Researchers have discovered a serious security flaw known as the “Heartbleed” bug in the software commonly used by thousands of Websites to encrypt and secure sensitive data being transmitted across the Internet
This was an absolute gift to intelligence agencies all over the world. And one that was – and is – being widely exploited in the wild by criminals and other unauthorized third-parties.
Source: Heartbleed bug found in key encryption technology risks exposing private data
Soon, there will be no way to escape the boss’ urgent email, even if you’re on a plane, as Air Canada announces deal to bring Wi-Fi to the skies.
Not only will you not be able to evade your boss but, given that Air Canada has partnered with GoGo, you’ll also be subject to unnecessarily broad state interception technologies. Air Canada: fly for the high prices, stay for the corporate-enabled excessive state surveillance!
Canadian spy agency head John Forster fielded questions from MPs, and says organization’s focus is foreign intelligence collection, not domestic
Takeaway from the article? CSEC boss “can’t really disclose” what kinds of access it could have to data flowing through Bell, Rogers and Telus.
Back in December, documents revealed the NSA had been using Google’s ad-tracking cookies to follow browsers across the web, effectively coopting ad networks into surveillance networks. A new paper from computer scientists at Princeton breaks down exactly how easy it is, even without the resources and access of the NSA.
Source: How advertising cookies let observers follow you across the web
The two associations representing police chiefs in B.C. should be subject to freedom of information laws, according to B.C. Privacy and Information Commissioner Elizabeth Denham.
After years spent covering the issue, journalist Rob Wipond is finally getting some transparency into how police chief organizations operate in BC!
The border agency says that in 2012, only 25 of its 19,000 requests were refused by the telecoms, and only 13 customers were notified that the government had sought their records. Aspects of the handovers seem to happen automatically – with the telecoms typically charging only $1 to $3 for a “BSI” request and the answers usually coming back within three business days.
Every other federal investigative agency says it cannot or will not publicly provide such precise details of their relationships with the telecoms.
…
In this context, the CBSA disclosure is important and unprecedented, say digital privacy experts, who argue that the agency’s numbers suggest many more exchanges are occurring between the telecoms and other government agencies as well.
“It makes me wonder what other structures and costs are in place,” said Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab. He pointed out that the Mounties and Canada’s intelligence agencies failed to release data.
Though CBSA is being pilloried at the moment for the number of times that it accessed telecommunications data (18,849 times in 2012), the agency should be congratulated as comprehensively responding to MP Borg’s questions. Only the Transportation Safety Board provided a comparable degree of accountability to the Parliamentarian. While I’d like CBSA to go further – we shouldn’t depend on a Parliamentarian’s curiosity to learn about state surveillance practices – the agency has, ultimately, created the model that other federal institutions ought to be forced to follow.
Source: Border agency asked for Canadians’ telecom info 18,849 times in one year
…Justice Canada says the proposed legal shield against liability offers nothing new. “This protection already existed under the jurisprudence,” said spokeswoman Carole Saindon in an e-mail responding to Globe questions. She added that the “language in the bill is not a substantive change.”
Privacy advocates are not reassured by any of this.
The “unaccountability is absolutely unacceptable,” blogged Chris Parsons, a researcher for the University of Toronto Citizen Lab on Thursday. “And it’s made worse by the fact that the currently proposed lawful-access legislation, C–13, would indemnify [Internet Service Providers] for sharing even more information with state authorities while not requiring these authorities to report on how often, and to what extent, they ‘request’ such information.”
Needless to say, I fundamentally disagree with Justice Canada’s position that they sufficiently account for federal agencies’ surveillance programs. And if the liability shield that is being introduced in C-13 isn’t needed and the language not a substantive change then the government should be happy to remove it when the lawful access bill goes to committee.
I’ve been busy parsing a nice hefty government document that documents a lot of federal agencies’ surveillance practices the past few days, and my post on “Accountability and Government Surveillance” is the result. It’s admittedly long but is fairly interesting. Go read!
The report repeatedly emphasizes that the protests had been peaceful, but considers possible triggers for escalation. The sections of the documents that actually deal with what evidence the government had that the protests might have taken a violent turn, and what it would have done if that had happened, were not disclosed.
…
The report repeatedly emphasizes that the protests had been peaceful, but considers possible triggers for escalation. The sections of the documents that actually deal with what evidence the government had that the protests might have taken a violent turn, and what it would have done if that had happened, were not disclosed.
Given CSIS’s ongoing efforts to monitor for threats against national oil interests and other resource extraction companies and associated policies, it’s not necessarily a surprise that the security agency was focusing in on Idle No More. Native land is, after all, required to effectively mobilize resources across Canada.
This said, Canadians generally should be mindful that our security agency was “planning for every eventuality, concerned by the decentralized, leaderless nature of the protests and the multiple motivations and influences that drove them.“ Mindfulness is needed for two reasons: first, because CSIS’s concerns will likely lead to enhanced attempts to map communications patterns to divine ‘leaders’ and ‘centralization’ within activist groupings. Second, because CSIS’s activities are known to include stretching or breaking the law by lying to federal justices. CSIS’s targeting of Aboriginal groups shouldn’t be ignored by other Canadian citizens as not ultimately affecting them as well.
What might be most damaging about CSIS’s actions is how they will (continue to) damage relations between Canada and the Aboriginal people’s. Rather than trying to find a way of working with Canada’s native peoples the Canadian government has again classified them as prospective threats: that’s not how you develop a trusted negotiating relationship, let alone try to heal age-old wounds. And no matter how much surveillance CSIS engages in they can’t guard every mile of roads or pipelines that are used in extracting and transporting Canada’s natural resources.
Talking with Salmon, Goodman said she has an “enormous amount of evidence, including evidence which is not public,” persuading her Dorian Nakamoto is the right guy. “Goodman has not decided whether or how she might publish that evidence… What’s more, she has also made it clear that she was in possession of evidence which other journalists could not obtain,” Salmon wrote.
And that’s a problem, because many aspects of the story already look like a caricature of journalism gone awry. The man Goodman fingered as being worth $400 million or more is just as modest as his house suggests. He’s had a stroke and struggles with other health issues. Unemployed since 2001, he strives to take care of basic needs for himself and his 93-year-old mother, according to a reddit post by his brother Arthur Nakamoto (whom Goodman quoted as calling his brother an “asshole”).
If Goodman has mystery evidence supporting the Dorian Nakamoto theory, it should have been revealed days ago. Otherwise, Newsweek and Goodman are delaying an inevitable comeuppance and doubling down on past mistakes. Nakamoto’s multiple denials on the record have changed the dynamic of the story. Standing by the story, at this point, is an attack on him and his credibility.
Ars Technica has written one of the better critiques of the Newsweek story which (likely incorrectly) identified the man believed to have invented Bitcoin. It’s worth the read, if only to have the current state of debate over Newsweek’s story nicely summarized.
Source: The colossal arrogance of Newsweek’s Bitcoin “scoop”
Excited Pixels