Tag Archives: electronic

The Information – James Gleick


The Information

A History, a Theory, a Flood

James Gleick

Genre: History

Price: $2.99

Publish Date: March 1, 2011

Publisher: Knopf Doubleday Publishing Group

Seller: Penguin Random House LLC

From the bestselling author of the acclaimed Chaos and Genius comes a thoughtful and provocative exploration of the big ideas of the modern era: Information, communication, and information theory.    Acclaimed science writer James Gleick presents an eye-opening vision of how our relationship to information has transformed the very nature of human consciousness. A fascinating intellectual journey through the history of communication and information, from the language of Africa’s talking drums to the invention of written alphabets; from the electronic transmission of code to the origins of information theory, into the new information age and the current deluge of news, tweets, images, and blogs. Along the way, Gleick profiles key innovators, including Charles Babbage, Ada Lovelace, Samuel Morse, and Claude Shannon, and reveals how our understanding of information is transforming not only how we look at the world, but how we live. A  New York Times  Notable Book A  Los Angeles Times  and  Cleveland Plain Dealer  Best Book of the Year Winner of the PEN/E. O. Wilson Literary Science Writing Award  


The Information – James Gleick

Posted in alo, ALPHA, Anchor, Cyber, FF, GE, Knopf, LAI, LG, ONA, oven, PUR, Uncategorized | Tagged , , , , , , , , , , | Comments Off on The Information – James Gleick

What is the Impact of Voting on the Environment?

With the close of the midterm elections, many are glad to end the discussion on voting. With the constant barrage of political ads on TV and even via text message, the next proposition or candidate is the last thing on many voters? minds.

Even though election fever has subsided, one of the often-forgotten pieces of elections is the environmental impact of voting. Our society gets so caught up in policy and candidates that we fail to think about the impact that the physical process of voting has on the world around us.

How Does Voting Affect the Environment?

Almost all states use some form of paper ballot. There are only five states that run their elections without paper ballots ? Louisiana, Georgia, South Carolina, New Jersey, and Delaware. There are also nine other states that use a combination of both paper ballots and electronic machines ? Pennsylvania, Texas, Kansas, Florida, Tennessee, Arkansas, Indiana, Kentucky, and Mississippi.

Although the most secure, paper ballots generate plenty of waste. From the envelopes used for mail-in ballots to the physical ballots themselves, an election is a very paper-intensive project. After an election, ballots are stored for about 22 months, at which point local authorities can dispose of them, usually by shredding.

While it may not seem like a lot of waste, in the 2014 midterm election, there were over 83 million ballots counted. Current projections for the 2018 midterms put that figure in the 114 million range. And the examples above only include midterms. Turnout in presidential elections is generally much higher and local city elections happen all the time. Therefore, every year we are forced to scrap and attempt to recycle millions of pounds of paper, adding to the 71.8 million tons of paper waste that the US generates each year.

Are Electronic Voting Machines Any Better?

Some argue that electronic voting machines can have a positive environmental impact. While this is true regarding paper waste, there are a few important caveats with electronic voting machines:

-??????? Electronic voting machines need power. Unless they run on solar power, they would still be using resources.

-??????? With the pace that technology advances, these devices will become quickly outdated or need to be replaced, thus generating e-waste. In the United States, we already scrap about 400 million units of consumer electronics every year.

-??????? The simple act of driving to the nearest polling place likely does more environmental damage that the ballot you cast. Unless voters are able to walk or bike to the polls, they are still burning fuel and generating carbon dioxide to reach the ballot box.

What is the Best Option for the Environment?

Other than cutting down on paper waste, which can only be seen as a positive, electronic voting machines do not represent a large step forward for the environment. Coupled with the fact that electronic voting machines are not seen as secure, electronic voting machines do not seem like the right answer.

The most environmentally friendly form of voting would be to vote via the internet. Voters would not have to rely on paper ballots, drive to the nearest polling station, or use any devices other than the ones they already own. Moreover, even though 29 states have laws that allow you take time off work to vote, internet voting would reduce the transaction cost of participation and have a positive impact on turnout.

That said, the security technology is simply not there yet for a country as large as the United States and likely will not be for some time. With such high stakes, it is not a risk the country can afford to take. Estonia does have an e-voting system that has been in place since 2005, but it is a country of only about 1 million eligible voters with a national ID card system. Even then, a 2014 team at the University of Michigan found that interfering with Estonia?s election is possible, even though it may not have happened yet.

Therefore, it appears that until the technology is created, we are stuck with the traditional paper ballot methods that have been around since ancient Roman times. Hopefully with the rapid pace by which technology advances, one day soon we will have a voting system that maximizes both efficiency and care for the environment.

