Security Category Archives
they’re going to hack us
16 August 2014 | Internet, Privacy, Security | No Comments
и — заодно — вот цитата из другой програмной статьи:
If your algorithm doesn’t allow a pedophile to irreversibly scramble his drive and avoid prosecution, it can’t be used by freethinkers under ideological oppression to hide state-banned books. If your messaging app won’t let someone safely plan bombing the Super Bowl, it can’t be used by an activist to reveal human rights abuses. If your map doesn’t let poachers stalk rhinos without alerting rangers, it can’t be used by ethnic minorities to escape purges. The strength of the tool enables all of these things, and it is an old, old test we have taken many times before to see which we use it for. The answer, as always, will be “both.”
не устану вспоминать Генри Менкена:
The trouble with fighting for human freedom is that one spends most of one’s time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all.
that simple.
рукопись, найденная в ванне
15 August 2014 | Internet, Politics, Privacy, Security | 2 Comments
в Wired, тем временем, опубликовали исключительной тщательности рассказ и интервью Эдварда Сноудена, что в сегодняшнем мире стоит прочитать, безусловно, всем. цитировать статью кусками достаточно бессмысленно, это тот самый шпионский роман, что стал в один день релаьностью — и вы увидели на страницах [дела] свою фамилию.
and you’re going to slip up and they’re going to hack you.
all clear
14 August 2014 | Internet, Privacy, Security | 2 Comments
замечательная мысль, кстати:
SpiderOak, the privacy-focused, Snowden-approved Dropbox rival, is set to announce that it will join the growing ranks of companies who’ve implemented a “warrant canary”.
The idea behind a warrant canary: if the government comes to a company with legal demands and a gag order in tow, that company can’t say anything to its users about it. They can, however, suddenly stop saying everything is okay.
надеюсь, будут не первыми и не последними: в том открытом мире, о котором любой мечтает, подобные маркеры жизненно необходимы.
весь мир на ладони
12 August 2014 | Politics, Privacy, Security | No Comments
еще немного правды:
The National Security Agency has routinely intercepted networking equipment that’s built in the United States, added backdoor access capabilities, then shipped the devices to their intended recipients abroad.
причем, сперва на каждом углу нам говорили о том, что нельзя доверять китайским роутерам и прочему сетевому оборудованию как раз в следствии таких вот запланированных дыр. а потом оказалось, что это просто борьба конкурентов за то, кому из них достануться ваши биты.
Штази, до свиданья
30 July 2014 | Cryptography, Privacy, Security, Software | 1 Comment
немного восторга:
Rejoice, O lovers of privacy! For Open WhisperSystems has released Signal for iPhone (open-sourced, licensed under the GPLv3), which gives any and every iPhone wielder the power to fully encrypt their calls against prying ears — and is completely compatible with OWS’s time-tested and well-liked RedPhone for Android.
уже скачали?
this new process
26 June 2014 | Google, Privacy, Security | 1 Comment
Google is now complying in full with a European Court Of Justice ruling last month which requires it to remove specific personal information from search results when an individual has made a request for the removal of “outdated” or “irrelevant” information about them.
форма для соответствующего запроса находится здесь.
welcome to Brazil
14 May 2014 | Google, Politics, Privacy, Security | No Comments
Email exchanges between National Security Agency Director Gen. Keith Alexander and Google executives Sergey Brin and Eric Schmidt suggest a far cozier working relationship between some tech firms and the U.S. government than was implied by Silicon Valley brass after last year’s revelations about NSA spying.
кто бы сомневался-то, обмен опытом, вот это все.
а с другой стороны, пожалуйста, как вам такая цитата:
Supporters of the National Security Agency inevitably defend its sweeping collection of phone and Internet records on the ground that it is only collecting so-called “metadata”—who you call, when you call, how long you talk. Since this does not include the actual content of the communications, the threat to privacy is said to be negligible. That argument is profoundly misleading.
Of course knowing the content of a call can be crucial to establishing a particular threat. But metadata alone can provide an extremely detailed picture of a person’s most intimate associations and interests, and it’s actually much easier as a technological matter to search huge amounts of metadata than to listen to millions of phone calls. As NSA General Counsel Stewart Baker has said, “metadata absolutely tells you everything about somebody’s life. If you have enough metadata, you don’t really need content.” When I quoted Baker at a recent debate at Johns Hopkins University, my opponent, General Michael Hayden, former director of the NSA and the CIA, called Baker’s comment “absolutely correct,” and raised him one, asserting, “We kill people based on metadata.”
спокойных снов, ага.
досмотр и контроль
4 May 2014 | Internet, Privacy, Security | No Comments
о ценах на головы:
General information about a person, such as their age, gender and location is worth a mere $0.0005 per person, or $0.50 per 1,000 people. A person who is shopping for a car, a financial product or a vacation is more valuable to companies eager to pitch those goods. Auto buyers, for instance, are worth about $0.0021 a pop, or $2.11 per 1,000 people.
Certain milestones in a person’s life prompt major changes in buying patterns, whether that’s becoming a new parent, moving homes, getting engaged, buying a car, or going through a divorce. Marketers are willing to pay more to reach consumers at those major life events. Knowing that a woman is expecting a baby and is in her second trimester of pregnancy, for instance, sends the price to tag for that information about her to $0.11.
и еще одна чудесная статья:
It all started with a personal experiment to see if I could keep a secret from the bots, trackers, cookies and other data sniffers online that feed the databases that companies use for targeted advertising. As a sociologist of technology I was launching a study of how people keep their personal information on the Internet, which led me to wonder: could I go the entire nine months of my pregnancy without letting these companies know that I was expecting?
<...>
But, as I discovered when I tried to buy a stroller, opting out is not only antisocial, it can appear criminal.
you got the point:
Internet companies hope that users will not only accept the trade-off between “free” services and private information, but will forget that there is a trade-off in the first place.
eyes wide shut
7 April 2014 | Internet, Privacy, Security | No Comments
Unless we start building personal trust networks (exchanging and verifying public/private keys) and encrypting our email, then we should probably give up on email privacy. When communicating in plain text over the public Internet we should assume that our messages are being read by third parties.
It doesn’t matter if we self host, pay a dedicated Email host with a simple privacy policy or use a giant advertising-supported technology company’s Email service for free. Email privacy without encryption and trusted, verified identity is an illusion.
коммуникации в сети — это то, что не дает мне покоя практически беспрерывно. и действенный компромисс между удобством и надежностью пока так и не обнаружен.
лучше иного детектива
28 March 2014 | Privacy, Security | 1 Comment
кстати, история (1, 2), что стоит обязательно прочитать всем, кто хоть сколько-то интересуется безопастностью коммуникаций.