As online threats multiply, who’s the hacker now?

March was a tough month for hackers.

First we learned from WikiLeaks that the CIA has an arsenal of code designed to break into the world’s phones, cars and TVs, not to mention old-fashioned computers. Then the US authorities announced indictments in the largest hacking case on record: the breach of half a billion Yahoo accounts in 2014. Two of the men charged are Russian spies.

The Kremlin is becoming particularly adept at blending high espionage and lowdown criminal pursuits like the online theft of other people’s data. The king of that particular castle is Evgeniy Bogachev, the guy opposite with his Bengal cat and matching pyjamas. They say he’s extremely wealthy, and once had upwards of half a million computers under his command. He’s also a criminal standout for having a $3 million FBI bounty on his close cropped head. Back home in his redoubt on the Black Sea, however, Bogachev is a popular asset among intelligence operatives.
Continue reading

Smart objects, dumb ideas: your hyperconnected future (Pew/Elon 2016)

crestron-control-panel

We’re all going to hell in an IP-enabled handbasket.

The bland-looking control panel depicted above is the heart of a smart home – automated up the wazoo, so your fingers can play master of the universe with the lighting, audio system, appliances, heating and cooling, sprinklers, pool, spa, garage door – and your alleged security system.

Alleged because smart homes, cars and all the other items you’ll be connecting to the public automated-cat_feederInternet will offer unprecedented opportunites for hackers to infiltrate your life. Most personal devices like computers are already insecure enough. But so-called “smart” devices will be far more difficult for consumers to organize, update and secure than the familiar devices we can see and hold. (If you think any object in our lives will be spared, check out the automated cat feeder adjacent, courtesy Wikipedia.) Continue reading

Why is Reed Hastings bent on killing my privacy?

netflix-vpn-error-collage

“I don’t think we will see any impact.” — Reed Hastings, January 19

“The VPN crackdown is meeting fierce resistance from privacy activists and concerned users, with tens of thousands calling upon the streaming service to reverse its broad VPN ban.”Torrent Freak, Feb 26

~~~

Since Netflix came to Canada in September 2010, I’ve written 51 posts carrying the Netflix tag. I’ve sung the praises of Reed Hastings; objected to the anti-Netflix manipulation of data caps by our incumbents; defended Netflix’s right to operate in Canada over the self-serving protests of our media establishment; and sympathized with Netflix for the archaic treatment meted out to streaming services by the CRTC.

Netflix-6.0-for-iOS-app-icon-smallThe longest pair of posts I’ve ever written (about 6,000 words) was on the attempt by the CRTC and selected media barons to make life as difficult as possible in Canada for Netflix. That was 2011: Get yer grimy paws off my Netflix: Ottawa’s big OTT scam (part 1, June 16; and part 2, June 18).

There was a single exception. I fell off the wagon when Netflix linked arms with Facebook and produced one of the worst privacy policies I’ve ever read: Netflix showing way too much love – for your Facebook data (Oct 2011).

Which brings us to the much bigger privacy problem Netflix has created for itself. Continue reading

The Internet in 2025: 12 reasons to fear our online future (Pew 5)

patel-theverge-internet-is-fuckedBe very afraid: see Nilay Patel’s hard-hitting post in The Verge last week

~~~

The trends are mostly about fragmentation

Or at least the triumph of depth of experience over outreach and a sense of commonality.

This is the 5th and last of my responses from the 2013-14 edition of the Pew/Elon experts survey on the future of the Internet. I only answered 5 of this year’s 8 questions; my four prior responses are these:

The final Pew question was the only one described as open-ended, i.e. it did not begin with the usual Yes/No binary choice. By the time I was done writing my relatively short response, I was seriously depressed. As Free Press president Craig Aaron said to The Verge’s Nilay Patel: “What we need right now is decisive action. We can still unfuck the Internet.” Sure, but where’s decisive action going to come from? The FCC? The CRTC? Questions for another time. Continue reading

The Internet in 2025: security, liberty, privacy (Pew 1)

forster-csec-comic

CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents CBC News, Jan 30, 2014

 ~~~

All I was going to do in this post, as previously advertised, was paste in my reponse to the security, liberty, privacy question on the recent Pew/Elon survey on the future of the Internet (please see previous post if this makes no sense).

Many clusters will resolve to other Airports! Awesome! And no spying on Canadians! Continue reading

The NSA and an escalating battle over Internet privacy

post-beach

Beach at Brighton, UK, August 2013