Disclaimer: The views expressed above are solely those of the author and may not reflect those of Care2, Inc., its employees or advertisers.

View original post here:

What is the Impact of Voting on the Environment?

Posted in alo, bigo, FF, GE, LAI, LG, ONA, Safer, solar, solar power, Uncategorized | Tagged , , , , , , , , , , | Comments Off on What is the Impact of Voting on the Environment?

Government’s Secret Surveillance Court May Be About to Get a Little Less Secret

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

When the USA Freedom Act was passed last week, it was hailed as the first major limit on NSA surveillance powers in decades. Less talked about was the law’s mandate to open a secret intelligence court to unprecedented scrutiny.

The Foreign Intelligence Surveillance Court, often known as the FISA court after the 1978 law that created it, rules on government requests for surveillance of foreigners. Its 11 federal judges, appointed by the chief justice of the Supreme Court, consider the requests one at a time on a rotating basis. In closed proceedings, they have approved nearly every one of the surveillance orders that have come before the court, and their rulings are classified.

Privacy advocates say those secret deliberations have created a black box that keeps the public from seeing both why the government makes key surveillance decisions and how it justifies them. But the new law passed by Congress last week may shed some new light on these matters. “The larger step that the USA Freedom Act accomplishes is that it is bringing those things out to the public,” says Mark Jaycox, a legislative analyst at the Electronic Frontier Foundation, a digital privacy advocacy group. The new law mandates that FISA court rulings that create “novel and significant” changes to surveillance law be declassified—and it is up to the judges to determine if the cases reach that threshold—though only after review by the attorney general and the director of national intelligence. While FISA court rulings have been leaked and occasionally declassified, the new law marks the first time Congress has attempted to make the court’s decisions available to the public.

Continue Reading »

Original link – 

Government’s Secret Surveillance Court May Be About to Get a Little Less Secret

Posted in alo, Anchor, Casio, FF, GE, LAI, LG, ONA, Radius, Uncategorized, Venta, Wiley | Tagged , , , , , , , , , | Comments Off on Government’s Secret Surveillance Court May Be About to Get a Little Less Secret

5 Flaws in Obama’s New Cybersecurity Plan

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

Following a string of high-profile corporate hacks at companies such as Target, Home Depot, and Sony, President Obama is now urging Congress to improve how companies respond to data breaches. He wants to require them to disclose consumer data breaches within 30 days of discovering them, make it easier for companies to share information about hacking threats with one another and the federal government, and criminalize the sale of botnets, programs used to coordinate attacks.

But while those may sound like good ideas, they’re not winning universal support from top digital rights groups. “President Obama’s cybersecurity legislative proposal recycles some old ideas that should remain where they’ve been since May 2011: on the shelf,” writes the Electronic Frontier Foundation (EFF).

Here are the top five concerns with Obama’s proposals:

1. They may allow companies to share your personal data with the NSA: Companies would receive legal immunity in connection with sharing information about threats with a cybersecurity center headed by the Department of Homeland Security, which could immediately pass it along to the National Security Agency and other federal agencies. The proposed disclosure law, which would trump other state or federal data-privacy laws, would require companies to take unspecified “reasonable” steps to strip information that could identify a specific person before sharing it, but only for individuals “reasonably believed to be unrelated to the cyber threat.”

2. Private companies and the government already share information about security threats: The sharing happens through the nonprofit Information Sharing and Analysis Centers and Homeland’s Enhanced Cybersecurity Services. “The question is what gap this bill is trying to fill when we already have a robust information sharing machine,” says EFF legislative analyst Mark Jaycox.

3. The reforms would increase penalties under the draconian Computer Fraud and Abuse Act: The notoriously broad and stringent CFAA is best known as the tool used by the feds to prosecute digital rights activist Aaron Swartz, who killed himself in 2013 while facing 35 years in jail and $1 million in fines in connection with downloading copyrighted scientific articles. “We’ve repeatedly seen government prosecutions that use the CFAA’s tough penalties to bully people,” says Jaycox. In a press release, the White House says it wants to ensure the act isn’t used to target “insignificant conduct.” But a close reading of its proposed reforms appears to tell a different story: One provision increases the penalty for stealing data from any “protected computer” from one year to three, even if it wasn’t done for commercial gain.

4. They supersede state laws: The White House’s consumer data breach law would supersede at least 38 state data-breach laws, some of which are more stringent than the proposed federal standard. The law proposed by the White House would apply only to businesses that store information on more than 10,000 individuals, but California, Florida and some other states have disclosure laws that apply to any company that experiences a data breach affecting more than 500 people. “Any such proposal should not become a back door for weakening transparency or state power,” the EFF said in a statement, “including the power of state attorneys general and other nonfederal authorities to enforce breach notification laws.”

