and public bodies alike exploit information that is collected.
We are functionally experimenting on the entire population when collecting and applying math to enormous datasets: to say that there has been no harm, ever, to date is possible. But doing so functionally depends on ignoring the lived reality of many of the persons impacted by big data and digital technology.
Women in politics: Why Ottawa isn’t quite as equal as we think it is:
Theoretically, more women on ballots means more women in office, as research shows voters have no bias against them as candidates. But Thomas’s own research shows that parties are not setting up female candidates for a fair fight. In 2011, she found that all three national parties (the Green party did not run a full slate) placed more women than men in “unwinnable” ridings. Women were more likely to run in another party’s stronghold (59 per cent vs. 47 per cent for men), less likely to run in competitive battlegrounds (24 per cent vs. 28 per cent) and less likely to run in their own party’s strongholds (17 per cent vs. 25 per cent) than men.
A good long-form piece on gender equality in politics. It digs a lot deeper than most of the often-feelgood pieces that are written about the federal government’s gender policies, providing both historical information on gender equality, analysis of contemporary practices, and how other jurisdictions work far more diligently to foster equality in public offices.
Hackers Hijack a Big Rig Truck’s Accelerator and Brakes:
When WIRED reached out to trucking industry body the National Motor Freight Traffic Association about the Michigan research, the NMFTA’s chief technology officer Urban Jonson said the group is taking the researchers’ work seriously, and even funding future research from the same team. And Jonson acknowledged that the possibility of the nightmare scenario they present, of a remote attack on heavy vehicles, is real. “A lot of these systems were designed to be isolated,” says Jonson. “As automobile manufacturers are increasingly connecting vehicles with telematics systems, some of these issues need to be addressed.”
That the Association’s reaction is to work with researchers instead of trying to sue them is a very good sign.
How foreign governments spy using PowerPoint and Twitter:
Right now, there are probably many journalists, human rights organizations and democracy activists walking around oblivious to the invisible tracking that is going on behind their backs. It’s time to wake up to the silent epidemic of targeted digital attacks on civil society and do something about it.
The protections built into our technologies are flimsy and routinely subverted. The merits of a ‘first to market’ ethos that predominates technical innovation must be contrasted, and weighed, against the mortal risk these same technologies pose to some users.
How Not To Get Hacked When Renting An Airbnb Apartment:
The problem is that, thanks to the rise of home-sharing services such as Airbnb and HomeAway, thousands of people are letting strangers into their houses and apartments, and, potentially, into their networks and routers.
That’s why, Galloway argues, we need to be careful when connecting to Wi-Fi networks in Airbnbs, and just treat them like we treat airport or Starbucks connections.
“When you’re traveling and you’re on an unfamiliar network, you should behave like it and not behave like when you’re at home,” Galloway says. “You don’t use the Airbnb toothbrush, and you should probably think twice before just jumping on their network and putting your bank credentials in there.”If you’re a renter, Galloway says the first thing to do to stay safe is using a virtual private network, or VPN, that will encrypt and protect all your connections. (There’s a lot of easy to use options out there, such as Freedome or TunnelBear.) Another, slightly more complex precaution, is to hardcode DNS settings into their devices, switching to Google Public DNS, for example.
I don’t disagree with this advice but admit it’s only something I consider when travelling for work (in part because I do so few ‘risky’ things when vacationing and decision to mostly rely on apps which I hope – though often cannot know – are transmitting credentials over SSL). But more broadly I think that what is being argued for is out of touch with how people are generally taught to understand computing and out of touch with how most Airbnb hosts operate: guests rarely meet their host and it’s unclear how often hosts themselves ever really look in on their properties. So maybe before we insist that people be wary of landlords and Airbnb hosts we should be considering what baseline requirements for offering such services themselves should be.
The Security of Our Election Systems:
Government interference with foreign elections isn’t new, and in fact, that’s something the United States itself has repeatedly donein recent history. Using cyberattacks to influence elections is newer but has been done before, too most notably in Latin America. Hacking of voting machines isn’t new, either. But what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it.
Last April, the Obama administration issued an executive orderoutlining how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they’re a hodgepodge of separate state-run systems, together their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy.
Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.
The effects of a decade of focusing on attack capabilities at the expense of defence is now becoming apparent. And I’d bet that we’ll see democratic governments call for heightened national ‘defence’ capabilities that entail fully inspecting packets. Which will require laws that water down communicative privacy rights. Which will themselves damage the democratic characters of our political systems.
Excited Pixels 