Facebook says governments demanding more and more user data – – Reuters in San Francisco and Bangalore Wednesday 11 November 2015 23.01 EST


US authorities made the most requests for users’ information, while India and Turkey had the most takedowns for content that violated local laws

Facebook said US law enforcement agencies made the most requests for information about users.

Facebook said US law enforcement agencies made the most requests for information about users. — Photograph: Alamy

Facebook has said government requests for data and demands for content to be taken down surged in the first half of 2015, which the social network has seen continually increase since it began publicly releasing such data two years ago.

Government requests for account data globally jumped 18% in the first half of 2015 to 41,214 accounts, up from 35,051 requests in the second half of 2014, Facebook said in a blogpost.

The amount of content restricted for violating local law more than doubled compared with the same period in the second half of 2014 to 20,568 pieces of content, it said.

Most government requests related to criminal cases, such as robberies or kidnappings, Facebook said. The government often requested basic subscriber information, IP addresses or account content, including people’s posts online.

The bulk of government requests came from US law enforcement agencies. US agencies requested data from 26,579 accounts – comprising more than 60% of requests globally – up from 21,731 accounts in the second half of 2014.

France, Germany and Britain also made up a large percentage of the requests and had far more content restricted in 2015. Some of the content taken down in Germany, for example, may relate to Holocaust denial, Facebook said.

India and Turkey were responsible for most of the content taken down for violating local laws. India had 15,155 pieces of content restricted – nearly triple the amount in the second half of 2014 – while Turkey had 4,496 items, up from 3,624.

The technology industry has pushed for greater transparency on government data requests, seeking to shake off concerns about their involvement in vast, surreptitious surveillance programs revealed by the former spy agency contractor Edward Snowden.

“Facebook does not provide any government with ‘back doors’ or direct access to people’s data,” Facebook wrote.

Facebook, Microsoft, Yahoo and Google began in 2014 publishing details about the number of government requests for data they receive.

http://www.theguardian.com/world/2015/nov/12/facebook-says-governments-seek-more-and-more-user-data-and-takedowns

Digital Counterinsurgency – By Jared Cohen November/December 2015 Issue


The Islamic State, or ISIS, is the first terrorist group to hold both physical and digital territory: in addition to the swaths of land it controls in Iraq and Syria, it dominates pockets of the Internet with relative impunity. But it will hardly be the last. Although there are still some fringe terrorist groups in the western Sahel or other rural areas that do not supplement their violence digitally, it is only a matter of time before they also go online. In fact, the next prominent terrorist organization will be more likely to have extensive digital operations than control physical ground.Screen Shot 2015-10-31 at Oct 31, 2015 5.37

Although the military battle against ISIS is undeniably a top priority, the importance of the digital front should not be underestimated. The group has relied extensively on the Internet to market its poisonous ideology and recruit would-be terrorists. According to the International Centre for the Study of Radicalisation and Political Violence, the territory controlled by ISIS now ranks as the place with the highest number of foreign fighters since Afghanistan in the 1980s, with recent estimates putting the total number of foreign recruits at around 20,000, nearly 4,000 of whom hail from Western countries. Many of these recruits made initial contact with ISIS and its ideology via the Internet. Other followers, meanwhile, are inspired by the group’s online propaganda to carry out terrorist attacks without traveling to the Middle East.

ISIS also relies on the digital sphere to wage psychological warfare, which directly contributes to its physical success. For example,

Everything you always wanted to know about Tor (Browser) but were afraid to ask


Why Anonymity Matters

Screen Shot 2015-10-30 at Oct 30, 2015 1.45


Overview

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor’s users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor’s hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

Journalists use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organization.

Groups such as Indymedia recommend Tor for safeguarding their members’ online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company’s patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Article continues:

https://www.torproject.org/index.html.en

Security This Week: Apparently China Is Still Hacking US Companies – YAEL GRAUER. 10.24.15. 7:00 AM


This week, a group of teenagers hacked CIA director John Brennan’s private AOL account, and WikiLeaks started publishing his leaked emails. Some ingenious French criminals exploited the supposedly secure chip and pin credit cards that are even more secure than what the US just adopted. (Let’s just say we told you so.) Facebook will now warn users about nation-state attacks, but it will also allow users to find public posts using search, so you may want to consider hiding yours. And WIRED set the record straight on the importance of reporting on car hacking.

But that’s not all. Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there!

China Said It Would Stop Hacking US Companies, But It Didn’t

The US and China reached a historic agreement last month to stop hacking into each other’s systems to steal economic secrets. But according to the American security company Crowdstrike, this hasn’t stopped hackers with ties to the Chinese government from continuing to target US companies. In fact, one attack took place the very next day after the agreement was reached. However, there’s a possibility that the hackers were acting on their own rather than following government orders.

Article continues:

http://www.wired.com/2015/10/security-this-week-apparently-china-is-still-hacking-us-companies/

This App Is Building a Giant Network for Free Messaging – LIZ STINSON. 10.12.15. 4:38 PM


Manila is using the FireChat app to build a city-wide mesh network.  FIRECHAT

Manila is using the FireChat app to build a city-wide mesh network. FIRECHAT

Last fall hundreds of thousands of pro-democracy protesters took to the streets of Hong Kong and encountered a serious logistical issue: Their phones weren’t working. The sheer number of people concentrated in the area crushed the network, crippling their main form of communication. At a time when staying in touch was critical, it became impossible.