5. They could limit online civil disobedience: There are plenty of legitimate reasons to curtail the sale of botnets, but they’ve also been used by activists to carry out distributed denial of service (DDOS) attacks against repressive governments and corporate ne’er-do-wells. Last year, the hactivist collective Anonymous posted a petition on Whitehouse.gov asking that DDOS attacks be recognized as a legal form of protest similar to the Occupy protests. Under the CFAA, carrying out a DDOS attack can already land you in jail for many years, but now the White House wants to further clamp down on the practice by specifically allowing the Attorney General to go after botnets that help enable them.

Jump to original – 

5 Flaws in Obama’s New Cybersecurity Plan

Posted in alo, Anchor, Cyber, FF, GE, LG, ONA, Radius, Uncategorized, Venta | Tagged , , , , , , , , , , | Comments Off on 5 Flaws in Obama’s New Cybersecurity Plan

Meet the People Behind the Wayback Machine, One of Our Favorite Things About the Internet

Mother Jones

Brewster Kahle is quick to point out that we are not standing inside a former Scientology church. Visitors to this looming white building in San Francisco’s Inner Richmond District are often confused about its past life as a meeting place for Christian Scientists, not to be confused with Scientologists. It is now a different kind of house of worship, known as the Internet Archive, where free digital access to all knowledge is the canon.

“The average life of a web page is about 100 days before it’s either changed or deleted,” says Kahle. “Even if it’s supported by big companies: Google Video came down, Yahoo Video came down, Apple went and wiped out all the pages in Mobile Me.” Capturing this transient web was Kahle’s original mission for the Internet Archive when he founded it in 1996. Nearly two decades later, the 53-year-old compares his organization to a “Library of Alexandria, version two.”

That may be an understatement. In addition to hosting the Wayback Machine, an ever-growing collection of more than 400 billion copies of web pages, the Internet Archive has also expanded its services by providing millions of free digitized books, TV shows, movies, songs, documents, and software titles. Want to see what MotherJones.com looked like in 1996? Here you go. Are you a Deadhead in search of rare recordings? There are more than 9,000 to choose from. Remember when federal websites were closed for business during the government shutdown? They were still available thanks to the Internet Archive.

Walking through the Internet Archive’s physical headquarters, which has occupied this former church since 2009, is a surreal experience. Built in 1923, the grand worship hall on the second floor remains intact, with wooden pews lining the floor and a podium sitting atop a stage. But stacks of humming blinking server racks now rest against the walls. And then there are the figurines—dozens of half-size human models that populate the outside rows of pews and immortalize Archive employees and volunteers throughout the years. Kahle’s mini-mannequin stands in the front row. Next to him is Aaron Swartz, the “Internet folk hero” who was a volunteer and contractor from 2007 to 2009. Swartz committed suicide in 2013 following a federal indictment for downloading the contents of the digital library JSTOR from the Massachusetts Institute of Technology. Kahle remains disappointed with how prosecutors, MIT, and JSTOR handled the Swartz case. “Shame on them,” he says. “I think it’s a symbol of the old world and the old approach that must be overturned. There are some organizations that are still built around this idea of restricting, restricting, restricting, and that’s not going to fly.”

While Kahle is against restricting access to knowledge, he adamantly supports internet users’ right to privacy. In 2007, the FBI sent the Internet Archive a secret National Security Letter (PDF) seeking information about one of its patrons. With the help of the Electronic Frontier Foundation, Kahle challenged the request and won. “That a library has to sue the US government is not terribly appropriate,” he says. But the Internet Archive’s relationship with the feds is not entirely prickly. It also provides web crawling and book scanning services for the Library of Congress. Kahle says the Patent and Trademark Office has used the Wayback Machine to research which ideas are novel or not.

A collection like the Internet Archive’s is extremely valuable. Kahle estimates it has about 15 petabytes of information (a petabyte is approximately one million gigabytes of data). That’s a lot less than Facebook’s estimated 300 petabytes, but there’s a big difference: “The Internet Archive is a nonprofit, and nope, there’s no buying it,” says Kahle. Kahle has sold other companies in the past. The Internet Archive was started with funding from the 1995 sale of his search system WAIS, which AOL purchased for $15 million. His online tracking service Alexa was sold to Amazon for $250 million in 1999. The Internet Archive’s current budget is around $12 million.

One of the Internet Archive’s fastest growing collections is its TV News Archive. For 24 hours a day, 7 days a week, HD feeds from more than 65 news channels, both foreign and domestic, are recorded on the Internet Archive servers. The feeds are fully searchable the following day. Roger Macdonald, who runs the project’s entire Television Archive, preaches treating all media as data. He says many TV and cable networks are “scared about experimenting” with closed captioning data that could make their content searchable by a global audience. By making its videos text-searchable, “our service has vaulted over the confines of the linear video storytelling,” he says. For example, when Harvard and MIT researchers studied how the media covered the Trayvon Martin shooting, they turned to the TV News Archive, using its closed captioning data to help map the story’s evolution.

