Wednesday 28 July 2010

Archive of 100 million Facebook users available on Torrent

This is not technically webtapping, but a gentle reminder on why you should secure the information you make available online.

"A directory containing personal details about more than 100 million Facebook users has surfaced on an Internet file-sharing site. The 2.8GB torrent was compiled by hacker Ron Bowes of Skull Security, who created a web crawler program that harvested data on users contained in Facebook's open access directory, which lists all users who haven't bothered to change their privacy settings to make their pages unavailable to search engines."

(source: Slashdot)

Tuesday 27 July 2010

UK ISP TalkTalk Caught Monitoring Its Customers

Another reason why you have to use secured protocols. Slashdot reports:
The UK ISP TalkTalk has been caught using a form of Deep Packet Inspection technology to monitor and record the websites that its customers visit, without getting their explicit consent. The system, which is not yet fully in place, ultimately aims to help block malware websites by comparing the URL that a person visits against a list of good and bad sites. Bad sites will then be restricted. TalkTalk claims that its method is totally anonymous and that the only people with visibility of the URL database itself are Chinese firm Huawei, which will no doubt help everybody to feel a lot better (apply sarc mark here) about potentially having their privacy invaded.

Sunday 28 February 2010

Opening the Internet — with an Axe

Fernando Herrera-Gonzalez has published a great opinion, from the austrian economics and libertarian points of view on the Mises.org web site about the new regulations of the Internet proposed by the FCC.

The whole post is very much worth reading. I'm pasting here the conclusion:
The FCC's policy goal of guaranteeing the openness of the Internet as an engine for innovation and growth might seem appealing.

However, the Internet has played the role of "economic engine" up to this moment without the need of any intervention. The threats depicted by Mr. Genachowski are just not credible. Telecom companies have no incentives to block contents or services, because their business model would suffer even in the face of a possible cannibalization of revenues.

On the contrary, it is the proposed measures that are a serious threat to the Internet. The granting of these legislated rights will only have negative effects for their recipients: If the users demand those rights and they are ready to pay the costs, then there is no need of intervention. If the users do not demand them, then the enforcement of these legally defined rights will lead to the bankruptcy of the operator and thus a lack of service.

Moreover, the obligations of nondiscrimination and transparency will have negative effects on innovation, investment, and prosperity, instead of the positive effects that may be expected from the openness of the Internet.

This is what will happen if the government mandates the openness of the Internet by means of regulatory obligations. If we try to open the Internet with an axe, it is very likely that we will end up destroying it — and investment, innovation, and prosperity with it.

Friday 5 February 2010

Police Want Law to Provide them with easy access to your Private Data

Another Slashdot report:
"According to this story on CNET, police again are pushing for new laws requiring ISPs and webmail providers to store users' private data for five years and also want a new electronic way of speeding up subpoenas and search warrants via police-only encrypted portals at all ISPs and webmail providers."

Microsoft to auction you're personal information?

Slashdot reports:
"Give Bill Gates your 'pictures, videos, documents, e-mail, instant messages, addresses, calendar dates/scheduling information (e.g., birthdays, anniversaries, appointments), voice mail, phone logs, RSS feeds, subscriptions, bookmarks, mail lists, project management features, computing device data, tasks and location data,' and he'll improve your 'quality of life.' That's the promise behind a patent issued Thursday to Bill Gates and his 20 co-inventors for 'Personal Data Mining', which Microsoft notes 'can include a monetization component' that 'could initiate an auction to sell information to the highest bidder.'"

Sunday 20 September 2009

Facebook to Shut Down Beacon

Slashdot:
"Facebook has agreed to shut down its much-maligned Beacon advertising system in order to settle a class-action lawsuit. The lawsuit, filed in August of last year, alleged that Facebook and its Beacon affiliates like Blockbuster and Overstock.com violated a series of laws, including the Electronic Communications Privacy Act, the Video Privacy Protection Act, the California Consumer Legal Remedies Act and the California Computer Crime Law. The proposed settlement, announced late on Friday, calls not only for Facebook to discontinue Beacon, but also back the creation of an independent foundation devoted to promoting online privacy, safety and security. The money for the foundation will come from a US$9.5 million settlement fund."

Sunday 17 May 2009

UK's Expensive Net Spying Plan Proceeds

PCPro:
The Government has dropped plans to create a massive database of all internet communications, following stern criticism from privacy advocates.

Instead the Government wants ISPs and mobile phone companies to retain details of mobile phone calls, emails and internet sites visited.

As with the original scheme, the actual content of the phone calls and messages won't be recorded, just the dates, duration and location/IP address of messages sent. The security services would then have to apply to the ISP or telecoms company to have the data released.

The new proposals would also require ISPs to retain details of communications that originated in other countries but passed over the UK's network, such as instant messages.

ITPro:
The government is set to require all telcos to record data between communications – mobile phones, text message, emails and instant messages, as well as internet browsing sessions to social networking sites such as Facebook.

The details of the Intercept Modernisation Programme were laid out in a consultation document released today. The government will be accepting advice on the plans until July 2009.

Any firm considered a communications service provider (CSP) – such as internet service providers (ISPS) and mobile operators – would be required to hold onto such data in case the government needed it, for anti-terror or policing reasons, for example.

Such CSPs will also be required to collect data from services that are based overseas but use UK networks.

A document from the Home Office stressed the data held would include who, when, where and how communications connections were made – but not the content. For example, the information held on an email would include who sent it, to whom they sent it, and when it was sent, but the content of the email would not be stored.

The Register:
Spy chiefs are already spending hundreds of millions of pounds on a mass internet surveillance system, despite Jacqui Smith's announcement earlier this week that proposals for a central warehouse of communications data had been dumped on privacy grounds.

The system - uncovered today by The Register and The Sunday Times - is being installed under a GCHQ project called Mastering the Internet (MTI). It will include thousands of deep packet inspection probes inside communications providers' networks, as well as massive computing power at the intelligence agency's Cheltenham base, "the concrete doughnut".

Sources with knowledge of the project said contracts have already been awarded to private sector partners.