Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

April 5, 2018

The EFF’s BFF? – Government

Filed under: Electronic Frontier Foundation,Government — Patrick Durusau @ 7:42 pm

DHS Confirms Presence of Cell-site Simulators in U.S. Capital by Cooper Quintin.

The present situation:

The Department of Homeland Security has finally confirmed what many security specialists have suspected for years: cell-phone tracking technology known as cell-site simulators (CSS) are being operated by potentially malicious actors in our nation’s capital.

Anyone with the skill level of a hobbyist can now build their own passive IMSI catcher for as little as $7 or an active cell-site simulator for around $1000. Moreover, mobile surveillance vendors have displayed a willingness to sell their goods to countries who can afford their technology, regardless of their human rights records.

The EFF’s solution:


Law enforcement and the intelligence community would surely agree that these technologies are dangerous in the wrong hands, but there is no way to stop criminals and terrorists from using these technologies without also closing the same security flaws that law enforcement uses. Unlike criminals however, law enforcement can still obtain search warrants and work directly with the phone companies to get subscribers’ location, so they would not lose any capabilities if the vulnerabilities CSSs rely on were fixed.

Why the EFF trusts a government that has spied on the American people for decades is a question you need to put to the EFF. I can’t think of any sensible explanation for their position.

I’ve been meaning to ask: How does it feel to be lumped in with “…criminals and terrorists…?”

You may be an average citizen who is curious about who your member of Congress or state/local government is sleeping with, being paid off by, or other normal and customary functions of government.

A CSS device can contribute towards meaningful government transparency. Perhaps that’s why the EFF resists CSS devices being in the hands of citizens.

We’ll lose our dependence on the EFF for what minimal transparency does exist.

I can live with that.

January 22, 2018

EFF Investigates Dark Caracal (But Why?)

Filed under: Cybersecurity,Electronic Frontier Foundation,Government,Privacy,Security — Patrick Durusau @ 9:19 pm

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments by Iain Thomson.

From the post:

An investigation by the Electronic Frontier Foundation and security biz Lookout has uncovered Dark Caracal, a surveillance-toolkit-for-hire that has been used to suck huge amounts of data from Android mobiles and Windows desktop PCs around the world.

Dark Caracal [PDF] appears to be controlled from the Lebanon General Directorate of General Security in Beirut – an intelligence agency – and has slurped hundreds of gigabytes of information from devices. It shares its backend infrastructure with another state-sponsored surveillance campaign, Operation Manul, which the EFF claims was operated by the Kazakhstan government last year.

Crucially, it appears someone is renting out the Dark Caracal spyware platform to nation-state snoops.

The EFF could be spending its time and resources duplicating Dark Caracal for the average citizen.

Instead the EFF continues its quixotic pursuit of governmental wrong-doers. I say “quixotic” because those pilloried by the EFF, such as the NSA, never change their behavior. Unlawful conduct, including surveillance continues.

But don’t take my word for it, the NSA admits that it deletes data it promised under court order to preserve: NSA deleted surveillance data it pledged to preserve. No consequences. Just like there were no consequences when Snowden revealed widespread and illegal surveillance by the NSA.

So you have to wonder, if investigating and suing governmental intelligence organizations produces no tangible results, why is the EFF pursuing them?

If the average citizen had the equivalent of Dark Caracal at their disposal, say as desktop software, the ability of governments like Lebanon, Kazakhstan, and others, to hide their crimes, would be greatly reduced.

Exposure is no guarantee of accountability and/or punishment, but the wack-a-mole strategy of the EFF hasn’t produced transparency or consequences.

September 19, 2017

An Honest Soul At The W3C? EME/DRM Secret Ballot

Filed under: Cybersecurity,DRM,Electronic Frontier Foundation,Leaks,Security,W3C — Patrick Durusau @ 9:49 am

Billions of current and future web users have been assaulted and robbed in what Jeff Jaffe (W3C CEO) calls a “respectful debate.” Reflections on the EME Debate.

Odd sense of “respectful debate.”