In 2013, the Internet Archive received an unusual message from Michael Metelits. Metelits’s mother, Marion Stokes, who had recently passed away, had recorded more than 35 years of TV news in Philadelphia and Boston with her VHS and Betamax machines. Metelits was left with approximately 40,000 well-organized tapes, but he had nowhere to put them. So he emailed the Archive. “I thought there might be a typo in his email,” Macdonald recalls. “I couldn’t imagine an individual doing that.”

The donated collection turned out to be a goldmine. The TV News Archive began recording in 2000; Stokes had them beat by more than 20 years. And not only were her tapes in good condition, they also recorded closed captioning data, providing vital metadata. Digitizing and logging the massive trove, now stored in Richmond, California, is a challenge, to say the least. Macdonald says they’ve “only just scratched the surface of imagining what’s there.”

Sean Fagan, logistics specialist for the Internet Archive, with the Marion Stokes collection— 35 years of TV news recorded on VHS and Beta tapes. Brett Brownell

Looming above the Richmond storage facility where the Stokes collection resides is another element of Kahle’s ongoing mission. It’s an antenna broadcasting free internet, one of two free wi-fi access points the Archive provides to San Francisco Bay Area residents. (A third free wi-fi setup is in North Carolina.) He says cities “haven’t been doing their part” to provide faster access to the web and that communication infrastructure is “just as much the lifeblood as water or transportation to a city.”

Adding to its long list of projects, the Internet Archive is also taking a swing at the housing market. Kahle wants to apply the tech industry concept of “open sourcing” to disrupt (if you will) the Bay Area’s affordable housing crisis, which has been fueled in part by the booming tech industry. The Internet Archive has set up a separate nonprofit to purchase an 11-unit apartment building six blocks from its San Francisco headquarters, which it hopes will offer “debt free” housing to nonprofit employees. Macdonald says the first Internet Archive employee will move in later this year. Eventually, Kahle’s dream is “to transition 5 percent of all housing into a new housing class that would be dedicated to supporting the nonprofit sector.”

Even as he sets more ambitious goals, Kahle worries that the end of net neutrality could spell the end of the open web he’s fought to preserve. “If we lose net neutrality,” he says, “or if we let monopolization happen, whether it’s Comcast and AT&T in the United States, or other players in other countries, we will lose the magic that we’ve had for the last 20 or 30 years with this internet.” He urges other technologists to get involved. “We can’t just wait on government to do something. They’ll be bashed around by the commercial players that have all to gain from monopolization.”

Thinking about the current state of internet, Kahle says, “I wake up sometimes really depressed, and sometimes really optimistic.” But, he adds, “As they said in other struggles, you should know which side you’re on, and at least the Internet Archive knows which side it’s on.”

See the article here: 

Meet the People Behind the Wayback Machine, One of Our Favorite Things About the Internet

Posted in Anchor, Brita, FF, G & F, GE, LAI, LG, ONA, PUR, Radius, Uncategorized, Venta | Tagged , , , , , , , , , , | Comments Off on Meet the People Behind the Wayback Machine, One of Our Favorite Things About the Internet

Big-Bank Insider: Obama’s “Operation Choke Point” Isn’t Forcing Us to Close Porn Stars’ Accounts

Mother Jones

If this were a Hardy Boys book, it would be The Hardy Boys and the Mystery of the Porn Stars’ Disappearing Bank Accounts.

Last month, porn star Teagan Presley told Vice that JPMorgan Chase & Co. closed her account because the bank considered her “high-risk.” Then, on Wednesday, porn director David Lord told the Daily Beast that Chase sent him a letter notifying him that the bank was going to close his account on May 11. The Beast and Vice suggested that a secretive Justice Department program, “Operation Choke Point,” was behind the account closures. But a Chase insider familiar with the matter says that the initiative has nothing to do with the termination of these accounts.

“This has nothing to do with Operation Choke Point,” the source told Mother Jones. “There’s not a targeted effort to exit consumers’ accounts because of an affiliation with an industry and we have no policy that would prohibit a consumer from having a checking account because of an affiliation with this industry. We routinely exit consumers for a variety of reasons. For privacy reasons we can’t get into why.”

The porn stars’ allegations play into a narrative—pushed by banks and congressional Republicans—that the Obama administration is overstretching its authority by forcing banks to police the free market. Here’s the real story:

What is Operation Choke Point? Operation Choke Point is a federal initiative that aims to crack down on fraud by honing in on banks and payment processors—the companies that serve as middlemen between merchants and banks on credit card transactions. Financial institutions are not supposed to do business with companies they believe might be breaking the law. But Justice Department officials suspect that some payment processors ignore signs of fraud—like high percentages of transactions being rejected as unauthorized—in transactions they process, and banks go along for the ride, earning massive profits.

The Justice Department has already filed one lawsuit under the program. In January, the government sued Four Oaks Bank in North Carolina, charging that it “knew or was deliberately ignorant” that it was working with a company that processed payments for merchants who were breaking the law. According to the lawsuit, Four Oaks worked with a Texas-based payment processor that processed about $2.4 billion in transactions on behalf of fraudulent payday lenders, internet gambling entities, and a Ponzi fraud scheme. The processor then allegedly paid Four Oaks more than $850,000 in fees. (In April, Four Oaks reached a $1.2 million settlement with the government, but did not admit wrongdoing.)

President Obama’s Financial Fraud Enforcement Task Force, headed by the Department of Justice, is behind the program. Michael Bresnick, who runs the task force, made the program public last March. He says that the aim is to “close the access to the banking system that mass marketing fraudsters enjoy—effectively putting a chokehold on it.”

Is this the first time that feds have asked banks to keep an eye on their customers? No. The Bank Secrecy Act of 1970 requires financial institutions to assist the feds in preventing money laundering, which includes scrutinizing customers. However, banks argue that Operation Choke Point goes further than that law.

Does Operation Choke Point include a “blacklist” of businesses or individuals the government is requiring banks to target? Not exactly. Last September, the Federal Deposit Insurance Corporation issued updated regulatory guidelines noting that “facilitating payment processing for merchant customers engaged in higher-risk activities can pose risks to financial institutions.” A footnote in the guidelines linked to a list of products and services, published in 2011, that the feds say have been associated with high-risk activity, including get-rich products, drug paraphernalia, escort services, firearm sales, pornography, escort services, and racist materials. But the September guidance makes clear that financial institutions that “properly manage these relationships and risks are neither prohibited nor discouraged from providing payment processing services to customers operating in compliance with applicable law.” In other words, the guidance requires banks to perform due diligence to prevent fraud, but does not require banks to go on a porn-star witch hunt.

Why are some people saying Operation Choke Point discriminates against low-income Americans? As part of the program, the feds are scrutinizing payday lenders, which offer short-term loans at high interest rates. Critics of these lenders say they take advantage of low-income Americans, while defenders note that they’re often the only option for Americans unable to get loans elsewhere. Some states restrict or ban payday loans. But as payday lenders move online, they’ve been able to skirt state rules, according to the Justice Department. The feds hope to crack down on payday lenders that are not complying with state and federal regulations. “This effort is focusing on ensuring that lenders are not using electronic payment networks to commit fraud or offer products that would not otherwise be permitted,” says Tom Feltner, director of financial services at the Consumer Federation of America, a national association of nonprofit consumer advocacy groups.

Who opposes the program? Banks, payday lenders, gun owners, conservatives, and some Democrats have expressed opposition to the program. Frank Keating, president and CEO of the American Bankers Association, wrote an op-ed in the Wall Street Journal last month accusing the Justice Department of “forcing banks to make judgments about criminal behavior and then holding them accountable for the possible wrongdoing of others.” Jason Oxman, chief executive of the Electronic Transaction Association, which recently released guidelines for payment processors, told the Washington Post that Operation Choke Point shouldn’t target entire industries, and should instead focus on specific bad actors. A new lobbying group, the Third Party Payment Processors Association, opposes Operation Choke Point, and an activist group called “StopTheChoke.com” is running an online campaign against the program. The NRA, after receiving concerns from gun owners that the DOJ is using the program to take away their guns, said last week that “it will continue to monitor developments concerning Operation Choke Point.”

On January 8, Reps. Darrell Issa (R-Calif.) and Jim Jordan (R-Ohio) sent a letter to the Justice Department arguing that “the extraordinary breadth of the Department’s dragnet prompts concerns that the true goal of Operation Choke Point is not to cut off actual fraudsters’ access to the financial system, but rather to eliminate legal financial services to which the Department objects.”

Who supports it? Quite a few Democrats support the program. On February 26, Sen. Jeff Merkley (D-Ore.) and Rep. Elijah Cummings (D-Md.) sent a letter to the Justice Department recommending that the program continue. The letter, cosigned by 11 other Democrats, including Sen. Elizabeth Warren (D-Mass.), said: “The Department plays a critical role in ensuring system-wide compliance with anti-fraud, anti-money-laundering, and related laws, especially as they apply to the unique risks associated with our payments system, and we urge the Department to continue its vigorous oversight.”

