Putting a face to the reality of Ontario’s labour market.
Categories
Category: Links
Categories
Nicky Hager’s house raided by police
Nicky Hager’s house raided by police:
While working on the book, Mr Hager said he was prepared for a raid-type situation, but did not believe the police would conduct one on his property.
This is exactly the kind of thing that political reporters shouldn’t have to prepare and defend against is democratic states. But more and more are because of overzealous state secrecy laws combined with bullying policing tactics.
Mississauga man pleads guilty in international Xbox hacking ring:
Prosecutors said the small group of gaming enthusiasts called itself the Xbox Underground.
“These were extremely sophisticated hackers. Don’t be fooled by their ages,” Assistant U.S. Attorney Ed McAndrew said after Tuesday’s court hearing. McAndrew told reporters the other members of the group looked to Pokora as a leader.
…
Chris Parsons, a post-doctoral fellow at the University of Toronto’s Citizen Lab and expert in Internet security, told the Star the technique used by the group, known as “SQL injection,” is one of the most common attacks used.
“I’m not saying that these individuals are more or less sophisticated, but you really do not have to be terribly clever to run SQL injections,” said Parsons, who has no involvement in the case.
The technique at its most simple involves tricking a database used by the organization into thinking that the hacker has the power to run administrator-level commands.
…
Parsons says the value of intellectual property and material like the group was after is difficult to gauge. He said they could sell it, or trade it online.
“Certainly some information would be more valuable than others. There might be a large variation for how much you might pay for a prototype Xbox One, versus information about how the U.S. military trains its apache helicopter pilots,” said Parsons. “It would vary substantially in terms of what the information is and the completeness of it.”
There’s no indication in the court documents that the group attempted to sell military information.
Mapping The Canadian Government’s Telecommunications Surveillance:
What:
Canadian federal government agencies, like many government agencies around the world, often request user data from telecommunications agencies for the purpose of surveillance. With few regulations in place that force governments or corporations to explain how Canadians’ telecommunications information is accessed or processed, the Citizen Lab along with its’ partners, worked over the course of a year to compile and disseminate lawfully accessible data that showed how often, for what reasons, and on what legal grounds telecommunications companies in Canada provided their subscribers’ data to state agencies.
The Electronic Frontier Foundation has a series of Counter-Surveillance Success Stories and my work over the past year’s been recognized in the stories. It’s really exceptional the excellent work that people are doing all around the world – you should check them all out!
Access, Partners Recognize Heroes, Villains on Human Rights and Communications Surveillance
Transparency
Summary: States should be transparent about the use and scope of Communications Surveillance laws, regulations, activities, powers, or authorities.
Hero: Doctor Christopher Parsons
Doctor Parsons has actively pushed Canada’s leading Telecommunications Services Providers to disclose how, why, and how often they provide subscriber information to state agencies. Based on their responses, Dr. Parsons offered comprehensive recommendations on how companies could improve public transparency.
Villain: Secretary Jeremy Heywood
Under the authority of UK Prime Minister David Cameron, Mr. Heywood ordered the Guardian to destroy documents regarding surveillance activities of the NSA and GCHQ. The hard drives were “pulverized” in the basement of the newspaper’s London offices. Notably, the Guardian has stated that all documents related to its reporting on these matters are stored in other offices.
It remains amazing – and an absolute honour – to be listed as a hero alongside Edward Snowden, Navi Pillay (former UN High Commissioner), Sen. Ron Wyden, Dilma Rousseff, amongst a host of others.
Also: I guess I have something to talk about next time I run into a member of the British Cabinet?
Canada’s Cyberspy Agency, CSEC, Hijacks Computers Worldwide to Build Their Spynet:
One key part of the HACIENDA infrastructure, however, is a Canadian program called LANDMARK, which looks for “ORBS” (Operational Relay Box) that were recently defined by Colin Freeze in the Globe and Mail as “computers [the Five Eyes spy agencies] compromise in third-party countries.” I spoke to Chris Parsons from the Citizen Lab, who explained that these ORBs are quite possibly the property of innocent citizens, and not exclusively intelligence targets:
“CSEC seemingly regards unsecured devices (their ‘ORBs’) as valid intelligence targets in order to launch deniable attacks and reconnaissance practices. We don’t know whether there is some effort to ascertain civilian vs non-civilian intermediary computers to take over, but the slides suggest that civilians and their equipment can be targeted.”
…
“CSEC operates using the same techniques as organized crime and foreign intelligence services… CSEC uses these techniques for nation-state aims, similar reconnoissance techniques are used by criminals, academics, and interested internet sleuths. The tools of reconnaissance and offence are depressingly affordable, whereas secure code is expensive and hard to come by.”