A robber demands all of your money and clothes, promises to rent you clothes to get home, but won’t tell you how to make your own clothes. You are now and forever a captive of the robber. (That’s a lay persons summary but accurate account of what the EME crowd wanted and got.)

Representatives for potential victims, the EFF and others, pointed out the problems with EME at length, over years of debate. The response of the robbers: “We want what we want.

Consistently, for years, the simple minded response of EME advocates continued to be: “We want what we want.

If you think I’m being unkind to the EME advocates, consider the language of the Disposition of Comments for Encrypted Media Extensions and Director’s decision itself:


Given that there was strong support to initially charter this work (without any mention of a covenant) and continued support to successfully provide a specification that meets the technical requirements that were presented, the Director did not feel it appropriate that the request for a covenant from a minority of Members should block the work the Working Group did to develop the specification that they were chartered to develop. Accordingly the Director overruled these objections.

The EME lacks a covenant protecting researchers and others from anti-circumvention laws, enabling continued research on security and other aspects of EME implementations.

That covenant was not in the original charter, the director’s “(without any mention of a covenant),” aka, “We want what we want.

There wasn’t ever any “respectful debate,” but rather EME supporters repeating over and over again, “We want what we want.

A position which prevailed, which bring me to the subject of this post. A vote, a secret vote was conducted by the W3C seeking support for the Director’s cowardly and self-interested support for EME, the result of which as been reported as:


Though some have disagreed with W3C’s decision to take EME to recommendation, the W3C determined that the hundreds of millions of users who want to watch videos on the Web, some of which have copyright protection requirements from their creators, should be able to do so safely and in a Web-friendly way. In a vote by Members of the W3C ending mid September, 108 supported the Director’s decision to advance EME to W3C Recommendation that was appealed mid-July through the appeal process, while 57 opposed it and 20 abstained. Read about reflections on the EME debate, in a Blog post by W3C CEO Jeff Jaffe.

(W3C Publishes Encrypted Media Extensions (EME) as a W3C Recommendation)

One hundred and eight members took up the cry of “We want what we want.” rob billions of current and future web users. The only open question being who?

To answer that question, the identity of these robbers, I posted this note to Jeff Jaffe:

Jeff,

I read:

***

In a vote by Members of the W3C ending mid September, 108 supported the Director’s decision to advance EME to W3C Recommendation that was appealed mid-July through the appeal process, while 57 opposed it and 20 abstained.

***

at: https://www.w3.org/2017/09/pressrelease-eme-recommendation.html.en

But I can’t seem to find a link to the vote details, that is a list of members and their vote/abstention.

Can you point me to that link?

Thanks!

Hope you are having a great week!

Patrick

It didn’t take long for Jeff to respond:

On 9/19/2017 9:38 AM, Patrick Durusau wrote:
> Jeff,
>
> I read:
>
> ***
>
> In a vote by Members of the W3C ending mid September, 108 supported the
> Director’s decision to advance EME to W3C Recommendation that was
> appealed mid-July through the appeal process, while 57 opposed it and 20
> abstained.
>
> ***
>
> at: https://www.w3.org/2017/09/pressrelease-eme-recommendation.html.en
>
> But I can’t seem to find a link to the vote details, that is a list of
> members and their vote/abstention.
>
> Can you point me to that link?

It is long-standing process not to release individual vote details publicly.

I wonder about a “long-standing process” for the only vote on an appeal in W3C history but there you have it, the list of robbers isn’t public. No need to search the W3C website for it.

If there is an honest person at the W3C, a person who stands with the billions of victims of this blatant robbery, then we will see a leak of the EME vote.

If there is no leak of the EME vote, that is a self-comment on the staff of the W3C.

Yes?

PS: Kudos to the EFF and others for delaying EME this long but the outcome was never seriously in question. Especially in organizations where continued membership and funding are more important than the rights of individuals.

EME can only be defeated by action in the trenches as it were, depriving its advocates of any perceived benefit and imposing ever higher costs upon them.

You do have your marker pens and sticky tape ready. Yes?