Diane Standaert, senior legislative counsel for the Center for Responsible Lending, notes that eradicating fraud is also a win for consumers. “Banks should have a vested interest in making sure their own customers accounts aren’t being abused or unnecessarily drained,” she says. “By complying with this existing guidance, it’s a win-win.”

Originally posted here:  

Big-Bank Insider: Obama’s “Operation Choke Point” Isn’t Forcing Us to Close Porn Stars’ Accounts

Posted in alo, Anchor, Anker, FF, G & F, GE, LAI, LG, ONA, Radius, Uncategorized, Venta, Vintage | Tagged , , , , , , , , , , | Comments Off on Big-Bank Insider: Obama’s “Operation Choke Point” Isn’t Forcing Us to Close Porn Stars’ Accounts

Does the Heartbleed Bug Mean You Should Stay Off the Internet?

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

On Tuesday, news broke that the safeguard many websites use to protect sensitive information on the internet has had a major security flaw for about two years. These sites use a security system called OpenSSL to encrypt data like content, passwords, and social security numbers. But thanks to a small coding error in a popular version of OpenSSL, nicknamed “Heartbleed,” hackers can potentially steal sensitive data from vulnerable websites. Richard Bejtlich, chief security strategist at FireEye, a network security company, notes that there’s no evidence that malicious hackers have exploited the flaw yet. But the secrecy-minded Tor Project, which enables anonymous Internet browsing, nevertheless recommended on Monday that, “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.” Here are seven reasons why you might want to stop looking at cat videos right now:

1. Lots of popular websites have the security problem.

According to the New York Times, up to two-thirds of sites on the Internet rely on OpenSSL. A user on Github, an open-source coding site, compiled a list of sites that were allegedly vulnerable after a test was conducted on Tuesday. The Github list included Yahoo, Flickr, OkCupid, and Eventbrite, among dozens of other companies. (Some may have since updated their security.) Facebook and Google both released statements confirming they are not affected by the flaw. If you’d like to test a specific site to see whether it’s could be exploited—although this doesn’t meant that it has—go here.

2. Your most sensitive personal information is at risk.

When websites use SSL, that’s a good thing. The security layer is deployed during sensitive transactions to protect data like bank details, social security numbers, and passwords. Runa Sandvik, a staff technologist at the Center for Democracy and Technology (CDT), says that she’s heard, “this is even worse than if SSL wasn’t used at all, because it’s used to protect sensitive information. A site that isn’t protected at all, you might not submit sensitive information there in the first place.” The good news is, some security researchers are reporting that hackers may not be able to get the private keys to an entire website’s content. The bad news is, the flaw is still “a great way to steal passwords from recent logins” according to researchers at Errata Security.

3. Canada is freaking out.

The Canada Revenue Agency announced on Wednesday that it is temporarily shutting down its online services as a result of the Heartbleed bug. The moves come mere weeks before Canadians are expected to file their taxes. The U.S. Internal Revenue Service said in a statement Wednesday that its website has not been affected by the bug.

4. Right now, hackers are racing to get at that information.

“With these things, you can practically hear the shotgun go off. We’re in a race now between the attackers and the defenders, to see how quickly attackers can build viable attacks, and how quickly the defenders can put out their defenses,” says Christopher Budd, a spokesperson for Trend Micro, a Japanese security software company. He notes that while exploiting the vulnerability right now is fairly difficult, as hackers share information, people could build tool kits and it will become significantly easier.

5. You won’t necessarily know if your information has been hacked.

“It’s a serious bug in that it doesn’t leave any trace,” David Chartier, chief executive at Codenomicon, told the New York Times. “Bad guys can access the memory on a machine and take encryption keys, usernames, passwords, valuable intellectual property, and there’s no trace they’ve been there.”

6. It won’t be easy for websites to fix the problem.

Budd says fixing the problem is “simple, but not easy.” While there is a fixed OpenSSL version that websites can download, it can take time to roll out the new program across a website’s entire infrastructure. Budd notes that companies will have to weigh the risk of an attack against the potential that the entire website might come crashing down if a new coding error is introduced. That might dissuade companies from acting quickly. Additionally, after a website installs the new “fix,” it needs to update its SSL certificate, a process that can take a little time. Jeremy Gillula, staff technologist at the Electronic Frontier Foundation, notes that even if a website has downloaded the fix, if it hasn’t updated its certificates, it “could still be subject to a man-in-the-middle-attack on its users.”

