Another dissertation chapter drafted and submitted to the supervisor. Time to relax. And start my soon-due paper on drones.
Categories
Categories
2013.3.8
An often-overlooked dimension of cyber espionage is the targeting of civil society actors. NGOs, exile organizations, political movements, and other public interest coalitions have for many years encountered serious and persistent cyber assaults. Such threats — politically motivated and often with strong links to authoritarian regimes — include website defacements, denial-of-service attacks, targeted malware attacks, and cyber espionage. For every Fortune 500 company that’s breached, for every blueprint or confidential trade secret stolen, it’s a safe bet that at least one NGO or activist has been compromised in a similar fashion, with highly sensitive information such as networks of contacts exfiltrated. Yet civil society entities typically lack the resources of large industry players to defend against or mitigate such threats; you won’t see them hiring information security companies like Mandiant to conduct expensive investigations. Nor will you likely see Mandiant paying much attention to their concerns, either: if antivirus companies do encounter attacks related to civil society groups, they may simply discard that information as there is no revenue in it.
Rob Deibert and Sarah McKune, “Civil Society Hung Out To Dry in Global Cyber Espionage”
Data security and communicative privacy matters. The boons of the contemporary computer era has led to people across the world using common services for security, for data processing, and for communications generally despite users’ radically different risk profiles. Few users are savvy enough to engage in code-level audits, fewer to ascertain the validity of improperly issued security certificates, and likely even fewer to guarantee that programs’ and operating systems’ updates are from the actual developers. These are problems – important problems – that need to be directly addressed by developers.
It’s always been morally wrong to be cavalier about your software’s security profile, and to just discount the potential vulnerabilities or bugs linked to your tools. Things aren’t getting better, however, on account of state actors becoming more and more sophisticated in how they target and monitor their citizens’ and residents’ communications. Consequently, the blasé attitude towards security that has (largely) focused on successful engineering over successful security in depth is a larger and larger problem. This attitude, especially when it comes to anti-circumvention and encryption software, is leading to individual users ending up seriously hurt, imprisoned, or dead.
Security is important. Speech is important. And ensuring that secure, private, speech is possible is an increasingly critical issue for parties throughout the world. Developers and companies and individuals ought to take the severity of the consequences of their actions to heart, or risk having very real blood on their hands.
Categories
“Your entire life is online. Be vigilant.”
Categories
Big data: the new oil?
Categories
2013.3.5
Once your life is inside a federal investigation, there is no space outside of it. The only private thing is your thoughts, and even they don’t feel safe anymore. Every word you speak or write can be used, manipulated, or played like a card against your future and the future of those you love. There are no neutral parties, no sources of unimpeachable wisdom and trust.
The lawyers tell you: take no notes.
The lawyers tell you: talk to no one.
It is the loneliest of lonely things to be surrounded by your loved ones, in danger, and forced to be silent.
May you never experience a Federal investigation. I did, and it consumed me, and changed everyday that will come after it for the rest of my life.
Quinn Norton, “Life Inside the Aaron Swartz Investigation”
Categories
2013.3.4
Security signs that begin with ‘For your protection…’ essentially end with ‘…we will restrict freedoms & invade privacy’.
Neil deGrasse Tyson (via kateoplis)
You tell em Neil, we need working and relevant services, not to be babied.
(via scinerds)
This, this is a case of Neil not thinking about the children, right? Right?
Categories
2013.3.4
The traditionally advocated uses for NFC have been to replace RFID chips in travel cards, such as the Oyster card in the UK, and RFID chips in credit cards, such as MasterCard’s PayPass.
The problem with these replacements is a simple one, however. Smartphone batteries run out. They do so with alarming regularity, and they do so at inopportune moments. I don’t care what phone you say you have, and I don’t care if you say it doesn’t happen to you, because it does. You end up staying out late, or you leave your charger at home by accident, or you just plain use the phone too much during the day, and then when you need the phone to work, it doesn’t because it’s out of juice.
The phone running out of power is bad enough when it means you don’t have maps and directions. That’s annoying. But even worse is the battery going flat when you need the phone for mass transit or paying for stuff.
And yet that’s precisely the value proposition that NFC offers: go out for a night on the town and get stranded with no money, no subway ride home. The only way to be safe is to take your credit card and travel card with you anyway, and if you’re doing that? Well you don’t exactly need NFC then, do you?
Peter Bright, “Mobile World Congress is Mean Girls, and NFC isn’t going to happen”
Excited Pixels 