February 19, 2017

EFF Urges Trusting Cheaters

Filed under: Cybersecurity,Electronic Frontier Foundation,Government,Privacy — Patrick Durusau @ 4:34 pm

Congress Must Protect Americans’ Location Privacy by Kate Tummarello.

From the post:

Your smartphone, navigation system, fitness device, and more know where you are most of the time. Law enforcement should need a warrant to access the information these technologies track.

Lawmakers have a chance to create warrant requirements for the sensitive location information collected by your devices.

It’s already against the law to intercept and transcribe all phone calls but the weight of the evidence shows the US government is doing exactly that.

The periodic EFF calls for legislation by known cheaters leave me puzzled.

Laws, to government agencies, mark “don’t get caught zones” and little more.

Protecting sensitive location information, to be effective, must be demanded by consumers of manufacturers.

No backdoors, no warrants, no snooping, it’s just that simple.

December 20, 2016

EFF then (2008) and now (2016)

Filed under: Electronic Frontier Foundation,Government,Politics,Privacy — Patrick Durusau @ 7:56 pm

The EFF has published a full page ad in Wired, addressing the tech industry, saying:

Your threat model has just changed.

EFF’s full-page Wired ad: Dear tech, delete your logs before it’s too late.

Rather remarkable change in just eight years.

Although I can’t show you the EFF’s “amusing” video described in Wired as follows:

THE ELECTRONIC FRONTIER Foundation is feeling a little jolly these days.

As part of its latest donor campaign, it’s created a brief, albeit humorous animated video espousing why it needs your cash.

Among other things, the video highlights the group’s fight for electronic rights, including its lawsuit challenging President Bush’s warrantless eavesdropping on Americans.

The lawsuit prompted Congress to immunize telecoms that freely gave your private data to the Bush administration — without warrants. (The EFF is now challenging that immunity legislation, which was supported by President-elect Barack Obama.)

What’s more, the EFF video, released Wednesday, reviews the group’s quest for fair use of copyrighted works, working electronic voting machines, and how it foiled wrongly issued patents.

It’s not on the EFF site, not available from the Wayback Machine, but it sounds very different from the once in a lifetime fund raising opportunity presented by President-elect Trump.

President Obama could have ended all of the surveillance apparatus that was in place when he took office. Dismantled it entirely. So that Trump would be starting over from scratch.

But no, the EFF has spent the last eight years working within the system in firm but polite disagreement.

The result of which is President-elect Trump has at his disposal a surveillance system second to none.

The question isn’t whether we should have more transparency for the Foreign Intelligence Surveillance Court but to strike at its very reason for existence. The charade of international terrorism.

Have you ever heard the EFF argue that toddlers kill more Americans every year than terrorists? Or any of the other statistics that demonstrate the absurdity of US investment in stopping a non-problem?

If you are serious about stopping surveillance then we need to strike at its rationale for existence.

Tolerance of surveillance, the EFF position, is a guarantee that surveillance will continue.

PS: Cory Doctorow attempts to make the case that President-elect Trump will do worse than President Obama. It’s possible but considering what Obama has done, it’s too close to call at this point. (You do realize we already have databases of Muslims, yes? So playing the “Trump says he will build a database of Muslims” card, yes, he said that, is deceptive. It already exists.)

I agree we are in danger from the incoming administration but it’s a factual issue whether it will be any worse than the present one.

The distance between said and actual policy can be quite large. Recalling that Obama promised to close our illegal detention of prisoners at Guantanamo Bay. Yet, eight years later a number of them remain there still.

November 1, 2016

Copyright Office Opens Up 512 Safe Harbor ($105 Fee Reduced To $6)

Filed under: Electronic Frontier Foundation,Intellectual Property (IP) — Patrick Durusau @ 4:26 pm

After reading the Copyright Office explanation for the changes Elliot Harmon‘s complains of in Copyright Office Sets Trap for Unwary Website Owners, I see the Copyright Office as opening up the 512 safe harbor to more people.