7. Changing your passwords right away isn’t necessarily going to help you.

After news of Heartbleed broke, you probably got a lot emails from people telling you to change your passwords. Not so fast, experts say. If you change your password prior to a site getting rid of the bad SSL, your new password could be just as vulnerable as your old one. Sandvik from CDT says, “I’m in the same situation as everyone else. I would look for statements issued by companies before logging in, and if there is no statement, contact them and ask them. Also test their website.” Budd advises, “This is one of those situations where the best thing people can do is stick to best practices, don’t panic, and wait to hear information from people to know what’s going on. If you get instructions, follow them.”

Or you know, go read a book.

Original link – 

Does the Heartbleed Bug Mean You Should Stay Off the Internet?

Posted in Anchor, FF, G & F, GE, LG, ONA, PUR, Radius, Uncategorized, Venta | Tagged , , , , , , , , , , | Comments Off on Does the Heartbleed Bug Mean You Should Stay Off the Internet?

The "NSA-Proof" Cloud Drive: Spy-Thwarting Gadgets Are The Latest Tech Boom

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

For many years, Apple’s Steve Jobs used the Macworld expo in San Francisco to launch the company’s most innovative products. The release of gadgets such as the iPhone into the creative ferment of Silicon Valley gave rise to booming economies of accessories and apps. Yet this year, the most palpable inspiration among Macworld’s product developers is coming from a very different sort of tech guru: The National Security Agency whistleblower Edward Snowden.

One of the most prominent booths at Macworld, which opened on Wednesday and runs through Saturday, belongs to iDrive, a company that recently erected nine billboards around San Francisco to tout its “NSA-proof cloud backup.” Unlike other cloud sites such as Google Drive or DropBox, iDrive’s software helps users encrypt their data on their own mobile devices or computers using a private key known only to them. Then the encrypted data is automatically transmitted to and stored on the company’s servers. In the event of a subpoena by the NSA, “we can turn over the data but we can’t do anything with it because the key is not known to us,” iDrive CEO Raghu Kulkarni told me. “That is what makes it NSA-proof.”

In the months since the Snowden leaks, iDrive’s signups have jumped 20 percent, Kulkami says.

Of course, any claim of total invincibility to the NSA ought to be viewed with skepticism. The spy agency is building a quantum computer supposedly capable of breaking virtually all kinds of encryption and can often circumvent solid encryption anyway using other kinds of hacking. Oh, and by the way, the NSA likes to target people that it thinks have something to hide.

This afternoon at Macworld, Parker Higgins of the Electronic Frontier Foundation will moderate a panel of security firms and tech journalists called “The NSA And You.”

The challenges of protecting data from dragnet surveillance haven’t stopped other Macworld exhibitors from working the NSA angle. Take the “personal cloud” devices Transporter and My Cloud, for example. Designed for people who don’t trust anyone except themselves to back up or store their data, they replace the cloud with a two- to four-terabyte hard drive that sits on a desk. Yet this personal cloud still allows for all the convenience and functionality of the conventional cloud, including online access from any device and sharing large files with others via links.

Elke Larson, an exhibitor for My Cloud, told me that protection from the NSA “is a point that people bring up a lot” when discussing the product. Unlike iDrive, which doesn’t allow sharing from encrypted accounts, the personal cloud devices also enable users to more easily swap data.

“Our cloud is completely private,” said Transporter exhibitor Brett Best, whose booth overflowed with interested visitors. “You have complete control of your files and folders, and you know where they are.”

“Whereas DropBox,” he went on, “shoot, the government goes and accesses that stuff all the time.”

For what it’s worth, Best went on to claim that Transporter, which got off the ground with the help of $260,000 from Kickstarter, is more NSA-proof than My Cloud because My Cloud stores some of its users’ metadata, such as file names, but “we don’t store any of that.” (A My Cloud rep said he’d never heard that claim).

Not that any of this will matter if government investigators were to hack directly into your computer. In that event, you might wish you’d installed the app Hider 2, due to launch in few days from the company MacPaw. At the click of a button, it allows you to encrypt and hide (or decrypt and unhide) files on your computer. In a demo of the app at the company’s Macworld booth, some files were cheekily tagged “NSA.”

Apple’s App Store would not certify Hider 2, CEO Oleksandr Kosovan told me, until it was approved by… the NSA. “If the NSA does have some super-powered quantum computer,” he added, “they may get access to the data, but that is very unlikely.”

But that’s not the only threat for Hider 2 users. MacPaw is based in Kiev, Ukraine. So if Russian tanks roll over the border tomorrow, you may need to start worrying about protecting your Bitcoins and LOLcats from the Federal Security Service.

