The Easy Days Are Over – By William Saletan NOV. 14 2015 8:06 PM


After Paris, this period of relative peace and easy libertarianism is coming to an end.

497113864-couple-embrace-near-the-cosa-nostra-restaurant-on.jpg.CROP.promo-xlarge2

If you’re an 18-year-old American, you were 3 or 4 when al-Qaida hit the United States on Sept. 11, 2001. You haven’t seen a major terrorist strike in your country since then. Maybe you heard about the attacks in Madrid in 2004, London in 2005, or Mumbai in 2008. But aside from the occasional lone-wolf incident—Fort Hood, Texas, in 2009, or the Boston Marathon bombing of 2013—you’ve been lucky.

You’ve grown up in an era of peace at home: no world wars, no cold war, and little fear of being blown up or gunned down by militants. It’s an era of libertarianism: We’re less afraid of bad guys coming to kill us, so we don’t see why Uncle Sam should track our phone calls. It’s also an era of isolationism, because our troops have fought two wars overseas, in Afghanistan and Iraq, and they haven’t turned out well. We’re sick of those wars, and we feel pretty safe at home. So we don’t want to go fight again.

The libertarianism and isolationism of our time crosses party lines. It affects President Obama, who came into office promising to bring our troops home. But it also affects Republicans. Sen. Lindsey Graham, the Republican presidential candidate who has campaigned on a platform of sending troops to fight ISIS, couldn’t even garner enough support in the polls to get into his party’s undercard debate last week. And if you study surveys on national security and domestic surveillance, you’ll find that Republicans are, by some measures, more hostile to surveillance than Democrats are.

Article continues:

Facebook says governments demanding more and more user data – – Reuters in San Francisco and Bangalore Wednesday 11 November 2015 23.01 EST


US authorities made the most requests for users’ information, while India and Turkey had the most takedowns for content that violated local laws

Facebook said US law enforcement agencies made the most requests for information about users.

Facebook said US law enforcement agencies made the most requests for information about users. — Photograph: Alamy

Facebook has said government requests for data and demands for content to be taken down surged in the first half of 2015, which the social network has seen continually increase since it began publicly releasing such data two years ago.

Government requests for account data globally jumped 18% in the first half of 2015 to 41,214 accounts, up from 35,051 requests in the second half of 2014, Facebook said in a blogpost.

The amount of content restricted for violating local law more than doubled compared with the same period in the second half of 2014 to 20,568 pieces of content, it said.

Most government requests related to criminal cases, such as robberies or kidnappings, Facebook said. The government often requested basic subscriber information, IP addresses or account content, including people’s posts online.

The bulk of government requests came from US law enforcement agencies. US agencies requested data from 26,579 accounts – comprising more than 60% of requests globally – up from 21,731 accounts in the second half of 2014.

France, Germany and Britain also made up a large percentage of the requests and had far more content restricted in 2015. Some of the content taken down in Germany, for example, may relate to Holocaust denial, Facebook said.

India and Turkey were responsible for most of the content taken down for violating local laws. India had 15,155 pieces of content restricted – nearly triple the amount in the second half of 2014 – while Turkey had 4,496 items, up from 3,624.

The technology industry has pushed for greater transparency on government data requests, seeking to shake off concerns about their involvement in vast, surreptitious surveillance programs revealed by the former spy agency contractor Edward Snowden.

“Facebook does not provide any government with ‘back doors’ or direct access to people’s data,” Facebook wrote.

Facebook, Microsoft, Yahoo and Google began in 2014 publishing details about the number of government requests for data they receive.

http://www.theguardian.com/world/2015/nov/12/facebook-says-governments-seek-more-and-more-user-data-and-takedowns

Security News This Week: 9 Out of 10 Websites Leak Your Data to Third Parties – YAEL GRAUER. : 11.07.15. . 7:00 AM


This week, hackers won a million dollar bounty for discovering a long-sought iOS zero-day. Federal lawmakers introduced the Stingray Privacy Act, a new bill that would require state and local lawmakers to get a warrant before using the invasive surveillance devices. The world got its first look at the full text of the Trans-Pacific Partnership trade pact. We found out the UK’s TalkTalk telecom hack may not be as bad as it looked. Android users can finally use Open Whisper Systems’ RedPhone app and TextSecure messaging app in one app, called Signal. And Crackas With Attitude, the teens who hacked CIA Director John Brennan, are back with a new hack.

But that’s not all. Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there!

Turns Out 90 Percent of the Internet’s Top Sites Leak Your Data to Third Parties

It’s no secret that websites typically send user data to third parties (typically without their knowledge or consent), but now new peer-reviewed research published by University of Pennsylvania privacy researcher and doctoral student Tim Libert shows that the scale of this is enormous—nine out of ten sites are leaking user data to an average of nine external domains. That means that a single site you visit will send your data to nine outside websites. Tim Libert cites Google as the worst culprit, but gives Twitter props for respecting browsers’ Do Not Track setting. He also points out that the NSA has leveraged commercial tracking tools in order to monitor users. For added privacy, using Tor is your best bet, Libert told Motherboard, so long as you don’t log into any accounts (Gmail, Facebook, etc.) while you’re on it.