In his rush to criticize the Copyright Office for not taking EFF advice, Elliot forgets to mention:


Transitioning to the electronic system has allowed the Office to substantially reduce the fee to designate an agent with the Office, from $105 (plus an additional fee of $35 for each group of one to ten alternate names used by the service provider) to $6 (with no additional fee for alternate names).

Copyright Office Announces Electronic System for Designating Agents under DMCA

Wow! Government fees going down?

Going from $105 (plus $35 for alternate names) to $6 and no additional fee for alternate names, opens up the 512 safe harbor to small owners/sites.

True enough, the new rule requires you to renew every three years but given the plethora of renewals we all face, what’s one more? Especially an important one.

The Copyright Office has prepared videos (with transcripts) to guide you to the new system.

A starting point for further reading: Copyright Office Reviews Section 512 Safe Harbor for Online User-Generated Content – The Differing Perceptions of Musicians and Other Copyright Holders and Online Service Providers on the Notice and Take-Down Process by David Oxenford. Just a starting point.

If you have or suspect you have copyright issues, consult an attorney. Law isn’t a safe place for self-exploration.

PS: I understand that EFF must write for its base, but closer attention to the facts of rules and changes would be appreciated.

September 28, 2016

Oversight Concedes Too Much

Filed under: Electronic Frontier Foundation,Government,Privacy — Patrick Durusau @ 3:26 pm

It’s deeply ironic that the Electronic Frontier Foundation writes in: Police Around the Country Regularly Abuse Law Enforcement Databases:


The AP investigation builds off more than a year’s worth of research by EFF into the California Law Enforcement Telecommunications System (CLETS). EFF previously found that the oversight body charged with combatting misuse had been systematically giving law enforcement agencies a pass by either failing to make sure agencies filed required misuse data or to hold hearings to get to the bottom of persistent problems with misuse. As EFF reported, confirmed misuse cases have more than doubled in California between 2010 and 2015.

Contrast that post with:

NSA’s Failure to Report Shadow Broker Vulnerabilities Underscores Need for Oversight and What to Do About Lawless Government Hacking and the Weakening of Digital Security, both of which are predicated on what? Oversight.

Sorry, it is one of those “facts” everyone talks about in the presidential debates that both the Senate select Committee on Intelligence and the House Permanent Select Committee on Intelligence have been, are and in all likelihood will be, failures in terms of oversight of intelligence agencies. One particularly forceful summary of those failures can be found in: A Moon Base, Cyborg Army, and Congress’s Failed Oversight of the NSA by Eli Sugarman.

Eli writes:

Does the U.S. government have a moon base? How about a cyborg army? These questions were not posed by Stephen Colbert but rather by Rep. Justin Amash (R-MI) to highlight the futility of Congress’s intelligence oversight efforts. Amash decried how Congress is unable to reign in troubling NSA surveillance programs because it is not adequately informed about them or permitted to share the minimal information it does know. Congress is instead forced to tease out nuggets of information by playing twenty questions with uncooperative intelligence officials in classified briefings.

Oversight? When the overseen decide if, when, where and how much they will disclose to the overseers?

The EFF and others need to stop conceding the legitimacy of government surveillance and abandon its quixotic quest for implementation of a strategy, oversight, which is known to fail.

For anyone pointing at the latest “terrorism” attack in New York City, consider these stats from the Center for Disease Control (CDC, 2013):

Number of deaths for leading causes of death:

  • Heart disease: 614,348
  • Cancer: 591,699
  • Chronic lower respiratory diseases: 147,101
  • Accidents (unintentional injuries): 136,053
  • Stroke (cerebrovascular diseases): 133,103
  • Alzheimer’s disease: 93,541
  • Diabetes: 76,488
  • Influenza and Pneumonia: 55,227
  • Nephritis, nephrotic syndrome and nephrosis: 48,146
  • Intentional self-harm (suicide): 42,773

Do you see terrorism on that list?

Just so you know, toddlers with guns kill more people in the United States than terrorists.

Without terrorism, one of the knee-jerk justifications for government surveillance vanishes.