~~~~

“I would rather have a rectal examination on live TV by a fellow with cold hands than have a Facebook page.” — George Clooney, Sept 2009

“To the engineers, I say this: we built the Internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.” — Bruce Schneier, Sept 2013

~~~

Update (Sept 9). More evidence of the damage to online privacy politicians can cause without any help from spooks or decryption… TorrentFreak is running a story about British PM David Cameron and his alarming online content filter. Mobile carriers in the UK must have the filter turned on by default to block content that may be considered “harmful” to children. As the story points out: “The filter mainly targets adult-oriented content, but one provider now says that VPN services also fall into this category as they allow kids to bypass age restrictions.” In other words, the use of a VPN service like WiTopia, which I describe at the end of this post, may turn out to be illegal. Without the anonymity provided by tools like VPNs (virtual private networks), the public cannot expect to have any reasonable measure of privacy on the Internet.

Update 2 (Sept 9). ISOC has issued a statement strongly condemning the US government’s attack on the Internet’s core encryption technologies. An excerpt:

“The Internet Society believes that global interoperability and openness of the Internet are pre-requisites for confidence in online interaction; they unlock the Internet as a forum for economic and social progress; and they are founded on basic assumptions of trust. We are deeply concerned that these principles are being eroded and that users’ legitimate expectations of online security are being treated with contempt. … Security is a collective responsibility that involves multiple stakeholders. In this regard, we call on:

  • Those involved in technology research and development: use the openness of standards processes like the IETF to challenge assumptions about security specifications.
  • Those who implement the technology and standards for Internet security: uphold that responsibility in your work, and be mindful of the damage caused by loss of trust.
  • Those who develop products and services that depend on a trusted Internet: secure your own services, and be intolerant of insecurity in the infrastructure on which you depend.”

ssl-3

This summer, the Snowden NSA revelations greatly altered priorities in the battle for an otherwise enduring goal: keeping the Internet secure and open for use by us ordinary folk.

VerizonLogo1True, some things never change. Persistently the enemy of reason and fair play, Verizon will have its day in court on September 9, when it begins arguments before the D.C. Circuit as to why the FCC’s network neutrality rules should be torn up into little pieces, cremated and cast into the Chesapeake Bay. The carrier claims the FCC has no possible grounds for imposing such rules; is acting capriciously by trying to do so; and is threatening Verizon’s First Amendment rights into the bargain. As Harold Feld of Public Knowledge wrote in his policy blog:

“Just like Verizon FiOS decides whether or not to carry Al Jazeera America, and on what terms, Verizon argues it has the right to decide whether or not to go to AlJazeera.com, and on what terms.”

Abuse as a feature, privacy as a bug

fb-like-2Which brings us to Facebook and another unsettling story about risks to privacy. Facebook has once again given not just movie stars and world-renowned cryptographers like Bruce Schneier but a billion other people compelling reasons to worry about their privacy. Not that this is news. Abusing everyone’s privacy – in part by changing the abuse policy regularly – is a Facebook feature not a bug. This month it’s not even changing policy, just “clarifying” it. As the LA Times noted:

“The new language says users automatically give Facebook the right to use their information unless they specifically deny the company permission to do it. At the same time, Facebook made it more complicated to opt out.”

Continue reading

Sorry, no meds for you today

***

***

On hiatus

<and we’re back, despite the hack>

Appearances in your recent Google searches notwithstanding, no, I have not been operating an online pharmaceutical venture offering you controlled substances without all the fuss and bother of consulting a physician, not to mention coughing up the money to pay for them. Not enough fun in your life? Need a lift? You’ve come to the wrong place.

Imagine my surprise the other day when I was testing out some key words I use in this blog – and discovered a stream of first-page Google hits directing visitors to hot deals on Vic*din and Vi*gra. Suddenly, entering the semantic field surrounding www.davidellis.ca was like getting a free trip to Mexico, if you get my drift. I got hacked, but good.

(Nor can I help with your birth control needs...)

Continue reading