The Pentagon Outsourced Its Coding to Russia (What Could Go Wrong?)

A four-year federal investigation revealed this week that the Pentagon has outsourced work writing software for sensitive US military communication systems to Russian programmers. Contractor John C. Kingsley discovered the Russian-contracted software had built-in holes that left the Pentagon’s communication system vulnerable to viruses. The two firms involved, Massachusetts-based NetCracker Technology Corporation and Virginia-based Computer Sciences Corporation (which had subcontracted the work), agreed to pay fines of $11.4 million and $1.35 million, respectively. Outsourcing work on classified systems to anyone who’s not a US citizen with approved security clearance violates federal regulations, as well as the company’s contract.

Article continues:

http://www.wired.com/2015/11/security-news-this-week-9-out-of-10-websites-leak-your-data-to-third-parties/

Security News This Week: Cops Accidentally Leaked Footage From License Plate Readers – YAEL GRAUER. : 10.31.15 7:00 AM


Getty Images

It’s been a busy week. The Senate voted 74-21 to pass CISA, the problematic surveillance bill that has privacy advocates and civil liberties groups up in arms. In better news, the EU Parliament voted to net neutrality rules filled with loopholesthat aren’t exactly neutral. The Library of Congress approved copyright law exemptions that would allow people to modify software on their cars—but the exemptions only last three years after they begin to take effect, which won’t be for another year. And Tor launched the beta version of Tor Messenger, which looks like the easiest-to-use encrypted, anonymous instant messaging app.

But that’s not all. Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there!

Cops Were Accidentally Leaking License Plate Surveillance Data Online

The fact that local governments collect data on every driver’s travel history is pretty disconcerting. That idea that this data is sometimes widely available to anyone with a web browser is even scarier. Earlier this year, EFF learned that information from more than 100 auto license plate reader cameras was available online, and sometimes the camera’s live video stream (and plate captures) could be viewed in real time. The digital rights group was able to trace five cameras to their sources, and found multiple issues such as poor or default passwords, or no passwords at all. Luckily, when notified by EFF, the agencies secured the systems, but tracking the sources of all cameras wasn’t possible. Other than securing surveillance technology before using it (what a concept!) it would behoove law enforcement agencies to limit their data storage to days, not years—and only for vehicles suspected to have been involved with a crime, the EFF concluded.

Article continues:

http://www.wired.com/2015/10/security-news-this-week-cops-accidentally-leaked-footage-from-license-plate-readers/

Everything you always wanted to know about Tor (Browser) but were afraid to ask


Why Anonymity Matters

Screen Shot 2015-10-30 at Oct 30, 2015 1.45


Overview

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor’s users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor’s hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

Journalists use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organization.

Groups such as Indymedia recommend Tor for safeguarding their members’ online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company’s patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Article continues:

https://www.torproject.org/index.html.en

Tor Just Launched the Easiest App Yet for Anonymous, Encrypted IM – ANDY GREENBERG 10.29.15. 5:30 PM


GETTY IMAGES

The anonymity network Tor has long been the paranoid standard for privacy online, and the Tor Browser that runs on it remains the best way to use the web while revealing the least identifying data. Now the non-profit Tor Project has officially released another piece of software that could bring that same level of privacy to instant messaging: a seamless and simple app that both encrypts the content of IMs and also makes it very difficult for an eavesdropper to identify the person sending them.

On Thursday the Tor Project launched its first beta version of Tor Messenger, its long-in-the-works, open source instant messenger client. The app, perhaps more than any other desktop instant messaging program, is designed for both simplicity and privacy by default: It integrates the “Off-the-Record” (OTR) protocol to encrypt messages and routes them over Tor just as seamlessly as the Tor Browser does for web data. It’s also compatible with the same XMPP or “Jabber” chat protocol used by millions of Facebook and Google accounts, as well as desktop clients like Adium for Mac and Pidgin for Windows. The result is that anyone can download the software and in seconds start sending messages to their pre-existing contacts that are not only strongly encrypted, but tunneled through Tor’s maze of volunteer computers around the world to hide the sender’s IP address.

After some auditing, Tor Messenger is set to become a powerful and popular tool for instant, idiot-proof, and surveillance-resistant communication.

“With Tor Messenger, your chat is encrypted and anonymous…so it is hidden from snoops, whether they are the government of a foreign country or a company trying to sell you boots,” Tor public policy director Kate Krauss wrote to WIRED in a Tor Messenger conversation. She emphasized that despite those features, the program’s use of a pre-existing chat protocol means users won’t need to rebuild their network of contacts. “You can use your Jabber address and your old contacts–you aren’t reinventing the wheel–but wow, much safer.”

Article continues:

http://www.wired.com/2015/10/tor-just-launched-the-easiest-app-yet-for-anonymous-encrypted-im/