And then something interesting happened. People began chatting with each other, but not over Wi-Fi or data networks. It was via FireChat, a new app from the company Open Garden. FireChat, like the similar Serval Project, builds mesh networks by connecting smartphones via the device’s Bluetooth or peer-to-peer Wi-Fi. This effectively turns every smartphone with FireChat into a node that can carry and deliver text messages. The big idea is that instead of relying on a centralized ISP or telecom company to provide service, people are able to build their own decentralized network that can grow as large as there are people who have the app downloaded. In the case of FireChat, these messages end up in either a massive group chat or can be encrypted and delivered as a private message by hopping from phone to phone until it reaches its intended recipient. “In a sense it’s like a blind postman,” says Christophe Daligault, Open Garden’s chief marketing officer.

Since the app launched in the spring of 2014, it’s been used in Hong Kong, Iraq, France, and Ecuador during major protests and natural disasters (more than 500,000 people downloaded the app over the course of a couple days in Hong Kong). It’s also, we should note, wildly popular with the Burning Man set. As of today, though, FireChat is attempting to organize its biggest network yet. The company just announced it’s partnering with Marikina, a city of 400,000 that makes up metro Manila in the Philippines, to build a city-wide mesh network that can be used during natural disasters.

 

Article continues:

http://www.wired.com/2015/10/giant-network-for-free-messaging/

California Now Has the Nation’s Best Digital Privacy Law – KIM ZETTER 10.08.15. 9:58 PM


California continued its long-standing tradition for forward-thinking privacy laws today when Governor Jerry Brown signed a sweeping law protecting digital privacy rights.

The landmark Electronic Communications Privacy Act bars any state law enforcement agency or other investigative entity from compelling a business to turn over any metadata or digital communications—including emails, texts, documents stored in the cloud—without a warrant. It also requires a warrant to track the location of electronic devices like mobile phones, or to search them.

The legislation, which easily passed the Legislature last month, is the most comprehensive in the country, says the ACLU.

“This is a landmark win for digital privacy and all Californians,” Nicole Ozer, technology and civil liberties policy director at the ACLU of California, said in a statment. “We hope this is a model for the rest of the nation in protecting our digital privacy rights.”

Five other states have warrant protection for content, and nine others have warrant protection for GPS location tracking. But California is the first to enact a comprehensive law protecting location data, content, metadata and device searches, Ozer told WIRED.

“This is really a comprehensive update for the modern digital age,” she said.

State senators Mark Leno (D-San Francisco) and Joel Anderson (R-Alpine) wrote the legislation earlier this year to give digital data the same kinds of protection that non-digital communications have.

“For what logical reason should a handwritten letter stored in a desk drawer enjoy more protection from warrantless government surveillance than an email sent to a colleague or a text message to a loved one?” Leno said earlier this year. “This is nonsensical and violates the right to liberty and privacy that every Californian expects under the constitution.”

The bill enjoyed widespread support among civil libertarians like the American Civil Liberties Union and the Electronic Frontier Foundation as well as tech companies like Apple, Google, Facebook, Dropbox, LinkedIn, and Twitter, which have headquarters in California. It also had huge bipartisan support among state lawmakers.

“For too long, California’s digital privacy laws have been stuck in the Dark Ages, leaving our personal emails, text messages, photos and smartphones increasingly vulnerable to warrantless searches,” Leno said in a statement today. “That ends today with the Governor’s signature of CalECPA, a carefully crafted law that protects personal information of all Californians. The bill also ensures that law enforcement officials have the tools they need to continue to fight crime in the digital age.”

The law applies only to California law enforcement entities; law enforcement agencies in other states would be compelled by the laws in their jurisdictions, which is why Ozer and others say it’s important to get similar comprehensive laws passed elsewhere.

The law places California not only at the forefront of protecting digital privacy among states, it outpaces even the federal government, where such efforts have stalled.

 

Article continues:

http://www.wired.com/2015/10/california-now-nations-best-digital-privacy-law/

Government Is the Biggest Cybersecurity Threat – By Tom Risen Oct. 2, 2015 | 3:54 p.m. EDT


Government workers see their own agencies as a bigger cybersecurity threat than hackers from China or Russia, according to a new survey.Federal IT workers are more concerned about employees who don't properly protect government networks than they are of foreign hackers, a new study revealed.

Federal IT workers are more concerned about employees who don’t properly protect government networks than they are of foreign hackers, a new study revealed.

The Obama administration has worked to boost the networks of the federal government, which have endured a string of data breaches in recent years, including the massive theft of information on an estimated 21.5 million federal employees or job applicants from the databases of the Office of Personnel Management. The hack is thought to have originated in China, but the biggest threat is in Washington, D.C., according to a new survey of federal IT workers sponsored by Hewlett-Packard and conducted by the Ponemon Institute.

The biggest threat to federal cybersecurity is “the negligent insider” at an agency who fails to take enough precautions while using or protecting government networks, according to 44 percent of federal workers responding to the survey. Only 30 percent of respondents stated that nation-state hackers were the primary threat, according to the survey. Hacks known as “zero-day attacks,” so-called because they have never been used publicly, and mistakes by third-party government contractors each tallied 36 percent as the primary threat among respondents.

Article continues:

http://www.usnews.com/news/blogs/data-mine/2015/10/02/surveys-government-is-the-biggest-cybersecurity-threat?int=a01109