The EFF should be challenging the factual basis of government justifications for surveillance one by one.

Conceding that any justification for surveillance exists without contesting its factual basis is equivalent to conceding the existence of an unsupervised surveillance state.

Once surveillance is shown to have no factual justification, then the dismantling of the surveillance state can begin.

June 26, 2016

Digital Rights – Privacy – Video Conference – Wednesday, June 29, 2016

Filed under: Electronic Frontier Foundation,Intellectual Property (IP),Privacy — Patrick Durusau @ 7:49 pm

Video conference for campus and community organizers (June 2016)

From the webpage:

student-organizing-460

Are you part of a campus or community organization concerned about digital rights?

If not, do you want to raise a voice in your community for privacy and access to the intellectual commons?

We'd like to help! EFF will host a video conference to highlight opportunities for grassroots organizers on Wednesday, June 29, 2016 at 3pm PST / 6pm EST.

We'll hear from speakers describing campaigns and events available for your group's support, as well as best practices that you might consider emulating with your friends and neighbors. We're also eager to hear from you about any digital rights campaigns on which you're working in your community, and to expose others in this growing grassroots network to social media opportunities to support your activism and organizing.

Please register to receive the link through which to participate using an open, encrypted, video chat platform.

No word on removing the tape from your video camera for this event. 😉

Spread the word about this video conference!

May 6, 2016

Electronic Frontier Foundation (EFF) 2015 Annual Report – (Highly Summarized)

Filed under: Electronic Frontier Foundation,Privacy — Patrick Durusau @ 1:14 pm

Electronic Frontier Foundation (EFF) 2015 Annual Report

If you have ever read an annual report, from any organization, you remember it as a stultifying experience. You could sense your life force ebbing away. 😉

To save you from a similar experience with the Electronic Frontier Foundation (EFF) 2015 Annual Report, I’ll hit high points in their own words:

Technology

Let’s Encrypt

A free, automated, and open certificate authority (CA), run for the public’s benefit, puts a secure Internet within reach.

Privacy Badger

Our browser extension, which automatically blocks hidden trackers that would otherwise spy on your web browsing habits, leaves beta.

Panopticlick

The latest version of our tracking and fingerprinting detection tool includes new tests, updating its ability to uniquely identify browsers with current techniques.

Activism

USA Freedom

After more than two years of work in the wake of the Snowden revelations, this bill’s passage marks the first significant reform on NSA surveillance in over 30 years.

Who Has Your Back?

Our yearly report—which documents the practices of major Internet companies and service providers, judges their publicly available policies, and highlights best practices—goes global.

Street Level Surveillance

Our new Web portal is loaded with comprehensive, easy-to-access information on police spying tools like license plate readers, biometric collection devices, and “Stingrays.”

Law

NSA Cases

EFF fights unconstitutional gag orders on behalf of clients forced to remain anonymous.

Save Podcasting

EFF successfully challenged the bogus podcasting patent owned by Personal Audio LLC.

ECPA

California is now the largest state to adopt digital privacy protections including both the content of messages and location data.

DMCA Exemptions

In the U.S. Copyright Office’s latest triennial rulemaking, EFF requested—and secured—6 anti-circumvention exemptions in 4 different categories.

Net Neutrality

Title II reclassification drew bright-line rules to protect the open Internet.

All of which is to say:

Join the EFF today!

Two hundred and ninety-eight words down to that last “!”

What more needs to be said?

April 27, 2016

Hacking Book Sale! To Support the Electronic Frontier Foundation

Filed under: Books,Cybersecurity,Electronic Frontier Foundation,Free Speech,Security — Patrick Durusau @ 4:38 pm

Humble Books Bundle: Hacking

No Starch Press has teamed up with Humble Bundle to raise money for the Electronic Frontier Foundation (EFF)!

$366 worth of No Starch hacking books on a pay what you want basis!

Charitable opportunities don’t get any better than this!

As I type this post, sales of these bundles rolled over 6,200 sales!

To help me participate in this sale, consider a donation.

Thanks!

Powered by WordPress