Poor record of fed requests to telecom companies for Canadians’ data:
Many law-enforcement agencies do not track requests for private information, making the system vulnerable to abuse
…
“Many departments say they don’t have the information and say they don’t keep track of these things,” said NDP MP Charmaine Borg, whose questions led to the release of response documents. “… And if that is the case, that brings up to me a huge problem. How are we supposed to ensure there are no abuses, and that government agencies are making these requests within very extreme circumstances, when they don’t even keep track of when they’re making them?”
…
Christopher Parsons, a postdoctoral fellow at the Citizen Lab of the University of Toronto’s Munk School of Global Affairs, said non-federal agencies, such as police forces, are also seeking data. “Even if we got good numbers from all the federal government, there is a huge, huge part of the surveillance iceberg that’s yet to be seen,” he said.
It’s important to keep in mind that much of the attention concerning government surveillance has been about how federal agencies access telecommunications data, and how proposed lawful access legislation would extend and expand such access. While this attention is deserved there is an entirely different set of actors that have yet to be examined in any sustained way: provincial agencies and municipal organizations.
Canadian ISPs Won’t Tell You Much About Your Own Data:
Ever wondered how long your telecom provider retains your user data? Or if law enforcement has requested your records?
…
This “Access My Info” tool was launched in June, and now, responses have started to trickle back in.
“We’re starting to be able to compare and contrast some of the larger company’s responses,” Parsons said.
Using either Parsons’ form letter, or the AMI tool, subscribers can request that their telecom providers clarify the types of data they collect, tell them how long they retain such data, provide copies of relevant records, and whether their information has been disclosed to law enforcement or government agencies. But perhaps unsurprisingly, policies and practices tend to differ from one provider to the next.
“I think that the letters from TekSavvy are comprehensive. They’re not trying to play games,” Parsons said, referring to the responses sent out by one of Canada’s smaller internet service providers. “They’re actually taking seriously the questions that individuals are making and not trying to blow them off. That stands in variance with, I would say, almost every other member of the industry.”
Parsons said that in other responses, “the detail that is present, or is more often the case, absent, is really quite breathtaking. The only thing I have from Bell is a one page sheet that’s almost worse than useless. It almost doesn’t respond to the customer’s question.”
Parsons told me that discerning how long certain types of data are retained has proven particularly hard, for example.
“Retention schedules matter. How long you store data should not be a top secret corporate secret, because it’s about citizens,” said Parsons. ”Here we’re talking about basic, basic, basic privacy information. How long do you store information about me? None of these companies aside from TekSavvy have tried to comprehensively respond to that question.“
This is a detailed piece by Matt Braga, and one that I’d highly recommend if you’re interested what the Telecom Transparency Project has (and hasn’t) learned about Canadian telecommunications companies’ data retention schedules.
Telus joins transparency push by sharing demands for customer info :
Christopher Parsons, a research fellow with Citizen Lab, which is part of the University of Toronto’s Munk School of Global Affairs, says he commends Telus for following through on a commitment to release a report this summer and for its call for industry standards on such disclosures.
“The trick is, however, that we’re still missing Bell Canada, which is the largest telecommunications provider in the country,” he said. “Clearly, there’s an industry movement in Canada and all across North America toward these transparency reports and Bell Canada needs to be on board.”
…
Mr. Parsons says any industry standard around reporting should also include disclosure about how long the companies retain customer information.
TELUS is to be congratulated for following through on their promise to release a transparency, report, as well as for committing to publishing future reports. At this point, two of the largest telecom in Canada (Rogers and TELUS) along with a leading independent telecom (TekSavvy) have released transparency reports: where’s Bell and all the smaller companies?
Stop trying to sell me wrist-worn smartphones :
Everyone seems to be going down the same route of trying to shrink smart technology to the size of a watch instead of working to smarten up the watches we already have. It’s approaching the problem from the wrong direction, which might explain why the solutions we’ve seen so far have all been inadequate in some way or another. Mostly it’s about the size. Today’s smartwatches contain the best miniaturized technology available, but remain too large — even if they do try to patch over it with fine leather straps, polished metal designs, and gorgeous AMOLED screens.
It absolutely baffles me who, exactly, smart watches are being designed for. The notion that something would be buzzing on my wrist (in my own, very anecdotal case) hundreds of times a day as I receive email, retweets, LinkedIn invites, text messages, hangouts messages, and so forth is absolutely absurd. That’s noise that I want to avoid or minimize, not enhance and maximize.
I own one, very nice, watch that I wear on special circumstances. It’s beautiful and is powered by kinetic motions. It’s light enough that it doesn’t annoy the hell out of me, but heavy enough that it’s comfortable on my wrist. And, in all cases, it doesn’t beep, buzz, or otherwise interfere with my daily life.
To my mind, the ‘rationale’ for smart watches is really predicated on the absurd sizes that smartphones are reaching. With phones increasingly being sold with 5 inch, or larger, screens the devices are eyesores whenever they’re pulled out and their screens examined.
That’s a very, very bad rationale to build a product on and (to my mind) indicates the failure of smartphone design. And the solution that failure isn’t smart watches but more humane-sized phones.
Excited Pixels 