Visit site:

The "NSA-Proof" Cloud Drive: Spy-Thwarting Gadgets Are The Latest Tech Boom

Posted in alo, Anchor, FF, G & F, GE, LAI, LG, ONA, Radius, Uncategorized, Venta | Tagged , , , , , , , | Comments Off on The "NSA-Proof" Cloud Drive: Spy-Thwarting Gadgets Are The Latest Tech Boom

NSA’s Harshest Critics Meeting With White House Officials Tomorrow

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

On Thursday, a number of civil liberties groups that have harshly criticized the NSA surveillance practices disclosed by Edward Snowden, are meeting with President Obama’s top lawyer, Kathy Ruemmler. This White House session is one of several this week with lawmakers, tech groups, and members of the intelligence community that will help the President soon decide whether to keep the controversial surveillance programs intact.

Among groups that are reportedly attending the meeting are the Center for Democracy and Technology, the Electronic Privacy Information Center (EPIC), and the Federation of American Scientists. According to Caitlin Hayden, a spokesperson for the White House, the purpose of the meeting with Ruemmler “is to have a broad discussion regarding privacy and civil liberties protections and transparency initiatives.” According to a source with knowledge of the meeting, the meeting is likely the “next phase” of the Obama Administration’s attempt to decide “exactly how much of the Surveillance Review Group’s fairly radical recommendations they’re going to get behind.”

In December, this independent panel took a hard look at NSA snooping and issued 46 recommendations for reform, such as having phone carriers store domestic telephone records, rather than the NSA. Marc Rotenberg, the executive director of EPIC, tells Mother Jones that, “We support many of the recommendations contained in the report of the Review Group, particularly the proposal to end the NSA’s bulk collection of telephone records….But we think the President needs to do more.” He adds, “Privacy protection is not simply about NSA reform. We also need strong consumer safeguards.”

On Wednesday, President Obama is meeting with “leaders of the Intelligence community” and members of the Privacy and Civil Liberties Oversight Board, an independent agency that advises the President, according to Hayden. He will also meet with members of the House and Senate on Thursday to discuss surveillance issues. The Associated Press reports that he is expected to issue a final decision on NSA surveillance programs as early as next week.

Original link:

NSA’s Harshest Critics Meeting With White House Officials Tomorrow

Posted in FF, GE, LG, ONA, PUR, Uncategorized, Venta | Tagged , , , , , , , , , , , | Comments Off on NSA’s Harshest Critics Meeting With White House Officials Tomorrow

Twitter Just Made it Harder for the NSA to Read Your Private Tweets

Mother Jones

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” “http://www.w3.org/TR/REC-html40/loose.dtd”>

On Friday, Twitter announced that it has enabled a new form of Internet security, already used by Google and Facebook, that makes it considerably more difficult for the NSA to read private messages. With this new security, there isn’t one pair of master “keys” that unlock an entire website’s encryption, instead, new keys are produced and destroyed for each login session.

“If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” Twitter wrote on its blog. To put that into simple terms, that would be like giving a new set of keys to each visitor coming to your house, melting them down after the person gets inside, and changing the locks. The method is called “Perfect Forward Secrecy,” and while it has been around for at least two decades, it hasn’t been picked up by tech giants until recently, following the allegations of vast government surveillance by former NSA contractor Edward Snowden.

This security system specifically takes aim at the NSA’s alleged practice of scooping up the encrypted communications of millions of users—either through hacking or top-secret national security orders—and then storing them until the agency is able to get a company’s keys to access all of the data.â&#128;&#139; While Twitter was never implicated in the NSA’s vast online surveillance program, PRISM, there is still quite a bit of private information the US government could be interested in on Twitter for its counterterrorism efforts—direct messages, time zones, user passwords, and email addresses, for example.

To get a peek at how this security might play out in real life, look no further than the legal battle the Department of Justice is currently waging against Lavabit, an alternative email provider that was reportedly used by Snowden. When the founder of Lavabit refused to give up its master encryption keys to the US government—because it would have had access to thousands of email accounts—the company was held in contempt of court. If Lavabit had installed Perfect Forward Secrecy, however, the company wouldn’t have been able to give up its master keys, since they would have already been destroyed.

The Electronic Frontier Foundation, an Internet privacy group, supports Perfect Forward Secrecy, arguing that “against the known threat of “upstream” data collection, supporting perfect forward secrecy is an essential step.” However, as EFF notes, this doesn’t necessarily make a company completely NSA-proof, since it doesn’t protect data that’s stored on a server (and NSA still managed to hack into Google, by breaking into its front end server, according to documents in the Washington Post.)

The New York Times says that this new security will slow traffic down by about 150 milliseconds in the United States, and Tweeters are unlikely to notice. But it will “make the National Security Agency’s job much, much harder,” the paper said.

Original source: 

Twitter Just Made it Harder for the NSA to Read Your Private Tweets

Posted in FF, GE, LG, ONA, Uncategorized, Venta | Tagged , , , , , , , , , , , | Comments Off on Twitter Just Made it Harder for the NSA to Read Your Private Tweets