Tag Archive | Privacy Enhancing Technologies

RSS feed for this tag

The Hackers Who Say They Took Down Gaming Networks Are Now Going After Tor

http://www.washingtonpost.com/blogs/the-switch/wp/2014/12/26/the-hackers-who-say-they-took-down-gaming-networks-are-now-going-after-tor/

A hacking group that calls itself Lizard Squad claimed it was behind Christmas Day outages on Sony and Microsoft’s gaming networks. And now, it says, it has turned its eyes toward anonymous browsing tool Tor.

Tor is relied on by journalists, activists, whistleblowers and everyday people who want to keep their online activities private. It works by routing traffic through nodes known as “relays” that are operated by individuals and organizations around the world — essentially volunteer-run servers that keep anonymity functions working.

Yahoo’s Privacy Team Decides to Not Respect Your Privacy Choices

http://www.pcworld.com/article/2150981/yahoo-drops-do-not-track-policy-in-favor-of-personalized-experience.html

Yahoo is watching you, whether you like it or not.

Yahoo said this week that the company will stop honoring “Do Not Track” requests made by a user’s browser. It will now actively attempt to track your interactions with its site and its content.

“Here at Yahoo, we work hard to provide our users with a highly personalized experience,” the ironically named “Yahoo Privacy Team” wrote in a blog post. “We keep people connected to what matters most to them, across devices and around the world. We fundamentally believe the best web is a personalized one.”

Yahoo’s team claimed that Yahoo was originally the first major tech company to implement “Do Not Track,” which, in reality, is more of a request from the browser to the Web site than an order. Yahoo said it had yet to see a single privacy standard that is “effective, easy to use and has been adopted by the broader tech industry.” For that reason, as well as its desire for “personalized” experiences, Yahoo changed its policy.

“Zero Knowledge” Data Storage Would Secure Data Against Breaches, Hacks

http://www.wired.com/2014/11/arab-spring-of-privacy/

Suni Munshani argues that consumers should not accept what are becoming commonplace data breaches.  Munshani advocates for a “zero knowledge environment,” or a data storage process that converts sensitive data and information into random letters, numbers, and characters while allowing for authorized use without hinderance.

Once consumers awaken to these issues, businesses that understand and act on establishing a zero knowledge environment will be able to acquire and keep customers based on their reputation for safely protecting their customers’ data. Centralized, data-centric security will be a competitive advantage. Privacy will be another trait or brand attribute customers use to determine whether they will do business with your company. Organizations that are not at the cutting edge of their industries when it comes to data protection should be fearful about losing market share to companies who do a better job at privacy.

We could very well be witnessing the beginnings of a revolutionary wave of users demanding vendors protect the data itself instead of simply building walls around it. The revolt is coming. But instead of protests and armed conflict, customers looking to gain back control of their sensitive information will have one of the greatest weapons at their disposal: a choice with whom they do business.

The Arab Spring of privacy is upon us.

Tor Trying to Understand How Europol Infiltrated Network

https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous

Recently it was announced that a coalition of government agencies took control of many Tor hidden services. We were as surprised as most of you. Unfortunately, we have very little information about how this was accomplished, but we do have some thoughts which we want to share.

Over the last few days, we received and read reports saying that several Tor relays were seized by government officials. We do not know why the systems were seized, nor do we know anything about the methods of investigation which were used.

Law Enforcement Seizes Tor Nodes

http://arstechnica.com/security/2014/11/law-enforcement-seized-tor-nodes-and-may-have-run-some-of-its-own/

In a blog post written on November 9, Tor Project director Andrew Lewman went over the possible ways that over 400 hidden services on dozens of servers were located by law enforcement during Operation Onymous. While some of the servers were related to criminal activity (such as Silk Road 2.0), at least some of the servers were not—including several that were acting as infrastructure for Tor’s anonymizing network. And the only answer Lewman could currently offer as to how the sites were exposed was “We don’t know.”

That’s unnerving not just to people like the operators of the many illicit sites that were taken down by Operation Onymous, it’s also of concern to anyone using Tor to evade surveillance by more oppressive governments. Activists, dissidents, and journalists, for example, all rely on the same Tor infrastructure

Firefox and Tor Aiming to Develop Anonymous Browsing Technologies

http://thehill.com/policy/cybersecurity/223587-firefox-plots-a-fully-anonymous-web

Firefox wants to ensure the possibility of true online anonymity for Internet users.

On Monday, Mozilla — the company behind Firefox — revealed a project aiming to guarantee freedom from online tracking and the ability to browse the Web incognito.

“We want to advance the state of the art in privacy features, with a specific focus on bringing them to more mainstream audiences,” said Denelle Dixon-Thayer, who leads Mozilla’s public policy and legal teams, in a blog post on the so-called “Polaris” privacy initiative.

The software company is working on Polaris with the Tor Project, famous for its anonymity software, and the digital rights advocate Center for Democracy & Technology.

WhatsApp Begins Using Full Encryption

http://www.washingtonpost.com/world/national-security/whatsapp-worlds-most-popular-instant-messaging-platform-to-encrypt-data-for-millions/2014/11/18/b8475b2e-6ee0-11e4-ad12-3734c461eab6_story.html

WhatsApp, the world’s most popular instant-messaging platform, has begun encrypting all its data by default, a move that privacy advocates say will aid dissidents and human rights activists seeking to protect their communications from governments and hackers alike.

Amnesty releases anti-spying program, Detekt, for activists

http://www.bbc.com/news/technology-30115679

The Detekt software was needed as standard anti-virus programs often missed spying software, it said.

Amnesty said many governments used sophisticated spying tools that could grab images from webcams or listen via microphones to monitor people.

It wants to see more regulation of the spying software used by governments.

“These spying tools are marketed on their ability to get round your bog-standard anti-virus,” said Tanya O’Carroll, an adviser on technology and human rights at Amnesty International.

The makers of spying software did extensive testing to ensure that the way they infected and lurked on a computer did not trigger security alerts, she added.

Detekt, A Surveillance Malware Finder

http://www.pcworld.com/article/2850432/activists-release-detekt-tool-that-finds-surveillance-malware.html

A free tool released Thursday allows users to scan their computers for surveillance malware that has been used in attacks against journalists, human rights defenders and political activists around the world.

The open-source tool, dubbed Detekt, was developed by security researcher Claudio Guarnieri. It was released in partnership with Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International.

Detekt scans computers for infection patterns associated with several families of remote access Trojans (RATs): DarkComet RAT, XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT.